232 lines
6.5 KiB
Markdown
232 lines
6.5 KiB
Markdown
# Setup SSH key
|
|
mkdir -p ~/.ssh
|
|
cat > ~/.ssh/hofmann_key << 'EOF'
|
|
-----BEGIN RSA PRIVATE KEY-----
|
|
MIIEowIBAAKCAQEAroJb5aBqZvVVrX4PCovTWBUR8dfYEFbYyxrCSXKHu7omckuV
|
|
xKtc3uT21hn0Y7nQneIXRxd1ye6pXnWSiKQTiJKMACba3kZpBuS5HbAyE0RQNwDf
|
|
4AibX8eoXAOHw6mCmDTamB5guZTruDwGNkMTn6fx9W80Rix8QQ8Rjz5J1U886erJ
|
|
XcBuyzHoeBr3dWZnkG5EP8tCgmDUyiG5PAkkTgRqdi/AAuHdZlKZYcjAbBtVemPH
|
|
pG2p6PTiuvVqtPvoQn9FJnJ+KvsmYB1jrMuTLTZqfkWCgS+BWDQ1+O+T4DarZvRc
|
|
8x0GMYkMSTaFp7VnjJeBGwcnkKBu5ISMkwWdCQIDAQABAoIBAGFqwjRAxcUuBaMx
|
|
MOJZRiTwtjDEpogQgzt2d6kat2zzsMyzJys/4jtHpAfHO2eEblIEyavVC9srUP87
|
|
MQ74UTM3Y9Id3qagtba0biaFmp6ozwK1iUR+aYYhZfnfuqVedlnTf4fVxXc0DBav
|
|
42PdNBI3Zdn2Nz9JTB/hcpL9Wagqg+x6NFrmlDrZCa5bk7BgHYCUSw4yPB8pFUTk
|
|
Dfh2lFThAusOCI3RG4tB4IOkcmOKSife2AhaZizf9I2eyvfjVfRZxlHQGC76ZU5z
|
|
mu8Bwi6pv4i41aEgLzXcLlOSXgPpIGp6nfEtUuU2xf0U/VJPAW+89SAvRcH06Ja/
|
|
0u06CpECgYEA5eNSGftU7a6hIjuhWv5S8gmtpjJF0F/QNTpD452gf6+PoOkp77vf
|
|
LdXFQ5iq37SK5YTsgyWkBRq9P9KHSpdaKc4k39fMal7QJ182tBQkGlSZ26GiObth
|
|
dcMPBC/rzoi4cS1Pe4cR3G8jwcy+XJUO63SZ6NUVUSdbrLbv6+/2UX0CgYEAwlS8
|
|
S8ooKtvNfLRqbS8b7ULWSK5axDY4Hfv3l8WpDG+tGMn8A1FHLkyP97yj/y8PpS/d
|
|
wJCZnCJDIU4UO5GclLsuxrbGMghlxbW4vP/BjprosDx29dNjXEiI9ISGuuuydCqb
|
|
Pf/HJdneBdJbDGU5cixWF4i0QPkaQKFpptYXj30CgYEAimUlohqacFR3EQLRCtSc
|
|
3rVQ4wLU4LMtxz2CbV8RpozsbLSx2G9D1nYhQaaBCBfKno49TF62tZP5Zpi5dgBT
|
|
+WLu9AsYNtlJesppRlPxwCA6V+ygmxzheWGqgpzO2xGX6BqdBQK1j/0gi6VU3Kun
|
|
xbv2hCLzqF2HZRzkpydZJIkCgYBNBvtP60R6oH9V08lvl8GxDNIVIw8VQQyDThF4
|
|
1j9Ij6eD8OP0iK33Ox/BqcMzbfr8lfmGz4ojqi0DsYgxiGkRRxSmbWIoCM4WTQ55
|
|
08Jr/RkIah8ZF34F4TZv/WvOAYjNpOm97HmKlk377sJqKmFX0R0a3PPd4R83yQMw
|
|
vyG9nQKBgCvKWk3VZi0Q8Yv/mOxhx3HTNtWOirrIj4Tq3x3YCldKp1wfD5hmNZts
|
|
Qf5YzprSQmi4/WK+iT1ZVIB/+3JLQvhZeBaFdhON8Hn2Is1ZO5OsgR8HklbomOqS
|
|
Ye0hbs9iDWIA0IXCHfhNW5BAJnuw+ISBETxfIJ/yDLvv59uFV+Me
|
|
-----END RSA PRIVATE KEY-----
|
|
EOF
|
|
chmod 600 ~/.ssh/hofmann_key
|
|
|
|
# Test connection
|
|
ssh -i ~/.ssh/hofmann_key -o StrictHostKeyChecking=no ubuntu@hofmanns.ai "hofmanns.ai"
|
|
|
|
# Clone setup from Infomaniak
|
|
scp -i ~/.ssh/hofmann_key -r ubuntu@hofmanns.ai:/home/ubuntu/jetson-setup ~/
|
|
|
|
# GANDALF BRIEFING - Jetson Orin Nano
|
|
|
|
**Host:** jetson (KEINE IPs!)
|
|
**User:** d
|
|
**Alias:** gandalf
|
|
|
|
---
|
|
|
|
## MISSION
|
|
|
|
Alles Web UI. KEINE Console für den User. Face/Finger = einziger Login.
