feat(alloy): add journal relabeling and kottos integration on puck

Introduce structured journal relabel rules on puck to tag Pallas-managed units with {service, project, component} labels matching the Mnemosyne and Daedalus schema. Add kottos release variable and vault secrets example entries for the new Pallas FastAgent runtime. Remove the defunct mnemosyne syslog listener now that Mnemosyne ships JSON logs via the docker-socket pipeline.
2026-05-11 13:54:14 -04:00
parent e92ab80bbf
commit 8c95173705
19 changed files with 1336 additions and 27 deletions
--- a/ansible/kottos/fastagent.config.yaml.j2
+++ b/ansible/kottos/fastagent.config.yaml.j2
@@ -0,0 +1,114 @@
+# Kottos — fast-agent configuration (rendered by Ansible)
+# ------------------------------------------------------------------
+# Committed-to-kottos copy is the local-dev equivalent; Ansible overwrites
+# it with this rendered file on deploy.  MCP server URLs are parametrised
+# so the same template renders correctly for Ouranos (.incus) and Virgo
+# (.virgo / .taurus) — each environment's host_vars supplies the base URLs.
+
+default_model: {{ kottos_default_model | default('openai.Qwen3.5-35B-A3B-UD-Q4_K_XL.gguf') }}
+
+# ── Model Capabilities ──────────────────────────────────────────────────────
+# Declares capabilities for models not in fast-agent's ModelDatabase.
+# vision: true adds image/jpeg, image/png, image/webp to the tokenizer list.
+model_capabilities:
+  vision: {{ kottos_model_vision | default(true) | string | lower }}
+  context_window: {{ kottos_model_context_window | default(192000) }}
+  max_output_tokens: {{ kottos_model_max_output_tokens | default(16384) }}
+
+# ── LLM Providers ───────────────────────────────────────────────────────────
+openai:
+  base_url: {{ kottos_openai_base_url | default('http://nyx.helu.ca:22079/v1') }}
+
+mcp:
+  servers:
+    # ── Web search via SearXNG (argos) ───────────────────────────────────────
+    argos:
+      transport: http
+      url: "{{ kottos_argos_url | default('http://miranda.incus:25534/mcp') }}"
+
+    # ── Knowledge graph — Neo4j ──────────────────────────────────────────────
+    neo4j_cypher:
+      transport: http
+      url: "{{ kottos_neo4j_cypher_url | default('http://circe.helu.ca:22034/mcp') }}"
+
+    # ── Shell + file operations — Kernos (Caliban) ───────────────────────────
+    kernos_scotty:
+      transport: http
+      url: "{{ kottos_kernos_scotty_url | default('http://caliban.incus:22062/mcp') }}"
+      load_on_start: false
+
+    # ── Agent S computer automation — Rommie on Caliban ──────────────────────
+    rommie:
+      transport: http
+      url: "{{ kottos_rommie_url | default('http://caliban.incus:20361/mcp') }}"
+      load_on_start: false
+
+    # ── Git repository management — Gitea MCP ────────────────────────────────
+    gitea:
+      transport: http
+      url: "{{ kottos_gitea_url | default('http://miranda.incus:25535/mcp') }}"
+
+    # ── Grafana observability ───────────────────────────────────────────────
+    grafana:
+      transport: http
+      url: "{{ kottos_grafana_url | default('http://miranda.incus:25533/mcp') }}"
+
+    # ── Shell + file operations — Kernos (Korax) ─────────────────────────────
+    kernos_harper:
+      transport: http
+      url: "{{ kottos_kernos_harper_url | default('http://korax.helu.ca:20261/mcp') }}"
+      load_on_start: false
+
+    # ── Angelia messaging ───────────────────────────────────────────────────
+    # Auth header provided by fastagent.secrets.yaml (vault-rendered).
+    angelia:
+      transport: http
+      url: "{{ kottos_angelia_url | default('https://ouranos.helu.ca/mcp/') }}"
+
+    # ── GitHub MCP Server (local Docker, stdio) ──────────────────────────────
+    # GITHUB_PERSONAL_ACCESS_TOKEN provided by fastagent.secrets.yaml
+    github:
+      command: "docker"
+      args:
+        - "run"
+        - "-i"
+        - "--rm"
+        - "-e"
+        - "GITHUB_PERSONAL_ACCESS_TOKEN"
+        - "ghcr.io/github/github-mcp-server"
+
+    # ── Library/framework documentation — Context7 (local stdio) ─────────────
+    context7:
+      command: "npx"
+      args: ["-y", "@upstash/context7-mcp"]
+
+    # ── Current time and timezone (local stdio) ──────────────────────────────
+    time:
+      command: "mcp-server-time"
+      args: ["--local-timezone={{ kottos_timezone | default('America/Toronto') }}"]
+
+    # ── Mnemosyne knowledge search — workspace-scoped ────────────────────────
+    # Auth is a long-lived team JWT supplied by fastagent.secrets.yaml
+    # (forward_inbound_auth=false — Mnemosyne validates the team JWT).
+    mnemosyne:
+      transport: http
+      url: "{{ kottos_mnemosyne_url | default('https://mnemosyne.ouranos.helu.ca/mcp/') }}"
+
+    # ── Kottos internal sub-agents ───────────────────────────────────────────
+    # These stay on localhost regardless of environment — Pallas serves the
+    # sub-agents on the same host as the top-level agents.
+    research:
+      transport: http
+      url: "http://localhost:{{ kottos_research_port | default(24150) }}/mcp"
+
+    tech_research:
+      transport: http
+      url: "http://localhost:{{ kottos_tech_research_port | default(24151) }}/mcp"
+
+logger:
+  type: none
+  level: {{ kottos_fastagent_log_level | default('info') }}
+  progress_display: false
+  show_chat: false
+  show_tools: false
+  truncate_tools: true