feat(guacamole): add macmini-vnc-creds OnePasswordItem + fix Mac mini connection IPs

Phase 1 of Mac mini onboarding (2026-04-28): - Add OnePasswordItem CRD 'macmini-vnc-creds' in guacamole namespace bound to vault item 'Mac Mini' — operator mints Secret with username/password/VNC Password fields - Mac mini discovered at 10.0.56.115 (INFRA VLAN) — not 10.0.57.50 stored in 1P IP field - Guacamole connections updated via API (not stored here): VNC conn #10, SSH conns #9/#33 corrected from old IP 10.0.57.50 → 10.0.56.115 - macOS: 26.4.1 (Sequoia), Apple M1, 16 GB, user: bluejay (admin group) - VNC port 5900 confirmed open; SSH works via noc1 jumpbox with password auth Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-28 20:09:45 -05:00
parent f604ab419e
commit 35bd055cb4
1 changed files with 16 additions and 0 deletions
--- a/apps/guacamole/guacamole.yaml
+++ b/apps/guacamole/guacamole.yaml
@@ -465,6 +465,22 @@ metadata:
 spec:
  itemPath: vaults/IAmWorkin/items/Guacamole JSON Auth
 ---
 ---
 # 1Password-backed credentials for Mac mini VNC access (Phase 1 — 2026-04-28)
 # The operator mints Secret 'macmini-vnc-creds' with keys: username, password, VNC Password
 # Note: '1Password' field label 'VNC Password' -> K8s Secret key 'VNC Password' (space retained)
 # Guacamole VNC connection password is sourced from the 'VNC Password' field.
 # Actual IP is 10.0.56.115 (INFRA VLAN) — the 1P item 'IP' field is kept as backup reference.
 apiVersion: onepassword.com/v1
 kind: OnePasswordItem
 metadata:
  name: macmini-vnc-creds
  namespace: guacamole
  labels:
    app.kubernetes.io/component: credentials
    app.kubernetes.io/part-of: flowercore
 spec:
  itemPath: vaults/IAmWorkin/items/Mac Mini
 # Blue Jay Branding Extension (CSS + translations)
 apiVersion: v1
 kind: ConfigMap