• pomelo — home server (Vodafone residential, Ubuntu, user john). Runs envoy, popit3, stunnel client.• gravlax — AWS eu-north-1 (Stockholm). Runs gdata notes server, Apache, stunnel server, SOCKS5 proxy. Dovecot mail server planned (not yet installed). SSH key: ~/.ssh/gravlax.pem, user admin.• noodle — former AWS host in Singapore (ap-southeast-1). No longer in use.
As of 2026-06-08:• Apache on 80/443 — serves www.critchley.biz, webdav.critchley.biz, cv.critchley.biz• gdata notes server on 127.0.0.1:8020 and :8023 (MCP)• stunnel on 11080 (SOCKS5 TLS endpoint), 18021 (notes TLS), 18023 (notes MCP TLS)• danted SOCKS5 proxy on 127.0.0.1:1080• No Dovecot yet — see mail server plan
DNS: cv.critchley.biz and gravlax.critchley.biz both resolve to gravlax's IP (13.50.226.65 as of 2026-06-08).
Envoy uses IMAP_HOST = 'imap' in orchestrator.py. This routes via stunnel on pomelo:envoy → imaplib.IMAP4('imap', 143) → stunnel port 143 → cv.critchley.biz:993 → gravlaxnetrc entry: machine imap / login envoy
After Dovecot is set up on gravlax, the stunnel target will become mail.critchley.biz:993. Update /etc/stunnel/stunnel.conf on pomelo — the [imap] section.
/etc/rcs/envoy start → su john -c '...' → python3 orchestrator.py --daemon (background, logs to envoy.log)
rc.local runs as root; su is sufficient — no setuid wrapper needed.
Source: ~/py/envoy/envoy-rc (version-controlled in envoy repo).Deployed: copy to /etc/rcs/envoy — no sudo needed, file is owned root:john mode 770.Commands: start / stop / restart / status.start: sources api_keys, cd to envoy dir, starts orchestrator --daemon, writes pidfile.stop: kill by pidfile + rm pidfile. restart: stop + sleep 1 + start.Usage: /etc/rcs/envoy restart
Orchestrator is NOT in cron — daemon handles it via IMAP IDLE.Active cron entries related to envoy/mail:
• popit3 fetch (00,05,10,15,30,35,40,45,50,55 6-22 * * *): popit3.py — fetch new mail from Live.com POP3• popit3 reprocess (20 6-22 * * *): popit3.py --reprocess — re-feeds stored mails• Weekly maintenance (0 8 * * 0): injects a trigger email to envoy referencing envoy/maintenance-instructions. Logs to ~/py/envoy/maintenance.log.
Every Sunday 08:00, cron injects a maintenance trigger email to envoy (FROM envoy_test@, TO envoy@).Envoy reads envoy/maintenance-instructions and carries out autonomous housekeeping:• Delete scratch/ and tmp/ notes older than 7 days• Identify and fix namespace drift• Check CONTENTS for broken links• Report findings by emailRestricted actions (deletion of notes outside scratch/tmp, namespace restructuring) require explicit user approval.