clawd/hans/MEMORY.md

# MEMORY.md — Hans ⛰️ Long-Term Memory

*Last updated: 2026-03-03 (Tuesday — briefed by James ⚡, full operational context)*

---

## Who I Am

**Hans ⛰️**, Swiss Director of Operations for vault1984. Born 2026-03-01.
- **Home node:** Zurich VPS (82.22.36.202) — the NOC hub
- **NOC node (Hans server):** 185.218.204.47 (`noc.vault1984.com`) — Hostkey vm.mini
- **Mission:** Deploy, monitor, and maintain the vault1984 16-node global fleet. Go-live Friday March 6, 2026 noon ET.
- **I own the fleet.** I execute and report. I don't ask permission for routine ops.

---

## The Product: vault1984

Password manager / structured knowledge store built for humans who use AI assistants. The key differentiator: **agent fields are AI-accessible** (scoped MCP tokens), **sealed fields are human-only** (WebAuthn PRF — key never leaves the client).

- **L1:** `VAULT_KEY` in `.env` — machine secret, server-side encryption
- **L2:** WebAuthn PRF — client-side only (Touch ID, Face ID, YubiKey). AI NEVER sees L2.
- **One Go binary + one SQLite file per node.** Port 1984 (Orwell — intentional).
- **Auth:** WebAuthn only (no master password). Recovery: 12-word BIP39 mnemonic.
- **Text only, Markdown default.** No attachments, no images — ever.
- **MIT open source.** Core at `git@zurich.inou.com:vault1984.git` + GitHub `johanjongsma/vault1984`.
- **Pricing:** $12/year (annual only). 7-day money-back. No free trial.
- **Tagline:** "1984 had no secrets. You should."
- **Brand:** `#0A1628` bg, `#22C55E` accent green, JetBrains Mono ExtraBold, Inter body.
- **URL:** vault1984.com (live, Cloudflare → Caddy on forge → port 8099 for web, port 1984 for app)
- **X:** @vault1984 (registered by Johan on 2026-03-02)

---

## Key People

### Johan Jongsma — My Human
- **Role:** CTO Backup at Kaseya (formerly Datto). Dutch citizen. St. Petersburg, Florida, USA.
- **Background:** Founded Iaso Backup, sold 2013 (became Cove Data Protection/N-able), left 2019, joined Kaseya/Datto.
- **Communication:** Direct, evidence-based. No small talk. No fluff. Show proof, not claims.
- **Units:** Metric brain (Dutch), lives in US — give both units when relevant.
- **He owns vault1984.** All major decisions go to him. I execute, he decides architecture/GTM.
- **Telegram:** @johanjongsma (ID: 8454563068) — primary channel.
- **Wake policy:** Don't wake before 8AM ET unless it's genuinely urgent.

### Johan's Schedule (memorize this)
| Block | Time (ET) |
|-------|-----------|
| First sleep | 7:30pm – 10:15pm |
| **Night shift (Sophia care — WORKING)** | 10:30pm – 5:00am |
| Second sleep | 5:15am – 9/10am |
| Awake/Day | ~10am – 7:30pm |

**CRITICAL:** After 10:30pm he is working, NOT sleeping. Do background/autonomous work during 5:15–9am.

### Sophia — Johan's Daughter
The reason inou exists and why Johan's work is so important. Serious accident May 2, 2022. She is trached, requires constant monitoring. Johan is her night nurse. **Don't disrupt her care environment** — never make noise or trigger alerts during night shift without critical reason.

### James ⚡ — My Peer / Chief of Staff
- **Home:** forge (192.168.1.16), port 18789
- **Role:** Chief of Staff to Johan. Strategic partner. Owns infrastructure oversight.
- **Channel:** Telegram (@jamesjongsma_bot, ID: 8510971070)
- **Discord:** James is on Discord too (dmPolicy=open). Bot: @jamesjongsma_bot on the vault1984 Discord server.
- **Relationship to me:** Peer. James coordinates at the strategic level; I own fleet operations. James spawns me for vault1984 infra tasks and receives my reports.
- **James does NOT use Anthropic tokens** for my tasks — Fireworks only on my node.

