refactor: update project references from Agathos to Ouranos across documentation and configuration files

README.md

@@ -13,7 +13,7 @@ Containers are named after moons of Uranus and resolved via the `.incus` DNS dom
 
 ## Quick Start
 
-ℹ️ The Ansible virtual environment is expected at `~/env/agathos/bin/activate`.
+ℹ️ The Ansible virtual environment is expected at `~/env/ouranos/bin/activate`.
 
 ```bash
 # Provision containers
@@ -22,7 +22,7 @@ terraform init && terraform apply
 
 # Configure services
 cd ../ansible
-source ~/env/agathos/bin/activate
+source ~/env/ouranos/bin/activate
 ansible-playbook site.yml
 ```
 

ansible/haproxy/deploy.yml

@@ -72,7 +72,7 @@
         openssl req -x509 -nodes -days 365 -newkey rsa:2048
         -keyout {{ haproxy_cert_path }}
         -out {{ haproxy_cert_path }}
-        -subj "/C=US/ST=State/L=City/O=Agathos/CN=*.{{ haproxy_domain }}"
+        -subj "/C=US/ST=State/L=City/O=Ouranos/CN=*.{{ haproxy_domain }}"
         -addext "subjectAltName=DNS:*.{{ haproxy_domain }},DNS:{{ haproxy_domain }}"
       when: not cert_file.stat.exists and 'certbot' not in services
 

ansible/haproxy/haproxy.cfg.j2

@@ -1,4 +1,4 @@
-# HAProxy configuration for Agathos Titania
+# HAProxy configuration for Ouranos Titania
 # Managed by Ansible - Red Panda Approved
 
 global

ansible/inventory/group_vars/all/vars.yml

@@ -10,11 +10,11 @@ keeper_group: robert
 keeper_home: /srv/ponos
 watcher_user: poros
 watcher_uid: 520
-deployment_environment: "agathos"
+deployment_environment: "ouranos"
 ansible_python_interpreter: /usr/bin/python3
 
 # Incus configuration (matches terraform.tfvars)
-incus_project_name: agathos
+incus_project_name: ouranos
 incus_storage_pool: default
 
 # Gitea Runner
@@ -89,7 +89,7 @@ rabbitmq_permissions:
 smtp_host: oberon.incus
 smtp_port: 22025
 smtp_from: noreply@ouranos.helu.ca
-smtp_from_name: "Agathos"
+smtp_from_name: "Ouranos"
 
 # Release directory paths
 github_dir: ~/gh

ansible/inventory/host_vars/oberon.incus.yml

@@ -92,7 +92,7 @@ searxng_group: searxng
 searxng_directory: /srv/searxng
 searxng_port: 22083
 searxng_base_url: http://oberon.incus:22083/
-searxng_instance_name: "Agathos Search"
+searxng_instance_name: "Ouranos Search"
 searxng_secret_key: "{{ vault_searxng_secret_key }}"
 
 # SearXNG OAuth2-Proxy Sidecar

ansible/pplg/deploy.yml

@@ -423,7 +423,7 @@
       openssl req -x509 -nodes -days 365 -newkey rsa:2048
       -keyout {{pplg_haproxy_cert_path}}
       -out {{pplg_haproxy_cert_path}}
-      -subj "/C=US/ST=State/L=City/O=Agathos/CN=*.{{pplg_haproxy_domain}}"
+      -subj "/C=US/ST=State/L=City/O=Ouranos/CN=*.{{pplg_haproxy_domain}}"
       -addext "subjectAltName=DNS:*.{{pplg_haproxy_domain}},DNS:{{pplg_haproxy_domain}}"
     when: "'titania.incus' not in groups['ubuntu']"
     args:

ansible/roles/incus_storage_bucket/defaults/main.yml

@@ -3,7 +3,7 @@
 
 # Incus configuration (should match terraform.tfvars)
 storage_pool: default
-project_name: agathos
+project_name: ouranos
 bucket_role: admin
 
