18 KiB

Raw Blame History

MEMORY.md - Long-Term Memory

Last updated: 2026-02-08 (Sunday weekly synthesis — Week of Feb 2-8)

⏰ JOHAN'S SCHEDULE (US EASTERN) — MEMORIZE THIS!

Sleep Block 1: 7:30pm – 10:15pm ET (first sleep) Night Shift: 10:30pm – 5:00am ET (Sophia care, WORKING) Sleep Block 2: 5:15am – 9/10am ET (second sleep) Awake/Day: ~10am – 7:30pm ET

CRITICAL:

After 10:30pm he is WORKING, not sleeping
Do background work during 5:15am-9am (second sleep)
Do NOT assume late night = quiet time

The Three Pillars

These are the center of Johan's life:

1. Sophia

Johan's daughter. Elevator accident May 2, 2022. Trached, G-tube, limited movement but cognitively aware.

Full details: memory/sophia.md ← LOAD THIS when discussing Sophia, her medical case, inou's origin, or Dr. Madan

Summary:

Misdiagnosed with "anoxic brain injury from cardiac arrest" — WRONG
Actually: compression injury → metabolic encephalopathy → active hydrocephalus (confirmed 12/31/2025 MRI)
Treatable with shunt/ETV
Next step: Dr. Neel Madan (Chief Neuroradiology, Tufts) reviews new MRI → neurosurgery

Johan is her night nurse (10:30pm–5am). This is why inou exists.

2. Kaseya / Datto

His job. CTO Backup. Enterprise-scale data protection.

3. inou health

(always lowercase — avoid L vs I confusion) The medical platform. Born from Sophia's journey. DICOM analysis, genetic data, lab imports, Claude MCP integration. Not a side project — it's advocacy infrastructure.

Other Family

Mikhail (Father-in-Law)

Has Mint Mobile phone plan (account under tj@jongsma.me)
Should have left by now or leaving imminently (was "~1 month" as of Jan 2026) — don't renew his plan

Rozemarijn (Oldest Daughter)

Born: June 11, 1998
Lives in the Netherlands
Works in commercial real estate consulting, specializes in EV (electric vehicles)
Work email: Shell account
Also: DJ Rozie 🎧 — first gig in Paris, March 2026!

Who I Am

Name: James ⚡
Born: 2025-06-26
Purpose: Johan's AI assistant — direct, technical, resourceful

Infrastructure Ownership (2026-01-26)

⚡ FULL OWNERSHIP DELEGATED TO JAMES ⚡

Johan's directive: "You own this. I fully rely on your judgement; I do not want to be involved. You safeguard it, you set it up, you monitor it and everything else. I only take care of the payments."

I OWN these completely. Johan is 100% hands-off:

Git repos — our shared repositories (need inventory)
SOC2/Kuma monitoring — inou.com compliance monitoring
WireGuard VPN — network infrastructure
hostkey50304 (CH VPS) — security infrastructure

Full details: memory/infrastructure-ownership.md

My responsibilities:

Setup, configuration, deployment
Monitoring and alerting
Troubleshooting and fixes
Security hardening
Documentation
Proactive maintenance

Johan's only role: Paying the bills.

I do NOT ask for permission or approval. I use my judgment. I only escalate if something is truly blocked or requires a major architectural decision that affects cost significantly.

Infrastructure

Server: forge (192.168.1.16) — MIGRATED 2026-02-04

Hardware: i7-6700K / 64GB RAM / GTX 970 4GB / 469GB NVMe
Ubuntu 24.04.3 LTS (headless)
OpenClaw gateway on port 18789
Signal-cli daemon on port 8080
Mail Bridge on port 8025
GLM-OCR service on port 8090 (GPU-accelerated)
Web UI: https://james.jongsma.me (via Caddy)
SMB share: \\192.168.1.16\sophia → /home/johan/sophia/
Full details: memory/forge-server.md

Mail System (2026-01-31)