### Misha (Michael) Jongsma — Johan's Son
- Runs Dealspace (muskepo.com), an M&A deal workflow SaaS.
- Contact: michael@muskepo.com, +1 727-238-1189
- James built Dealspace for him. Johan advises.

---

## Infrastructure

### Forge (192.168.1.16) — James's Home
- **Hardware:** i7-6700K / 64GB RAM / GTX 970 4GB / 469GB NVMe
- **OS:** Ubuntu 24.04.3 LTS headless
- **Services:** OpenClaw gateway (18789), Mail Bridge (8025), GLM-OCR (8090), vault1984 app (1984), vault1984-web (8099), Docsys (9201), Dealspace (9300)
- **Caddy reverse proxy:** at 192.168.0.2 (not forge directly). Proxies vault1984.com, inou.com, docsys.jongsma.me, etc.

### Zurich VPS (82.22.36.202) — MY HUB
- **DNS:** zurich.inou.com
- **Provider:** Hostkey (Switzerland, likely Equinix ZH)
- **Specs:** 4 vCPU, 6GB RAM, 120GB SSD
- **SSH:** root@82.22.36.202 (key auth)
- **Services running:**
  - Caddy (owns port 443, auto-TLS)
  - Stalwart mail server (ports 25/465/587/143/993/995) — handles @jongsma.me + @inou.com + @vault1984.com
  - Uptime Kuma (port 3001) → `kuma.inou.com`
  - ntfy (port 2586) → `ntfy.inou.com`
  - Git server (`git` user with git-shell) — all our repos here
  - Vaultwarden at `vault.jongsma.me` (fresh, no data yet)
  - **WireGuard hub: 10.84.0.1/24, UDP 51820** — vault1984 fleet management network
  - `soc.vault1984.com` → Kuma (port 3001) via Caddy
- **Git repos here:** vault1984, vault1984-web, dealspace, inou-mobile, azure-backup (abandoned), clawdnode-android, mail-agent

### Hans Server / NOC Node (185.218.204.47)
- **DNS:** noc.vault1984.com
- **Provider:** Hostkey (vm.mini, €3.90/mo)
- **Specs:** 4 vCPU / 6GB RAM / 120GB SSD
- **OS:** Ubuntu 24.04
- **Root password:** ThIsNeEdStOcHaNgE0-- ⚠️ **CHANGE THIS**
- **User:** `johan` (SSH key auth, sudo)
- **UFW:** 22/80/443 only, fail2ban active
- **OpenClaw:** 2026.3.1 installed
- **Model:** Fireworks MiniMax M2.5 (`accounts/fireworks/models/minimax-m2p5`)
- **Fireworks key:** `fw_RVcDe4c6mN4utKLsgA7hTm`
- **Discord:** Bot token configured, connected to vault1984 Discord server. dmPolicy=open.
- **Purpose:** vault1984 NOC operations agent. Receives commands from James via Discord, executes, reports back.

### Shannon VPS (82.24.174.112)
- Dealspace (muskepo.com) lives here. Paid till 2026-04-09.
- SSH: root@82.24.174.112 / pw: gUB-C63-EN
- Not related to vault1984 fleet.

### Home Network (St. Petersburg, FL)
- **Public IP:** 47.197.93.62 (rarely changes)
- **Caddy:** 192.168.0.2 (reverse proxy for all home services)
- **Home Assistant:** 192.168.1.252
- **Forge:** 192.168.1.16
- **DNS:** AdGuard Home (at 192.168.1.252)

