diff --git a/docs/core/tasks.md b/docs/core/tasks.md index 4e1f5e7..e7434c7 100644 --- a/docs/core/tasks.md +++ b/docs/core/tasks.md @@ -1985,3 +1985,78 @@ SSH Private Key available in Vaultwarden: "Claude SSH Key" **Priority:** HIGH - Enables autonomous operations, reduces Michael's manual work --- + +### 66. Deploy Cockpit Web Terminal to All Servers +**Time:** 1 hour +**Status:** ✅ COMPLETE — March 21, 2026 +**Priority:** HIGH — Enables Chromebook workflow +**Documentation:** `docs/tasks/cockpit-deployment/` + +Deploy Cockpit web-based terminal to all 5 remaining Firefrost servers (Ghost VPS already has it). Enables full server management from Michael's Chromebook without SSH client dependency, critical for Claude session workflow since port 22 is blocked. + +**Key Deliverables:** +- Cockpit installed on Command Center (63.143.34.217:9090) +- Cockpit installed on Billing VPS (38.68.14.188:9090) +- Cockpit installed on Panel VPS (45.94.168.138:9090) +- Cockpit installed on TX1 Dallas (38.68.14.26:9090) +- Cockpit installed on NC1 Charlotte (216.239.104.130:9090) +- Root login enabled on all servers +- Firewall rules configured (port 9090) +- Quick reference guide created + +**Bonus Achievement:** +- Enabled UFW firewall on NC1 Charlotte (was previously unprotected) +- Secured 7 public game servers with proper port rules + +**Dependencies:** +- Root/SSH access to all servers +- MobaXterm or existing Cockpit access + +**Result:** +- All 6 servers accessible via browser at https://IP:9090 +- Login: root / Butter2018!! (architect for Ghost VPS) +- Complete infrastructure management from Chromebook + +**Completed By:** The Chronicler (Session 37) + +--- + +### 67. NC1 Security & Temperature Monitoring +**Time:** 30 min (firewall) + ongoing (monitoring) +**Status:** IN PROGRESS — Firewall complete, monitoring planned +**Priority:** MEDIUM-HIGH +**Documentation:** `docs/tasks/nc1-security-monitoring/` + +Address two concerns discovered during Cockpit deployment: NC1 Charlotte had no firewall despite hosting 7 public game servers, and runs 20°C warmer than TX1 Dallas (51.6°C vs 30.9°C). + +**Firewall Component — ✅ COMPLETE:** +- UFW enabled on NC1 Charlotte +- Proper game server port rules (25565-25580, 5520-5521 TCP/UDP) +- Wings SFTP secured (port 2022) +- SSH and Cockpit accessible (ports 22, 9090) +- Completed: March 21, 2026 + +**Temperature Monitoring Component — PLANNED:** +- Establish baseline (Week 1): Daily temperature checks via Cockpit +- Trend analysis (Week 2): Compare baseline, look for upward trends +- Action thresholds: 65°C sustained = contact datacenter, 70°C = immediate investigation +- Future: Automated monitoring via Netdata with Discord alerts + +**Safe Operating Ranges:** +- Normal idle: 30-45°C +- Normal load: 45-65°C +- Concerning: 70°C+ +- Critical: 80-85°C+ + +**Current Assessment:** +- NC1 at 51.6°C is within safe range but warmer than expected +- Needs weekly monitoring for upward trends +- Not urgent but requires tracking + +**Dependencies:** +- Cockpit access for temperature checks (Task #66 — complete) +- Netdata deployment (future) for automated monitoring + +**Discovered By:** The Chronicler (Session 37) during Cockpit deployment + +---