--- status: open priority: P2 owner: Michael created: 2026-03-21 --- # Task: Deploy Cockpit Web Terminal to All Servers ## Overview Deploy Cockpit (web-based server management) to all 5 Firefrost servers that don't have it yet. This enables full server management from Michael's Chromebook without SSH client dependency. ## Current Status **✅ COMPLETE - All servers now have Cockpit:** - ✅ Ghost VPS (64.50.188.14:9090) - Pre-existing - ✅ Command Center (63.143.34.217:9090) - Deployed March 21, 2026 - ✅ Billing VPS (38.68.14.188:9090) - Deployed March 21, 2026 - ✅ Panel VPS (45.94.168.138:9090) - Deployed March 21, 2026 - ✅ TX1 Dallas (38.68.14.26:9090) - Deployed March 21, 2026 - ✅ NC1 Charlotte (216.239.104.130:9090) - Deployed March 21, 2026 **Bonus:** NC1 firewall enabled during deployment (was previously unprotected) ## Why This Matters **Problem:** Claude sessions block SSH (port 22), forcing reliance on existing Cockpit for Ghost VPS work. **Solution:** Cockpit on all servers = Chromebook can manage entire infrastructure via browser. **Benefits:** - No SSH client needed - Works on Chromebook natively - Web terminal + service management + resource monitoring - Port 9090 standard across all servers - Lightweight (~50MB RAM per server) ## Files in This Task - **README.md** (this file) - Task overview - **deployment-plan.md** - Complete deployment strategy and technical details - **installation-commands.md** - Copy/paste ready commands in micro-blocks ## How to Execute ### Recommended Approach 1. **Read deployment-plan.md** - Understand the full strategy 2. **Pick a server to start with** (suggest Command Center first) 3. **SSH into that server** (or use existing Cockpit if available) 4. **Follow installation-commands.md** - Copy/paste each block in order 5. **Test the Cockpit URL** in browser 6. **Repeat for remaining servers** ### Order Recommendation **Phase 1 (VPS tier - quick):** 1. Command Center 2. Billing VPS 3. Panel VPS **Phase 2 (Dedicated tier):** 4. TX1 Dallas 5. NC1 Charlotte **Time estimate:** ~1 hour total (~10 min per server) ## Success Criteria - [ ] All 6 servers accessible via `https://IP:9090` - [ ] Terminal tab functional on all servers - [ ] Services tab shows systemd units - [ ] System tab shows accurate resource usage - [ ] Michael can manage all servers from Chromebook ## Security Notes Cockpit is secure by default: - HTTPS only (self-signed certificates) - Uses existing PAM authentication - No new user accounts created - No new attack surface (reuses SSH auth) ## Rollback If any server has issues: ```bash sudo systemctl stop cockpit.socket sudo systemctl disable cockpit.socket ``` Complete removal if needed: ```bash sudo apt remove --purge cockpit ``` ## Documentation Updates After Completion - [ ] Update `infrastructure-manifest.md` with Cockpit status - [ ] Add Cockpit URLs to server quick-reference - [ ] Update session-start docs with Chromebook access info ## Related Tasks - None (standalone infrastructure enhancement) ## Blocks - None ## Blocked By - None --- **Created:** March 21, 2026 (Session 37 - The Chronicler) **Completed:** March 21, 2026 (Session 37 - The Chronicler) **Priority:** HIGH (enables Chromebook workflow) **Estimated Time:** 1 hour **Actual Time:** ~1.5 hours (including NC1 firewall) **Status:** ✅ COMPLETE