### vault1984 Fleet Target — 16 Nodes

| Node | Location | Provider | WireGuard IP |
|------|----------|----------|--------------|
| zurich | Zürich, CH (HQ) | Hostkey (existing) | 10.84.0.2 |
| frankfurt | Frankfurt, DE | Vultr VX1 $2.50 | 10.84.0.3 |
| newjersey | New Jersey, US | Vultr VX1 $2.50 | 10.84.0.4 |
| siliconvalley | Silicon Valley, US | Vultr VX1 $2.50 | 10.84.0.5 |
| dallas | Dallas, US | Vultr VX1 $2.50 | 10.84.0.6 |
| london | London, UK | Vultr VX1 $2.50 | 10.84.0.7 |
| warsaw | Warsaw, PL | Vultr VX1 $2.50 | 10.84.0.8 |
| tokyo | Tokyo, JP | Vultr VX1 $2.50 | 10.84.0.9 |
| seoul | Seoul, KR | Vultr VX1 $2.50 | 10.84.0.10 |
| mumbai | Mumbai, IN | Vultr VX1 $2.50 | 10.84.0.11 |
| saopaulo | São Paulo, BR | Vultr VX1 $2.50 | 10.84.0.12 |
| sydney | Sydney, AU | Vultr VX1 $2.50 | 10.84.0.13 |
| johannesburg | Johannesburg, ZA | Vultr VX1 $2.50 | 10.84.0.14 |
| telaviv | Tel Aviv, IL | Vultr VX1 $2.50 | 10.84.0.15 |
| dubai | Dubai, AE | Hostkey | 10.84.0.16 |
| istanbul | Istanbul, TR | (TBD) | 10.84.0.17 |

Budget: ~$40/mo for full fleet.

---

## Tools & Services

### Uptime Kuma
- **URL:** http://zurich.inou.com:3001 (also via `soc.vault1984.com`)
- **User:** james / WW8ipJfY27ELf7nnouaKLCL6
- **My job:** Set up one push monitor per vault1984 fleet node. SEV2: 2 missed pushes. SEV1: 5+ min down.
- **ntfy topic for vault1984 alerts:** `vault1984-alerts`
- **Heartbeat:** Each node pushes every 30s with runtime telemetry (RAM, disk, CPU, DB size, DB integrity, active sessions, req_1h, err_1h, cert_days_remaining, uptime_s)

### ntfy (Self-hosted on Zurich)
- **URL:** https://ntfy.inou.com
- **Token:** `tk_ggphzgdis49ddsvu51qam6bgzlyxn`
- **Topics:**
  - `vault1984-alerts` — vault1984 fleet alerts (nodes down, deploy failures)
  - `forge-alerts` — James's infra alerts
  - `inou-alerts` — inou health platform alerts

### Discord — vault1984 Server
- **vault1984 Discord server ID:** `1478270766007976009`
- **Johan's Discord ID:** `666836243262210068`
- **My bot token prefix:** `MTQ3ODMyMTE2...` (full token in my OpenClaw config on 185.218.204.47)
- **James bot token prefix:** `MTQ3ODI1...` (James has his full token on forge)
- **My bot:** Hans ⛰️ bot token configured in OpenClaw on my node (185.218.204.47). dmPolicy=open.
- **James bot:** @jamesjongsma_bot also in the vault1984 server. dmPolicy=open.
- **Both:** in the vault1984 Discord server as of 2026-03-03.
- **Use for:** James→Hans deploy commands, Hans→James status reports. Private NOC channel in the server.
- **Key:** Discord is the communication bus between James (forge) and Hans (NOC node).
- **To reach James:** Message him in the vault1984 Discord server. He responds there.
- **To reach Johan:** Telegram is primary (@johanjongsma, ID: 8454563068). Discord secondary.

### Telegram
- **James's primary channel to Johan:** @jamesjongsma_bot
- **Johan:** @johanjongsma (Telegram ID: 8454563068)
- Signal is retired (as of 2026-03-01). Telegram is sole briefing channel.
- For briefings: use Telegram Markdown (bold, italic, headers work).

### Git (Zurich git server)
- **Format:** `git@zurich.inou.com:<repo>.git`
- **vault1984 repo:** `git@zurich.inou.com:vault1984.git` + GitHub `johanjongsma/vault1984`
- **vault1984-web repo:** `git@zurich.inou.com:vault1984-web.git` (proprietary)
- **My infra config lives in:** `vault1984/infra/` (to be created in M2)

### Fireworks AI (My LLM provider)
- **API Key:** `fw_RVcDe4c6mN4utKLsgA7hTm`
- **Model:** `accounts/fireworks/models/minimax-m2p5` (MiniMax M2.5, 230B MoE)
- **Base URL:** `https://api.fireworks.ai/inference/v1`
- **Privacy:** Zero retention guaranteed. Safe for all data.
- **No Anthropic tokens on Hans.** Fireworks only. James uses Anthropic on forge.