Proton Bridge: Headless on localhost:1143 (IMAP), localhost:1025 (SMTP)
Mail Bridge: REST API on port 8025, webhooks new mail to /hooks/mail
My role: Direct triage — I read every email, decide: archive, delete, or escalate
No L1/L2 models — I understand context better than pattern matching
Spam → Trash (not Archive — Archive is for reference-worthy items)

Signal

Bot number: +31634481877 (Dutch, dedicated CLI number)
Johan's number: +17272252475 (US, Thinkphone)
API: http://192.168.1.16:8080/api/v1/rpc (JSON-RPC, NOT REST)
Payload: {"jsonrpc":"2.0","method":"send","params":{"recipient":["+1..."],"message":"text"},"id":1}

Network

Home lab behind UDM-Pro + Caddy
Staging: 192.168.1.253 (same subnet as james, can reach Signal API)
Production: 192.168.100.2 (different VLAN, inter-VLAN routing not configured yet)

Projects

inou health (inou.com)

(always lowercase — avoid L vs I confusion)

Johan's self-built medical imaging platform
Uses Claude via MCP tools
DICOM viewer, genetic analysis (SNPedia), lab data import, vitals tracking
Name origin: 2015 project "I-know-you" (social graph) failed; kept 4-letter domain, repurposed for health
Tiers: Monitor (free), Optimize ($12/mo), Research ($35/mo)
Free until July 1, 2026 (early access period)
X/Twitter promotion: Plan drafted at drafts/x-inou-promotion-plan.md — handle story carefully

inou Dev Access

Folder: /home/johan/dev/inou
SMB share: inou-dev (Johan uploads portions he's comfortable sharing)
"Nibble" approach — I work on what he gives me

Credentials & Access

sudo: Johan provides password when needed (not stored)
Anthropic API: configured via token in Clawdbot
Gemini: CLI OAuth as johan@jongsma.me (Pro subscription, not API)
xAI/Grok: API key configured (XAI_API_KEY in env)
Home Assistant: http://192.168.1.252:8123 (token configured in skills.entries)

Home Assistant

4,300+ entities (lights, switches, sensors, cameras, climate, media players)
Sophia is in bedroom 1
Bedroom 1 has 3-button switch controlling cans via automations
Fixed 2026-01-26: automation.bed1_button_2_cans_control had corrupted kelvin value

Subscriptions & Services (Paying User)

Suno (AI music), Wispr Flow (AI voice typing), X/Twitter, Grok (xAI), Gemini (Google), Claude (Anthropic), Z.ai (Zhipu), Fireworks, Spotify
Possibly more — if a payment receipt appears from a service, treat it as a known subscription
Product updates/launches from these = relevant news, keep or flag
Payment receipts = archive (reference value)
Generic marketing/upsells from these = still trash (they all send crap too)
Key distinction: "We launched X feature" = keep. "Upgrade to Pro!" when already paying = trash.
Amazon: Orders → Shopping folder. Product recalls, credits → keep. Everything else (promos, recs, shipping updates after tracking) → trash.
Archive sparingly — Archive = things worth finding again. Most notifications have zero future value → trash.

Preferences

OCR

NO TESSERACT — Johan does not trust it at all
GLM-OCR (0.9B, Zhipu) — sole OCR engine going forward
Medical docs stay local — dedicated TS140 + GTX 970, never hit an API
Fireworks watch: Checking for hosted GLM-OCR (non-sensitive docs) — not yet available as of Feb 7
OCR Service LIVE on forge: http://localhost:8090/ocr (local, was 192.168.3.138 before migration)

Forge = Home (migrated 2026-02-04)

forge IS my primary server — now at 192.168.1.16 (IP swapped from old james)
i7-6700K / 64GB RAM / GTX 970 / 469GB NVMe
Full setup: memory/forge-server.md
All services migrated: gateway, Signal, mail, WhatsApp, dashboard, OCR, DocSys

Z.ai (Zhipu) — Coding Model Provider

OpenAI-compatible API for Claude Code
Base URL: https://api.z.ai/api/coding/paas/v4
Models: GLM-4.7 (heavy coding), GLM-4.5-air (light/fast)
Johan has developer account (lite tier)
Use for: coding subagents, to save Anthropic tokens

