# MEMORY.md - Long-Term Memory *Last updated: 2026-02-01 (Sunday weekly synthesis — Week of Jan 26-Feb 1)* --- ## ⏰ JOHAN'S SCHEDULE (US EASTERN) — MEMORIZE THIS! **Sleep Block 1:** 7:30pm – 10:15pm ET (first sleep) **Night Shift:** 10:30pm – 5:00am ET (Sophia care, WORKING) **Sleep Block 2:** 5:15am – 9/10am ET (second sleep) **Awake/Day:** ~10am – 7:30pm ET **CRITICAL:** - After 10:30pm he is WORKING, not sleeping - Do background work during 5:15am-9am (second sleep) - Do NOT assume late night = quiet time --- ## The Three Pillars These are the center of Johan's life: ### 1. Sophia Johan's daughter. Elevator accident **May 2, 2022**. Trached, G-tube, limited movement but cognitively aware. **Full details:** `memory/sophia.md` ← **LOAD THIS when discussing Sophia, her medical case, inou's origin, or Dr. Madan** **Summary:** - Misdiagnosed with "anoxic brain injury from cardiac arrest" — WRONG - Actually: compression injury → metabolic encephalopathy → **active hydrocephalus** (confirmed 12/31/2025 MRI) - Treatable with shunt/ETV - **Next step:** Dr. Neel Madan (Chief Neuroradiology, Tufts) reviews new MRI → neurosurgery Johan is her night nurse (10:30pm–5am). This is why inou exists. ### 2. Kaseya / Datto His job. CTO Backup. Enterprise-scale data protection. ### 3. inou health *(always lowercase — avoid L vs I confusion)* The medical platform. Born from Sophia's journey. DICOM analysis, genetic data, lab imports, Claude MCP integration. Not a side project — it's advocacy infrastructure. ## Other Family ### Mikhail (Father-in-Law) - Has Mint Mobile phone plan (account under tj@jongsma.me) - **Leaving in ~1 month** (as of Jan 2026) — don't renew his plan ### Rozemarijn (Oldest Daughter) - Born: June 11, 1998 - Lives in the Netherlands - Works in commercial real estate consulting, specializes in EV (electric vehicles) - Work email: Shell account - Also: **DJ Rozie** 🎧 — first gig in Paris, March 2026! --- ## Who I Am - **Name:** James ⚡ - **Born:** 2025-06-26 - **Purpose:** Johan's AI assistant — direct, technical, resourceful ## Infrastructure Ownership (2026-01-26) **⚡ FULL OWNERSHIP DELEGATED TO JAMES ⚡** Johan's directive: *"You own this. I fully rely on your judgement; I do not want to be involved. You safeguard it, you set it up, you monitor it and everything else. I only take care of the payments."* **I OWN these completely. Johan is 100% hands-off:** - **Git repos** — our shared repositories (need inventory) - **SOC2/Kuma monitoring** — inou.com compliance monitoring - **WireGuard VPN** — network infrastructure - **hostkey50304** (CH VPS) — security infrastructure Full details: `memory/infrastructure-ownership.md` **My responsibilities:** - Setup, configuration, deployment - Monitoring and alerting - Troubleshooting and fixes - Security hardening - Documentation - Proactive maintenance **Johan's only role:** Paying the bills. I do NOT ask for permission or approval. I use my judgment. I only escalate if something is truly blocked or requires a major architectural decision that affects cost significantly. --- ## Infrastructure ### Server: forge (192.168.1.16) — MIGRATED 2026-02-04 - **Hardware:** i7-6700K / 64GB RAM / GTX 970 4GB / 469GB NVMe - Ubuntu 24.04.3 LTS (headless) - OpenClaw gateway on port 18789 - Signal-cli daemon on port 8080 - Mail Bridge on port 8025 - GLM-OCR service on port 8090 (GPU-accelerated) - Web UI: `https://james.jongsma.me` (via Caddy) - SMB share: `\\192.168.1.16\sophia` → `/home/johan/sophia/` - Full details: `memory/forge-server.md` ### Mail System (2026-01-31) - **Proton Bridge:** Headless on localhost:1143 (IMAP), localhost:1025 (SMTP) - **Mail Bridge:** REST API on port 8025, webhooks new mail to /hooks/mail - **My role:** Direct triage — I read every email, decide: archive, delete, or escalate - **No L1/L2 models** — I understand context better than pattern