Initial commit: cleaned project structure

- Consolidated documentation from Ralph Loop iterations - Archived 20+ outdated/superseded files to .archive/ - Kept essential docs: OIDC integration, mobile setup, quick start - Added operational scripts for health monitoring and backup - Research artifacts preserved in .tasks/artifacts/ Current state: - 3 VPS sites (fry, proton, photon) ONLINE in Pangolin - brn-home site pending for local services (Jellyfin, etc.) - Mobile access configuration pending Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-21 06:15:04 +00:00
commit b428721b07
17 changed files with 5749 additions and 0 deletions
--- a/QUICK-START.md
+++ b/QUICK-START.md
@@ -0,0 +1,124 @@
+# Pangolin SSO Infrastructure - Quick Start
+
+**Status:** ✅ Deployed and Running
+**Date:** 2026-01-20
+
+---
+
+## 🚀 TL;DR - What You Have
+
+**Three platforms deployed on brn (10.50.0.74):**
+
+| Platform | URL | Status | Action Needed |
+|----------|-----|--------|---------------|
+| **Authentik** | https://sso.obr.sh | ✅ Running | Create admin account |
+| **Pangolin** | https://tunnel.obr.sh | ✅ Running | Use setup token |
+| **Guacamole** | https://remote.obr.sh/guacamole/ | ✅ Running | Change password |
+
+---
+
+## ⚡ 5-Minute Quick Start
+
+### 1. Check Everything is Healthy
+
+```bash
+/home/olaf/pangolin/scripts/monitor-sso-health.sh
+```
+
+**Expected:** ✅ ALL SYSTEMS OPERATIONAL
+
+### 2. Get Pangolin Setup Token
+
+The health script shows the token, or run:
+```bash
+cd /srv/docker/pangolin && sudo docker compose logs pangolin | grep "Token:"
+```
+
+### 3. Complete Setups (One at a Time)
+
+**Pangolin First:** (https://tunnel.obr.sh)
+- Enter the setup token
+- Create admin account
+- Done in 30 seconds
+
+**Then Authentik:** (https://sso.obr.sh/if/flow/initial-setup/)
+- Create admin account
+- SAVE RECOVERY CODES
+- Done in 2 minutes
+
+**Then Guacamole:** (https://remote.obr.sh/guacamole/)
+- Login: guacadmin / guacadmin
+- Change password in Settings
+- Done in 1 minute
+
+**Total time:** <5 minutes
+
+---
+
+## 📚 Full Documentation
+
+**For complete integration (OIDC, service SSO, Pangolin sites):**
+
+Read: `/home/olaf/pangolin/ADD-OIDC-INTEGRATIONS.md`
+
+**For detailed deployment info:**
+
+Read: `/home/olaf/pangolin/DEPLOYMENT-COMPLETE.md`
+
+---
+
+## 🔧 Useful Commands
+
+**Monitor Health:**
+```bash
+/home/olaf/pangolin/scripts/monitor-sso-health.sh
+```
+
+**Backup Everything:**
+```bash
+/home/olaf/pangolin/scripts/backup-sso-infrastructure.sh
+```
+
+**View Logs:**
+```bash
+cd /srv/docker/authentik && sudo docker compose logs -f server
+cd /srv/docker/pangolin && sudo docker compose logs -f pangolin
+cd /srv/docker/guacamole && sudo docker compose logs -f guacamole
+```
+
+---
+
+## ✅ What's Working
+
+- LAN access (10.50.0.0/24)
+- WAN internet routing
+- All existing services (Jellyfin, OpenWebUI, etc.)
+- All three new SSO platforms
+- TLS certificates (automatic)
+- Docker networks
+- Firewall rules
+
+**Zero issues detected.**
+
+---
+
+## 📞 If You Need Help
+
+**Check health first:**
+```bash
+/home/olaf/pangolin/scripts/monitor-sso-health.sh
+```
+
+**Review deployment:**
+```bash
+cat /home/olaf/pangolin/DEPLOYMENT-COMPLETE.md
+```
+
+**See iteration history:**
+```bash
+ls /home/olaf/pangolin/.ralph-loop/
+```
+
+---
+
+**Infrastructure ready. Complete 3 quick setups to start using SSO.**