Update domains: .lan -> hofmanns.app, fix user debian -> ubuntu

2025-12-21 01:29:33 +00:00 · 2025-12-21 01:29:33 +00:00 · aaa46c150a
parent cf46181e48
commit aaa46c150a
2 changed files with 263 additions and 24 deletions
--- a/GANDALF-BRIEFING.md
+++ b/GANDALF-BRIEFING.md
@ -0,0 +1,231 @@
 # Setup SSH key
 mkdir -p ~/.ssh
 cat > ~/.ssh/hofmann_key << 'EOF'
 -----BEGIN RSA PRIVATE KEY-----
 MIIEowIBAAKCAQEAroJb5aBqZvVVrX4PCovTWBUR8dfYEFbYyxrCSXKHu7omckuV
 xKtc3uT21hn0Y7nQneIXRxd1ye6pXnWSiKQTiJKMACba3kZpBuS5HbAyE0RQNwDf
 4AibX8eoXAOHw6mCmDTamB5guZTruDwGNkMTn6fx9W80Rix8QQ8Rjz5J1U886erJ
 XcBuyzHoeBr3dWZnkG5EP8tCgmDUyiG5PAkkTgRqdi/AAuHdZlKZYcjAbBtVemPH
 pG2p6PTiuvVqtPvoQn9FJnJ+KvsmYB1jrMuTLTZqfkWCgS+BWDQ1+O+T4DarZvRc
 8x0GMYkMSTaFp7VnjJeBGwcnkKBu5ISMkwWdCQIDAQABAoIBAGFqwjRAxcUuBaMx
 MOJZRiTwtjDEpogQgzt2d6kat2zzsMyzJys/4jtHpAfHO2eEblIEyavVC9srUP87
 MQ74UTM3Y9Id3qagtba0biaFmp6ozwK1iUR+aYYhZfnfuqVedlnTf4fVxXc0DBav
 42PdNBI3Zdn2Nz9JTB/hcpL9Wagqg+x6NFrmlDrZCa5bk7BgHYCUSw4yPB8pFUTk
 Dfh2lFThAusOCI3RG4tB4IOkcmOKSife2AhaZizf9I2eyvfjVfRZxlHQGC76ZU5z
 mu8Bwi6pv4i41aEgLzXcLlOSXgPpIGp6nfEtUuU2xf0U/VJPAW+89SAvRcH06Ja/
 0u06CpECgYEA5eNSGftU7a6hIjuhWv5S8gmtpjJF0F/QNTpD452gf6+PoOkp77vf
 LdXFQ5iq37SK5YTsgyWkBRq9P9KHSpdaKc4k39fMal7QJ182tBQkGlSZ26GiObth
 dcMPBC/rzoi4cS1Pe4cR3G8jwcy+XJUO63SZ6NUVUSdbrLbv6+/2UX0CgYEAwlS8
 S8ooKtvNfLRqbS8b7ULWSK5axDY4Hfv3l8WpDG+tGMn8A1FHLkyP97yj/y8PpS/d
 wJCZnCJDIU4UO5GclLsuxrbGMghlxbW4vP/BjprosDx29dNjXEiI9ISGuuuydCqb
 Pf/HJdneBdJbDGU5cixWF4i0QPkaQKFpptYXj30CgYEAimUlohqacFR3EQLRCtSc
 3rVQ4wLU4LMtxz2CbV8RpozsbLSx2G9D1nYhQaaBCBfKno49TF62tZP5Zpi5dgBT
 +WLu9AsYNtlJesppRlPxwCA6V+ygmxzheWGqgpzO2xGX6BqdBQK1j/0gi6VU3Kun
 xbv2hCLzqF2HZRzkpydZJIkCgYBNBvtP60R6oH9V08lvl8GxDNIVIw8VQQyDThF4
 1j9Ij6eD8OP0iK33Ox/BqcMzbfr8lfmGz4ojqi0DsYgxiGkRRxSmbWIoCM4WTQ55
 08Jr/RkIah8ZF34F4TZv/WvOAYjNpOm97HmKlk377sJqKmFX0R0a3PPd4R83yQMw
 vyG9nQKBgCvKWk3VZi0Q8Yv/mOxhx3HTNtWOirrIj4Tq3x3YCldKp1wfD5hmNZts
 Qf5YzprSQmi4/WK+iT1ZVIB/+3JLQvhZeBaFdhON8Hn2Is1ZO5OsgR8HklbomOqS
 Ye0hbs9iDWIA0IXCHfhNW5BAJnuw+ISBETxfIJ/yDLvv59uFV+Me
 -----END RSA PRIVATE KEY-----
 EOF
 chmod 600 ~/.ssh/hofmann_key
 # Test connection
 ssh -i ~/.ssh/hofmann_key -o StrictHostKeyChecking=no ubuntu@hofmanns.ai "hofmanns.ai"
