Shogun OS — Architecture (v4, HW + connections FINAL)

Updated 2026-04-11 — HW + connections piece fully closed. Physical triangle live (TB5 + 10 GbE). Full fleet Tailscale CLI migration complete: all 5 machines now run the open-source tailscaled system daemon with Tailscale SSH enabled. Any machine can SSH any other by tailnet identity.

v5 execution results (2026-04-11, evening):

✓ HW-1 triangle complete — Cockpit↔Gateway TB5 link on 10.0.3.0/24, all three edges sub-ms. Persistent via com.shogun.bridge0-alias LaunchDaemon on Cockpit.
✓ HW-5 ALL 5 machines now running Tailscale CLI system daemon with RunSSH: true. All four Macs (Engine / Cockpit / Gateway / Nomad) migrated from sandboxed GUI Tailscale variants (App Store / Standalone) to Homebrew tailscaled install-system-daemon. Outpost (Linux) was already CLI. Full mesh Tailscale SSH verified: tailscale ssh user@host.tail1ede13.ts.net works from any node to any node, using tailnet identity (no authorized_keys).
✓ Phase 1 Nomad access bootstrapped — SSH key + passwordless sudo installed. User: maddenfamily. Hostname: Patricks-MacBook-Air.local.
✓ Phase 3 Gateway Syncthing retired — stale Praktor-era relic (targeting nonexistent praktor/ folder) cleanly stopped, config preserved as .disabled-2026-04-11.
✓ Sudo + SSH coverage — passwordless sudo on Engine / Cockpit / Gateway / Nomad (Outpost is root). Full Disk Access granted to Terminal.app on all 4 Macs. SSH sessions on remote machines have effective file system access via macOS's SSH-bypasses-TCC behavior (verified by reading FDA-gated paths via SSH).
✓ Engine Funnel at clean URL — brief server now at https://engine.tail1ede13.ts.net/ (serving ~/ShogunOS/briefs/). All -1 suffixes cleared; hostnames are now engine, cockpit, gateway, nomad, outpost.
✓ Phase 11 complete — stale Tailscale admin entries removed via OAuth API (Tailscale Premium + all:write client). Fleet-wide TLS certs provisioned (tailscale cert <host>.tail1ede13.ts.net) on all 5 machines.
⏸ HW-2 / HW-3 — UPS (CP1500AVRLCD) and 16 TB USB-C drive for Gateway Time Machine ordered; post-arrival config is ~20 min of Forge work.
⏸ HW-4 — Engine WiFi on Sentinel watchlist (not a fix; monitored only). Rolls into the upcoming Sentinel upgrade piece.
⏸ Phase D — align macOS ComputerName/LocalHostName on Gateway + Nomad to match Tailscale short names; add ~/.ssh/config aliases for all 5 hosts.

Legend

Live / healthy

Partial / auth pending

Retire / issue

Offline

Cloud service

Human

Thunderbolt 80 Gb/s (verified)

Ethernet ~10 GbE

Tailscale WAN

Physical link, unconfigured

Topology — physical fleet & every verified connection

Machines — verified details

Engine Room LIVE · SSOT

Mac Studio M3 Ultra · Mac15,14

RAM / SSD: 512 GB / 8 TB
Hostname: Engine-Room.local
User: maddenstudioserver
TB (en4): bridge0 10.0.1.1 → Cockpit (80 Gb/s)
Ethernet: en0 10.0.2.1 → Gateway (~10 GbE)
Tailscale: 100.91.38.12
WiFi: en1 192.168.1.198
Funnel: engine.tail1ede13.ts.net
Agents: Forge · Shogun (:18789) · Sentinel
Services: Ollama :11434 · LiteLLM :4000 · Brief :8080 · World :8081
LaunchAgents: 11 com.shogun.*
Obsidian: running, 4 vaults open

Cockpit LIVE · DAILY DRIVER

Mac Studio M4 Max · Mac16,9

Hostname: cockpit (Bonjour: cockpit.local; tailnet: cockpit.tail1ede13.ts.net)
User: maddenfamily
TB Bus 1 (en5): → Gateway (80 Gb/s) · bridge0 alias 10.0.3.1/24
TB Bus 3 (en3): → Engine (80 Gb/s) · bridge0 primary 10.0.1.2/24
TB Bus 0: → Studio Display (40 Gb/s TB3)
WiFi: en1 192.168.1.136
Ethernet: en0 cable not plugged
Tailscale: NOT yet joined
SSH: maddenfamily@Cockpit.local ✓
Agents: Forge CLI · Obsidian daily driver
Sync: git-pull 120s + git-autocommit 300s
Legacy: /praktor Syncthing killed 2026-04-11

