# 2026-02-19 — Daily Log ## Overnight Summary (from 2026-02-18) ### K3s HA Hardening - Full HA test suite passed (w1/w2/mgr failover) - Fixed: w1 and w2 left powered off after HA tests - Fixed: Pod stuck in Ready:False despite ContainersReady:True (stale NodeNotReady taint) - Fixed: DoNotSchedule topology constraint blocking replacement pods while Terminating pod lingered - Tuned failover: readiness probe every 5s/fail after 2, tolerations reduced to 10s (was 300s) - Result: failover window ~10-15 seconds ### DocFast CEO Session 59 - Fixed staging DB: was pointing to production `docfast` instead of `docfast_staging` ### SnapAPI Launch - K8s infrastructure set up: namespaces (snapapi + snapapi-staging), databases, secrets, deployer SA + RBAC - CEO SKILL.md created at skills/snapapi-business/SKILL.md - CEO cron schedule: 9:00, 14:00, 19:00 Vienna - CEO Session 1 completed: MVP deployed to staging - Screenshot API (Node.js + Puppeteer), signup endpoint, landing page - SSRF protection, browser pool, usage tracking - Verified: health check, signup, screenshot all working - Blockers: domain not registered, Forgejo write token needed ### Infrastructure Docs - Created projects/business/memory/infrastructure.md — full K3s docs - Updated SnapAPI plan in projects/ideas/product-ideas.md for K3s - Added backup task (Borg → Storage Box) ### BG3 - Party leveled to 6: Tam got GWM, switched from Everburn Blade → Greatsword +1 → Halberd +2 (1d10+1d4 energy) - Act 2: Moonrise Towers, advised on Tiefling rescue priority ### Evening (previous) - Wind-down started ~19:00 Vienna - BG3 gaming, PS5 controller setup, Bazzite/Sunshine question - Likely asleep by ~01:30 Vienna --- ## Thursday Feb 19 — Daytime ### Borg Backup — OPERATIONAL - Old DocFast server decommissioned — Storage Box sub-account is **sub10** (not sub11 as previously recorded) - Created new Borg repo with `repokey-blake2` on Storage Box from k3s-mgr - Passphrase generated, user saved to password manager - Backup script `/root/k3s-backup.sh`: K3s state.db, pg_dump (4 DBs), K8s manifest exports, K3s config+token - Archives use real server paths + `/var/backup/postgresql/` for DB dumps, `/var/backup/manifests/` for K8s exports - Cron: daily 03:30 UTC, retention 7 daily + 4 weekly + 3 monthly - Helper commands installed: `borg-list`, `borg-mount`, `borg-umount`, `borg-backup`, `borg-restore`, `borg-delete` - Installed python3-pyfuse3 for FUSE mount support - Restore docs: `/var/backup/RESTORE-FULL.md` (full cluster) + `/var/backup/RESTORE-MGR.md` (mgr-only) - Copies in `skills/k3s-infra/references/` - Added user's SSH key to k3s-mgr authorized_keys ### CEO Skill Refactor - Created `skills/ceo-common/CEO-BASE.md` — shared CEO principles, investor test, hiring flow - Created `skills/ceo-common/experts/` — 6 reusable expert base prompts (backend-dev, qa-tester, security, support, devops, marketing) - Slimmed DocFast + SnapAPI CEO skills — only their namespaces/DB/repo, reference common base - CEOs no longer see full cluster architecture ### SnapAPI Progress - **Domain registered: snapapi.eu** (DNS → LB) - Deploy keys set up: per-repo keys (`forgejo-docfast`, `forgejo-snapapi`) with SSH config on openclaw-vm - Forgejo SSH user is `forgejo@` not `git@` - CEO Sessions 2-5: CI/CD setup, TLS, website redesign, Swagger docs, QA fixes (CSP blocking inline handlers), playground-only model (no free API keys, watermarked screenshots, 5 req/hr IP limit) - v0.3.0 deployed: removed free signup, playground as demo, 3 paid plans only - Session 7: Code pushed to Forgejo repo, legal pages (Impressum, Privacy, Terms) ### DocFast SMTP Saga - K8s secret SMTP_HOST was pointing to old decommissioned server (167.235.156.214) - Fixed to mail.cloonar.com:587 with SMTP_USER + SMTP_PASS from docfast.env - **Verified working:** Full signup flow tested with support@docfast.dev → email received in FreeScout → code entered → API key issued - CEO TWICE deployed unauthorized Postfix+OpenDKIM pods on K3s, had to clean up twice - **Root cause of recurring issue:** When CEO modified the secret to point to his Postfix, he wiped SMTP_USER/SMTP_PASS. My reverts restored HOST/PORT but not the credentials. - Skill updated with emphatic "DO NOT deploy mail infrastructure" rules - State.json and bugs.md cleaned of old server references ### DocFast CEO Session 61 - Pushed 4 pending fixes from session 57 (version bump 0.3.2, removed debug log, dynamic /api version, OpenAPI Pro plan 5000 not 10000) - Git push works from openclaw-vm via deploy key ### CEO Schedule Updated - DocFast: 8:00, 11:00, 14:00, 17:00, 20:00 Vienna (5x/day) - SnapAPI: 9:00, 12:00, 15:00, 18:00, 21:00 Vienna (5x/day, staggered) ### Skill Updates - Forgejo SSH port: 22 (not 2222) - Git clone from openclaw-vm (not k3s-mgr) - SMTP managed by Cloonar — hard locked in skill - Old server references removed from all CEO memory files - Infrastructure docs updated (old server decommissioned) ### BG3 — Evening Session - Party leveled to 7: Tam (new maneuver), Astarion (Evasion), SH (Death Ward), Gale (Greater Invisibility) - Tam took Goading Attack + Trip Attack as new maneuvers (already had Riposte) - Gauntlet of Shar: completed Shar trials, Silent Library, Spear of Night - Spared Nightsong — Shadowheart turned to Selûne path (DC 30 check, nat 20 auto-success in BG3) - Shadowheart got Moonlight Glaive (replaced Shattered Flail) - Killed Balthazar before Shadowfell - Did NOT kill Yurgir — negotiated contract break (Displacer Beast hide + rats) - Heading to Moonrise Towers assault, taking Jaheira with party ### Portfolio - DFNS close: €59.95, daily +2.29%, total +6.59% (€1,065.85)