For three weeks the fleet shipped to a Cloudflare worker the public couldn't reach. The cPanel credentials were sitting in the vault. Nothing was monitoring the gap. Now the gap monitors itself.
nchobah.com + 31 addon domains. Static, PHP, SEO landings. UAPI Fileman. Three lines of creds in the vault.
APIs and edge functions. Always reachable on workers.dev. Custom-domain attach needs CF as the zone NS — not where nchobah / gab44 are today.
Next.js, Docker, Python. Anouf / Nemoclaw / Jasmine. Domain points at the droplet's IP via cPanel ZoneEdit.
Every cpanel-publish call refreshes /opt/AWARENESS.md as a side-effect. The snapshot stays current as a function of activity, not time. No cron to silently die.
Survey covers: domain DNS resolution, cPanel webroot state, Cloudflare worker deploy timestamps, fleet SSH reachability, running containers, vault key names, last 5 publishes. Reads in 30 seconds.
/publish-log.jsonl…Open the raw log: https://nchobah.com/publish-log.jsonl
1. Claiming "shipped" via workers.dev 200 when the user-facing URL is a real domain.
2. Adding new public routes to the nao-00 worker (already 377 routes / 5,744 lines).
3. Attaching a CF custom-domain when the zone's real NS isn't Cloudflare.
4. Concluding a capability is missing without grepping /root/secrets/all-keys.env first.
5-voice agentic council with Gmail / Notion / Calendar wired in. $1/month, cancel anytime — or $5 once, or USDC on Solana.
See the three ways in →