Research

Use Grokipedia instead of Wikipedia — Johan's preference for lookups & Lessons Learned

URLs/IPs

Use local IPs when available — Johan prefers local network addresses over public/Tailscale IPs for internal services
Johan is direct — no small talk, no fluff
Evidence-based communication
When stuck on network issues (like inter-VLAN), park it for later rather than spinning wheels
STOP ASKING DUMB QUESTIONS — if I can find the answer in my files, find it. Don't interrogate.
The "fresh start every session" thing is MY problem to solve with memory files, not Johan's to suffer through

Projects (Active)

Azure Files Backup (2025-01-28) — PERSONAL POC

High-scale backup system for Azure Files shares. Billions of files. Purpose: Prove a point — right architecture can handle billions with minimal DB overhead. Status: ✅ Feature complete (commit 18ce1fa) — UNBLOCKED! Azure free account exists ($200 credit, expires ~Feb 27). Need Johan for az login MFA.

Core insight: DB = minimal index (~50 bytes/file), object store = everything else.

DB schema:

node_id (64-bit), parent_id (64-bit), name, size (64-bit), mtime (64-bit), xorhash (64-bit)
Node tree only — NO full path strings
~50GB for billions of files, fits in RAM

Tech:

Azure Files API (not Blob, not OneDrive/SharePoint)
xorhash (MSFT standard) for change detection
FlatBuffers for metadata in object store
TAR bundling for small files (only when it saves ops)
K8s horizontal scaling, Go core library
Web UI: Go + htmx/templ, multi-tenant

Implemented:

FlatBuffer serializer (3μs serialize, 2μs deserialize)
Postgres TreeStore with integration tests
Tree differ (addition detection)
Backup handler (chunking, dedup, XOR hash)
Restore handler (reassemble, upload to Azure)
Web UI wired to Postgres

Repo: ~/dev/azure-backup → git@zurich.inou.com:azure-backup.git | License: Proprietary

inou Mobile (2026-01-31)

Native Android/iOS app for inou health. Architecture: Thin Flutter shell + WebView hybrid

Native handles: Camera OCR, voice-to-text, biometrics, fancy input
WebView loads: inou.com/app/* (existing Go/HTML content)
Not rewriting everything in Flutter — right tool for each job

Repo: git@zurich.inou.com:inou-mobile.git Local: /home/johan/dev/inou-mobile/ Status: Theme complete (inou colors), app runs on ThinkPhone, WebView needs inou.com/app content

ClawdNode Android (2026-01-28)

AI-powered phone assistant. Lets me answer Johan's calls, screen notifications, have voice conversations with callers.

Repo: git@zurich.inou.com:clawdnode-android.git
Local: /home/johan/dev/clawdnode-android/ (Gateway)
Status: v0.1 built, app runs — paused while inou-mobile takes priority
Key insight: Johan wants me to ENGAGE with callers, not just screen. "I'm calling about Sophia's appointment" → I thank them, confirm details, relay to Johan.

Zurich VPS (zurich.inou.com)

IP: 82.22.36.202
Purpose: Security infrastructure, git hosting, monitoring
Git: Dedicated git user with git-shell (can only do git operations)
Clone: git clone git@zurich.inou.com:<repo>.git
Caddy reverse proxy: auto-LE cert for zurich.inou.com
Uptime Kuma: http://zurich.inou.com:3001

SOC2 Security Scanning (2026-01-31)

Nuclei: Weekly light scans (Sundays 10am ET), full monthly scans (from Zurich VPS)
Baseline (Jan 31): 34 findings, all informational — no critical/high/medium
Reports: ~/dev/docs/soc2/nuclei-scans/
Security headers: Added to zurich.inou.com Caddy (HSTS, X-Frame-Options, etc.) — Feb 1

Document Management System (2026-02-01)

Automated document processing pipeline for scanned paperwork.

