From 850802b21e39785d40231f35d5c6afd86a56ce5b Mon Sep 17 00:00:00 2001
From: "F.R.I.D.A.Y." <friday@iron-legion.ai.home>
Date: Fri, 5 Jun 2026 22:12:08 -0400
Subject: [PATCH] PRD: Switch SSH to LAN IP only, add N8N HTTPS endpoint
 details (Traefik TLS)

---
 .../n8n-terraform-ansible-orchestrator.md     | 19 ++++++++++++-------
 1 file changed, 12 insertions(+), 7 deletions(-)

diff --git a/PRD Drafts/n8n-terraform-ansible-orchestrator.md b/PRD Drafts/n8n-terraform-ansible-orchestrator.md
index dd4aa0d..4955c2e 100644
--- a/PRD Drafts/n8n-terraform-ansible-orchestrator.md	
+++ b/PRD Drafts/n8n-terraform-ansible-orchestrator.md	
@@ -10,7 +10,7 @@
 
 ```
 [Telegram: Bobby] → Artemis (parse intent) → POST to N8N (MK7)
-                                                      ↓ SSH (jarvis@artemis.ai.home)
+                                                      ↓ SSH (jarvis@192.168.15.182)
                                               Artemis (this machine)
                                                       ↓
                                     [A] ~/docker/terraform-pve/run.sh apply
@@ -55,10 +55,10 @@ Artemis parses → vmid_base=62128 (explicit override), count=5
 |------|------|---------|
 | 1 | Webhook trigger | Receive JSON payload |
 | 2 | Set SSH env vars | Export `TF_VAR_lxc_count=5 TF_VAR_vmid_base=62128` |
-| 3 | Execute SSH | `ssh jarvis@artemis.ai.home "cd ~/docker/terraform-pve && ./run.sh apply -auto-approve"` |
+|| 3 | Execute SSH | `ssh jarvis@192.168.15.182 "cd ~/docker/terraform-pve && ./run.sh apply -auto-approve"` |
 | 4 | Wait | Poll until `run.sh` exits (blocks until completion) |
 | 5 | Verify inventory | Check `~/docker/ansible-push/terraform-prefill/inventory-lxc.yml` exists |
-| 6 | Execute SSH | `ssh jarvis@artemis.ai.home "cd ~/docker/ansible-push && ./lxc-common.sh"` |
+|| 6 | Execute SSH | `ssh jarvis@192.168.15.182 "cd ~/docker/ansible-push && ./lxc-common.sh"` |
 | 7 | Notify | POST result back to Telegram/Discord |
 
 ### 2.4 Constraints
@@ -90,7 +90,7 @@ Artemis parses → action=fleet_update
 | Step | Node | Command |
 |------|------|---------|
 | 1 | Webhook trigger | Receive JSON payload |
-| 2 | Execute SSH | `ssh jarvis@artemis.ai.home "cd ~/docker/ansible-push && docker compose up -d && docker exec ansible ansible-playbook playbooks/main.yml -i inventory.yml --tags fleet_update"` |
+|| 2 | Execute SSH | `ssh jarvis@192.168.15.182 "cd ~/docker/ansible-push && docker compose up -d && docker exec ansible ansible-playbook playbooks/main.yml -i inventory.yml --tags fleet_update"` |
 | 3 | Wait | Poll until ansible exits |
 | 4 | Notify | POST result back to Telegram/Discord |
 
@@ -110,11 +110,16 @@ Artemis parses → action=fleet_update
 ### 4.1 Container Mounts
 - **SSH client:** `openssh-client` package installed in N8N image
 - **Private key:** Mount `~/.ssh/artemis_key` → `/root/.ssh/id_ed25519` inside N8N container
-- **Known hosts:** Pre-populated `~/.ssh/known_hosts` for `artemis.ai.home`
+- **Known hosts:** Pre-populated `~/.ssh/known_hosts` for `192.168.15.182`
 
-### 4.2 N8N Credentials
+### 4.2 N8N Endpoint
+- **Webhook URL:** `https://n8n.ai.home` (Traefik-routed, TLS-terminated)
+- **DNS:** CNAME `n8n.ai.home` → `traefik.ai.home` (Technitium DNS)
+- **Network:** LAN-only (`192.168.x.x`), no external access
+
+### 4.3 N8N Credentials
 - **SSH Private Key:** Store `artemis_key` in N8N "Credentials" → SSH type
-- **SSH Host:** `artemis.ai.home` (or LAN IP `192.168.15.182`)
+- **SSH Host:** `192.168.15.182` (LAN IP, no DNS resolution dependency)
 - **SSH User:** `jarvis`
 - **SSH Port:** `22`