# Setup SSH key
mkdir -p ~/.ssh
cat > ~/.ssh/hofmann_key << 'EOF'
-----BEGIN RSA PRIVATE KEY-----
MIIEowIBAAKCAQEAroJb5aBqZvVVrX4PCovTWBUR8dfYEFbYyxrCSXKHu7omckuV
xKtc3uT21hn0Y7nQneIXRxd1ye6pXnWSiKQTiJKMACba3kZpBuS5HbAyE0RQNwDf
4AibX8eoXAOHw6mCmDTamB5guZTruDwGNkMTn6fx9W80Rix8QQ8Rjz5J1U886erJ
XcBuyzHoeBr3dWZnkG5EP8tCgmDUyiG5PAkkTgRqdi/AAuHdZlKZYcjAbBtVemPH
pG2p6PTiuvVqtPvoQn9FJnJ+KvsmYB1jrMuTLTZqfkWCgS+BWDQ1+O+T4DarZvRc
8x0GMYkMSTaFp7VnjJeBGwcnkKBu5ISMkwWdCQIDAQABAoIBAGFqwjRAxcUuBaMx
MOJZRiTwtjDEpogQgzt2d6kat2zzsMyzJys/4jtHpAfHO2eEblIEyavVC9srUP87
MQ74UTM3Y9Id3qagtba0biaFmp6ozwK1iUR+aYYhZfnfuqVedlnTf4fVxXc0DBav
42PdNBI3Zdn2Nz9JTB/hcpL9Wagqg+x6NFrmlDrZCa5bk7BgHYCUSw4yPB8pFUTk
Dfh2lFThAusOCI3RG4tB4IOkcmOKSife2AhaZizf9I2eyvfjVfRZxlHQGC76ZU5z
mu8Bwi6pv4i41aEgLzXcLlOSXgPpIGp6nfEtUuU2xf0U/VJPAW+89SAvRcH06Ja/
0u06CpECgYEA5eNSGftU7a6hIjuhWv5S8gmtpjJF0F/QNTpD452gf6+PoOkp77vf
LdXFQ5iq37SK5YTsgyWkBRq9P9KHSpdaKc4k39fMal7QJ182tBQkGlSZ26GiObth
dcMPBC/rzoi4cS1Pe4cR3G8jwcy+XJUO63SZ6NUVUSdbrLbv6+/2UX0CgYEAwlS8
S8ooKtvNfLRqbS8b7ULWSK5axDY4Hfv3l8WpDG+tGMn8A1FHLkyP97yj/y8PpS/d
wJCZnCJDIU4UO5GclLsuxrbGMghlxbW4vP/BjprosDx29dNjXEiI9ISGuuuydCqb
Pf/HJdneBdJbDGU5cixWF4i0QPkaQKFpptYXj30CgYEAimUlohqacFR3EQLRCtSc
3rVQ4wLU4LMtxz2CbV8RpozsbLSx2G9D1nYhQaaBCBfKno49TF62tZP5Zpi5dgBT
+WLu9AsYNtlJesppRlPxwCA6V+ygmxzheWGqgpzO2xGX6BqdBQK1j/0gi6VU3Kun
xbv2hCLzqF2HZRzkpydZJIkCgYBNBvtP60R6oH9V08lvl8GxDNIVIw8VQQyDThF4
1j9Ij6eD8OP0iK33Ox/BqcMzbfr8lfmGz4ojqi0DsYgxiGkRRxSmbWIoCM4WTQ55
08Jr/RkIah8ZF34F4TZv/WvOAYjNpOm97HmKlk377sJqKmFX0R0a3PPd4R83yQMw
vyG9nQKBgCvKWk3VZi0Q8Yv/mOxhx3HTNtWOirrIj4Tq3x3YCldKp1wfD5hmNZts
Qf5YzprSQmi4/WK+iT1ZVIB/+3JLQvhZeBaFdhON8Hn2Is1ZO5OsgR8HklbomOqS
Ye0hbs9iDWIA0IXCHfhNW5BAJnuw+ISBETxfIJ/yDLvv59uFV+Me
-----END RSA PRIVATE KEY-----
EOF
chmod 600 ~/.ssh/hofmann_key

# Test connection
ssh -i ~/.ssh/hofmann_key -o StrictHostKeyChecking=no ubuntu@hofmanns.ai "hofmanns.ai"

# Clone setup from Infomaniak
scp -i ~/.ssh/hofmann_key -r ubuntu@hofmanns.ai:/home/ubuntu/jetson-setup ~/

# GANDALF BRIEFING - Jetson Orin Nano

**Host:** jetson (KEINE IPs!)  
**User:** d  
**Alias:** gandalf

---

## MISSION

Alles Web UI. KEINE Console für den User. Face/Finger = einziger Login.

