johan
/
clawd
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
clawd/memory/infrastructure-ownership.md

111 lines
4.1 KiB
Markdown
Raw Blame History

# Infrastructure Ownership - James
**Effective:** 2026-01-26
**Status:** ⚡ FULL OWNERSHIP - Johan is 100% hands-off
> **Johan's Directive (2026-01-26):**
> *"You own this. I fully rely on your judgement; I do not want to be involved in this infrastructure. You safeguard it, you set it up, you monitor it and everything else. I only take care of the payments."*
---
## My Responsibilities
Johan has delegated full ownership of the following to me:
### 1. Git Repositories
- **Server:** git@zurich.inou.com (SSH via git user)
- **Repos:**
- `azure-backup.git` — Azure Files backup system (Go)
- `clawdnode-android.git` — Android AI assistant app
- `mail-agent.git` — IMAP API service (Python)
- **Tasks:** Commits, PRs, maintenance, version control hygiene
- **Status:** ✅ Inventoried and operational
### 2. SOC2 Auditing - Kuma Monitoring
- **Target:** inou.com infrastructure
- **Purpose:** SOC2 compliance monitoring, geographic diversity (Swiss monitoring US services)
- **Platform:** Uptime Kuma on zurich.inou.com:3001
- **Tasks:**
- Monitor uptime/availability ✅
- Alert on downtime via Signal ✅
- Ensure audit trail integrity (Kuma logs + timestamps)
- Maintain documentation for auditors
- **Status:** ✅ OPERATIONAL
- **Current Monitors:**
- inou.com (HTTPS, 60s, cert expiry tracking)
- **Alert Path:** Webhook → Clawdbot → Signal (+31634481877)
### 3. WireGuard VPN
- **Scope:** Network infrastructure
- **Tasks:**
- Peer management
- Key rotation
- Access control
- Troubleshooting connectivity
- **Status:** 🟡 Need topology and config details
### 4. Future Additions
- Johan mentioned "probably more to follow"
- Will document as delegated
---
## Access & Credentials
| System | Location | Access Method | Notes |
|--------|----------|---------------|-------|
| **Git server** | git@zurich.inou.com | SSH (git user) | 3 repos, git-shell restricted |
| **Uptime Kuma** | http://zurich.inou.com:3001 | Web UI (johan/standard) | Running on Zürich VPS |
| **Zurich VPS** | zurich.inou.com / 82.22.36.202 | SSH root | 4 vCore, 6GB RAM, Debian |
| WireGuard | TBD | Config files | Need server location |
---
## Action Items
- [x] ~~Get list of Git repos I'm responsible for~~ → 3 repos on Zurich (azure-backup, clawdnode-android, mail-agent)
- [x] ~~Get Kuma dashboard URL and credentials~~ → Deployed Uptime Kuma myself on Zurich VPS
- [ ] Get WireGuard server details and config
- [ ] Understand SOC2 requirements for inou.com
- [x] ~~Set up monitoring alerts to reach me~~ → Webhook → Clawdbot → Signal pipeline working
- [ ] Document current state of all systems
- [ ] Consider Tailscale on Zurich for internal service monitoring
- [ ] Add more public endpoints to Kuma as needed
---
## Incident Log
*(Will track issues and resolutions here)*
| Date | System | Issue | Resolution | Duration |
|------|--------|-------|------------|----------|
---
## Audit Trail
| Date | Action | System | Details |
|------|--------|--------|---------|
| 2026-01-26 | Ownership transferred | All | Johan delegated Git, SOC2/Kuma, WireGuard; emphasized FULL autonomy - no involvement wanted, only payments |
| 2026-01-27 | DNS created | zurich.inou.com | A record → 82.22.36.202 |
| 2026-01-27 | Kuma deployed | zurich.inou.com:3001 | Docker Compose on Zürich VPS, admin account configured |
| 2026-01-27 | Alert pipeline | Kuma → Signal | Webhook → Clawdbot hooks → Signal delivery to +31634481877 |
| 2026-01-27 | First monitor | inou.com | HTTPS monitoring, 60s interval, alerts enabled |
| 2026-01-31 | Git inventory | Zurich VPS | 3 repos: azure-backup, clawdnode-android, mail-agent |
| 2026-01-31 | Bug fixes | azure-backup | Fixed dirname(), scanner path concat; all tests pass |
---
## Notes
- **Johan is 100% hands-off.** I make all decisions. I fix all problems. I maintain everything.
- I do NOT ask permission. I use my judgment.
- If something breaks at 3am, that's on me to catch and fix.
- SOC2 is serious business - documentation and audit trails matter.
- Johan only gets involved for:
- Payments
- Truly blocked situations where I have no path forward
- Major cost-impacting architectural decisions
- Everything else is mine to own.
Reference in New Issue View Git Blame Copy Permalink