feat(alloy): add journal relabeling and kottos integration on puck
Introduce structured journal relabel rules on puck to tag Pallas-managed
units with {service, project, component} labels matching the Mnemosyne
and Daedalus schema. Add kottos release variable and vault secrets
example entries for the new Pallas FastAgent runtime.
Remove the defunct mnemosyne syslog listener now that Mnemosyne ships
JSON logs via the docker-socket pipeline.
This commit is contained in:
33
ansible/kottos/kottos.service.j2
Normal file
33
ansible/kottos/kottos.service.j2
Normal file
@@ -0,0 +1,33 @@
|
||||
[Unit]
|
||||
Description=Kottos — Pallas FastAgent runtime ({{ kottos_host | default(inventory_hostname) }})
|
||||
After=network.target
|
||||
Wants=network-online.target
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
User={{ kottos_user }}
|
||||
Group={{ kottos_group }}
|
||||
WorkingDirectory={{ kottos_directory }}
|
||||
EnvironmentFile={{ kottos_directory }}/.env
|
||||
ExecStart={{ kottos_directory }}/.venv/bin/pallas
|
||||
Restart=always
|
||||
RestartSec=5
|
||||
|
||||
# Journal is the durable sink (Alloy picks up via loki.source.journal and
|
||||
# relabels SyslogIdentifier=kottos into {service="pallas", project="kottos"}
|
||||
# for Loki). Stdout from pallas is already JSON thanks to
|
||||
# PALLAS_LOG_STDOUT=1 set in the .env file.
|
||||
StandardOutput=journal
|
||||
StandardError=journal
|
||||
SyslogIdentifier=kottos
|
||||
|
||||
# Pallas needs to reach localhost sibling agents + upstream MCP servers
|
||||
# and read its own .venv / agents.yaml / config files. No hardening flags
|
||||
# that would block those paths.
|
||||
NoNewPrivileges=false
|
||||
ProtectSystem=false
|
||||
ProtectHome=false
|
||||
PrivateTmp=false
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
Reference in New Issue
Block a user