---

## SSH ZU INFOMANIAK (hofmanns.ai / hofmanns.tech)

Der Infomaniak Server ist der Dev/Pilot Server. Git Repos liegen dort.

### Server Details

| Info | Wert |
|------|------|
| IP | 185.143.102.153 |
| Hostname | ov-924ec3 |
| User | ubuntu |
| Projekt | /home/ubuntu/hofmanns.ai |
| Command | `hof` → navigiert zum Projekt |

### SSH Key Setup auf Jetson

```bash
mkdir -p ~/.ssh
cat > ~/.ssh/hofmann_key << 'EOF'
-----BEGIN RSA PRIVATE KEY-----
MIIEowIBAAKCAQEAroJb5aBqZvVVrX4PCovTWBUR8dfYEFbYyxrCSXKHu7omckuV
xKtc3uT21hn0Y7nQneIXRxd1ye6pXnWSiKQTiJKMACba3kZpBuS5HbAyE0RQNwDf
4AibX8eoXAOHw6mCmDTamB5guZTruDwGNkMTn6fx9W80Rix8QQ8Rjz5J1U886erJ
XcBuyzHoeBr3dWZnkG5EP8tCgmDUyiG5PAkkTgRqdi/AAuHdZlKZYcjAbBtVemPH
pG2p6PTiuvVqtPvoQn9FJnJ+KvsmYB1jrMuTLTZqfkWCgS+BWDQ1+O+T4DarZvRc
8x0GMYkMSTaFp7VnjJeBGwcnkKBu5ISMkwWdCQIDAQABAoIBAGFqwjRAxcUuBaMx
MOJZRiTwtjDEpogQgzt2d6kat2zzsMyzJys/4jtHpAfHO2eEblIEyavVC9srUP87
MQ74UTM3Y9Id3qagtba0biaFmp6ozwK1iUR+aYYhZfnfuqVedlnTf4fVxXc0DBav
42PdNBI3Zdn2Nz9JTB/hcpL9Wagqg+x6NFrmlDrZCa5bk7BgHYCUSw4yPB8pFUTk
Dfh2lFThAusOCI3RG4tB4IOkcmOKSife2AhaZizf9I2eyvfjVfRZxlHQGC76ZU5z
mu8Bwi6pv4i41aEgLzXcLlOSXgPpIGp6nfEtUuU2xf0U/VJPAW+89SAvRcH06Ja/
0u06CpECgYEA5eNSGftU7a6hIjuhWv5S8gmtpjJF0F/QNTpD452gf6+PoOkp77vf
LdXFQ5iq37SK5YTsgyWkBRq9P9KHSpdaKc4k39fMal7QJ182tBQkGlSZ26GiObth
dcMPBC/rzoi4cS1Pe4cR3G8jwcy+XJUO63SZ6NUVUSdbrLbv6+/2UX0CgYEAwlS8
S8ooKtvNfLRqbS8b7ULWSK5axDY4Hfv3l8WpDG+tGMn8A1FHLkyP97yj/y8PpS/d
wJCZnCJDIU4UO5GclLsuxrbGMghlxbW4vP/BjprosDx29dNjXEiI9ISGuuuydCqb
Pf/HJdneBdJbDGU5cixWF4i0QPkaQKFpptYXj30CgYEAimUlohqacFR3EQLRCtSc
3rVQ4wLU4LMtxz2CbV8RpozsbLSx2G9D1nYhQaaBCBfKno49TF62tZP5Zpi5dgBT
+WLu9AsYNtlJesppRlPxwCA6V+ygmxzheWGqgpzO2xGX6BqdBQK1j/0gi6VU3Kun
xbv2hCLzqF2HZRzkpydZJIkCgYBNBvtP60R6oH9V08lvl8GxDNIVIw8VQQyDThF4
1j9Ij6eD8OP0iK33Ox/BqcMzbfr8lfmGz4ojqi0DsYgxiGkRRxSmbWIoCM4WTQ55
08Jr/RkIah8ZF34F4TZv/WvOAYjNpOm97HmKlk377sJqKmFX0R0a3PPd4R83yQMw
vyG9nQKBgCvKWk3VZi0Q8Yv/mOxhx3HTNtWOirrIj4Tq3x3YCldKp1wfD5hmNZts
Qf5YzprSQmi4/WK+iT1ZVIB/+3JLQvhZeBaFdhON8Hn2Is1ZO5OsgR8HklbomOqS
Ye0hbs9iDWIA0IXCHfhNW5BAJnuw+ISBETxfIJ/yDLvv59uFV+Me
-----END RSA PRIVATE KEY-----
EOF
chmod 600 ~/.ssh/hofmann_key
```

