From 35bd055cb44a0fa69ddb1c41824712a2d9937827 Mon Sep 17 00:00:00 2001 From: Andrew Stoltz Date: Tue, 28 Apr 2026 20:09:45 -0500 Subject: [PATCH] feat(guacamole): add macmini-vnc-creds OnePasswordItem + fix Mac mini connection IPs MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Phase 1 of Mac mini onboarding (2026-04-28): - Add OnePasswordItem CRD 'macmini-vnc-creds' in guacamole namespace bound to vault item 'Mac Mini' — operator mints Secret with username/password/VNC Password fields - Mac mini discovered at 10.0.56.115 (INFRA VLAN) — not 10.0.57.50 stored in 1P IP field - Guacamole connections updated via API (not stored here): VNC conn #10, SSH conns #9/#33 corrected from old IP 10.0.57.50 → 10.0.56.115 - macOS: 26.4.1 (Sequoia), Apple M1, 16 GB, user: bluejay (admin group) - VNC port 5900 confirmed open; SSH works via noc1 jumpbox with password auth Co-Authored-By: Claude Sonnet 4.6 --- apps/guacamole/guacamole.yaml | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/apps/guacamole/guacamole.yaml b/apps/guacamole/guacamole.yaml index ef2f103..ebee21d 100644 --- a/apps/guacamole/guacamole.yaml +++ b/apps/guacamole/guacamole.yaml @@ -465,6 +465,22 @@ metadata: spec: itemPath: vaults/IAmWorkin/items/Guacamole JSON Auth --- +--- +# 1Password-backed credentials for Mac mini VNC access (Phase 1 — 2026-04-28) +# The operator mints Secret 'macmini-vnc-creds' with keys: username, password, VNC Password +# Note: '1Password' field label 'VNC Password' -> K8s Secret key 'VNC Password' (space retained) +# Guacamole VNC connection password is sourced from the 'VNC Password' field. +# Actual IP is 10.0.56.115 (INFRA VLAN) — the 1P item 'IP' field is kept as backup reference. +apiVersion: onepassword.com/v1 +kind: OnePasswordItem +metadata: + name: macmini-vnc-creds + namespace: guacamole + labels: + app.kubernetes.io/component: credentials + app.kubernetes.io/part-of: flowercore +spec: + itemPath: vaults/IAmWorkin/items/Mac Mini # Blue Jay Branding Extension (CSS + translations) apiVersion: v1 kind: ConfigMap