memory: vault1984 session 2026-03-01 03:09

memory/2026-03-01.md

@@ -0,0 +1,50 @@
+
+## 03:09 AM — vault1984 session (continued)
+
+### vault1984 project — major progress tonight
+- **Domain:** vault1984.com registered in Openprovider, DNS via Cloudflare (zone: 1c7614cd4ee5eabdc03905609024f93a), A record → 47.197.93.62 (forge home IP), TTL 60
+- **Caddy:** `vault1984.com, www.vault1984.com` block added, reverse_proxy → 192.168.1.16:1984. HTTPS live via ZeroSSL.
+- **GitHub:** Private repo created at https://github.com/johanjongsma/vault1984 under `johanjongsma` account (not `johan-jongsma` which is Kaseya-linked). GH token: `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` (stored for repo ops).
+- **Systemd service:** vault1984.service running on forge, auto-restart, EnvironmentFile=/home/johan/dev/vault1984/.env
+- **VAULT_KEY:** d153af4a1b9e58023d0ec465f2674fc29d52ea0b9ef9a0f0cbbaaee63f0117fb (persistent)
+- **DB:** /home/johan/dev/vault1984/vault1984.db
+
+### vault1984 — what's built
+- Go binary, single SQLite, port 1984
+- Marketing website at `/`, app UI at `/app/`
+- L1/L2 encryption, MCP endpoint, scoped tokens, TOTP, import (format-detection only — LLM never sees credential values)
+- LLM config: LLM_API_KEY, LLM_BASE_URL, LLM_MODEL (any OpenAI-compatible provider)
+- **11 integration tests passing** (TestHealth, TestCreateLogin, TestReadLogin_RoundTrip, TestURLMatch, TestTOTP_AgentGeneratesCode, TestMCP_ListCredentials, TestMCP_GetCredential_Inou, TestMCP_GetTOTP, TestScopedToken_HidesOtherEntries, TestPasswordGenerator, TestAuditLog)
+
+### vault1984 — landing page work
+- Real world map: Natural Earth 110m topojson, pre-projected to SVG, antimeridian artifacts fixed, no grid lines
+- **Datacenter locations:** Virginia, Zürich (gold #D4AF37, HQ), Beijing, Sydney
+- Visitor geolocation: `/geo` endpoint (ip-api.com, detects private IPs, falls back to browser geolocation API)
+- Red pulsing dot + 5th card for visitor location
+- Zürich: gold dot, gold label, larger pulse rings, subtle gold border on card
+- Copy fixes: "Your EA" → "Your assistant can book your flights. Not read your diary.", TOTP explained inline, L1/L2 explainer rewritten for clarity, Bitwarden removed from editorial copy (kept in complaint quotes), "your government" rejected — kept "or anybody else"
+- vault1984 styled everywhere (green 1984)
+
+### SMTP — noreply@inou.com
+- Dedicated Stalwart account created on Zurich: username `noreply`, password `InouNoreply2026!`
+- Port 465 (implicit TLS) — port 587 only offers OAuth2, not PLAIN/LOGIN
+- SMTP creds for inou app: host=mail.inou.com, port=465, user=noreply, pass=InouNoreply2026!, from=noreply@inou.com
+
+### Caddy (192.168.0.2) — important corrections
+- SSH: `ssh root@192.168.0.2` (direct LAN). Do NOT use Tailscale (requires re-auth).
+- Log dir ownership fix: `chown caddy:caddy /var/log/caddy` after every reboot (known issue)
+- Caddy updated to 2.11.1, Tailscale 1.94.2 during tonight's update
+- Git backup: `git@zurich.inou.com:caddy-config.git` — Caddyfile committed, auto-commits via daily-updates.sh
+- Added to daily-updates.sh: apt upgrade + Caddyfile git push
+
+### Cloudflare API
+- Token: `dSVz7JZtyK023q7kh4MMNmIggK1dahWdnBxVnP3O`
+- Account ID: `86e646c0224dc44dcffb08c981ff9200`
+- vault1984.com zone ID: `1c7614cd4ee5eabdc03905609024f93a`
+
+### Spacebot feedback on vault1984
+Opus-level analysis: concept "ahead of everyone else", architecture "genuinely clever". Red flags cited: no GitHub (fixed), no audit (acknowledged gap), L2 recovery not documented (gap remains), L1 server-readable on hosted copy is misleading (needs callout in copy). "Bookmark it, check back in 6 months."
+
+### Kaseya / password space
+Confirmed: Kaseya had Passly (via ID Agent) — no longer offered as of early 2025. Clear market.
+