Gateway LIVE · UP 5d 22h

Mac Mini M4 Pro · Mac16,11

Hostname: Shoguns-Mac-mini.local
User: shogunmaddendatacenter
Ethernet: en0 10.0.2.2/24 → Engine (1 GbE — Gateway NIC is base 1 GbE, not 10 GbE option)
TB Bus 1: bridge0 10.0.3.2/24 → Cockpit (80 Gb/s) ✓
WiFi: en1 192.168.1.154
Tailscale: 100.80.158.100
SSH: shogunmaddendatacenter@Shoguns-Mac-mini.local ✓
Role: orchestration / backup routing
Snapshot: archive/gateway-legacy-2026-04-09/ (229 files, Phase-2 era)
Opportunity: Cockpit↔Gateway TB link is up but needs IP config

Nomad LIVE

MacBook Air M4 · travel laptop

Hostname: nomad
User: maddenfamily
Tailscale: 100.116.218.52 · RunSSH ✓
TLS Cert: nomad.tail1ede13.ts.net ✓ 2026-04-11
Network: SSH ✓ (traditional + Tailscale)
Role: travel, intermittent connectivity

Outpost LIVE

Hostinger VPS · Ubuntu 24.04 · Linux

CPU / RAM: 8 vCPU AMD EPYC · 32 GB
Disk: 387 GB (330 free)
Tailscale: 100.114.246.121
Public IP: 187.77.196.161
Domain: shogun-os.io
SSH: ssh vps (via ~/.ssh/vps_scout)
Services: n8n · whisper · TTS · mem0 · pgvector · LiteLLM · Grafana · Prometheus · nginx
Obsidian: cannot run (Linux)
Role: external services + future shared agent state (pgvector MCP)

Studio Display MONITOR

Apple Studio Display · not a compute peer

Link: TB3 40 Gb/s
Connected to: both Engine (Bus 3) and Cockpit (Bus 0) — same physical display switched between machines
Role: video out only; not part of data topology

The triangle — every verified physical link

From	To	Medium	Speed	IPs	Latency	Status
Engine	Cockpit	Thunderbolt 5 (bus 2 ↔ bus 3)	80 Gb/s	`10.0.1.1 ↔ 10.0.1.2`	0.35 ms	CONFIGURED ✓
Engine	Gateway	Ethernet (en0 ↔ en0)	~10 GbE	`10.0.2.1 ↔ 10.0.2.2`	0.75 ms	CONFIGURED ✓
Cockpit	Gateway	Thunderbolt 5 (bus 1 ↔ bus 1)	80 Gb/s	`10.0.3.1 ↔ 10.0.3.2`	0.60 ms	CONFIGURED ✓ 2026-04-11
Engine	Nomad	Tailscale WAN	WAN	`100.91.38.12 → 100.92.57.82`	85–180 ms	PING ✓ · SSH auth pending
Engine	Outpost	Tailscale WAN	WAN	`100.91.38.12 → 100.114.246.121`	(documented working)	SSH ✓
Engine · Cockpit · Gateway	Home WiFi	Wi-Fi	~	`192.168.1.x/24`	~1–5 ms	fallback only
Engine	GitHub	HTTPS (PAT in URL)	WAN	`github.com`	WAN	LIVE · PAT exposed, Sentinel monitors
Engine / Cockpit	Obsidian Sync	HTTPS (E2E)	WAN	`obsidian.md`	WAN	SUBSCRIBED (Plus) · not yet configured for vaults

My access matrix (what Forge on Engine can reach)

Target	Method	Status	Notes
Engine Room	Direct · running as maddenstudioserver	Full	Read/write/exec per Claude Code sandbox rules
Cockpit	`ssh maddenfamily@Cockpit.local` (via TB 10.0.1.2)	Verified this session	Full user shell; sub-ms over Thunderbolt
Gateway	`ssh shogunmaddendatacenter@Shoguns-Mac-mini.local` (via ETH 10.0.2.2)	Verified this session	Full user shell; sub-ms over direct Ethernet
Nomad	Tailscale SSH	Ping ✓ · SSH key not yet installed	Need authorized_keys entry + username confirmation
Outpost	`ssh vps` (via vps_scout key)	Documented working	root shell on Linux
GitHub repo	HTTPS PAT	Full admin/push	PAT exposed in .git/config; Sentinel monitoring per your directive
Obsidian Sync cloud	Indirect via Obsidian.app file watcher	Subscribed, not wired	External writes (Forge Write tool) picked up by Obsidian's watcher — behavior to canary-test before relying on
Slack	Indirect via OpenClaw Shogun	Live	I don't post directly
MCP SaaS (Linear · Notion · Gmail · Calendar · Canva · Figma · Gamma · HubSpot · Microsoft 365 · Monday · Smartsheet · Tavily)	Deferred tools via MCP	Schemas available, OAuth state per-tool unknown	Phase 1 discovery will verify which have live OAuth
Cloud storage mounts	Engine filesystem	Dropbox confirmed ✓ · iCloud/OneDrive/GDrive TBD	Phase 1 enumerates