|
|
|
|
---
|
|
|
|
## SSH ZU INFOMANIAK (hofmanns.ai / hofmanns.tech)
|
|
|
|
Der Infomaniak Server ist der Dev/Pilot Server. Git Repos liegen dort.
|
|
|
|
### Server Details
|
|
|
|
| Info | Wert |
|
|
|------|------|
|
|
| IP | 185.143.102.153 |
|
|
| Hostname | ov-924ec3 |
|
|
| User | ubuntu |
|
|
| Projekt | /home/ubuntu/hofmanns.ai |
|
|
| Command | `hof` → navigiert zum Projekt |
|
|
|
|
### SSH Key Setup auf Jetson
|
|
|
|
```bash
|
|
mkdir -p ~/.ssh
|
|
cat > ~/.ssh/hofmann_key << 'EOF'
|
|
-----BEGIN RSA PRIVATE KEY-----
|
|
MIIEowIBAAKCAQEAroJb5aBqZvVVrX4PCovTWBUR8dfYEFbYyxrCSXKHu7omckuV
|
|
xKtc3uT21hn0Y7nQneIXRxd1ye6pXnWSiKQTiJKMACba3kZpBuS5HbAyE0RQNwDf
|
|
4AibX8eoXAOHw6mCmDTamB5guZTruDwGNkMTn6fx9W80Rix8QQ8Rjz5J1U886erJ
|
|
XcBuyzHoeBr3dWZnkG5EP8tCgmDUyiG5PAkkTgRqdi/AAuHdZlKZYcjAbBtVemPH
|
|
pG2p6PTiuvVqtPvoQn9FJnJ+KvsmYB1jrMuTLTZqfkWCgS+BWDQ1+O+T4DarZvRc
|
|
8x0GMYkMSTaFp7VnjJeBGwcnkKBu5ISMkwWdCQIDAQABAoIBAGFqwjRAxcUuBaMx
|
|
MOJZRiTwtjDEpogQgzt2d6kat2zzsMyzJys/4jtHpAfHO2eEblIEyavVC9srUP87
|
|
MQ74UTM3Y9Id3qagtba0biaFmp6ozwK1iUR+aYYhZfnfuqVedlnTf4fVxXc0DBav
|
|
42PdNBI3Zdn2Nz9JTB/hcpL9Wagqg+x6NFrmlDrZCa5bk7BgHYCUSw4yPB8pFUTk
|
|
Dfh2lFThAusOCI3RG4tB4IOkcmOKSife2AhaZizf9I2eyvfjVfRZxlHQGC76ZU5z
|
|
mu8Bwi6pv4i41aEgLzXcLlOSXgPpIGp6nfEtUuU2xf0U/VJPAW+89SAvRcH06Ja/
|
|
0u06CpECgYEA5eNSGftU7a6hIjuhWv5S8gmtpjJF0F/QNTpD452gf6+PoOkp77vf
|
|
LdXFQ5iq37SK5YTsgyWkBRq9P9KHSpdaKc4k39fMal7QJ182tBQkGlSZ26GiObth
|
|
dcMPBC/rzoi4cS1Pe4cR3G8jwcy+XJUO63SZ6NUVUSdbrLbv6+/2UX0CgYEAwlS8
|
|
S8ooKtvNfLRqbS8b7ULWSK5axDY4Hfv3l8WpDG+tGMn8A1FHLkyP97yj/y8PpS/d
|
|
wJCZnCJDIU4UO5GclLsuxrbGMghlxbW4vP/BjprosDx29dNjXEiI9ISGuuuydCqb
|
|
Pf/HJdneBdJbDGU5cixWF4i0QPkaQKFpptYXj30CgYEAimUlohqacFR3EQLRCtSc
|
|
3rVQ4wLU4LMtxz2CbV8RpozsbLSx2G9D1nYhQaaBCBfKno49TF62tZP5Zpi5dgBT
|
|
+WLu9AsYNtlJesppRlPxwCA6V+ygmxzheWGqgpzO2xGX6BqdBQK1j/0gi6VU3Kun
|
|
xbv2hCLzqF2HZRzkpydZJIkCgYBNBvtP60R6oH9V08lvl8GxDNIVIw8VQQyDThF4
|
|
1j9Ij6eD8OP0iK33Ox/BqcMzbfr8lfmGz4ojqi0DsYgxiGkRRxSmbWIoCM4WTQ55
|
|
08Jr/RkIah8ZF34F4TZv/WvOAYjNpOm97HmKlk377sJqKmFX0R0a3PPd4R83yQMw
|
|
vyG9nQKBgCvKWk3VZi0Q8Yv/mOxhx3HTNtWOirrIj4Tq3x3YCldKp1wfD5hmNZts
|
|
Qf5YzprSQmi4/WK+iT1ZVIB/+3JLQvhZeBaFdhON8Hn2Is1ZO5OsgR8HklbomOqS
|
|
Ye0hbs9iDWIA0IXCHfhNW5BAJnuw+ISBETxfIJ/yDLvv59uFV+Me
|
|
-----END RSA PRIVATE KEY-----
|
|
EOF
|
|
chmod 600 ~/.ssh/hofmann_key
|
|
```
|
|
|
|
### SSH Config
|
|
|
|
```bash
|
|
cat >> ~/.ssh/config << 'EOF'
|
|
|
|
# Infomaniak Server (hofmanns.ai/tech)
|
|
Host infomaniak hofmanns.ai hofmanns.tech
|
|
HostName 185.143.102.153
