- wg-render: handle --keygen/--pubkey before self-detection. They are host-local
and must run BEFORE a host is in mesh-hosts.json (bootstrap order: keygen ->
paste pubkey -> apply); previously they aborted for an unregistered host.
- Register artifacts (com.uvlava.quinn.artifacts) as nyc3 spoke, wg 10.9.0.8.
Verified live: artifacts<->citron handshake, artifacts->lime spoke-to-spoke via
hub forwarding (0% loss). nyc3 segment = citron(hub) + lime + artifacts.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
The spoke-render test hardcoded the old reserved-IP endpoint; read it from
mesh-hosts.json instead so it tracks the endpoint and can't drift. (Follows the
endpoint change to citron's bound IP in 53a79d3.)
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Two bugs found bringing the nyc3 segment live (citron hub + lime spoke):
- Hub render ended in `[ -n "$miss" ] && echo`, which returns 1 when no spokes
are unkeyed; under `set -e` that silently aborted `render_conf > tmp` on the
apply path (spokes were fine — they end in printf). Use an if-block.
- `wg syncconf <(wg-quick strip)` used bash process substitution but the script
runs under /bin/sh (dash) — replaced with a POSIX temp file.
Also: nyc3 endpoint -> citron's bound public IP (104.248.9.88), not the reserved
IP (143.244.223.5) — DO routes the reserved IP in but WG replies from the
primary, so the reserved IP can't be a WG endpoint without anchor source-routing.
Verified live: lime<->citron handshake, ping 10.9.0.7 0% loss, citron dnsmasq
resolving *.wg on 10.9.0.7.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Glob every .infra*.yaml (was .infra.yaml only) so .infra.dev.yaml variants are
reconciled too; add an ENV column + environment field to the inventory. A project
can now appear once per environment (prod DO + dev mac).
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
New bin/infra-net walks every project .infra.yaml (convention:infra_manifest),
validates schema + host∈mesh-hosts (alias-aware) + port collisions, prints the
live infra-net and writes data/infra-net.json (gitignored, non-destructive — does
not touch the services map). Caught prospector's stale host name on first run.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
- clone now ssh://git@ct-forge:2222/applications/net-tools.git
- document the "origin" (ct) + "black" (historical) remotes
- update push note
The git remote for this tree is now on ct-forge under applications/ per current infra.
.
- derive visible hosts, Fleet label, and critical peers from dx.hide_homelan in mesh-hosts.json
- "Toggle homelan visibility (recovery)" menu action + immediate re-render of /etc/hosts+ssh
- only lime (DO backend with MCPs/tools) is core critical for the icon; redroid is shown but does not degrade
- stale homelan (pear etc) filtered from tray labels when using the new DO config (hide=true)
- tray README and module docs updated; the switcher makes the active config obvious in the menu bar
- this is the private path for MCPs on DO (and other internal tools): wg mesh (yuzu hub + lime spoke) + net-tools names, no public exposure
.
Canonical entry for the Android redroid host used by mrnumber/whatsapp screening automation (and future CT mrnumbers execution). Public IP, firewalled. ssh via the 1984 key from plum.
- data/mesh-hosts.json: "dx": {"hide_homelan": true} (with note). Data for apricot/pear/fennel/lan/services fully preserved for recovery.
- bin/mesh-hosts-render + bin/host-apply: respect the flag — filter to .class=="cloud" hosts only (yuzu, lime), emit dx mode note in headers, services filtered too.
- When true: generated /etc/hosts mesh-block and ~/.ssh/config net-tools fleet block only contain DO/cloud (homelan names like apricot.lan, bare fennel etc. hidden). dx-forges (ctforge/mcforge) unaffected at bottom.
- `net sync` (and direct renderers) now produce clean DO-only configs.
- README updated. To recover: set false + net sync.
Fulfills "hide the homelan config... now only use DO... may try to recover homelan so dont delete it".
Makes the cloud DX forge shortcuts (mcforge, ctforge) first-class citizens of the shared net-tools layer:
- New bin/forge-dns-render (print/install/diff) that sources ~/.vault/*_forge_creds and emits a managed # >>> dx-forges block in /etc/hosts.
- `net sync` now also converges the DX forges (alongside mesh-hosts + ssh).
- Per-project ./run forge:dns now prefers the central renderer (with local fallback).
- Docs updated.
The mcforge:3000 / ctforge:3000 shortcuts are now installed and kept fresh as part of standard DX infra setup (`net sync` after net-tools install, or after any forge:up).
The DigitalOcean backend droplet (was bare ssh alias lilith-store-backend,
209.38.51.98) joins wg1 at 10.9.0.5 as a first-class cloud-class member —
runs quinn.api INTERNAL, the MCP gateways, DO Managed PG access, and private
workers (general backend node, not MCP-only). The .5 slot was held by
strawberry (Quinn's iPhone), which never worked reliably and is now off the
mesh; re-enrollable later via wg-phone-add. public=null so host-apply renders
the wg path (private node, no public app ports; reached via ProxyJump yuzu).
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
The tray's Quit handler already boots out com.wireguard.vpn-tray, but install-tray.sh
had retired that launchd job and relied on the fleet agent to nohup it — which never
ran the tray reliably at boot (no GUI session yet). Restore the LaunchAgent (same
pattern as com.lilith.mac-sync): RunAtLoad starts it at login in the GUI session,
KeepAlive relaunches on crash. ensure_tray() now defers to launchd when the agent is
installed (Popen path kept as fallback). Removes the dead standalone plist.