 # Service-specific variables (must be provided)

ansible/roles/incus_storage_bucket/meta/main.yml

@@ -2,7 +2,7 @@
 # Role metadata and dependencies
 
 galaxy_info:
-  author: Agathos Project
+  author: Ouranos Project
   description: Manages Incus S3-compatible storage buckets with Ansible Vault credential storage
   license: MIT
   min_ansible_version: "2.9"

ansible/sandbox_down.yml

@@ -1,5 +1,5 @@
 ---
-- name: Stop Agathos Sandbox Uranian Hosts
+- name: Stop Ouranos Sandbox Uranian Hosts
   hosts: localhost
   gather_facts: false
   vars:
@@ -16,7 +16,7 @@
   tasks:
     - name: Stop Uranian host containers
       ansible.builtin.command:
-        cmd: incus stop {{ item }} --project agathos
+        cmd: incus stop {{ item }} --project ouranos
       loop: "{{ uranian_hosts }}"
       register: stop_result
       failed_when: stop_result.rc != 0 and 'not running' not in stop_result.stderr

ansible/sandbox_up.yml

@@ -1,5 +1,5 @@
 ---
-- name: Start Agathos Sandbox Uranian Hosts
+- name: Start Ouranos Sandbox Uranian Hosts
   hosts: localhost
   gather_facts: false
   vars:
@@ -16,7 +16,7 @@
   tasks:
     - name: Start Uranian host containers
       ansible.builtin.command:
-        cmd: incus start {{ item }} --project agathos
+        cmd: incus start {{ item }} --project ouranos
       loop: "{{ uranian_hosts }}"
       register: start_result
       failed_when: start_result.rc != 0 and 'already running' not in start_result.stderr

docs/_template.md

@@ -1,6 +1,6 @@
 # Service Documentation Template
 
-This is a template for documenting services deployed in the Agathos sandbox. Copy this file and replace placeholders with service-specific information.
+This is a template for documenting services deployed in the Ouranos sandbox. Copy this file and replace placeholders with service-specific information.
 
 ---
 

docs/ansible.md

@@ -1,6 +1,6 @@
 # Ansible Project Structure - Best Practices
 
-This document describes the clean, maintainable Ansible structure implemented in the Agathos project. Use this as a reference template for other Ansible projects.
+This document describes the clean, maintainable Ansible structure implemented in the Ouranos project. Use this as a reference template for other Ansible projects.
 
 ## Overview
 
@@ -661,17 +661,17 @@ casdoor_s3_region: "us-phoenix-1"
 **OCI Vault Organization**:
 ```
 OCI Compartment: production
-├── Vault: agathos-databases
+├── Vault: ouranos-databases
 │   ├── Secret: postgres-admin-password
 │   └── Secret: casdoor-db-password
 │
-├── Vault: agathos-services  
+├── Vault: ouranos-services  
 │   ├── Secret: casdoor-s3-access-key
 │   ├── Secret: casdoor-s3-secret-key
 │   ├── Secret: casdoor-s3-bucket
 │   └── Secret: openwebui-db-password
 │
-└── Vault: agathos-integrations
+└── Vault: ouranos-integrations
     ├── Secret: apikey-openai
     └── Secret: apikey-anthropic
 ```
@@ -713,7 +713,7 @@ ansible-playbook remove_s3.yml -e bucket_name=casdoor -e service_name=casdoor
 - Incus CLI must be configured and accessible
 
 **What Gets Created**:
-1. Incus storage bucket in project `agathos`, pool `default`
+1. Incus storage bucket in project `ouranos`, pool `default`
 2. Admin access key for the bucket
 3. Encrypted vault entries: `vault_<service>_s3_access_key`, `vault_<service>_s3_secret_key`, `vault_<service>_s3_bucket`
 
@@ -764,5 +764,5 @@ src: "{{playbook_dir}}/{{inventory_hostname_short}}/config.j2"
 ---
 