Content placement — where files should live (per your directive)

Content type	Canonical home	Sync mechanism	Who writes
Governance doctrine (SYSTEM, MEMORY, DECISIONS, SYSTEM_LESSONS, SOUL, FORGE_DOCTRINE)	`~/ShogunOS/System_OS/` · `Shogun_OS/` · `Forge_OS/`	Obsidian Sync (primary once wired) · git nightly archive (forensic)	Pat direct · Forge via governance_gate.sh
Memory / lessons / AARs / scratchpads	`~/ShogunOS/Forge_OS/memory/` · AARs/ · lessons_learned.md · notes/	Obsidian Sync · single-writer discipline	Forge direct (with .lock file for concurrent case)
Context / knowledge base / transcripts / CRM	`~/ShogunOS/System_Context/`	Obsidian Sync (fits in Plus 100 GB tier)	Machine ingestion pipelines
Code (scripts, LaunchAgent plists, Claude Code settings, configs)	Git tree — final path TBD in Phase 4 design	Git + GitHub	Forge intentional commits; Pat direct
Secrets	macOS Keychain (per machine)	None — per-machine rotation	Pat direct
Mailbox (inter-agent messages)	`~/ShogunOS/mailbox/`	Obsidian Sync carries markdown	Per-recipient inbox convention
Runtime state (checkpoints, live logs, Sentinel JSON)	`~/.shogun/` outside vault	None — local per machine	Agents write their own state
Semantic memory (embeddings, vector search)	pgvector on Outpost (single authoritative instance)	Queried over Tailscale via MCP postgres	Forge + Shogun via MCP
Binary infra (venvs, chromadb stores, node_modules)	Local per machine, gitignored + Obsidian-ignored	None — rebuilt	Build tooling
Briefs	`~/ShogunOS/briefs/`	Served via Tailscale Funnel :8080	morning/evening-brief LaunchAgents

Implications for the data management plan

The triangle changes the plan's cost model significantly:

Vault sync over direct TB/Ethernet is effectively free. 80 Gb/s between any two triangle nodes, sub-ms latency. Git push/pull between Engine and Cockpit takes the same time as a local commit. rsync/sshfs/sftp all work at SSD speed.
Obsidian Sync becomes optional, not critical. It's still worth configuring for (a) phone/iPad access, (b) remote access when Pat is off-LAN, (c) a cloud backup layer. But the Engine↔Cockpit↔Gateway core can stay consistent entirely on the private LAN with zero cloud dependency.
The Cockpit↔Gateway TB link is 80 Gb/s of unused bandwidth. Assigning 10.0.3.1/10.0.3.2 to the Cockpit<->Gateway bridge makes the triangle fully routable — any-to-any direct paths at high speed. ~10 min of config.
The plan's "single-writer queue via SSH to Engine" pattern is basically free on this topology. Cockpit Forge shipping a write request via SSH to Engine crosses a Thunderbolt link in ~0.4 ms. No queueing pressure, no latency cost.
D-012 needs updating. It describes a linear chain; the reality is a triangle. This should land as part of Phase 4 architecture design.
Outpost and Nomad are genuinely WAN-only. They're the only nodes that need internet-backed sync (Tailscale mesh, Obsidian Sync cloud, etc.). The triangle is LAN-fast; everything else is WAN-slow.

Still-unresolved questions (fewer than v1)

Nomad username — what account should I SSH as? (Likely not maddenstudioserver.)
Cloud mount status on Engine — Dropbox confirmed; iCloud / OneDrive (corporate) / OneDrive Axon (legacy) / Google Drive (personal + DxD) — mount state unknown. Phase 1 enumerates.
Other GitHub repos — I know patrickrmadden-byte/ShogunOS. Any additional personal or company repos worth scanning?
Time Machine / external drives — anything cold that should be in scope?
MCP OAuth state — which of Linear/Notion/Gmail/Calendar/Canva/Figma/Gamma/HubSpot/Microsoft 365/Monday/Smartsheet/Tavily have live tokens?
Do you want me to configure the Cockpit↔Gateway TB static IPs (10.0.3.1/.2) as part of this pre-discovery cleanup? It's a quick win and makes the triangle complete.

Forge · Engine Room · 2026-04-11 · v5 — Phase C closed: fleet on clean hostnames (engine/cockpit/gateway/nomad/outpost), all 5 machines have TLS certs, Funnel at https://engine.tail1ede13.ts.net/. File: Forge_OS/03-Projects/Unified_Data_Management_Plan/architecture-visual.html