Northland Tech Solutions - Development Log
2026-02-03 - Security Infrastructure Hardening
Security Audit & Hardening
Comprehensive security hardening of home lab infrastructure for NTS operations:
DNS Security:
- Configured Pi-hole + Unbound for recursive DNS resolution
- Removed all upstream DNS providers (Quad9, Cloudflare)
- Queries now go directly to root/TLD/authoritative servers
- No third-party DNS visibility — VPN killswitch compatible
- Fixed DNS leaks in all LXC containers (were pointing to 1.1.1.1)
Credential Management:
- Vaultwarden deployed with HTTPS (self-signed cert)
- Accessible at https://192.168.1.20
- Ready for password migration from placeholder creds
Clawdbot Security:
- Fixed credentials directory permissions (775 → 700)
- Removed small models without sandboxing
- Audit now clean: 0 critical issues
Security Lab:
- Kali Linux VM (200: kali-pentest) deployed on Proxmox
- 4GB RAM, 2 cores, 60GB disk
- Ready for penetration testing & security audits
Infrastructure Documentation:
- SSH key access configured for Proxmox
- All container IPs and VMIDs documented
- Network topology updated
Changes Made
| Component | Change |
|---|---|
| Pi-hole upstream | Quad9 → Unbound (127.0.0.1#5335) |
| CT100 hostname | CT100 → pihole |
| All LXC DNS | Various → 192.168.1.50 (Pi-hole) |
| Vaultwarden | HTTP:8080 → HTTPS:443 |
| VM 200 | Created Kali pentest lab |
2026-01-31 - CRM Schema & Pipeline Setup
AGENTS.md Created
Set up project context for Claude Code workflow:
- Project overview and stack
- Directory structure
- Service offerings (MSP + GEO)
- Development guidelines
CRM Schema Design
Created comprehensive schema design doc (docs/CRM-SCHEMA-DESIGN.md):
Core Entities:
- User (staff roles: Admin, Manager, Tech, Sales)
- Company (client orgs with status tracking)
- Contact (people at client companies)
- Site (physical locations)
Service Management:
- Contract (managed, hourly, block, project, break-fix)
- SLA (response/resolution time targets)
Ticketing:
- Ticket (priority, status, SLA tracking)
- TicketComment (internal vs public)
- TimeEntry (billable time)
Billing:
- Invoice with status tracking
- InvoiceItem linked to time entries
Prisma Schema Implemented
Full schema in prisma/schema.prisma:
- All enums properly defined
- Relations set up correctly
- PostgreSQL-specific types (Decimal, Text)
- Snake_case mapping for DB columns
Claude Code Setup
- Claude Code installed (
/home/shdwdev/.local/bin/claude) - Version 2.1.20
- Needs OAuth login — run
claudein terminal to complete
Commits
| Hash | Message |
|---|---|
4df1431 | Add AGENTS.md and CRM schema design |
9b4e6bd | Add Prisma schema for MSP CRM |
Next Steps
- Complete Claude Code OAuth login
- Set up PostgreSQL database
- Run prisma migrate
- Create API routes for CRUD
- Build portal pages
- Add NextAuth.js