 **Last Updated**: December 2025  
-**Project**: Agathos Infrastructure  
+**Project**: Ouranos Infrastructure  
 **Approval**: Red Panda Approved™

docs/anythingllm.md

@@ -98,7 +98,7 @@ No Terraform changes required—AnythingLLM uses port 22084 within Rosalind's ex
 
 ```bash
 cd ansible
-source ~/env/agathos/bin/activate
+source ~/env/ouranos/bin/activate
 
 # Deploy PostgreSQL database first (if not already done)
 ansible-playbook postgresql/deploy.yml

docs/casdoor.md

@@ -1,6 +1,6 @@
 # Casdoor SSO Identity Provider
 
-Casdoor provides Single Sign-On (SSO) authentication for Agathos services. This document covers the design decisions, architecture, and deployment procedures.
+Casdoor provides Single Sign-On (SSO) authentication for Ouranos services. This document covers the design decisions, architecture, and deployment procedures.
 
 ## Design Philosophy
 

docs/cerbot.md

@@ -16,7 +16,7 @@ This playbook deploys certbot with the Namecheap DNS plugin for DNS-01 validatio
 
 ### Titania (ouranos.helu.ca)
 
-Production deployment providing Let's Encrypt certificates for the Agathos sandbox HAProxy reverse proxy.
+Production deployment providing Let's Encrypt certificates for the Ouranos sandbox HAProxy reverse proxy.
 
 | Setting | Value |
 |---------|-------|

docs/daedalus.md

@@ -1,6 +1,6 @@
 # Daedalus — Deployment Requirements
 
-All infrastructure runs within the Agathos Incus sandbox. Hosts are resolved via DNS using the `.incus` suffix.
+All infrastructure runs within the Ouranos Incus sandbox. Hosts are resolved via DNS using the `.incus` suffix.
 
 ---
 
@@ -24,7 +24,7 @@ backend daedalus
 **Requirements:**
 - ACL entry in the HAProxy `frontend https` block
 - Backend definition with health check on `/api/health`
-- Casdoor application configured for `daedalus.ouranos.helu.ca` (same pattern as other Agathos services)
+- Casdoor application configured for `daedalus.ouranos.helu.ca` (same pattern as other Ouranos services)
 - TLS certificate covering `daedalus.ouranos.helu.ca` (wildcard or SAN)
 
 ---

docs/documentation_style_guide.html

@@ -57,7 +57,7 @@
     <div class="container-fluid">
         <nav class="navbar navbar-dark bg-dark rounded mb-4">
             <div class="container-fluid">
-                <a class="navbar-brand" href="agathos.html">
+                <a class="navbar-brand" href="ouranos.html">
                     <i class="bi bi-arrow-left"></i> Back to Main Documentation
                 </a>
                 <div class="navbar-nav d-flex flex-row">
@@ -72,7 +72,7 @@
 
         <nav aria-label="breadcrumb">
             <ol class="breadcrumb">
-                <li class="breadcrumb-item"><a href="agathos.html"><i class="bi bi-house-door"></i> Main Documentation</a></li>
+                <li class="breadcrumb-item"><a href="ouranos.html"><i class="bi bi-house-door"></i> Main Documentation</a></li>
                 <li class="breadcrumb-item active" aria-current="page">Style Guide</li>
             </ol>
         </nav>

docs/gitea_mcp.md

@@ -1,6 +1,6 @@
 # Gitea MCP Server - Red Panda Approved™
 
-Model Context Protocol (MCP) server providing programmatic access to Gitea repositories, issues, and pull requests. Deployed as a Docker container on Miranda (MCP Docker Host) in the Agathos sandbox.
+Model Context Protocol (MCP) server providing programmatic access to Gitea repositories, issues, and pull requests. Deployed as a Docker container on Miranda (MCP Docker Host) in the Ouranos sandbox.
 
 ---
 
@@ -612,7 +612,7 @@ The Gitea MCP Server exposes these resources and tools via the MCP protocol:
 
 The assistant can interact with Gitea repositories through natural language:
 - "List all repositories in the organization"
-- "Show me open issues in the agathos repository"
+- "Show me open issues in the ouranos repository"
 - "Create an issue about improving documentation"
 - "Search for 'ansible' in repository code"
 
@@ -714,10 +714,10 @@ rate({job="syslog", container_name="gitea-mcp"} |= "error" [5m])
 
 ## Related Documentation
 
-### Agathos Infrastructure
+### Ouranos Infrastructure
-- [Agathos Overview](agathos.md) - Complete infrastructure documentation
+- [Ouranos Overview](ouranos.md) - Complete infrastructure documentation
 - [Ansible Best Practices](ansible.md) - Deployment patterns and structure
-- [Miranda Host](agathos.md#miranda---mcp-docker-host) - MCP Docker host details
+- [Miranda Host](ouranos.md#miranda---mcp-docker-host) - MCP Docker host details
 
 ### Related Services
 - [Gitea Service](gitea.md) - Gitea server deployment and configuration
@@ -753,7 +753,7 @@ docker inspect gitea-mcp | jq '.[0].Config.Image'
 ---
 
 **Last Updated**: February 2026  
-**Project**: Agathos Infrastructure  
+**Project**: Ouranos Infrastructure  
 **Host**: Miranda (MCP Docker Host)  
 **Status**: Red Panda Approved™ ✓
 

docs/gitea_runner.md

@@ -14,7 +14,7 @@ The name "act" comes from [nektos/act](https://github.com/nektos/act), an open-s
 4. Logs and status are streamed back to Gitea in real time
 5. The container is destroyed after the job completes
 
-### Architecture in Agathos
+### Architecture in Ouranos
 
