r/mnemosyne
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

docs(mnemosyne): update integration doc for container deployment
All checks were successful
CVE Scan & Docker Build / security-scan (push) Successful in 50s
Details
CVE Scan & Docker Build / build-and-push (push) Successful in 4m2s
Details

Browse Source
This commit is contained in:
Robert Helewka
2026-05-04 08:56:49 -04:00
parent e34b7f46a5
commit de0d7a4317
2 changed files with 389 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
docs/mnemosyne_integration.md
View File

@@ -25,10 +25,13 @@ Mnemosyne exposes two interfaces for the wider Ouranos ecosystem:
### Port & URL
| Endpoint | Internal | Public (via nginx) |
| Endpoint | Internal (container) | Public (via nginx on host port 23181) |
|---|---|---|
| MCP server | `http://mcp:22091/mcp/` | `http://puck.incus:23090/mcp/` |
| Health check | `http://mcp:22091/mcp/health` | `http://puck.incus:23090/healthz` |
| Django REST API | `http://app:8000/` | `https://mnemosyne.ouranos.helu.ca/` |
| MCP server | `http://mcp:8001/mcp/` | `https://mnemosyne.ouranos.helu.ca/mcp/` |
| MCP health | `http://mcp:8001/mcp/health` | `https://mnemosyne.ouranos.helu.ca/healthz` |
| Django liveness | `http://app:8000/live/` | internal only |
| Django readiness | `http://app:8000/ready/` | internal only |
### Project structure (as built)
@@ -71,17 +74,16 @@ The `workspace_id` parameter is present on every search/discovery tool but is **
### Deployment
Separate Uvicorn process alongside Django's Gunicorn:
Production runs as four containers from a single image via `docker-compose.yaml`. The nginx `web` container is the only publicly-exposed service, listening on **host port 23181**, which HAProxy on Titania reverse-proxies as `https://mnemosyne.ouranos.helu.ca`.
```bash
# Django WSGI (existing)
gunicorn --bind :22090 --workers 3 mnemosyne.wsgi
| Container | Internal port | Role |
|-----------|--------------|------|
| `app` | 8000 | Django REST API + admin (gunicorn) |
| `mcp` | 8001 | FastMCP ASGI server (uvicorn) |
| `worker` | — | Celery worker (embedding/ingest/batch) |
| `web` | 80 → host **23181** | nginx reverse proxy + static files |
# MCP ASGI (new)
uvicorn mcp_server.asgi:app --host 0.0.0.0 --port 22091 --workers 1
```
Auth is disabled (`MCP_REQUIRE_AUTH=False`) since all traffic is internal (10.10.0.0/24).
Auth is controlled by `MCP_REQUIRE_AUTH` in `.env`. Production sets it to `True`; the internal validator and ad-hoc testing may use `False` on an isolated network.
### ⚠️ DEBUG LOG Points — MCP Server