Infrastructure
| Item | Status | Notes |
|---|---|---|
| Proxmox VE 9.1.1 | ✓ Complete | Kernel 6.17.2-1-pve, fully upgraded |
| ZFS Pool (vmpool) | ✓ Complete | 20.9T ONLINE, ashift=12, lz4 |
| ZFS Datasets | ✓ Complete | 7 datasets: prod, prod-db, dev, dev-db, workstation, backups, migration |
| pvesm Storage Pools | ✓ Complete | vmpool-prod, vmpool-prod-db, vmpool-dev, vmpool-dev-db, vmpool-ws, vmpool-backups |
| Resource Pools | ✓ Complete | prod, dev, workstation |
| Network Bond | ✓ Complete | bond0 active-backup (nic2+nic3), vmbr0 @ 10.1.50.11/24 |
| vmbr1 | ✓ Complete | VLAN-aware bridge on nic0, VIDs 2–4094 |
| PERC H710P | ✓ Verified | 26 drives optimal, BBU healthy, 0 errors |
| Tailscale | ⏳ Pending Auth | https://login.tailscale.com/a/13d98ea001f4b7 |
| iDRAC | ⚠ Temporary | 10.1.50.211 (temp) — target: 10.1.10.10 after switch VLAN config |
Virtual Machines
| VM | ID | Status | Spec | Notes |
|---|---|---|---|---|
| ubuntu-2404-template | 9000 | ✓ Complete | 2 core / 2 GB | Cloud-init base, SSH keys, qemu-agent |
| prod-postgres | 112 | ✓ Running | 8 core / 16 GB | PG16 @ 10.1.50.112, 200GB ZFS data disk, n8n DB restored (74 tables) |
| prod-n8n | 113 | ✓ Running | 4 core / 8 GB | 10.1.50.118 (IP conflict — .113 taken by switch device dc:e5:5b:62:35:ff) |
| dev-postgres | 114 | ✓ Running | 4 core / 8 GB | PG16 @ 10.1.50.114, 100GB data disk, n8n_dev + nexus_dev DBs |
| dev-docker | 115 | ✓ Running | 4 core / 8 GB | 10.1.50.115, n8n dev stack + cloudflared → dev.cloudmagicgroup.com |
| pbs01 (Proxmox Backup) | 110 | ✓ Running | 4 core / 8 GB | 10.1.50.110 — PBS 3.4.8, Web UI :8007. Datastore "main" 1.9 TB. Daily backups: prod (112,113,116) @ 02:00, dev (114,115,119) @ 03:00. Test backup VM 113: 2m35s @ 266 MiB/s, 85% dedup. TASK OK. |
| prod-splunk | 116 | ✓ Running | 10.1.50.116 | Splunk 9.x — migrated from ThinkPad May 17. All HEC tokens, dashboards, indexes migrated. CPU=host flag required (AVX). ThinkPad Splunk STOPPED. |
| home-workstation | 117 | ✓ Running | 8 core / 32 GB | 10.1.50.117 — Ubuntu 26.04 LTS (kernel 7.0.0-14), 966 GB disk (vmpool-ws). Docker 29.5.0, Node 22, git, rsync. SSH: ssh workstation. Pending: project migration from ThinkPad + WSL. |
| dev-supabase | 119 | ✓ Running | 10.1.50.119 | Self-hosted Supabase stack. Studio: :3000, API/Kong: :8000, DB: :5432. 13 containers running. CPU=default (no AVX required). Dev DBs to be created per project. |
Services
| Service | Status | URL / Location | Notes |
|---|---|---|---|
| n8n Production | ✓ Live | n8n.cloudmagicgroup.com | Cutover complete. Old n8n-cmtg (10.1.50.206) fully stopped. Tunnel fe21786c, 4 edge connections |
| n8n Development | ✓ Live | dev.cloudmagicgroup.com | Fresh DB (n8n_dev), dev credentials, tunnel 41ea6413. Login: admin / n8n_dev_admin_2026! |
| PostgreSQL 16 — Prod | ✓ Running | 10.1.50.112:5432 | n8n DB (74 tables restored), data on ZFS vmpool-prod-db |