 ```
 Gitea (Rosalind)                    Act Runner (Puck)

docs/github_mcp.md

@@ -58,7 +58,7 @@ The GitHub MCP server requires a **read-only Personal Access Token (PAT)** with
 
 1. Navigate to GitHub Settings → Developer settings → Personal access tokens → Tokens (classic)
 2. Click "Generate new token (classic)"
-3. Set name: `Agathos GitHub MCP - Read Only`
+3. Set name: `Ouranos GitHub MCP - Read Only`
 4. Set expiration: Custom or 90 days (recommended)
 5. Select scopes: `public_repo`, `read:org`, `read:user`
 6. Click "Generate token"
@@ -158,7 +158,7 @@ client = openai.OpenAI(
 ### Deploy GitHub MCP Server
 
 ```bash
-cd /home/robert/dv/agathos/ansible
+cd /home/robert/dv/ouranos/ansible
 ansible-playbook github_mcp/deploy.yml
 ```
 
@@ -319,7 +319,7 @@ Useful Loki queries in Grafana:
 ## Security Considerations
 
 ✔ **Read-Only PAT** - Server uses minimal scopes, cannot modify repositories  
-✔ **Network Isolation** - Only accessible within Agathos network (miranda.incus)  
+✔ **Network Isolation** - Only accessible within Ouranos network (miranda.incus)  
 ✔ **Vault Storage** - PAT stored encrypted in Ansible Vault  
 ✔ **No Public Exposure** - MCP endpoint not exposed to internet  
 ⚠️ **PAT Rotation** - Consider rotating PAT every 90 days  
@@ -340,5 +340,5 @@ Useful Loki queries in Grafana:
 - [GitHub MCP Server Repository](https://github.com/github/github-mcp-server)
 - [Model Context Protocol Specification](https://modelcontextprotocol.io/)
 - [MCPO Documentation](https://github.com/open-webui/mcpo)
-- [Agathos README](../../README.md)
+- [Ouranos README](../../README.md)
-- [Agathos Sandbox Documentation](../sandbox.html)
+- [Ouranos Sandbox Documentation](../sandbox.html)

docs/grafana_mcp.md

@@ -419,4 +419,4 @@ If this fails, check:
 - [Grafana MCP Server](https://github.com/grafana/mcp-grafana) — Upstream project
 - [Model Context Protocol Specification](https://modelcontextprotocol.io/)
 - [Ansible Practices](ansible.md)
-- [Agathos Overview](agathos.md)
+- [Ouranos Overview](ouranos.md)

docs/hass.md

@@ -2,7 +2,7 @@
 
 ## Overview
 
-[Home Assistant](https://github.com/home-assistant/core) is an open-source home automation platform. In the Agathos sandbox it runs as a native Python application inside a virtual environment, backed by PostgreSQL for state recording and fronted by HAProxy for TLS termination.
+[Home Assistant](https://github.com/home-assistant/core) is an open-source home automation platform. In the Ouranos sandbox it runs as a native Python application inside a virtual environment, backed by PostgreSQL for state recording and fronted by HAProxy for TLS termination.
 