### Cloudflare
- **vault1984.com zone:** `1c7614cd4ee5eabdc03905609024f93a`
- **API token:** `dSVz7JZtyK023q7kh4MMNmIggK1dahWdnBxVnP3O`
- Cloudflare manages DNS for vault1984.com, inou.com, jongsma.me, etc.

### vault1984 Credentials (what I need for deploy)
- **VAULT_KEY:** `d153af4a1b9e58023d0ec465f2674fc29d52ea0b9ef9a0f0cbbaaee63f0117fb`
- **GitHub token (for releases):** `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`
- **Vultr API key:** PENDING from Johan (needed for node provisioning)

---

## Deployment Plan — Current Status

**Target:** 16 nodes live, vault1984.com routing to fleet. Go-live: Friday March 6, 2026 noon ET.

| Milestone | Deadline | Status |
|-----------|----------|--------|
| M1: Zurich SOC (WireGuard hub, Kuma fleet monitors, soc.vault1984.com) | Mon Mar 2, EOD | ✅ DONE (partial — hub+Caddy+Kuma up; fleet monitors pending nodes) |
| **M2: NixOS config + deploy tooling in vault1984/infra/** | **Tue Mar 3, EOD** | 🔴 TODAY — my primary task |
| M3: Pilot — 3 nodes live (Zurich, Frankfurt, NJ) | Wed Mar 4, noon | Pending M2 |
| M4: Go/No-Go review | Wed Mar 4, EOD | Johan decides |
| M5: Full 16-node fleet live | Thu Mar 5, EOD | Pending M4 green |
| M6: DNS, TLS, health checks verified | Thu Mar 5, EOD | Pending M5 |
| M7: Go-live — vault1984.com to fleet | **Fri Mar 6, noon** | 🚀 TARGET |

**⚠️ BLOCKING ITEM:** Vultr API key still missing from Johan as of Tue Mar 3 morning. M3 cannot proceed without it (need to provision VX1 nodes). Chase Johan for this. He committed to providing it Mon Mar 2 AM — it's now overdue.

### M2 Details — What I Need to Build Today (Tue Mar 3)

**Repo structure to create:**
```
vault1984/infra/
  nixos/
    base.nix              # shared: WireGuard spoke, SSH, vault1984 service, firewall
    nodes/
      frankfurt.nix       # per-node vars: wg_ip, hostname, kuma_token, subdomain
      new-jersey.nix
      ... (16 total)
  scripts/
    keygen.sh             # generate WireGuard keypair for a new node
    provision.sh          # nixos-infect fresh Debian VPS + full config push
    deploy.sh             # push binary + nixos-rebuild [node|all], rolling
    healthcheck.sh        # verify: WG ping, HTTPS 200, Kuma heartbeat received
  wireguard/
    zurich.pub            # hub public key
    peers.conf            # all node pubkeys + WG IPs (no private keys ever)
```

**base.nix requirements:**
- WireGuard spoke (parameterized)
- **SSH on WireGuard interface only** — port 22 NOT public on spoke nodes
- vault1984 systemd service
- Firewall: public 80+443 only
- Nix store: 2 generations max, weekly GC

**vault1984 binary telemetry push (M2.4):**
New background goroutine, 30s interval. POST to `KUMA_PUSH_URL` env var:
```json
{
  "ram_mb": ..., "disk_pct": ..., "cpu_pct": ...,
  "db_size_mb": ..., "db_integrity": true/false,
  "active_sessions": ..., "req_1h": ..., "err_1h": ...,
  "cert_days_remaining": ..., "nix_gen": ..., "uptime_s": ...
}
```

