# Clavitor POP Deployment — Handoff for Hans **From:** Johan / James **Date:** March 7, 2026 **Status:** Binaries built, download endpoints added, ready for your rollout --- ## What's ready on HQ (noc.clavitor.com) Two new binaries in `/home/johan/clavitor-dashboard/`: | File | Arch | Size | |------|------|------| | `clavitor` | linux/amd64 | ~18MB | | `clavitor-arm64` | linux/arm64 | ~18MB | Download endpoints added to the dashboard (need rebuild): - `http://185.218.204.47:8080/download/clavitor` - `http://185.218.204.47:8080/download/clavitor-arm64` To activate: rebuild `dashboard-go` and restart the service. ## What's new in the binary Built-in telemetry. When launched with these flags, the vault POSTs system + vault metrics to HQ every N seconds: ``` --telemetry-freq=60 --telemetry-host=http://185.218.204.47:8080/telemetry --telemetry-token= ``` Also works via env vars: `TELEMETRY_FREQ`, `TELEMETRY_HOST`, `TELEMETRY_TOKEN`. Without flags, telemetry is off — no behavior change for self-hosters. **Payload** (JSON POST): ```json { "version": "0.1.0", "hostname": "virginia", "uptime_seconds": 3600, "timestamp": "2026-03-06T10:00:00Z", "system": { "os": "linux", "arch": "arm64", "cpus": 2, "cpu_percent": 12.5, "memory_total_mb": 1024, "memory_used_mb": 340, "disk_total_mb": 8000, "disk_used_mb": 1200, "load_1m": 0.3 }, "vaults": { "count": 0, "total_size_mb": 0, "total_entries": 0 }, "mode": "hosted" } ``` ## What needs doing ### 1. Telemetry inbox on the dashboard The dashboard doesn't have a `/telemetry` handler yet. You'll want to add one that: - Accepts the JSON payload above - Stores it (SQLite, or just update the existing nodes table) - Feeds into the status page This is your call on how to wire it in — you know the dashboard code best. ### 2. Wipe the status DB Johan wants the status.db wiped clean and rebuilt with only the three live nodes: | Node ID | Name | Region | IP | |---------|------|--------|----| | `hq-zurich` | HQ — Zürich | Hostkey / CH | 185.218.204.47 | | `virginia` | Virginia | **us-east-1** | ? | | `singapore` | Singapore | ap-southeast-1 | 47.129.4.217 | **Important:** The current "virginia" POP is tagged `us-east-2` with IP `3.145.131.247` — that's **Ohio (Dublin)**. Johan does NOT want Ohio. Please confirm: - Was this already moved to us-east-1 (actual Virginia)? - If not, we need to spin down Ohio and deploy in us-east-1. The planned nodes (london, frankfurt, tokyo, etc.) can stay in the seed data as "planned" but shouldn't be in the live status rotation until deployed. ### 3. Deploy clavitor to the two AWS POPs Each POP needs: - The clavitor binary (arm64 for t4g.micro) - A systemd service with telemetry flags pointing to HQ - Port 1984 open - `DATA_DIR` for vault storage You already have `deploy-pop.sh` and SSM access — adapt as you see fit. The clavitor binary replaces nothing; it runs alongside the existing v1984-agent (or you can consolidate, since clavitor now reports its own metrics). ### 4. Infrastructure overview (for clarity) | Server | Role | Location | |--------|------|----------| | zurich.inou.com | Kuma, security checks, shared git | Hostkey Zürich | | noc.clavitor.com | Dashboard, status page, marketing site, HQ | Hostkey Zürich | | virginia POP | Clavitor hosted node | AWS us-east-1 (confirm!) | | singapore POP | Clavitor hosted node | AWS ap-southeast-1 | --- Questions? Ping Johan or ask James in the next session.