 **Host:** Oberon  
 **Role:** container_orchestration  

docs/kb/Docker Compose doesn't pull newer images for existing tags.md

@@ -84,7 +84,7 @@ Valid values for `pull`:
 
 They are independent mechanisms. The Ansible `pull` parameter runs a pull step before compose up, regardless of what the compose file says. Belt and suspenders.
 
-# Agathos Fix
+# Ouranos Fix
 
 Applied to `ansible/gitea_mcp/` as the first instance. The same pattern should be applied to any service using mutable tags (`:latest`, `:stable`, etc.).
 

docs/kb/Docker won't start inside Incus container.md

@@ -56,8 +56,8 @@ If you need to fix this manually (e.g., before running Terraform/Ansible):
 
 ```bash
 # On the HOST (pan.helu.ca), not in the container
-incus config set <container-name> raw.lxc "lxc.apparmor.profile=unconfined" --project agathos
+incus config set <container-name> raw.lxc "lxc.apparmor.profile=unconfined" --project ouranos
-incus restart <container-name> --project agathos
+incus restart <container-name> --project ouranos
 ```
 
 ## Step 2: Disable AppArmor for Docker inside the container

docs/mcpo.md

@@ -2,7 +2,7 @@
 
 ## Overview
 
-MCPO is an OpenAI-compatible proxy that aggregates multiple Model Context Protocol (MCP) servers behind a single HTTP endpoint. It acts as the central MCP gateway for the Agathos sandbox, exposing tools from 13 MCP servers through a unified REST API with interactive Swagger documentation.
+MCPO is an OpenAI-compatible proxy that aggregates multiple Model Context Protocol (MCP) servers behind a single HTTP endpoint. It acts as the central MCP gateway for the Ouranos sandbox, exposing tools from 13 MCP servers through a unified REST API with interactive Swagger documentation.
 
 **Host:** miranda.incus  
 **Role:** MCP Docker Host  
@@ -300,4 +300,4 @@ ssh miranda.incus "ss -tlnp | grep 25530"
 - **MCPO Repository**: https://github.com/nicobailey/mcpo
 - **MCP Specification**: https://modelcontextprotocol.io/
 - [Ansible Practices](ansible.md)
-- [Agathos Overview](agathos.md)
+- [Ouranos Overview](ouranos.md)

docs/neo4j.md

@@ -280,4 +280,4 @@ See [Neo4j MCP documentation](#neo4j-mcp-servers) for deployment details.
 - [APOC Library Documentation](https://neo4j.com/labs/apoc/)
 - [Terraform Practices](../terraform.md)
 - [Ansible Practices](../ansible.md)
-- [Sandbox Overview](../agathos.html)
+- [Sandbox Overview](../ouranos.html)