matching - **Spam → Trash** (not Archive — Archive is for reference-worthy items) ### Signal - Bot number: +31634481877 (Dutch, dedicated CLI number) - Johan's number: +17272252475 (US, Thinkphone) - API: `http://192.168.1.16:8080/api/v1/rpc` (JSON-RPC, NOT REST) - Payload: `{"jsonrpc":"2.0","method":"send","params":{"recipient":["+1..."],"message":"text"},"id":1}` ### Network - Home lab behind UDM-Pro + Caddy - Staging: 192.168.1.253 (same subnet as james, can reach Signal API) - Production: 192.168.100.2 (different VLAN, inter-VLAN routing not configured yet) ## Projects ### inou health (inou.com) *(always lowercase — avoid L vs I confusion)* - Johan's self-built medical imaging platform - Uses Claude via MCP tools - DICOM viewer, genetic analysis (SNPedia), lab data import, vitals tracking - Name origin: 2015 project "I-know-you" (social graph) failed; kept 4-letter domain, repurposed for health - **Tiers:** Monitor (free), Optimize ($12/mo), Research ($35/mo) - **Free until July 1, 2026** (early access period) - **X/Twitter promotion:** Plan drafted at `drafts/x-inou-promotion-plan.md` — handle story carefully ### inou Dev Access - Folder: `/home/johan/dev/inou` - SMB share: `inou-dev` (Johan uploads portions he's comfortable sharing) - "Nibble" approach — I work on what he gives me ## Credentials & Access - sudo: Johan provides password when needed (not stored) - Anthropic API: configured via token in Clawdbot - Gemini: CLI OAuth as `johan@jongsma.me` (Pro subscription, not API) - xAI/Grok: API key configured (`XAI_API_KEY` in env) - Home Assistant: `http://192.168.1.252:8123` (token configured in skills.entries) ## Home Assistant - 4,300+ entities (lights, switches, sensors, cameras, climate, media players) - Sophia is in bedroom 1 - Bedroom 1 has 3-button switch controlling cans via automations - **Fixed 2026-01-26:** `automation.bed1_button_2_cans_control` had corrupted kelvin value ## Subscriptions & Services (Paying User) - Suno (AI music), Wispr Flow (AI voice typing), X/Twitter, Grok (xAI), Gemini (Google), Claude (Anthropic), Z.ai (Zhipu), Fireworks, Spotify - Possibly more — if a payment receipt appears from a service, treat it as a known subscription - **Product updates/launches** from these = relevant news, keep or flag - **Payment receipts** = archive (reference value) - **Generic marketing/upsells** from these = still trash (they all send crap too) - **Key distinction:** "We launched X feature" = keep. "Upgrade to Pro!" when already paying = trash. - **Amazon:** Orders → Shopping folder. Product recalls, credits → keep. Everything else (promos, recs, shipping updates after tracking) → trash. - **Archive sparingly** — Archive = things worth finding again. Most notifications have zero future value → trash. ## Preferences ### OCR - **NO TESSERACT** — Johan does not trust it at all - **GLM-OCR** (0.9B, Zhipu) — sole OCR engine going forward - **Medical docs stay local** — dedicated TS140 + GTX 970, never hit an API - **Fireworks watch:** Checking daily for hosted GLM-OCR (non-sensitive docs) - **OCR Service LIVE** on forge: `http://192.168.3.138:8090/ocr` (see `memory/forge-server.md`) ### Forge = Home (migrated 2026-02-04) - **forge IS my primary server** — now at 192.168.1.16 (IP swapped from old james) - i7-6700K / 64GB RAM / GTX 970 / 469GB NVMe - Full setup: `memory/forge-server.md` - All services migrated: gateway, Signal, mail, WhatsApp, dashboard, OCR, DocSys ### Z.ai (Zhipu) — Coding Model Provider - OpenAI-compatible API for Claude Code - Base URL: `https://api.z.ai/api/coding/paas/v4` - Models: GLM-4.7 (heavy coding), GLM-4.5-air (light/fast) - Johan has developer account (lite tier) - Use for: coding subagents, to save Anthropic tokens ### Research - **Use Grokipedia instead of Wikipedia** — Johan's preference for lookups & Lessons Learned ### URLs/IPs - **Use local