| PostgreSQL 16 — Dev | ✓ Running | 10.1.50.114:5432 | n8n_dev + nexus_dev DBs, data on ZFS vmpool-dev-db |
| CF Tunnel pve01-prod | ℹ Idle | 61d9695e | Available for new prod services — not yet assigned to a hostname |
| Status Dashboard | ✓ Live | pve01-status.cloudmagicgroup.com | CF Pages, auto-refreshes 60s |
| Splunk | ✓ VM 116 | 10.1.50.116:8000 | Migrated to VM 116 May 17. HEC: 10.1.50.116:8088. All tokens active. ThinkPad Splunk decommissioned. |
| Proxmox Backup Server | ✓ VM 110 | 10.1.50.110:8007 | PBS 3.4.8 · admin@pbs · Datastore "main" 1.9 TB · pbs-main storage active on pve01 · Note: outbound via pve01:8888 proxy (no direct NAT for .110 yet) |
| Tailscale | ⏳ Needs Auth | Auth URL | Installed on pve01, awaiting account creation + activation |
Open Items & Exceptions
| Item | Priority | Status | Notes |
|---|---|---|---|
| VM 113 IP conflict | 🟡 INFO | ⚠ Noted | 10.1.50.113 taken by unknown LAN device (MAC dc:e5:5b:62:35:ff) — VM runs on .118. Identify and reassign that device if .113 is needed. |
| Tailscale account + auth | 🟡 MEDIUM | ⏳ Blocked — needs account | Create free account at tailscale.com, then visit auth URL |
| iDRAC final IP | 🟡 MEDIUM | ⚠ Temp @ .211 | Currently 10.1.50.211 — move to 10.1.10.10 after switch VLAN 10 trunk port config |
| Switch trunk ports (nic0/nic1) | 🟡 MEDIUM | ⚠ Not cabled | nic0/nic1 not connected to switch. Required for vmbr1 VLAN-aware routing (prod/dev VLAN separation) |
| Anthropic API key (OpenClaw) | 🟡 INFO | ✓ Rotated | Was hardcoded in docker-compose.yml — moved to .env, new key applied May 17 |
| pve01 root password | 🟡 INFO | ℹ Deferred | Intentionally not rotating at this time per owner decision |
Migrations
| Service | Source | Target | Status | Notes |
|---|---|---|---|---|
| n8n Production | n8n-cmtg (10.1.50.206) | VM 113 (10.1.50.118) | ✓ Complete | Cutover May 17. Old server fully stopped. |
| n8n Database | n8n-cmtg postgres | VM 112 (10.1.50.112) | ✓ Complete | pg_restore, 74 tables, encryption key preserved |
| Dev n8n + Databases | — | VM 114 + 115 | ✓ Complete | Fresh env built May 17. n8n_dev + nexus_dev DBs ready. |
| Splunk | VM 116 (10.1.50.116) | — | ✓ Complete | Migrated May 17. HEC working. ThinkPad Splunk stopped. |
| WSL + ThinkPad Projects | WSL + ThinkPad | VM 117 | ✓ Complete | 41 GB synced to workstation (144 items, 925 GB free). Full mirror including node_modules, build artifacts. ThinkPad re-synced from WSL. All three machines in sync. |
Supabase Instances — Prod & Dev Gap Analysis
💡
Dev Supabase: DEPLOYED (May 17). VM 119 running self-hosted Supabase stack at 10.1.50.119 — Studio at :3000, API at :8000. All 13 containers healthy. Dev DBs to be created per-project. Connect with:
SUPABASE_URL=http://10.1.50.119:8000 SUPABASE_ANON_KEY=[dev-anon-key] (see ops docs for full keys).| Project | Project Ref | Used By | Grant Migration | Dev Environment |