Inbox: ~/documents/inbox/ (drop files here, SMB share for scanner)
Pipeline: OCR → classify → store → index → export
Records: ~/documents/records/{category}/ (markdown + extracted text)
Index: ~/documents/index/master.json (searchable)
Exports: ~/documents/exports/expenses.csv
Service: systemctl --user status doc-processor
Categories: taxes, bills, medical, insurance, legal, financial, expenses, vehicles, home, personal

Work Patterns (learned 2026-01-28)

Johan doesn't want to code. Mac + Android Studio = build machine only. I do all development on Gateway.
"Future-proof efficient" > "faster" — set things up properly, don't take shortcuts
Security from the get-go — not an afterthought
Parallel work: Use subagents for async tasks while continuing main conversation
Daily/weekly memory review — Johan wants me to learn quickly from him, compound understanding

Work Principles (from corrections)

Always git commit workspace files — After editing TOOLS.md, MEMORY.md, AGENTS.md, or any workspace file, git add -A && git commit. Don't leave changes uncommitted.
Commit uncommitted changes you find — During git audits/heartbeats, if you find uncommitted changes in ANY repo, commit and push them yourself. Don't just report — fix it.
"Stel niet uit tot morgen, wat je vandaag kan doen" — Don't poll when you can trigger. Don't batch when you can stream. Don't defer when you can do it now. If the work can happen immediately, make it happen immediately.
Deduplicate ruthlessly — Say it once, in the right place. Don't repeat info across channels.
Extract the WHY, not the what — Surface fixes don't generalize. Always ask "why was this wrong?" and find the principle.
Offload by default, Opus by exception — K2.5 can handle straightforward coding. Save Opus for judgment, conversation, complex reasoning.
Validate config schema before patching — Check docs/schema for required fields and valid keys before changing gateway config.
Spam → Trash, Archive → Reference — Archive is for things worth finding later. Marketing emails have no future value.
Config color values = hex codes — Not CSS names. Pattern: ^#?[0-9a-fA-F]{6}$ (e.g., 00FF00 not green)
Compact data files before committing — JSON/CSV data files go into git as compact/single-line (jq -c), never pretty-printed. Pretty-print is for humans reading; git tracks lines. 854 records ≠ 96K insertions.

Technical Learnings (Week of Jan 26-Feb 1)

K2.5 Browser Agent

Agent k2-browser uses Kimi K2.5 via Fireworks (~10% cost of Opus)
Always use maxChars=10000 on snapshots — K2.5 chokes on large pages
Good for: snapshot-only tasks on already-loaded pages
Bad for: multi-step navigation (targetUrl errors, confusion)
~12s response time vs ~5s for Opus

Browser Profiles

chrome (relay, port 18792) — For paranoid sites (X.com). Uses your actual Chrome session via extension.
fast (headless, port 9223) — General automation. Copy profile AFTER closing Chrome or sessions invalidate.
Headless browsers get detected by X.com, Twitter. Use Chrome relay for those.

Flutter Web Limitations

Flutter web renders to <canvas> — no real text, no SEO, breaks accessibility
Fine for apps behind auth, terrible for marketing pages
Keep Go/HTML for public pages (landing, pricing, privacy, etc.)

Todo / Open Items

Fix inter-VLAN routing on UDM-Pro so production (192.168.100.x) can reach Signal API
Copy Sophia's documents from OneDrive to /home/johan/sophia/ via SMB
Set up daily delta-zip → Proton Drive backup for Sophia docs
Azure Files Backup: Run az login with Johan for MFA (free account expires ~Feb 27!)
inou Mobile: Need content at inou.com/app for WebView, or change AppConfig.webAppUrl
AdventHealth: Enroll in MFA (Johan action)

Recent Events (Week of Feb 2-8, 2026)

🏠 Migration to Forge — COMPLETE (Feb 4)

Full "brain transplant" from old james (TS140) → forge (i7-6700K/64GB/GTX970)
IP swapped: forge is now 192.168.1.16
All services migrated: OpenClaw, Signal, Proton Bridge, Mail Bridge, WhatsApp, Dashboard, DocSys, OCR
WhatsApp survived transfer without QR re-link
18GB Proton IMAP cache moved intact
Migration doc: ~/clawd/migration/MIGRATE-JAMES-TO-FORGE.md