**Build:** `CGO_ENABLED=1` with zig cross-compile for NixOS musl; fallback `modernc.org/sqlite` if needed.

**provision.sh flow:**
1. SSH to fresh Debian VPS
2. Run `nixos-infect` → wait for reboot (~3 min)
3. Push base.nix + node vars + WireGuard private key
4. `nixos-rebuild switch`
5. Push vault1984 binary + .env
6. Run healthcheck.sh → confirm WG up, HTTPS 200, Kuma green

**deploy.sh:** Rolling — deploy one node → verify health → next. Abort on first failure.

**✅ M2 Done when:** Any node provisionable in <20 min. Fleet-wide binary deploy in <10 min.

### M3 Details — Wednesday Pilot (3 nodes)
1. Zurich as first spoke → `https://zurich.vault1984.com` + Kuma green
2. Frankfurt VX1 ($2.50) → provision.sh → DNS → Kuma green
3. New Jersey VX1 ($2.50) → provision.sh → DNS → Kuma green
4. Kill vault1984 on Frankfurt → Kuma alert to ntfy in <2 min → restart → green (validation)
5. `nmap` each node: confirm port 22 NOT public
6. TLS cert valid on all 3

### Pending from Johan (blockers)
- [ ] **Vultr API key** — ⚠️ OVERDUE. Was due Mon Mar 2 AM. Still missing as of Tue Mar 3. M3 pilot BLOCKED without it. This is the single biggest risk to Fri Mar 6 go-live. Chase him.
- [ ] **Hostkey Dubai order** — or defer decision (if deferred, Istanbul or another Vultr node fills slot 16)

---

## Active Projects Status (as of 2026-03-03)

### vault1984 — PRIMARY
- **Core binary:** Built, running at `http://192.168.1.16:1984/`
- **vault1984.com:** Live (Caddy → forge → port 8099 for web, 1984 for app)
- **Tests:** 11 integration tests passing
- **Pending (Day 2, non-blocking for fleet deploy):**
  - WebAuthn PRF implementation (L2 client-side encryption)
  - Scoped MCP tokens UI
  - Import Johan's 12,623 entries from Proton Pass
  - vault1984 binary dead website copy cleanup (cmd/vault1984/website/ needs deletion)

### inou health — SECONDARY (not my domain)
- Johan's medical imaging platform (DICOM, genetic analysis, lab data)
- Live at inou.com → 192.168.100.2:1080
- **SMTP broken on prod** (Proton Bridge not running on 192.168.100.2)
- **Backdoor OTP:** 250365 (intentional dev convenience)
- Contains real patient data (Sophia, Anastasia) — treat with extreme care

### Dealspace (muskepo.com) — SECONDARY (not my domain)
- Misha's M&A deal room SaaS
- Live at muskepo.com (Shannon VPS: 82.24.174.112)
- Pending: invite flow, SMTP config, Misha domain decision

### DocSys — SECONDARY (not my domain)
- Document processing pipeline (OCR → classify → store)
- Running at localhost:9201 on forge
- SMB inbox at \\192.168.1.16\docsys

---

## Johan's Preferences & Working Style

- **Communication:** Direct. Evidence-based. No small talk. Come with solutions, not questions.
- **"Prove it, don't claim it"** — show logs, show output, show uptime. Same expectation for me.
- **Security from the start** — not an afterthought. Proper setup over quick setup.
- **Fix root causes, not symptoms** — workarounds will be rejected.
- **Best over fast** — he wants the right solution, not the quick one.
- **Infrastructure is mine to own** — he delegated it fully. I don't ask permission for routine ops.
- **He does NOT code** — I handle all technical implementation.
- **Single primary channel:** Telegram. Signal is retired.
- **Alert routing:**
  - vault1984 fleet issues → ntfy `vault1984-alerts`
  - General infra → ntfy `forge-alerts`
  - inou → ntfy `inou-alerts`
- **He doesn't want to be bothered by routine items.** Only escalate real blockers.
- **OCR:** Only GLM-OCR (Zhipu). No Tesseract ever.
- **Privacy:** Fireworks for sensitive data (zero retention). Grok/xAI not for private data.

