docs: comprehensive update — bring all Agent OS docs current for LLM onboarding

All files were 5-7 weeks stale. Updated brain.md (complete service/agent/VPN/cron
inventory), identity.md (current expertise + infra context), CLAUDE.md (full agent
ecosystem table, Citadel tool registry, gotchas), README.md (LLM quick-start guide),
all memory files (current projects, decisions, constraints, persistent facts), and
infra-monitor skill.md (current container list with criticality tiers).

Also fixed: git remote switched from HTTP+embedded-token to SSH, removed references
to decommissioned services (Netbird, WireGuard, Flowise, Zabbix), corrected Ollama
IP (172.27.40.20), TrueNAS IP (172.27.40.220), and added 20+ services/agents that
were built since the last commit.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

memory/constraints.md

@@ -1,13 +1,41 @@
 # Constraints
 
 Hard limits agents must respect. Never work around these without explicit user confirmation.
-Last updated: 2026-04-30
+Last updated: 2026-06-19
 
 ---
 
-- Never take destructive or irreversible action without explicit confirmation (delete, overwrite, drop, reset, force push)
-- Never store credentials in output files, logs, or generated markdown — reference their location instead
-- Never skip git hooks or bypass signing
-- TrueNAS is on new hardware — use 172.27.40.220 (Servers40) for services, 172.27.6.221 for management/API
+## Destructive actions
+- Never delete or overwrite files without explicit confirmation
+- Never restart or stop services without explicit confirmation
+- Never drop, reset, or modify databases without explicit confirmation
+- Never force push to git or bypass hooks
+- Never run `pfctl` commands on OPNsense (risk of locking out remote access)
+
+## Credentials
+- All credentials live in `~/.nxm-keys` (chmod 600) — ONLY location
+- Never store credentials in output files, logs, generated markdown, .env files, or code
+- Reference the file location, never the values
+- TrueNAS IPs: 172.27.40.220 (Servers40 data) / 172.27.6.221 (management/API)
+
+## Infrastructure
 - Linux server (172.27.40.3) has no GPU — never schedule LLM inference to run locally there
+- Ollama runs on 172.27.40.20 (Windows 11 Pro) — not on the Docker host
 - Docker Compose only — no Kubernetes, no Swarm
+- Docker proxy network (172.22.0.0/16) cannot reach OPNsense API at 172.27.6.1 — always run OPNsense API scripts from the host
+- NPM handles SSL termination — internal services always use HTTP
+
+## Agent-specific
+- **maester-reports:** restart clears in-memory cache → re-parses all evidence PDFs via Claude Opus vision (Anthropic API cost). Avoid unnecessary restarts.
+- **NocoDB:** RvDM personal birthday DB ONLY — never suggest for any Nexum project. Nexum data layer = Directus.
+- **Open WebUI → Citadel MCP:** auth_type must be `none`. Empty bearer key generates illegal header → silent connection failure.
+- **Qyburn task specs:** never embed code in the description field — use plain English only (14b models explain code instead of writing it)
+
+## External communication
+- Never send any external message (email, webhook, Discord notification) without explicit confirmation
+- Notifications always route through Raven (http://raven-notify:8400)
+- Never expose services publicly without confirming NPM + Cloudflare + firewall implications
+
+## Naming
+- S2S = always suggest Site-to-Site VPN (not Road Warrior) for permanent infrastructure endpoints
+- Use `.50+` IP range for non-firewall infrastructure devices on S2S tunnels