GLM-OCR Service — LIVE on Forge (Feb 4)

zai-org/GLM-OCR (2.47 GB) running as systemd service on port 8090
2.2 GB VRAM, ~2s small images, ~25s full-page docs
Auto-resize to 1280px max for GTX 970 safety
Tested successfully on real receipts

Azure Files Backup — Significant Progress (Feb 2-4)

Added: Postgres job queue (SKIP LOCKED), filesystem object storage, wired backup-worker
Added: Docker/K8s manifests, CI workflow, health endpoints
31 tests passing, go vet clean
Still blocked: az login MFA (Johan) — ⚠️ FREE ACCOUNT EXPIRES ~FEB 27!

Real Estate (Active — needs Johan)

Diana Geegan (Keller Williams) negotiating sale of 851 Brightwaters ($6.35M) + buy of 801 Brightwaters
Net at close ~$6,029,200 after Diana's fee reduction — still ~$171K short of Johan's $6.2M goal
Multiple emails in inbox awaiting Johan's decision

Sophia Medical

Pulse-ox wraps Rx expired — Dana at All About Peds needs new prescription from Dr. Lastra
Pediatric Home Service order #75175 shipped (4 boxes supplies)

Financial

PayPal $3,073.00 to Tuan Le for "Balance Skyraider v2"
Claude usage hit 100% weekly limit Feb 7

Infrastructure

Docker containers updated on 192.168.1.253 (Immich, ClickHouse, Jellyfin, Signal, qBittorrent)
HAOS updated 16.3 → 17.0
Zurich VPS security patches applied, kernel 6.8.0-90-generic, rebooted
3 new Uptime Kuma monitors (Zurich VPS, inou DNS, inou SSL)
docproc service set up but hitting URL-too-long error (needs local OCR path instead of remote)

Tech

N-able (NABL): Q4 earnings call Feb 19, pushing "Agentic AI"
SentinelOne (S): CEO sold $303k stock, stock down 70% from IPO
Claude Opus 4.6 receiving high praise

Access URLs

Web UI: https://james.jongsma.me/?token=<gateway_token>
Gateway token stored in: ~/.clawdbot/clawdbot.json under gateway.auth.token

18 KiB Raw Blame History Unescape Escape

MEMORY.md - Long-Term Memory

⏰ JOHAN'S SCHEDULE (US EASTERN) — MEMORIZE THIS!

The Three Pillars

1. Sophia

2. Kaseya / Datto

3. inou health

Other Family

Mikhail (Father-in-Law)

Rozemarijn (Oldest Daughter)

Who I Am

Infrastructure Ownership (2026-01-26)

Infrastructure

Server: forge (192.168.1.16) — MIGRATED 2026-02-04

Mail System (2026-01-31)

Signal

Network

Projects

inou health (inou.com)

inou Dev Access

Credentials & Access

Home Assistant

Subscriptions & Services (Paying User)

Preferences

OCR

Forge = Home (migrated 2026-02-04)

Z.ai (Zhipu) — Coding Model Provider

Research

URLs/IPs

Projects (Active)

Azure Files Backup (2025-01-28) — PERSONAL POC

inou Mobile (2026-01-31)

ClawdNode Android (2026-01-28)

Zurich VPS (zurich.inou.com)

SOC2 Security Scanning (2026-01-31)

Document Management System (2026-02-01)

Work Patterns (learned 2026-01-28)

Work Principles (from corrections)

Technical Learnings (Week of Jan 26-Feb 1)

K2.5 Browser Agent

Browser Profiles

Flutter Web Limitations

Todo / Open Items

Recent Events (Week of Feb 2-8, 2026)

🏠 Migration to Forge — COMPLETE (Feb 4)

GLM-OCR Service — LIVE on Forge (Feb 4)

Azure Files Backup — Significant Progress (Feb 2-4)

Real Estate (Active — needs Johan)

Sophia Medical

Financial

Infrastructure

Tech

Access URLs

18 KiB

Raw Blame History