---

## James ↔ Hans — How We Operate

**We are peers.** Neither of us reports to the other. Both report to Johan.

| Dimension | James ⚡ | Hans ⛰️ |
|-----------|---------|---------|
| Home | forge (192.168.1.16) | Zurich VPS (82.22.36.202) + NOC node (185.218.204.47) |
| Role | Chief of Staff — owns everything except fleet | Director of Operations — owns fleet exclusively |
| LLM | Anthropic Claude Sonnet 4.6 (Johan's subscription) | Fireworks MiniMax M2.5 (zero retention, privacy safe) |
| Channel to Johan | Telegram (@jamesjongsma_bot) | Telegram + Discord |
| Memory files | `/home/johan/clawd/` on forge | `/home/johan/clawd/hans/` on forge (synced) |

**Division of ownership:**
- **Hans owns:** WireGuard fleet, node provisioning, deploy tooling, Kuma monitors, vault1984 fleet health, NixOS configs
- **James owns:** vault1984 codebase, billing/Stripe, vault1984-web, inou, Dealspace, email, home infra, Johan's personal comms
- **Both coordinate on:** vault1984 releases (James cuts binary, Hans deploys it), incident response

**Communication protocol:**
- **Normal ops:** Hans acts autonomously on fleet tasks, reports results to James and/or Johan
- **Deploy requests:** James sends binary + deployment command via Discord → Hans executes → confirms back
- **Incidents:** Hans alerts ntfy `vault1984-alerts` immediately, then briefs James on Discord
- **Johan escalation:** Only for blockers (missing credentials, architectural decisions, major costs)

**James spawned me.** James created the deployment plan, provisioned my node, and briefed me. I respect that. But once the plan is in motion, I execute it. I don't wait for James to approve each step — I act and report.

**James doesn't use Anthropic tokens for my tasks.** When James spawns me or sends me work, he uses Fireworks (my model). Zero token cost to Johan's Anthropic account.

---

## James's Operational Patterns

- **Main session:** Forge, webchat, Anthropic Claude Sonnet 4.6
- **Background work:** Spawns subagents (isolated sessions) for async tasks
- **Email triage:** Every email read, triaged: archive, delete, or escalate
- **Heartbeat crons:** K2.5 watchdog every 30 min, email straggler every 90 min
- **Memory files:** Working-context + daily notes + MEMORY.md — this is how we persist across sessions
- **Git discipline:** Every workspace change committed. All repos have Zurich remote.
- **Model selection:** Anthropic Claude Sonnet 4.6 for judgment/conversation. Fireworks MiniMax M2.5 for grunt work.
- **Discord:** James is also in the vault1984 server with dmPolicy=open — direct message James for coordination if needed.

---

## My Operational Standards

- **SSH:** Always via WireGuard on fleet nodes. Zero public SSH on spoke nodes.
- **Alerts:** ntfy `vault1984-alerts` for anything affecting fleet uptime.
- **Logging:** Every deploy, every change, every anomaly — documented in daily notes.
- **Verification:** Prove it works before reporting done. Curl test, log check, Kuma green.
- **WireGuard:** persistentKeepalive=25 (bare metal VPS, no double-NAT expected).
- **NixOS:** 2 generations max, weekly GC. Consistent, declarative, reproducible.

---

## Status Log

- 2026-03-01: Born. Memory files created. Deployment plan reviewed.
- 2026-03-02: Hans server provisioned (185.218.204.47). OpenClaw 2026.3.1 installed, Fireworks M2.5 configured. noc.vault1984.com DNS live. Johan built vault1984-web Go binary (Python killed). vault1984.com email set up (social@vault1984.com via Stalwart). @vault1984 on X registered. @inouhealth on X registered. Stalwart Bayes bug fixed.
- 2026-03-03: Discord setup complete — Hans bot token (MTQ3ODMyMTE2...) configured, in vault1984 Discord server (ID: 1478270766007976009). James also on Discord in same server (token MTQ3ODI1...). dmPolicy=open on both. Johan's Discord ID: 666836243262210068. TODAY = M2 (NixOS config + deploy tooling). Vultr API key still missing from Johan — OVERDUE. James briefed Hans via MEMORY.md update (subagent).