r/ouranos
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix: update Rommie MCP URL and allowed hosts for improved access and security

Browse Source
This commit is contained in:
Robert
2026-03-26 10:38:44 +00:00
parent 6f5f610297
commit 45db26040e
4 changed files with 17 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
ansible/inventory/group_vars/all/vars.yml
View File

@@ -54,7 +54,7 @@ huggingface_mcp_token: "{{ vault_huggingface_mcp_token }}"
neo4j_mcp_url: http://circe.helu.ca:22034/mcp neo4j_mcp_url: http://circe.helu.ca:22034/mcp
nike_mcp_url: http://puck.incus:22031/mcp nike_mcp_url: http://puck.incus:22031/mcp
korax_mcp_url: http://korax.helu.ca:22021/mcp korax_mcp_url: http://korax.helu.ca:22021/mcp
rommie_mcp_url: http://caliban.incus:22031/mcp rommie_mcp_url: https://rommie.ouranos.helu.ca/mcp
freecad_mcp_url: http://caliban.incus:22032/mcp freecad_mcp_url: http://caliban.incus:22032/mcp
# Monitoring and Logging (internal endpoints on Prospero) # Monitoring and Logging (internal endpoints on Prospero)

2
ansible/inventory/host_vars/caliban.incus.yml
View File

@@ -22,7 +22,7 @@ alloy_log_level: "warn"
rommie_port: 22031 rommie_port: 22031
rommie_host: "0.0.0.0" rommie_host: "0.0.0.0"
rommie_display: ":10" rommie_display: ":10"
rommie_allowed_hosts: "caliban.incus" rommie_allowed_hosts: "caliban.incus,rommie.ouranos.helu.ca"
rommie_model: "Qwen3-VL-30B-A3B-Instruct-UD-Q5_K_XL.gguf" rommie_model: "Qwen3-VL-30B-A3B-Instruct-UD-Q5_K_XL.gguf"
rommie_model_url: "http://nyx.helu.ca:22078" rommie_model_url: "http://nyx.helu.ca:22078"
rommie_provider: "openai" rommie_provider: "openai"

6
ansible/inventory/host_vars/titania.incus.yml
View File

@@ -188,6 +188,12 @@ haproxy_backends:
health_path: "/api/" health_path: "/api/"
timeout_server: 300s # WebSocket support for HA frontend timeout_server: 300s # WebSocket support for HA frontend
- subdomain: "rommie"
backend_host: "caliban.incus"
backend_port: 22031
health_path: "/mcp"
timeout_server: 300s # SSE streaming support for MCP
- subdomain: "smtp4dev" - subdomain: "smtp4dev"
backend_host: "oberon.incus" backend_host: "oberon.incus"
backend_port: 22085 backend_port: 22085

13
docs/rommie.md
View File

@@ -59,8 +59,11 @@ Read-only tools (`get_screenshot`, `get_agent_status`) remain available while a
## Architecture ## Architecture
``` ```
External Agent (e.g., Claude / MCP Switchboard) External Agent (e.g., Claude Desktop / MCP Switchboard)
│ MCP Protocol (Streamable HTTP) │ MCP Protocol (Streamable HTTP, TLS)
│ https://rommie.ouranos.helu.ca/mcp
Titania HAProxy (TLS termination, wildcard cert)
│ http://caliban.incus:22031/mcp │ http://caliban.incus:22031/mcp
Rommie MCP Server Rommie MCP Server
@@ -98,10 +101,12 @@ All host-specific variables are set in `ansible/inventory/host_vars/caliban.incu
The MCP URL for Rommie is registered in `group_vars/all/vars.yml`: The MCP URL for Rommie is registered in `group_vars/all/vars.yml`:
```yaml ```yaml
rommie_mcp_url: http://caliban.incus:22031/mcp rommie_mcp_url: https://rommie.ouranos.helu.ca/mcp
``` ```
Consumers (e.g., MCP Switchboard, Open WebUI) reference `{{ rommie_mcp_url }}`. Consumers (e.g., MCP Switchboard, Open WebUI, Claude Desktop) reference `{{ rommie_mcp_url }}`.
The route is served via Titania's HAProxy using the existing `*.ouranos.helu.ca` Let's Encrypt wildcard certificate. No additional certificate provisioning is required.
## Service Management ## Service Management