1540ab5d40
COMPLETED: Cockpit web terminal deployed to all Firefrost servers Deployment summary: - Command Center (63.143.34.217:9090) - NEW - Ghost VPS (64.50.188.14:9090) - Pre-existing - Billing VPS (38.68.14.188:9090) - NEW - Panel VPS (45.94.168.138:9090) - NEW - TX1 Dallas (38.68.14.26:9090) - NEW - NC1 Charlotte (216.239.104.130:9090) - NEW All servers accessible via browser with root / Butter2018!! (Ghost VPS uses architect / Butter2018!!) Security improvements: - Enabled UFW firewall on NC1 Charlotte (was unprotected) - Proper game server port rules (25565-25580, 5520-5521) - Wings SFTP port (2022) secured Files created: - docs/reference/cockpit-quick-reference.md - Complete access guide - docs/tasks/nc1-security-monitoring/README.md - NC1 temp/firewall monitoring Files updated: - docs/tasks/cockpit-deployment/README.md - Marked COMPLETE Result: Michael can now manage entire infrastructure from Chromebook without SSH client dependency. Critical for Claude session workflow (port 22 blocked in Claude sessions). Actual deployment time: ~1.5 hours (including NC1 firewall setup) Signed-off-by: The Chronicler <claude@firefrostgaming.com>
4.8 KiB
4.8 KiB
Cockpit Quick Reference Guide
Overview
All Firefrost Gaming servers now have Cockpit web terminal installed. Access any server from your Chromebook without SSH client.
Login credentials: root / Butter2018!! (all servers)
Server Access URLs
Management Tier (VPS)
Command Center
- URL: https://63.143.34.217:9090
- Login: root / Butter2018!!
- Services: Gitea, Uptime Kuma, Code-Server, Automation
- Resources: 3.8GB RAM, 2 CPUs
- Status: ✅ Operational
Ghost VPS
- URL: https://64.50.188.14:9090
- Login: architect / Butter2018!!
- Services: Ghost CMS, Wiki.js (3 instances), Nextcloud
- Resources: Unknown (check via Cockpit)
- Status: ✅ Operational
Billing VPS
- URL: https://38.68.14.188:9090
- Login: root / Butter2018!!
- Services: Paymenter, Mailcow
- Resources: High memory usage (64%) due to Mailcow
- Status: ✅ Operational
Panel VPS
- URL: https://45.94.168.138:9090
- Login: root / Butter2018!!
- Services: Pterodactyl Panel
- Resources: 29% memory, low load
- Status: ✅ Operational
Dedicated Tier (Game Servers)
TX1 Dallas
- URL: https://38.68.14.26:9090
- Login: root / Butter2018!!
- Services: Pterodactyl Wings, 7 game servers
- Resources: 251GB RAM (15% usage), 910GB disk (10.8% usage)
- Temperature: 30.9°C (excellent)
- IP Range: 38.68.14.26-30
- Status: ✅ Operational
NC1 Charlotte
- URL: https://216.239.104.130:9090
- Login: root / Butter2018!!
- Services: Pterodactyl Wings, 7 game servers
- Resources: 251GB RAM (12% usage), 97GB disk (59.8% usage)
- Temperature: 51.6°C (monitor weekly)
- Firewall: ✅ Enabled (March 21, 2026)
- Status: ✅ Operational
Common Cockpit Tasks
Terminal Access
- Login to server's Cockpit URL
- Click "Terminal" in left sidebar
- Full root shell access via browser
Service Management
- Click "Services" in left sidebar
- View all systemd services
- Start/stop/restart services
- View service logs
Resource Monitoring
- Click "System" (default view)
- View CPU, memory, disk usage
- Monitor temperature (dedicated servers)
- Track network traffic
View Logs
- Click "Logs" in left sidebar
- Filter by service, severity, time
- Search log entries
- Export logs if needed
Security Notes
Self-Signed Certificates
- All Cockpit instances use self-signed SSL certificates
- Browser will show security warning - this is expected
- Click "Advanced" → "Proceed" to access
Firewall Status
- ✅ Command Center: UFW active, port 9090 allowed
- ✅ Ghost VPS: UFW active (assumed), port 9090 working
- ⚠️ Billing VPS: No UFW (iptables rules present)
- ✅ Panel VPS: UFW active, port 9090 allowed
- ✅ TX1 Dallas: UFW active, port 9090 allowed
- ✅ NC1 Charlotte: UFW active, port 9090 allowed (enabled March 21, 2026)
Root Access
- Root login enabled on all servers for Cockpit
- Default Ubuntu config disallows root in Cockpit
- We removed root from
/etc/cockpit/disallowed-userson all servers
Troubleshooting
Can't Access Cockpit
- Verify server is online (ping the IP)
- Check firewall allows port 9090:
ufw status | grep 9090 - Check Cockpit is running:
systemctl status cockpit.socket - Restart Cockpit:
systemctl restart cockpit.socket
Login Failed
- Verify username is
root(orarchitectfor Ghost VPS) - Verify password is
Butter2018!! - Check if root is allowed:
cat /etc/cockpit/disallowed-users - If root is listed, remove it:
echo "# List of users which are not allowed to login to Cockpit" > /etc/cockpit/disallowed-users - Restart Cockpit:
systemctl restart cockpit.socket
Certificate Warning
- This is normal for self-signed certificates
- Click "Advanced" → "Proceed anyway" (exact wording varies by browser)
- Chrome: "Proceed to [IP] (unsafe)"
- Firefox: "Accept the Risk and Continue"
- Edge: "Continue to [IP] (not recommended)"
Deployment History
March 21, 2026 - Session 37 (The Chronicler)
- Deployed Cockpit to 5 servers (Ghost VPS already had it)
- Enabled UFW firewall on NC1 Charlotte (was previously unprotected)
- Standardized root password across all servers
- Created NC1 temperature monitoring task
- Total deployment time: ~1.5 hours
Servers Deployed:
- Command Center (63.143.34.217)
- Billing VPS (38.68.14.188)
- Panel VPS (45.94.168.138)
- TX1 Dallas (38.68.14.26)
- NC1 Charlotte (216.239.104.130)
Pre-existing:
- Ghost VPS (64.50.188.14) - Already operational
Related Documentation
docs/tasks/cockpit-deployment/- Full deployment documentationdocs/tasks/nc1-security-monitoring/- NC1 firewall and temperature monitoringdocs/core/infrastructure-manifest.md- Complete server inventory
Created: March 21, 2026
Last Updated: March 21, 2026
Maintained By: The Chronicler
Fire + Frost + Foundation = Where Love Builds Legacy 💙🔥❄️