Complete
In Progress
Blocked / Auth
Action Required
Planned (Wk 2)
🖥️

Infrastructure

Item Status Notes
Proxmox VE 9.1.1 ✓ Complete Kernel 6.17.2-1-pve, fully upgraded
ZFS Pool (vmpool) ✓ Complete 20.9T ONLINE, ashift=12, lz4
ZFS Datasets ✓ Complete 7 datasets: prod, prod-db, dev, dev-db, workstation, backups, migration
pvesm Storage Pools ✓ Complete vmpool-prod, vmpool-prod-db, vmpool-dev, vmpool-dev-db, vmpool-ws, vmpool-backups
Resource Pools ✓ Complete prod, dev, workstation
Network Bond ✓ Complete bond0 active-backup (nic2+nic3), vmbr0 @ 10.1.50.11/24
vmbr1 ✓ Complete VLAN-aware bridge on nic0, VIDs 2–4094
PERC H710P ✓ Verified 26 drives optimal, BBU healthy, 0 errors
Tailscale ⏳ Pending Auth https://login.tailscale.com/a/13d98ea001f4b7
iDRAC ⚠ Temporary 10.1.50.211 (temp) — target: 10.1.10.10 after switch VLAN config
⚙️

Virtual Machines

VM ID Status Spec Notes
ubuntu-2404-template 9000 ✓ Complete 2 core / 2 GB Cloud-init base, SSH keys, qemu-agent
prod-postgres 112 ✓ Running 8 core / 16 GB PG16 @ 10.1.50.112, 200GB ZFS data disk, n8n DB restored (74 tables)
prod-n8n 113 ✓ Running 4 core / 8 GB 10.1.50.118 (IP conflict — .113 taken by switch device dc:e5:5b:62:35:ff)
dev-postgres 114 ✓ Running 4 core / 8 GB PG16 @ 10.1.50.114, 100GB data disk, n8n_dev + nexus_dev DBs
dev-docker 115 ✓ Running 4 core / 8 GB 10.1.50.115, n8n dev stack + cloudflared → dev.cloudmagicgroup.com
pbs01 (Proxmox Backup) 110 ✓ Running 4 core / 8 GB 10.1.50.110 — PBS 3.4.8, Web UI :8007. Datastore "main" 1.9 TB. Daily backups: prod (112,113,116) @ 02:00, dev (114,115,119) @ 03:00. Test backup VM 113: 2m35s @ 266 MiB/s, 85% dedup. TASK OK.
prod-splunk 116 ✓ Running 10.1.50.116 Splunk 9.x — migrated from ThinkPad May 17. All HEC tokens, dashboards, indexes migrated. CPU=host flag required (AVX). ThinkPad Splunk STOPPED.
home-workstation 117 ✓ Running 8 core / 32 GB 10.1.50.117 — Ubuntu 26.04 LTS (kernel 7.0.0-14), 966 GB disk (vmpool-ws). Docker 29.5.0, Node 22, git, rsync. SSH: ssh workstation. Pending: project migration from ThinkPad + WSL.
dev-supabase 119 ✓ Running 10.1.50.119 Self-hosted Supabase stack. Studio: :3000, API/Kong: :8000, DB: :5432. 13 containers running. CPU=default (no AVX required). Dev DBs to be created per project.
🔧

Services

Service Status URL / Location Notes
n8n Production ✓ Live n8n.cloudmagicgroup.com Cutover complete. Old n8n-cmtg (10.1.50.206) fully stopped. Tunnel fe21786c, 4 edge connections
n8n Development ✓ Live dev.cloudmagicgroup.com Fresh DB (n8n_dev), dev credentials, tunnel 41ea6413. Login: admin / n8n_dev_admin_2026!
PostgreSQL 16 — Prod ✓ Running 10.1.50.112:5432 n8n DB (74 tables restored), data on ZFS vmpool-prod-db
PostgreSQL 16 — Dev ✓ Running 10.1.50.114:5432 n8n_dev + nexus_dev DBs, data on ZFS vmpool-dev-db
CF Tunnel pve01-prod ℹ Idle 61d9695e Available for new prod services — not yet assigned to a hostname
Status Dashboard ✓ Live pve01-status.cloudmagicgroup.com CF Pages, auto-refreshes 60s
Splunk ✓ VM 116 10.1.50.116:8000 Migrated to VM 116 May 17. HEC: 10.1.50.116:8088. All tokens active. ThinkPad Splunk decommissioned.
Proxmox Backup Server ✓ VM 110 10.1.50.110:8007 PBS 3.4.8 · admin@pbs · Datastore "main" 1.9 TB · pbs-main storage active on pve01 · Note: outbound via pve01:8888 proxy (no direct NAT for .110 yet)
Tailscale ⏳ Needs Auth Auth URL Installed on pve01, awaiting account creation + activation
🔐