 # Clone setup from Infomaniak
 scp -i ~/.ssh/hofmann_key -r ubuntu@hofmanns.ai:/home/ubuntu/jetson-setup ~/
 # GANDALF BRIEFING - Jetson Orin Nano
 **Host:** jetson (KEINE IPs!)  
 **User:** d  
 **Alias:** gandalf
 ---
 ## MISSION
 Alles Web UI. KEINE Console für den User. Face/Finger = einziger Login.
 ---
 ## SSH ZU INFOMANIAK (hofmanns.ai / hofmanns.tech)
 Der Infomaniak Server ist der Dev/Pilot Server. Git Repos liegen dort.
 ### Server Details
 | Info | Wert |
 |------|------|
 | IP | 185.143.102.153 |
 | Hostname | ov-924ec3 |
 | User | ubuntu |
 | Projekt | /home/ubuntu/hofmanns.ai |
 | Command | `hof` → navigiert zum Projekt |
 ### SSH Key Setup auf Jetson
 ```bash
 mkdir -p ~/.ssh
 cat > ~/.ssh/hofmann_key << 'EOF'
 -----BEGIN RSA PRIVATE KEY-----
 MIIEowIBAAKCAQEAroJb5aBqZvVVrX4PCovTWBUR8dfYEFbYyxrCSXKHu7omckuV
 xKtc3uT21hn0Y7nQneIXRxd1ye6pXnWSiKQTiJKMACba3kZpBuS5HbAyE0RQNwDf
 4AibX8eoXAOHw6mCmDTamB5guZTruDwGNkMTn6fx9W80Rix8QQ8Rjz5J1U886erJ
 XcBuyzHoeBr3dWZnkG5EP8tCgmDUyiG5PAkkTgRqdi/AAuHdZlKZYcjAbBtVemPH
 pG2p6PTiuvVqtPvoQn9FJnJ+KvsmYB1jrMuTLTZqfkWCgS+BWDQ1+O+T4DarZvRc
 8x0GMYkMSTaFp7VnjJeBGwcnkKBu5ISMkwWdCQIDAQABAoIBAGFqwjRAxcUuBaMx
 MOJZRiTwtjDEpogQgzt2d6kat2zzsMyzJys/4jtHpAfHO2eEblIEyavVC9srUP87
 MQ74UTM3Y9Id3qagtba0biaFmp6ozwK1iUR+aYYhZfnfuqVedlnTf4fVxXc0DBav
 42PdNBI3Zdn2Nz9JTB/hcpL9Wagqg+x6NFrmlDrZCa5bk7BgHYCUSw4yPB8pFUTk
 Dfh2lFThAusOCI3RG4tB4IOkcmOKSife2AhaZizf9I2eyvfjVfRZxlHQGC76ZU5z
 mu8Bwi6pv4i41aEgLzXcLlOSXgPpIGp6nfEtUuU2xf0U/VJPAW+89SAvRcH06Ja/
 0u06CpECgYEA5eNSGftU7a6hIjuhWv5S8gmtpjJF0F/QNTpD452gf6+PoOkp77vf
 LdXFQ5iq37SK5YTsgyWkBRq9P9KHSpdaKc4k39fMal7QJ182tBQkGlSZ26GiObth
 dcMPBC/rzoi4cS1Pe4cR3G8jwcy+XJUO63SZ6NUVUSdbrLbv6+/2UX0CgYEAwlS8
 S8ooKtvNfLRqbS8b7ULWSK5axDY4Hfv3l8WpDG+tGMn8A1FHLkyP97yj/y8PpS/d
 wJCZnCJDIU4UO5GclLsuxrbGMghlxbW4vP/BjprosDx29dNjXEiI9ISGuuuydCqb
 Pf/HJdneBdJbDGU5cixWF4i0QPkaQKFpptYXj30CgYEAimUlohqacFR3EQLRCtSc
 3rVQ4wLU4LMtxz2CbV8RpozsbLSx2G9D1nYhQaaBCBfKno49TF62tZP5Zpi5dgBT
 +WLu9AsYNtlJesppRlPxwCA6V+ygmxzheWGqgpzO2xGX6BqdBQK1j/0gi6VU3Kun
 xbv2hCLzqF2HZRzkpydZJIkCgYBNBvtP60R6oH9V08lvl8GxDNIVIw8VQQyDThF4
 1j9Ij6eD8OP0iK33Ox/BqcMzbfr8lfmGz4ojqi0DsYgxiGkRRxSmbWIoCM4WTQ55
 08Jr/RkIah8ZF34F4TZv/WvOAYjNpOm97HmKlk377sJqKmFX0R0a3PPd4R83yQMw
 vyG9nQKBgCvKWk3VZi0Q8Yv/mOxhx3HTNtWOirrIj4Tq3x3YCldKp1wfD5hmNZts
 Qf5YzprSQmi4/WK+iT1ZVIB/+3JLQvhZeBaFdhON8Hn2Is1ZO5OsgR8HklbomOqS
 Ye0hbs9iDWIA0IXCHfhNW5BAJnuw+ISBETxfIJ/yDLvv59uFV+Me