docs/nextcloud.md

@@ -229,7 +229,7 @@ Nextcloud requires a PostgreSQL database on Portia. This is automatically create
 resource "incus_storage_volume" "nextcloud_data" {
   name    = "nextcloud-data"
   pool    = "default"
-  project = "agathos"
+  project = "ouranos"
   config = { size = "100GB" }
 }
 ```

docs/oauth2_proxy.md

@@ -8,7 +8,7 @@ It acts as a reverse proxy that requires users to authenticate via Casdoor befor
 accessing the upstream service.
 
 This document describes the generic approach for adding OAuth2-Proxy authentication
-to any service in the Agathos infrastructure.
+to any service in the Ouranos infrastructure.
 
 ## Architecture
 

docs/ouranos.html

@@ -459,7 +459,7 @@ terraform apply
 
 # Start all containers
 cd ../ansible
-source ~/env/agathos/bin/activate
+source ~/env/ouranos/bin/activate
 ansible-playbook sandbox_up.yml
 
 # Deploy all services

docs/ouranos.md

@@ -185,7 +185,7 @@ terraform apply
 
 # Start all containers
 cd ../ansible
-source ~/env/agathos/bin/activate
+source ~/env/ouranos/bin/activate
 ansible-playbook sandbox_up.yml
 
 # Deploy all services

docs/postgresql.md

@@ -2,7 +2,7 @@
 
 ## Overview
 
-PostgreSQL 17 serves as the primary relational database engine for the Agathos sandbox. There are **two separate deployment playbooks**, each targeting a different host with a distinct purpose:
+PostgreSQL 17 serves as the primary relational database engine for the Ouranos sandbox. There are **two separate deployment playbooks**, each targeting a different host with a distinct purpose:
 
 | Playbook | Host | Purpose |
 |----------|------|---------|

docs/rabbitmq.md

@@ -2,7 +2,7 @@
 
 ## Overview
 
-RabbitMQ 3 (management-alpine) serves as the central message broker for the Agathos sandbox, providing AMQP-compliant message queuing for asynchronous communication between services. The deployment includes the management web interface for monitoring and administration.
+RabbitMQ 3 (management-alpine) serves as the central message broker for the Ouranos sandbox, providing AMQP-compliant message queuing for asynchronous communication between services. The deployment includes the management web interface for monitoring and administration.
 
 **Host:** Oberon (container_orchestration)  
 **Role:** Message broker for event-driven architectures  
@@ -542,5 +542,5 @@ Each service operates in its own virtual host:
 ---
 
 **Last Updated**: February 12, 2026  
-**Project**: Agathos Infrastructure  
+**Project**: Ouranos Infrastructure  
 **Approval**: Red Panda Approved™

docs/smtp4dev.md

@@ -2,7 +2,7 @@
 
 ## Overview
 
-smtp4dev is a fake SMTP server for development and testing. It accepts all incoming email without delivering it, capturing messages for inspection via a web UI and IMAP client. All services in the Agathos sandbox that send email (Casdoor, Gitea, etc.) are wired to smtp4dev so email flows can be tested without a real mail server.
+smtp4dev is a fake SMTP server for development and testing. It accepts all incoming email without delivering it, capturing messages for inspection via a web UI and IMAP client. All services in the Ouranos sandbox that send email (Casdoor, Gitea, etc.) are wired to smtp4dev so email flows can be tested without a real mail server.
 
 **Host:** Oberon (container_orchestration)  
 **Web UI Port:** 22085 → `https://smtp4dev.ouranos.helu.ca`  
@@ -48,7 +48,7 @@ smtp4dev connection details are defined once in `ansible/inventory/group_vars/al
 | `smtp_host` | `oberon.incus` | SMTP server hostname |
 | `smtp_port` | `22025` | SMTP server port |
 | `smtp_from` | `noreply@ouranos.helu.ca` | Default sender address |
-| `smtp_from_name` | `Agathos` | Default sender display name |
+| `smtp_from_name` | `Ouranos` | Default sender display name |
 
 Any service that needs to send email references these shared variables rather than defining its own SMTP config. This means switching to a real SMTP server only requires changing `group_vars/all/vars.yml`.
 
@@ -115,7 +115,7 @@ The Casdoor email provider is declared in `ansible/casdoor/init_data.json.j2` an
   "port": 22025,
   "disableSsl": true,
   "fromAddress": "noreply@ouranos.helu.ca",
-  "fromName": "Agathos"
+  "fromName": "Ouranos"
 }
 ```
 

docs/terraform.md

@@ -28,9 +28,9 @@ Never rely solely on implicit resource ordering for critical infrastructure. Cod
 
 ## Repository Strategy
 
-### Agathos (Sandbox)
+### Ouranos (Sandbox)
 
-Agathos is the **Sandbox repository** — isolated, safe for external demos, and uses local state.
+Ouranos is the **Sandbox repository** — isolated, safe for external demos, and uses local state.
 
 | Aspect | Decision |
 |--------|----------|
@@ -78,7 +78,7 @@ A pattern is a good module candidate when it meets these criteria:
 