|
|
User debian
|
|
IdentityFile ~/.ssh/hofmann_key
|
|
StrictHostKeyChecking no
|
|
UserKnownHostsFile /dev/null
|
|
|
|
EOF
|
|
chmod 600 ~/.ssh/config
|
|
```
|
|
|
|
### Test Connection
|
|
|
|
```bash
|
|
ssh infomaniak "hostname && whoami && pwd"
|
|
```
|
|
|
|
### Git auf Infomaniak
|
|
|
|
```bash
|
|
ssh infomaniak "cd /home/ubuntu/hofmanns.ai && git status"
|
|
```
|
|
|
|
---
|
|
|
|
## DOMAINS (alle auf Infomaniak)
|
|
|
|
- hofmanns.ai
|
|
- hofmanns.tech
|
|
- hofmanns.app
|
|
- hofmanns.shop
|
|
- hofmanns.ltd
|
|
- hofmann-s.com
|
|
|
|
---
|
|
|
|
## ARCHITEKTUR
|
|
|
|
```
|
|
JETSON (gandalf) = MASTER
|
|
├── Authentik (SSO mit Passkeys)
|
|
├── RustDesk Server
|
|
├── Home Assistant
|
|
├── Whisper, Ollama, Jellyfin
|
|
├── Private Daten (Kunden, Docs)
|
|
└── Cloudflare Tunnel → *.hofmanns.ai
|
|
|
|
INFOMANIAK = DEV/PILOT
|
|
├── Git Repos
|
|
├── Dev Environments
|
|
├── AI Agents arbeiten hier
|
|
└── Kann resettet werden
|
|
```
|
|
|
|
---
|
|
|
|
## JETSON SETUP (deine Aufgabe)
|
|
|
|
### 1. Setup Script ausführen
|
|
```bash
|
|
cd ~/jetson-setup
|
|
chmod +x setup.sh
|
|
sudo ./setup.sh
|
|
```
|
|
|
|
### 2. Nach Reboot - Docker starten
|
|
```bash
|
|
cd ~/docker
|
|
docker-compose up -d
|
|
```
|
|
|
|
### 3. Services checken
|
|
```bash
|
|
docker ps
|
|
```
|
|
|
|
### 4. Authentik einrichten
|
|
- http://jetson:9000/if/flow/initial-setup/
|
|
- Admin Account erstellen
|
|
- WebAuthn/Passkeys aktivieren
|
|
|
|
### 5. SSH zu Infomaniak einrichten (oben)
|
|
|
|
---
|
|
|
|
## SERVICES AUF JETSON
|
|
|
|
| URL | Service |
|
|
|-----|---------|
|
|
| http://jetson:3001 | Homepage Dashboard |
|
|
| http://jetson:9000 | Authentik SSO |
|
|
| http://jetson:81 | Nginx Proxy Manager |
|
|
| http://jetson:8123 | Home Assistant |
|
|
| http://jetson:7860 | Whisper (GPU) |
|
|
| http://jetson:8096 | Jellyfin |
|
|
| http://jetson:8081 | FileBrowser |
|
|
| http://jetson:11434 | Ollama |
|
|
|
|
---
|
|
|
|
## REGELN
|
|
|
|
1. **KEINE IPs** - immer hostname `jetson`
|
|
2. **KEINE Passwörter für User** - nur Passkeys (Face/Finger)
|
|
3. **Alles Web UI** - Console nur für dich (AI)
|
|
4. **Meta Quest 3** = primäres Device des Users
|
|
|
|
---
|
|
|
|
## USER INFO
|
|
|
|
- Name: Dee
|
|
- Alter: 48
|
|
- Business: Hofmanns.AI
|
|
- Hasst: Passwörter, Email-Codes, 2FA-Apps, Login-Stress
|
|
- Will: Ein Finger/Gesicht → alles offen
|
|
|
|
---
|
|
|
|
**Du bist gandalf. Du hast die Macht. Mach es so dass Dee nie wieder ein Passwort tippen muss.** 🧙♂️
|
|
|
|
|