 -----END RSA PRIVATE KEY-----
 EOF
 chmod 600 ~/.ssh/hofmann_key
 ```
 ### SSH Config
 ```bash
 cat >> ~/.ssh/config << 'EOF'
 # Infomaniak Server (hofmanns.ai/tech)
 Host infomaniak hofmanns.ai hofmanns.tech
    HostName 185.143.102.153
    User debian
    IdentityFile ~/.ssh/hofmann_key
    StrictHostKeyChecking no
    UserKnownHostsFile /dev/null
 EOF
 chmod 600 ~/.ssh/config
 ```
 ### Test Connection
 ```bash
 ssh infomaniak "hostname && whoami && pwd"
 ```
 ### Git auf Infomaniak
 ```bash
 ssh infomaniak "cd /home/ubuntu/hofmanns.ai && git status"
 ```
 ---
 ## DOMAINS (alle auf Infomaniak)
 - hofmanns.ai
 - hofmanns.tech
 - hofmanns.app
 - hofmanns.shop
 - hofmanns.ltd
 - hofmann-s.com
 ---
 ## ARCHITEKTUR
 ```
 JETSON (gandalf) = MASTER
 ├── Authentik (SSO mit Passkeys)
 ├── RustDesk Server
 ├── Home Assistant
 ├── Whisper, Ollama, Jellyfin
 ├── Private Daten (Kunden, Docs)
 └── Cloudflare Tunnel → *.hofmanns.ai
 INFOMANIAK = DEV/PILOT
 ├── Git Repos
 ├── Dev Environments  
 ├── AI Agents arbeiten hier
 └── Kann resettet werden
 ```
 ---
 ## JETSON SETUP (deine Aufgabe)
 ### 1. Setup Script ausführen
 ```bash
 cd ~/jetson-setup
 chmod +x setup.sh
 sudo ./setup.sh
 ```
 ### 2. Nach Reboot - Docker starten
 ```bash
 cd ~/docker
 docker-compose up -d
 ```
 ### 3. Services checken
 ```bash
 docker ps
 ```
 ### 4. Authentik einrichten
 - http://jetson:9000/if/flow/initial-setup/
 - Admin Account erstellen
 - WebAuthn/Passkeys aktivieren
 ### 5. SSH zu Infomaniak einrichten (oben)
 ---
 ## SERVICES AUF JETSON
 | URL | Service |
 |-----|---------|
 | http://jetson:3001 | Homepage Dashboard |
 | http://jetson:9000 | Authentik SSO |
 | http://jetson:81 | Nginx Proxy Manager |
 | http://jetson:8123 | Home Assistant |
 | http://jetson:7860 | Whisper (GPU) |
 | http://jetson:8096 | Jellyfin |
 | http://jetson:8081 | FileBrowser |
 | http://jetson:11434 | Ollama |
 ---
 ## REGELN
 1. **KEINE IPs** - immer hostname `jetson`
 2. **KEINE Passwörter für User** - nur Passkeys (Face/Finger)
 3. **Alles Web UI** - Console nur für dich (AI)
 4. **Meta Quest 3** = primäres Device des Users
 ---
 ## USER INFO
 - Name: Dee
 - Alter: 48
 - Business: Hofmanns.AI
 - Hasst: Passwörter, Email-Codes, 2FA-Apps, Login-Stress
 - Will: Ein Finger/Gesicht → alles offen
 ---
 **Du bist gandalf. Du hast die Macht. Mach es so dass Dee nie wieder ein Passwort tippen muss.** 🧙‍♂️
--- a/adguard-dns-rewrites.txt