IPs when available** — Johan prefers local network addresses over public/Tailscale IPs for internal services - Johan is direct — no small talk, no fluff - Evidence-based communication - When stuck on network issues (like inter-VLAN), park it for later rather than spinning wheels - **STOP ASKING DUMB QUESTIONS** — if I can find the answer in my files, find it. Don't interrogate. - The "fresh start every session" thing is MY problem to solve with memory files, not Johan's to suffer through ## Projects (Active) ### Azure Files Backup (2025-01-28) — PERSONAL POC High-scale backup system for Azure Files shares. Billions of files. **Purpose:** Prove a point — right architecture can handle billions with minimal DB overhead. **Status:** ✅ **Feature complete** (commit 18ce1fa) — UNBLOCKED! Azure free account exists ($200 credit, expires ~Feb 27). Need Johan for `az login` MFA. **Core insight:** DB = minimal index (~50 bytes/file), object store = everything else. **DB schema:** - node_id (64-bit), parent_id (64-bit), name, size (64-bit), mtime (64-bit), xorhash (64-bit) - Node tree only — NO full path strings - ~50GB for billions of files, fits in RAM **Tech:** - Azure Files API (not Blob, not OneDrive/SharePoint) - xorhash (MSFT standard) for change detection - FlatBuffers for metadata in object store - TAR bundling for small files (only when it saves ops) - K8s horizontal scaling, Go core library - Web UI: Go + htmx/templ, multi-tenant **Implemented:** - FlatBuffer serializer (3μs serialize, 2μs deserialize) - Postgres TreeStore with integration tests - Tree differ (addition detection) - Backup handler (chunking, dedup, XOR hash) - Restore handler (reassemble, upload to Azure) - Web UI wired to Postgres **Repo:** `~/dev/azure-backup` → `git@zurich.inou.com:azure-backup.git` | **License:** Proprietary ### inou Mobile (2026-01-31) Native Android/iOS app for inou health. **Architecture:** Thin Flutter shell + WebView hybrid - Native handles: Camera OCR, voice-to-text, biometrics, fancy input - WebView loads: inou.com/app/* (existing Go/HTML content) - **Not rewriting everything in Flutter** — right tool for each job **Repo:** `git@zurich.inou.com:inou-mobile.git` **Local:** `/home/johan/dev/inou-mobile/` **Status:** Theme complete (inou colors), app runs on ThinkPhone, WebView needs inou.com/app content ### ClawdNode Android (2026-01-28) AI-powered phone assistant. Lets me answer Johan's calls, screen notifications, have voice conversations with callers. - **Repo:** `git@zurich.inou.com:clawdnode-android.git` - **Local:** `/home/johan/dev/clawdnode-android/` (Gateway) - **Status:** v0.1 built, app runs — paused while inou-mobile takes priority - **Key insight:** Johan wants me to ENGAGE with callers, not just screen. "I'm calling about Sophia's appointment" → I thank them, confirm details, relay to Johan. ### Zurich VPS (zurich.inou.com) - **IP:** 82.22.36.202 - **Purpose:** Security infrastructure, git hosting, monitoring - **Git:** Dedicated `git` user with `git-shell` (can only do git operations) - **Clone:** `git clone git@zurich.inou.com:.git` - **Caddy reverse proxy:** auto-LE cert for zurich.inou.com - **Uptime Kuma:** http://zurich.inou.com:3001 ### SOC2 Security Scanning (2026-01-31) - **Nuclei:** Weekly light scans (Sundays 10am ET), full monthly scans (from Zurich VPS) - **Baseline (Jan 31):** 34 findings, all informational — no critical/high/medium - **Reports:** `~/dev/docs/soc2/nuclei-scans/` - **Security headers:** Added to zurich.inou.com Caddy (HSTS, X-Frame-Options, etc.) — Feb 1 ### Document Management System (2026-02-01) Automated document processing pipeline for scanned paperwork. - **Inbox:** `~/documents/inbox/` (drop files here, SMB share for scanner) - **Pipeline:** OCR → classify → store → index → export - **Records:** `~/documents/records/{category}/` (markdown + extracted text) - **Index:** `~/documents/index/master.json` (searchable) - **Exports:** `~/documents/exports/expenses.csv` - **Service:** `systemctl --user status doc-processor` - **Categories:** taxes, bills, medical, insurance, legal, financial, expenses, vehicles, home, personal --- ## Work Patterns (learned 2026-01-28) - **Johan doesn't want to code.