From 599d67db51b8a73eed9372b5d86526d405a833ae Mon Sep 17 00:00:00 2001 From: Viktor Barzin Date: Mon, 1 Jun 2026 19:51:28 +0000 Subject: [PATCH] docs(kms): self-hosted ODT bootstrapper + anonymous client telemetry (kms-diag/Loki) Co-Authored-By: Claude Opus 4.7 --- docs/runbooks/kms-public-exposure.md | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/docs/runbooks/kms-public-exposure.md b/docs/runbooks/kms-public-exposure.md index 791864b6..cc956dff 100644 --- a/docs/runbooks/kms-public-exposure.md +++ b/docs/runbooks/kms-public-exposure.md @@ -99,6 +99,21 @@ how to tune the rate limit, how to revoke if abused. bootstrap. NOTE: the changepk/ODT execution paths are unverified on real hardware (no Home/retail test box; the Pro test VM can't be switched reversibly) — syntax-checked + activation regression-tested only. +- **Self-hosted ODT bootstrapper**: the Office reinstall path fetches the Office + Deployment Tool from `https://kms.viktorbarzin.me/scripts/odt-setup.exe` (a + committed copy in `kms-website/static/scripts/`), NOT from Microsoft — + `download.microsoft.com`'s ODT URL is build-numbered and rotates every release + (the old hardcoded one 404'd). `$env:KMS_ODT_URL` overrides. The bootstrapper + self-updates the Office payload, so refresh the committed copy only occasionally. +- **Client telemetry → Loki**: the scripts POST a small ANONYMOUS diagnostics + event per run to `https://kms.viktorbarzin.me/diag` (action, outcome, error + + exit codes, EditionID/build/locale, detected Office products, script version; + NO hostname/user/keys). Fire-and-forget (3s, swallowed) — never affects + activation. `$env:KMS_NO_TELEMETRY=1` opts out; `$env:KMS_DIAG_URL` overrides. + Collector: standalone `kms-diag` Deployment (`stacks/kms`, python stdlib HTTP + on :9102) reachable via the `/diag` ingress carve-out (bypasses Anubis like + `/scripts`); it prints `KMSDIAG ` to stdout → Loki. Query in Grafana: + `{namespace="kms",pod=~"kms-diag.*"} |= "KMSDIAG"`. Disclosed in the site FAQ. ## Where the logs are