Open Items & Exceptions

Item Priority Status Notes
VM 113 IP conflict 🟡 INFO ⚠ Noted 10.1.50.113 taken by unknown LAN device (MAC dc:e5:5b:62:35:ff) — VM runs on .118. Identify and reassign that device if .113 is needed.
Tailscale account + auth 🟡 MEDIUM ⏳ Blocked — needs account Create free account at tailscale.com, then visit auth URL
iDRAC final IP 🟡 MEDIUM ⚠ Temp @ .211 Currently 10.1.50.211 — move to 10.1.10.10 after switch VLAN 10 trunk port config
Switch trunk ports (nic0/nic1) 🟡 MEDIUM ⚠ Not cabled nic0/nic1 not connected to switch. Required for vmbr1 VLAN-aware routing (prod/dev VLAN separation)
Anthropic API key (OpenClaw) 🟡 INFO ✓ Rotated Was hardcoded in docker-compose.yml — moved to .env, new key applied May 17
pve01 root password 🟡 INFO ℹ Deferred Intentionally not rotating at this time per owner decision
🚚

Migrations

Service Source Target Status Notes
n8n Production n8n-cmtg (10.1.50.206) VM 113 (10.1.50.118) ✓ Complete Cutover May 17. Old server fully stopped.
n8n Database n8n-cmtg postgres VM 112 (10.1.50.112) ✓ Complete pg_restore, 74 tables, encryption key preserved
Dev n8n + Databases VM 114 + 115 ✓ Complete Fresh env built May 17. n8n_dev + nexus_dev DBs ready.
Splunk VM 116 (10.1.50.116) ✓ Complete Migrated May 17. HEC working. ThinkPad Splunk stopped.
WSL + ThinkPad Projects WSL + ThinkPad VM 117 ✓ Complete 41 GB synced to workstation (144 items, 925 GB free). Full mirror including node_modules, build artifacts. ThinkPad re-synced from WSL. All three machines in sync.
🗄️

Supabase Instances — Prod & Dev Gap Analysis

💡
Dev Supabase: DEPLOYED (May 17). VM 119 running self-hosted Supabase stack at 10.1.50.119 — Studio at :3000, API at :8000. All 13 containers healthy. Dev DBs to be created per-project. Connect with: SUPABASE_URL=http://10.1.50.119:8000 SUPABASE_ANON_KEY=[dev-anon-key] (see ops docs for full keys).
Project Project Ref Used By Grant Migration Dev Environment
nextgen-crm wkjujqcgccxmjiijfjkm Nexus CRM (booknexus.app) — main product ⏳ Pending ⚠ ThinkPad local only
internal-dashboard dpixsxrvqwhdkylmbsfa CMSG ops dashboard (cloudmagic.software) 📋 Not affected ✗ No dev DB
shuri eksdpvazfcwssvptcnqi Credential intelligence platform ✓ Applied ✗ No dev DB
leadgen atmzbxpbvmyqfohkzyle Lead generation platform ⏳ Pending ✗ No dev DB
per-fin vufeioysqgdojytshrbl Personal finance dashboard (Chris & Jen) ⏳ Pending ✗ No dev DB
ginete-app xyeynclnoyijipvujlgr Ginete app ⏳ Pending ✗ No dev DB
claude-claw kyboxrlbwctvpzmcaore WSL2 multi-agent orchestration runtime ⏳ Pending ✗ No dev DB
avaya wjuavuucarznaioipitu Avaya landing / portal ⏳ Pending ✗ No dev DB
msp-quote pejhlbsncukzvgevjrok MSP quoting system 📋 Check needed ✗ No dev DB
fovea vhmwzcdxkcjnzqyroxuj Internal analytics 📋 Check needed ✗ No dev DB
secure-online / svo-free ⚠ Not configured Secure Verify Online (SVO) ⏳ Pending ✗ No dev DB

Grant migration deadline: October 30, 2026 — 8 projects pending. Notion tracker: View tracker

🚨

Immediate Build Queue (This Week)

Task VM / Target Why Now Notes
Splunk VM (prod-splunk) VM 116 ✓ Done COMPLETE May 17. VM 116 running Splunk 9.x at 10.1.50.116:8000/8088. All HEC tokens migrated. All project endpoints updated. ThinkPad Splunk decommissioned. Note: CPU=host required (AVX/SSE4.2).
Supabase self-hosted (dev) VM 119 ✓ Done COMPLETE May 17. VM 119 running full Supabase stack at 10.1.50.119:3000 (Studio) / :8000 (API). 13 containers healthy. Fixed: LOGFLARE_PUBLIC_ACCESS_TOKEN missing, studio port mapping. Dev DBs ready to create per-project.
PBS VM (pbs01) VM 110 🟡 Risk No VM backups currently. Build Proxmox Backup Server pointed at vmpool-backups ZFS dataset. Snapshot schedule: daily for prod VMs, weekly for dev.
Tailscale activation pve01 + VMs 🟡 Access Create free Tailscale account → auth URL. Then install on VMs 112-115. Removes dependency on VPN clients for remote access.
🗺️

Backlog

Task VM / Target Depends On Notes
Switch trunk port cabling Physical Connect nic0/nic1. Enables vmbr1 VLAN-aware routing for prod/dev network separation.
iDRAC final IP move 10.1.10.10 Switch trunk config Move from 10.1.50.211 → 10.1.10.10 (IPMI VLAN)
Supabase grant migrations Cloud (8 projects) Deadline Oct 30, 2026. Run supabase db push per project. See Supabase table above.
Ollama + open-webui VM 115 VM 115 running ✓ CPU-only Ollama + open-webui. Expose via pve01-dev tunnel or dedicated hostname.
Home workstation VM VM 117 PBS operational Ubuntu desktop or WSL2 VM on vmpool-ws storage.