chore(ansible): centralize third-party Docker image versions

Add centralized image version variables in group_vars/all/vars.yml for vulnerability tracking and controlled upgrades of third-party Docker images (casdoor, flower, grafana-mcp, gitea-mcp, neo4j, memcached, nginx, oauth2-proxy, rabbitmq, searxng). Update vault.yml accordingly.
2026-05-03 18:57:58 -04:00
parent 2be323f27e
commit 4ae6379613
11 changed files with 681 additions and 497 deletions
--- a/terraform/containers.tf
+++ b/terraform/containers.tf
@@ -60,6 +60,23 @@ EOT
        }
      }]
    }
+    umbriel = {
+      description = "Neo4j Host (Mnemosyne) - Dusky sprite keeping the memory graph"
+      role        = "graph_database"
+      image       = "noble"
+      config      = {
+        "security.nesting" = true
+        "raw.lxc"          = "lxc.apparmor.profile=unconfined"
+      }
+      devices = [{
+        name = "neo4j_ports"
+        type = "proxy"
+        properties = {
+          listen  = "tcp:0.0.0.0:25555"
+          connect = "tcp:127.0.0.1:25555"
+        }
+      }]
+    }
    miranda = {
      description = "Dedicated Docker Host for MCP Servers - Curious bridge between worlds"
      role        = "mcp_docker_host"