|---|---|---|---|---|
| nextgen-crm | wkjujqcgccxmjiijfjkm | Nexus CRM (booknexus.app) — main product | ⏳ Pending | ⚠ ThinkPad local only |
| internal-dashboard | dpixsxrvqwhdkylmbsfa | CMSG ops dashboard (cloudmagic.software) | 📋 Not affected | ✗ No dev DB |
| shuri | eksdpvazfcwssvptcnqi | Credential intelligence platform | ✓ Applied | ✗ No dev DB |
| leadgen | atmzbxpbvmyqfohkzyle | Lead generation platform | ⏳ Pending | ✗ No dev DB |
| per-fin | vufeioysqgdojytshrbl | Personal finance dashboard (Chris & Jen) | ⏳ Pending | ✗ No dev DB |
| ginete-app | xyeynclnoyijipvujlgr | Ginete app | ⏳ Pending | ✗ No dev DB |
| claude-claw | kyboxrlbwctvpzmcaore | WSL2 multi-agent orchestration runtime | ⏳ Pending | ✗ No dev DB |
| avaya | wjuavuucarznaioipitu | Avaya landing / portal | ⏳ Pending | ✗ No dev DB |
| msp-quote | pejhlbsncukzvgevjrok | MSP quoting system | 📋 Check needed | ✗ No dev DB |
| fovea | vhmwzcdxkcjnzqyroxuj | Internal analytics | 📋 Check needed | ✗ No dev DB |
| secure-online / svo-free | ⚠ Not configured | Secure Verify Online (SVO) | ⏳ Pending | ✗ No dev DB |
Grant migration deadline: October 30, 2026 — 8 projects pending. Notion tracker: View tracker
Immediate Build Queue (This Week)
| Task | VM / Target | Why Now | Notes |
|---|---|---|---|
| Splunk VM (prod-splunk) | VM 116 | ✓ Done | COMPLETE May 17. VM 116 running Splunk 9.x at 10.1.50.116:8000/8088. All HEC tokens migrated. All project endpoints updated. ThinkPad Splunk decommissioned. Note: CPU=host required (AVX/SSE4.2). |
| Supabase self-hosted (dev) | VM 119 | ✓ Done | COMPLETE May 17. VM 119 running full Supabase stack at 10.1.50.119:3000 (Studio) / :8000 (API). 13 containers healthy. Fixed: LOGFLARE_PUBLIC_ACCESS_TOKEN missing, studio port mapping. Dev DBs ready to create per-project. |
| PBS VM (pbs01) | VM 110 | 🟡 Risk | No VM backups currently. Build Proxmox Backup Server pointed at vmpool-backups ZFS dataset. Snapshot schedule: daily for prod VMs, weekly for dev. |
| Tailscale activation | pve01 + VMs | 🟡 Access | Create free Tailscale account → auth URL. Then install on VMs 112-115. Removes dependency on VPN clients for remote access. |
Backlog
| Task | VM / Target | Depends On | Notes |
|---|---|---|---|
| Switch trunk port cabling | Physical | — | Connect nic0/nic1. Enables vmbr1 VLAN-aware routing for prod/dev network separation. |
| iDRAC final IP move | 10.1.10.10 | Switch trunk config | Move from 10.1.50.211 → 10.1.10.10 (IPMI VLAN) |
| Supabase grant migrations | Cloud (8 projects) | — | Deadline Oct 30, 2026. Run supabase db push per project. See Supabase table above. |
| Ollama + open-webui | VM 115 | VM 115 running ✓ | CPU-only Ollama + open-webui. Expose via pve01-dev tunnel or dedicated hostname. |
| Home workstation VM | VM 117 | PBS operational | Ubuntu desktop or WSL2 VM on vmpool-ws storage. |