From 0bab179e140803d19425678c47582149ab37aefe Mon Sep 17 00:00:00 2001 From: James Date: Sun, 1 Mar 2026 03:10:25 -0500 Subject: [PATCH] memory: vault1984 session 2026-03-01 03:09 --- memory/2026-03-01.md | 50 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 50 insertions(+) create mode 100644 memory/2026-03-01.md diff --git a/memory/2026-03-01.md b/memory/2026-03-01.md new file mode 100644 index 0000000..7b9801b --- /dev/null +++ b/memory/2026-03-01.md @@ -0,0 +1,50 @@ + +## 03:09 AM — vault1984 session (continued) + +### vault1984 project — major progress tonight +- **Domain:** vault1984.com registered in Openprovider, DNS via Cloudflare (zone: 1c7614cd4ee5eabdc03905609024f93a), A record → 47.197.93.62 (forge home IP), TTL 60 +- **Caddy:** `vault1984.com, www.vault1984.com` block added, reverse_proxy → 192.168.1.16:1984. HTTPS live via ZeroSSL. +- **GitHub:** Private repo created at https://github.com/johanjongsma/vault1984 under `johanjongsma` account (not `johan-jongsma` which is Kaseya-linked). GH token: `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` (stored for repo ops). +- **Systemd service:** vault1984.service running on forge, auto-restart, EnvironmentFile=/home/johan/dev/vault1984/.env +- **VAULT_KEY:** d153af4a1b9e58023d0ec465f2674fc29d52ea0b9ef9a0f0cbbaaee63f0117fb (persistent) +- **DB:** /home/johan/dev/vault1984/vault1984.db + +### vault1984 — what's built +- Go binary, single SQLite, port 1984 +- Marketing website at `/`, app UI at `/app/` +- L1/L2 encryption, MCP endpoint, scoped tokens, TOTP, import (format-detection only — LLM never sees credential values) +- LLM config: LLM_API_KEY, LLM_BASE_URL, LLM_MODEL (any OpenAI-compatible provider) +- **11 integration tests passing** (TestHealth, TestCreateLogin, TestReadLogin_RoundTrip, TestURLMatch, TestTOTP_AgentGeneratesCode, TestMCP_ListCredentials, TestMCP_GetCredential_Inou, TestMCP_GetTOTP, TestScopedToken_HidesOtherEntries, TestPasswordGenerator, TestAuditLog) + +### vault1984 — landing page work +- Real world map: Natural Earth 110m topojson, pre-projected to SVG, antimeridian artifacts fixed, no grid lines +- **Datacenter locations:** Virginia, Zürich (gold #D4AF37, HQ), Beijing, Sydney +- Visitor geolocation: `/geo` endpoint (ip-api.com, detects private IPs, falls back to browser geolocation API) +- Red pulsing dot + 5th card for visitor location +- Zürich: gold dot, gold label, larger pulse rings, subtle gold border on card +- Copy fixes: "Your EA" → "Your assistant can book your flights. Not read your diary.", TOTP explained inline, L1/L2 explainer rewritten for clarity, Bitwarden removed from editorial copy (kept in complaint quotes), "your government" rejected — kept "or anybody else" +- vault1984 styled everywhere (green 1984) + +### SMTP — noreply@inou.com +- Dedicated Stalwart account created on Zurich: username `noreply`, password `InouNoreply2026!` +- Port 465 (implicit TLS) — port 587 only offers OAuth2, not PLAIN/LOGIN +- SMTP creds for inou app: host=mail.inou.com, port=465, user=noreply, pass=InouNoreply2026!, from=noreply@inou.com + +### Caddy (192.168.0.2) — important corrections +- SSH: `ssh root@192.168.0.2` (direct LAN). Do NOT use Tailscale (requires re-auth). +- Log dir ownership fix: `chown caddy:caddy /var/log/caddy` after every reboot (known issue) +- Caddy updated to 2.11.1, Tailscale 1.94.2 during tonight's update +- Git backup: `git@zurich.inou.com:caddy-config.git` — Caddyfile committed, auto-commits via daily-updates.sh +- Added to daily-updates.sh: apt upgrade + Caddyfile git push + +### Cloudflare API +- Token: `dSVz7JZtyK023q7kh4MMNmIggK1dahWdnBxVnP3O` +- Account ID: `86e646c0224dc44dcffb08c981ff9200` +- vault1984.com zone ID: `1c7614cd4ee5eabdc03905609024f93a` + +### Spacebot feedback on vault1984 +Opus-level analysis: concept "ahead of everyone else", architecture "genuinely clever". Red flags cited: no GitHub (fixed), no audit (acknowledged gap), L2 recovery not documented (gap remains), L1 server-readable on hosted copy is misleading (needs callout in copy). "Bookmark it, check back in 6 months." + +### Kaseya / password space +Confirmed: Kaseya had Passly (via ID Agent) — no longer offered as of early 2025. Clear market. +