Cloud Assets — Zap Projects

Overview

This page is the operational map for cloud shutdown work. It is intentionally broader than just droplets: the real retirement problem includes AWS VMs, DigitalOcean Spaces, AWS S3, snapshots, volumes, IPs, and security/DNS dependencies that can keep costs or hidden coupling alive.

Preserve first

Object storage should be treated as valuable until copied and verified on NAS.

Inventory before shutdown

No VM should be retired until domains, services, data, and access paths are documented.

API-first discovery

DigitalOcean and AWS APIs should provide the initial host and asset list before password hunting.

VM Inventory

Known and suspected cloud VMs that need migration or shutdown planning.

Provider	Name	Region	Public IP	Role	Domains / Services	Access	Replacement	Priority	Status
DigitalOcean	do1 Legacy VM	lon1	46.101.36.93	Inventory needed	Unknown Tagged live/main. Legacy image snapshot name suggests long-lived manual history.	Unknown; check SSH key access	Assess then migrate or retire	Medium	Needs service inventory
DigitalOcean	do2 Legacy VM	lon1	46.101.42.129	Inventory needed	Unknown Tagged dev/staging/test. Likely a lower-risk migration candidate once confirmed.	Unknown; check SSH key access	Assess then migrate or retire	Medium	Needs service inventory
DigitalOcean	do3 Legacy VM	lon1	134.209.19.190, 206.189.244.94	Inventory needed	Unknown Tagged cardora_2_live. Has private networking and two public IPv4 addresses.	Unknown; check SSH key access	Assess then migrate or retire	Medium	Needs service inventory
DigitalOcean	do4 Legacy VM	lon1	134.209.19.215	Inventory needed	Unknown Tagged dev02. Candidate for early retirement if lightly used.	Unknown; check SSH key access	Assess then migrate or retire	Medium	Needs service inventory
DigitalOcean	do5 Legacy VM Open droplet page →	lon1	178.128.43.182	Legacy multi-site host pending duplication onto phoebe.lan	do5.cardora.co do5.speakez.chat do5-sgvm.storage.cardora.co do5-ports.getzap.net CentOS 7.7 host with Apache, MariaDB, Samba, legacy /wp1, and several vhosts. First per-droplet detail page now captures the deeper inventory.	SSH works as jd with password from /home/jd/.credentials; key auth not yet confirmed	Duplicate onto phoebe.lan, likely via staged extraction using du1 as a jump path where needed	High	Dedicated detail page live; deeper migration inventory in progress
DigitalOcean	du1.tektonicsolutions.com Production VM	lon1	161.35.36.240, 139.59.196.129	Production hosting	www.philanthropy-planner.com philanthropy-planner.com www.philoenic.com concerts.freebyrd.live Precious production box. DO API shows two public IPv4 addresses and private networking in lon1.	SSH key likely; sudo password documented	Protected replacement program on phoebe.lan	Protected	Do not retire yet
DigitalOcean	du2 Dev/Staging VM	lon1	142.93.45.250, 68.183.253.79	Dev/staging hosting	dev.philoenic.com dev.sso.merlin-ai.com Documented EOL-sensitive runtime: Ubuntu 20.04 / PHP 8.1. DO API also shows a second public IPv4 address and private networking.	SSH key likely; sudo password documented	Fresh Ubuntu 24.04 VM on phoebe.lan	High	Replace soon
AWS	Unknown AWS VM #1 EC2 instance	Unknown	Unknown	Inventory pending	Unknown Needs AWS inventory to identify exact purpose and dependencies.	Unknown	Assess then migrate or retire	High	Needs API inventory
AWS	Unknown AWS VM #2 EC2 instance	Unknown	Unknown	Inventory pending	Unknown Needs AWS inventory to identify exact purpose and dependencies.	Unknown	Assess then migrate or retire	High	Needs API inventory

Object Storage

DigitalOcean Spaces and AWS S3 should be preserved and inventoried before any service shutdown or cost-cutting change.

Provider	Name	Region	Usage	Importance	Migration Target	Status	Notes
DigitalOcean	Spaces inventory pending (not exposed in current API summary) Object storage	Unknown	Likely archival or app-linked assets; confirm via dashboard or Spaces-specific tooling	Important	NAS archive and possibly MinIO on LAN	Inventory needed	Do not retire until bucket names, sizes, and consumers are known. Current DO API pass confirmed droplets and supporting assets but not bucket contents.
AWS	S3 inventory pending Object storage	Unknown	Precious videos and documents likely present	Critical	NAS archival copy before any lifecycle changes	Inventory needed	Treat as preserve-first until bucket contents and usage are verified.

Supporting Assets

Cloud costs and hidden dependencies often persist in surrounding resources rather than the VMs themselves.

Provider	Category	Status	Required Action
DigitalOcean	Account SSH keys (4 keys)	Inventory complete	Compare the 4 DO account SSH keys with local ~/.ssh material and droplet access attempts
DigitalOcean	Snapshots / firewalls / floating IPs / VPC / projects	Inventory complete	Current counts: 19 snapshots, 5 firewalls, 3 floating IPs, 1 VPC, 3 projects. Map each asset to droplets before shutdown sequencing.
DigitalOcean	Domains	No domains in account API list	Assume DNS may be external (for example Namecheap) and verify public hostnames outside DO before cutover planning.
AWS	Security groups / EBS / snapshots / Elastic IPs / Route53	Inventory pending	Capture during AWS CLI/API discovery to avoid hidden dependencies

Next Steps

The first implementation is intentionally manual-first so the inventory can start immediately. The next operational steps are:

Locate or create a DigitalOcean personal access token and inventory droplets, Spaces, SSH public keys, firewalls, volumes, and related assets.
Locate AWS credentials and inventory EC2, EBS, Elastic IPs, security groups, S3 buckets, and Route53 dependencies where relevant.
Try key-based SSH access to each VM before any password hunting.
Replace unknown rows on this page with concrete asset names, regions, IPs, and migration/retirement status.
Copy object storage to NAS and verify contents before any bucket shutdown or lifecycle changes.

DigitalOcean token note: if no existing token or doctl config is present locally, a new personal access token will need to be created manually in the DigitalOcean dashboard.