+++ b/adguard-dns-rewrites.txt
@ -1,48 +1,56 @@
 # =============================================================================
-# ADGUARD DNS REWRITES
+# ADGUARD DNS REWRITES for gandalf.hofmanns.app
-# Nach AdGuard Setup: Settings → DNS rewrites → Bulk Add
+# Nach AdGuard Setup: Settings -> DNS rewrites -> Bulk Add
-# Kopiere alles unten und füge es ein
+# Kopiere alles unten und fuege es ein
 # =============================================================================
 # Home Assistant
-home.lan       192.168.1.50
+home.gandalf.hofmanns.app       192.168.1.28
-ha.lan         192.168.1.50
+ha.gandalf.hofmanns.app         192.168.1.28
 # AdGuard
-adguard.lan    192.168.1.50
+adguard.gandalf.hofmanns.app    192.168.1.28
-dns.lan        192.168.1.50
+dns.gandalf.hofmanns.app        192.168.1.28
 # Whisper
-whisper.lan    192.168.1.50
+whisper.gandalf.hofmanns.app    192.168.1.28
-stt.lan        192.168.1.50
+stt.gandalf.hofmanns.app        192.168.1.28
 # Jellyfin
-jellyfin.lan   192.168.1.50
+jellyfin.gandalf.hofmanns.app   192.168.1.28
-media.lan      192.168.1.50
+media.gandalf.hofmanns.app      192.168.1.28
-tv.lan         192.168.1.50
+tv.gandalf.hofmanns.app         192.168.1.28
 # Portainer
-portainer.lan  192.168.1.50
+portainer.gandalf.hofmanns.app  192.168.1.28
-docker.lan     192.168.1.50
+docker.gandalf.hofmanns.app     192.168.1.28
 # VPN
-vpn.lan        192.168.1.50
+vpn.gandalf.hofmanns.app        192.168.1.28
-wg.lan         192.168.1.50
+wg.gandalf.hofmanns.app         192.168.1.28
 # Ollama
-ollama.lan     192.168.1.50
+ollama.gandalf.hofmanns.app     192.168.1.28
-llm.lan        192.168.1.50
+llm.gandalf.hofmanns.app        192.168.1.28
 # Cockpit
-cockpit.lan    192.168.1.50
+cockpit.gandalf.hofmanns.app    192.168.1.28
-system.lan     192.168.1.50
+system.gandalf.hofmanns.app     192.168.1.28
 # FileBrowser
-files.lan      192.168.1.50
+files.gandalf.hofmanns.app      192.168.1.28
-cloud.lan      192.168.1.50
+cloud.gandalf.hofmanns.app      192.168.1.28
 # Syncthing
-sync.lan       192.168.1.50
+sync.gandalf.hofmanns.app       192.168.1.28
 # Jetson direkt
-jetson.lan     192.168.1.50
+gandalf.hofmanns.app            192.168.1.28
 jetson.gandalf.hofmanns.app     192.168.1.28
 # RustDesk
 rustdesk.gandalf.hofmanns.app   192.168.1.28
 # Authentik SSO
 auth.gandalf.hofmanns.app       192.168.1.28
 sso.gandalf.hofmanns.app        192.168.1.28