feat(ansible): standardize Neo4j ports and add monitoring

- Unify Neo4j HTTP/Bolt/syslog ports across ariel and umbriel hosts - Add neo4j_metrics_port (22094) for APOC exporter sidecar - Add umbriel to Prometheus node_exporter targets - Add Neo4j scrape config and alerts for tx rollback rate and stalled store growth - Replace kernos_harper MCP with andromeda (caliban.helu.ca) - Remove angelia MCP from kottos fastagent config - Switch neo4j group membership from keeper_user to ponos
2026-05-22 22:19:13 -04:00
parent 698ceacb74
commit 43fae203d1
9 changed files with 458 additions and 20 deletions
--- a/ansible/neo4j/docker-compose.yml.j2
+++ b/ansible/neo4j/docker-compose.yml.j2
@@ -1,6 +1,7 @@
 services:
  neo4j:
-    image: neo4j:{{neo4j_image_version}}
+    image: neo4j:{{neo4j_version}}
+    pull_policy: always
    container_name: neo4j
    restart: unless-stopped
    ports:
@@ -11,9 +12,11 @@ services:
      - neo4j_logs:/logs
      - neo4j_plugins:/plugins
    environment:
-      NEO4J_AUTH: "{{neo4j_auth_user}}/{{neo4j_auth_password}}"
-      # APOC Plugin
-      NEO4J_PLUGINS: '["apoc"]'
+      NEO4J_AUTH: "{{neo4j_user}}/{{neo4j_password}}"
+      # APOC Plugin — core ("apoc") is required by apoc-extended.
+      # Listing only apoc-extended fails to expose apoc.version(),
+      # apoc.coll.*, apoc.date.* — declare both.
+      NEO4J_PLUGINS: '["apoc", "apoc-extended"]'
      NEO4J_apoc_export_file_enabled: "true"
      NEO4J_apoc_import_file_enabled: "true"
      NEO4J_apoc_import_file_use__neo4j__config: "true"
@@ -25,7 +28,31 @@ services:
        syslog-format: "{{syslog_format}}"
        tag: "neo4j"

+  neo4j-exporter:
+    image: stscoundrel/neo4j-apoc-exporter:v0.1.0
+    restart: unless-stopped
+    ports:
+      - "{{neo4j_metrics_port}}:17687"
+    environment:
+      - NEO4J_URI=bolt://neo4j:7687
+      - NEO4J_USER={{neo4j_user}}
+      - NEO4J_PASSWORD={{neo4j_password}}
+      - EXPORTER_PORT=17687
+    depends_on:
+      - neo4j
+    logging:
+      driver: syslog
+      options:
+        syslog-address: "tcp://127.0.0.1:{{neo4j_syslog_port}}"
+        syslog-format: "{{syslog_format}}"
+        tag: "neo4j-exporter"
+
 volumes:
  neo4j_data:
+    driver: local
+    driver_opts:
+      type: none
+      device: {{neo4j_directory}}/data
+      o: bind
  neo4j_logs:
  neo4j_plugins: