📄 2026-04-18.md 3,533 bytes Apr 19, 2026 📋 Raw

2026-04-18 Daily Notes

Location Cache & Hermes Integration — Completed

  • location_cache.py committed (d54ca65) — cache-first, goplaces CLI + Nominatim fallback + haversine
  • Hermes integration (a718b2a) — enrich_location() appends 📍 + travel time to event notifications
  • Known locations seeded: Golrusk (7 min), Aurora BayCare (5 min), Resurrection Church (12 min)
  • Google Places API key in scripts/.env (currently 403 — suspended). Nominatim is fallback.

Google Account Suspended

  • SA + Gmail app password + Places API all dead (CONSUMER_SUSPENDED)
  • Crons disabled, then re-enabled after Radicale migration removed all Google deps

Drop-Box Document Sorter — Built

  • document_sorter.py committed (b615b9b) — OCR + LLM + Drive pipeline
  • Blocked on Google account restoration for Drive API

OpenClaw Quick Wins — Applied

  • Security: secrets to .env (chmod 600), redactSensitive: "tools"
  • Heartbeat: lightContext + isolatedSession + activeHours 06:00-23:00 CST
  • Fallback chain: kimi-k2.5:cloud → gemma4:latest → qwen2.5-coder:7b
  • Command logger hook enabled
  • Dreaming (3 AM CST) + Active Memory (DMs only, 30s timeout) enabled
  • sessionMemory experimental enabled

Radicale CalDAV Migration — COMPLETED

  • Radicale 3.7.1 on 0.0.0.0:5232, htpasswd bcrypt, 3 users (matt, aundrea, assistant)
  • calendar_sync.py fully rewritten — all Google API stripped, uses caldav+icalendar
  • 6 downstream modules updated, public API preserved
  • process_webhook_email() wired: webhook → LLM → Radicale → Brain → Hermes
  • Commit a8f32d1 pushed

Key Lessons

  • htpasswd MUST use bcrypt $2b$$apr1$ fails
  • Bind 0.0.0.0:5232 — Tailscale IPs are virtual/rotating
  • Rights file: permissive RrWw — per-user ACL caused 403
  • iOS CalDAV discovery is per-user principal only → both phones use assistant account

Cloudflare + Phone Setup

  • cal.hoffdesk.com Cloudflare Tunnel → localhost:5232 (HTTPS for iOS)
  • hook.hoffdesk.com Cloudflare Tunnel → webhook FastAPI
  • Cloudflare Email Worker deployed: assistant@hoffdesk.com → Worker → webhook
  • iPhone CalDAV confirmed syncing (Matt's phone)

Hermes + Location Hardening

  • hermes_notify() — fires on every Radicale write, direct Bot API (no CLI hang)
  • Day-of-week mismatch detection: LLM extracts claimed_day_of_week, pipeline cross-checks
  • LLM location hallucination fix: "Golrusk" → fuzzy cache match → "Golrusk Pet Care Center"
  • Nominatim fallback for when Google Places API is dead
  • Duplicate notification fix: removed event-creation from push_pipeline_results()

Auth Circuit Breaker

  • 3 consecutive IMAP auth failures → circuit trips → ONE alert to Matt → silence
  • Auto-resets on success, manual reset via CLI or state file deletion
  • Webhook pipeline unaffected (no IMAP dependency)

Backup Strategy

  • Daily 7 AM: tar Radicale + ChromaDB + config → ~/.hoffdesk_backups/ (7-day rolling)
  • Remote copy to Gaming PC via Tailscale SSH (matt-pc.tail864e81.ts.net)
  • Windows SCP workaround: Python pipe on remote side
  • SKIP_REMOTE=true env var for when Gaming PC is offline

Security Fixes

  • scripts/.env: 664 → 600
  • htpasswd: 664 → 600
  • Location cache deduped: 11 → 6 entries
  • MagicDNS replacing hardcoded IPs in all config

Outstanding (as of 4/18)

  • Aundrea phone CalDAV setup (deferred)
  • Auth circuit breaker (done 4/19)
  • Drop-Box Drive (blocked on Google)
  • command-logger.jsonl logrotate check in ~1 month
← Back