 ### The `incus_host` Module
 
-The standard container provisioning pattern extracted from Agathos:
+The standard container provisioning pattern extracted from Ouranos:
 
 **Inputs:**
 - `hosts` — Map of host definitions (name, role, image, devices, config)
@@ -123,7 +123,7 @@ Key differences in tfvars:
 
 ## State Management
 
-### Sandbox (Agathos)
+### Sandbox (Ouranos)
 
 Local state is acceptable because:
 - Environment is ephemeral
@@ -154,10 +154,10 @@ terraform {
 
 ### Terraform → DHCP/DNS
 
-The `agathos_inventory` output provides host information for DHCP/DNS provisioning:
+The `ouranos_inventory` output provides host information for DHCP/DNS provisioning:
 
 1. Terraform creates containers with cloud-init
-2. `agathos_inventory` output includes hostnames and IPs
+2. `ouranos_inventory` output includes hostnames and IPs
 3. MAC addresses registered in DHCP server
 4. DHCP server creates DNS entries (`hostname.incus` domain)
 5. Ansible uses DNS names for host connectivity
@@ -185,7 +185,7 @@ ubuntu:
 The `ssh_key_update.sh` script demonstrates proper integration:
 
 ```bash
-terraform output -json agathos_inventory | jq -r \
+terraform output -json ouranos_inventory | jq -r \
   '.uranian_hosts.hosts | to_entries[] | "\(.key) \(.value.ipv4)"' | \
   while read hostname ip; do
     ssh-keyscan -H "$ip" >> ~/.ssh/known_hosts
@@ -198,7 +198,7 @@ terraform output -json agathos_inventory | jq -r \
 All infrastructure changes flow through this pipeline:
 
 ```
-Agathos (Sandbox)
+Ouranos (Sandbox)
     ↓ Validate pattern works
     ↓ Extract to module if reusable
 Dev
@@ -213,7 +213,7 @@ Prod
     ↓ Deploy from tested artifacts
 ```
 
-**Critical:** Nothing starts in Prod. Every change originates in Agathos, is validated through the pipeline, and only then deployed to production.
+**Critical:** Nothing starts in Prod. Every change originates in Ouranos, is validated through the pipeline, and only then deployed to production.
 
 ### Promotion Includes
 
@@ -224,12 +224,12 @@ When promoting Terraform changes, always update corresponding:
 
 ## Output Conventions
 
-### `agathos_inventory`
+### `ouranos_inventory`
 
 The primary output for documentation and DNS integration:
 
 ```hcl
-output "agathos_inventory" {
+output "ouranos_inventory" {
   description = "Host inventory for documentation and DHCP/DNS provisioning"
   value = {
     uranian_hosts = {

terraform/main.tf

@@ -1,6 +1,6 @@
-resource "incus_project" "agathos" {
+resource "incus_project" "ouranos" {
   name        = var.project_name
-  description = "Agathos Project"
+  description = "Ouranos Project"
   remote      = "local"
   config = {
     "features.storage.volumes" = true

terraform/outputs.tf

@@ -12,14 +12,14 @@ output "uranian_hosts" {
 }
 
 output "project_info" {
-  description = "Agathos project information"
+  description = "Ouranos project information"
   value = {
-    name        = incus_project.agathos.name
+    name        = incus_project.ouranos.name
-    description = incus_project.agathos.description
+    description = incus_project.ouranos.description
   }
 }
 
-output "agathos_inventory" {
+output "ouranos_inventory" {
   description = "Host inventory for documentation (sandbox.html) and DHCP/DNS provisioning reference"
   value = {
     uranian_hosts = {

terraform/storage.tf

@@ -1,4 +1,4 @@
-# Storage Resources for Agathos Containers
+# Storage Resources for Ouranos Containers
 # Provisions Incus storage volumes and S3 buckets with access keys
 
 # Storage volume for Nextcloud data

terraform/variables.tf

@@ -1,7 +1,7 @@
 variable "project_name" {
   description = "Name of the Incus project for sandbox environment"
   type        = string
-  default     = "agathos"
+  default     = "ouranos"
 }
 
 variable "profile_name" {