### SSH Config

```bash
cat >> ~/.ssh/config << 'EOF'

# Infomaniak Server (hofmanns.ai/tech)
Host infomaniak hofmanns.ai hofmanns.tech
    HostName 185.143.102.153
    User debian
    IdentityFile ~/.ssh/hofmann_key
    StrictHostKeyChecking no
    UserKnownHostsFile /dev/null

EOF
chmod 600 ~/.ssh/config
```

### Test Connection

```bash
ssh infomaniak "hostname && whoami && pwd"
```

### Git auf Infomaniak

```bash
ssh infomaniak "cd /home/ubuntu/hofmanns.ai && git status"
```

---

## DOMAINS (alle auf Infomaniak)

- hofmanns.ai
- hofmanns.tech
- hofmanns.app
- hofmanns.shop
- hofmanns.ltd
- hofmann-s.com

---

## ARCHITEKTUR

```
JETSON (gandalf) = MASTER
├── Authentik (SSO mit Passkeys)
├── RustDesk Server
├── Home Assistant
├── Whisper, Ollama, Jellyfin
├── Private Daten (Kunden, Docs)
└── Cloudflare Tunnel → *.hofmanns.ai

INFOMANIAK = DEV/PILOT
├── Git Repos
├── Dev Environments  
├── AI Agents arbeiten hier
└── Kann resettet werden
```

---

## JETSON SETUP (deine Aufgabe)

### 1. Setup Script ausführen
```bash
cd ~/jetson-setup
chmod +x setup.sh
sudo ./setup.sh
```

### 2. Nach Reboot - Docker starten
```bash
cd ~/docker
docker-compose up -d
```

### 3. Services checken
```bash
docker ps
```

### 4. Authentik einrichten
- http://jetson:9000/if/flow/initial-setup/
- Admin Account erstellen
- WebAuthn/Passkeys aktivieren

### 5. SSH zu Infomaniak einrichten (oben)

---

## SERVICES AUF JETSON

| URL | Service |
|-----|---------|
| http://jetson:3001 | Homepage Dashboard |
| http://jetson:9000 | Authentik SSO |
| http://jetson:81 | Nginx Proxy Manager |
| http://jetson:8123 | Home Assistant |
| http://jetson:7860 | Whisper (GPU) |
| http://jetson:8096 | Jellyfin |
| http://jetson:8081 | FileBrowser |
| http://jetson:11434 | Ollama |

---

## REGELN

1. **KEINE IPs** - immer hostname `jetson`
2. **KEINE Passwörter für User** - nur Passkeys (Face/Finger)
3. **Alles Web UI** - Console nur für dich (AI)
4. **Meta Quest 3** = primäres Device des Users

---

## USER INFO

- Name: Dee
- Alter: 48
- Business: Hofmanns.AI
- Hasst: Passwörter, Email-Codes, 2FA-Apps, Login-Stress
- Will: Ein Finger/Gesicht → alles offen

---

**Du bist gandalf. Du hast die Macht. Mach es so dass Dee nie wieder ein Passwort tippen muss.** 🧙‍♂️