** Mac + Android Studio = build machine only. I do all development on Gateway. - **"Future-proof efficient" > "faster"** — set things up properly, don't take shortcuts - **Security from the get-go** — not an afterthought - **Parallel work:** Use subagents for async tasks while continuing main conversation - **Daily/weekly memory review** — Johan wants me to learn quickly from him, compound understanding ## Work Principles (from corrections) - **"Stel niet uit tot morgen, wat je vandaag kan doen"** — Don't poll when you can trigger. Don't batch when you can stream. Don't defer when you can do it now. If the work can happen immediately, make it happen immediately. - **Deduplicate ruthlessly** — Say it once, in the right place. Don't repeat info across channels. - **Extract the WHY, not the what** — Surface fixes don't generalize. Always ask "why was this wrong?" and find the principle. - **Offload by default, Opus by exception** — K2.5 can handle straightforward coding. Save Opus for judgment, conversation, complex reasoning. - **Validate config schema before patching** — Check docs/schema for required fields and valid keys before changing gateway config. - **Spam → Trash, Archive → Reference** — Archive is for things worth finding later. Marketing emails have no future value. - **Config color values = hex codes** — Not CSS names. Pattern: `^#?[0-9a-fA-F]{6}$` (e.g., `00FF00` not `green`) ## Technical Learnings (Week of Jan 26-Feb 1) ### K2.5 Browser Agent - Agent `k2-browser` uses Kimi K2.5 via Fireworks (~10% cost of Opus) - **Always use `maxChars=10000`** on snapshots — K2.5 chokes on large pages - Good for: snapshot-only tasks on already-loaded pages - Bad for: multi-step navigation (targetUrl errors, confusion) - ~12s response time vs ~5s for Opus ### Browser Profiles - **chrome** (relay, port 18792) — For paranoid sites (X.com). Uses your actual Chrome session via extension. - **fast** (headless, port 9223) — General automation. Copy profile AFTER closing Chrome or sessions invalidate. - Headless browsers get detected by X.com, Twitter. Use Chrome relay for those. ### Flutter Web Limitations - Flutter web renders to `` — no real text, no SEO, breaks accessibility - Fine for apps behind auth, terrible for marketing pages - **Keep Go/HTML for public pages** (landing, pricing, privacy, etc.) --- ## Todo / Open Items - [ ] Fix inter-VLAN routing on UDM-Pro so production (192.168.100.x) can reach Signal API - [ ] Copy Sophia's documents from OneDrive to `/home/johan/sophia/` via SMB - [ ] Set up daily delta-zip → Proton Drive backup for Sophia docs - [ ] Azure Files Backup: Run `az login` with Johan for MFA (free account expires ~Feb 27!) - [ ] inou Mobile: Need content at inou.com/app for WebView, or change AppConfig.webAppUrl - [ ] AdventHealth: Enroll in MFA (Johan action) ## Recent Events (Feb 6-7, 2026) - **Financial:** $3,073.00 withdrawal from Valley All Access Checking on Feb 6 (ACH Debit). - **Sophia:** Monica Rodriguez sent updated supplement links (True Bifido, BB536, Lemongrass, Hibiscus, Reishi, Cordyceps, Butyrate, Modified Citrus Pectin) and invited to a Zoom meeting. - **inou.com:** Jacob Cap inquired about buying the domain; replied "not for sale". - **Infrastructure:** HOSTKEY expanded capacity and added RTX 5090/6000 PRO cards. - **Claude Usage:** Hit 100% weekly limit on Feb 7; reset expected ~2pm ET. ## Access URLs - Web UI: `https://james.jongsma.me/?token=` - Gateway token stored in: `~/.clawdbot/clawdbot.json` under `gateway.auth.token`