Droplet — 167.99.240.251 swap ⚠
Uptime10 hours, 21 minutes
Load (1/5/15)1.30 / 1.03 / 1.03
2 cores → 280% utilization
RAM2217 / 7941 MB (28%)
Swap435 / 2047 MB (21%)
Available RAM5724 MB
Perimeter● Zero Inbound TCP
Services all active
OpenClaw Gateway● active (2h+)
matrix-c2 × ghost● active (7h+)
matrix-c2 × smith● active (7h+)
matrix-c2 × q● active (7h+)
matrix-c2 × diz● active (7h+)
Archon UI● healthy (6h+)
Archon MCP● healthy (6h+)
Archon Server● healthy (6h+)
Cloudflare Tunnel● active
Fail2ban● 2 jails, 0 bans
Integrity Monitor● every 20m
Listening Ports (Droplet) loopback only
tcp127.0.0.1:3101docker-proxy (Archon)
tcp127.0.0.1:8181docker-proxy (Archon)
tcp127.0.0.1:8051docker-proxy (Archon MCP)
tcp127.0.0.1:3737docker-proxy (Archon UI)
tcp127.0.0.1:18792openclaw-gateway
tcp127.0.0.1:18791openclaw-gateway
tcp127.0.0.1:18789openclaw-gateway (main)
udp0.0.0.0:5353openclaw-gateway (mDNS)
All bound to 127.0.0.1 — no external exposure
OSINT VPS — 37.60.239.211 idle
Uptime8h 25m
Load0.16
RAM962 / 11,960 MB (8%)
Disk15G / 96G (16%)
Swap0 MB
Perimeter● Zero Inbound TCP
Tor Exit185.220.101.1
Fleet Pods 6/6 running
| Pod | CPU | RAM | Network I/O | Uptime |
|---|
| 🔧 |
diz-ops-pod |
0.01% |
136MB |
128MB / 342kB |
7 hours |
| 🌀 |
commander-osint-pod |
0.02% |
101MB |
82.3MB / 18.4MB |
3 hours |
| 👻 |
ghost-stealth-pod |
0.01% |
50MB |
0B / 0B |
7 hours |
| 🚪 |
q-strike-pod |
0.01% |
31MB |
3.09kB / 126B |
7 hours |
| 👁️ |
smith-intel-pod |
0.01% |
24MB |
38.2MB / 435kB |
7 hours |
| 🎨 |
pixel-dev-pod |
0.01% |
14MB |
62.7MB / 962kB |
7 hours |
Total pod RAM: ~356MB / 11.9GB available
Tailscale Mesh 4/5 online
vmi3155149100.73.127.12linux -
commander-cloud100.90.243.60linux active; direct 35.232.19
iphone-14-pro100.75.61.91iOS -
openclaw-portal100.87.144.46linux -
osint-vps100.124.4.128linux offline, last se
Auth: diz-matrix@github │ Expires: 2026-09-10
Cloudflare Edge — diz.zone 9.0
SSL Strict
TLS 1.2+1.3
DNSSEC active
HSTS 1yr
Always HTTPS
X-Content-Type nosniff
Token ⚠ compromised
No CSP
No X-Frame-Options
X-Powered-By: Express
DNS Records1 (panel CNAME)
Tunnels1 active (panel-tunnel)
WAF Rules0/5 (free tier)
Monitor Engine v2 running
Total Checks186
Alerts Fired1
Interval60s
StorageSQLite (persistent)
TargetsGCP×5 + Panel + Mesh×3
Rate-of-Change● active
TG Push Alerts● not configured
[2026-03-15 19:03:04] CHECK: prod-2:9090 -> 200 (600ms)
[2026-03-15 19:03:04] CHECK: panel.diz.zone -> 403 (56ms)
Exoskeleton Score (GCP excluded)
CF Edge15%
SSL Strict, TLS 1.2+, DNSSEC, HSTS
Perimeter20%
Zero Inbound TCP on both nodes
Services15%
OpenClaw + matrix-c2×4 + Archon×3 stable
Resources10%
Swap 714MB growing, load 5.6 high
Observability10%
Monitor v2 + SSH shell + restricted-audit
DR/Backups12%
Local pg_dump only, S3 not deployed
Fleet Pods8%
6/6 pods running, 358MB total
Panel10%
Auth enforced, missing CSP/XFO headers
Trend: 6.6 → 7.2 → 7.3 → 7.5 → 8.0 → 8.7 → 8.9 → 7.8 → 8.3 → 8.6
Active Alerts
🔴 Droplet swap 714MB — was 0 this morning, accelerating
🔴 Droplet load 5.60 on 2-core — 280% CPU, needs investigation
🟡 CF API token compromised (visible in Telegram chat) — rotate now
🟡 S3 backup not deployed — only local pg_dump exists
🟡 Panel missing CSP, X-Frame-Options, Referrer-Policy headers
🟡 Monitor has no TG push — alerts accumulate silently
🟡 journalctl fully redacted — visibility gap
🟢 All 11 services active and stable (6h+)
🟢 Both nodes: zero public TCP ports
🟢 6/6 fleet pods healthy, minimal resource usage
🟢 Tailscale mesh 4/5 online, direct connections
🟢 Tor operational (exit: 185.220.101.1)