refactor(ansible): rename freecad_mcp env vars and rework deployment

- Drop `FREECAD_MCP_` prefix from env vars (use `FREECAD_*`) - Update freecad_mcp port from 22032 to 22061 - Document that FreeCAD bridge is required for tool calls - Replace kottos deployment with pallas deployment
2026-05-30 09:37:56 -04:00
parent bc431a3a2a
commit acf3419450
21 changed files with 876 additions and 258 deletions
--- a/ansible/kottos/fastagent.config.yaml.j2
+++ b/ansible/kottos/fastagent.config.yaml.j2
@@ -1,66 +1,64 @@
-# Kottos — fast-agent configuration (rendered by Ansible)
-# ------------------------------------------------------------------
-# Committed-to-kottos copy is the local-dev equivalent; Ansible overwrites
-# it with this rendered file on deploy.  MCP server URLs are parametrised
-# so the same template renders correctly for Ouranos (.incus) and Virgo
-# (.virgo / .taurus) — each environment's host_vars supplies the base URLs.
+# Kottos — Configuration
+# LLM provider and MCP server settings.
+# Secrets (api_key, tokens) live in fastagent.secrets.yaml (gitignored)
+#
+# This template is intended to be byte-identical between environments
+# (Virgo dev, Taurus prod). All environment-specific values come from
+# host_vars or group_vars/all/vars.yml. Do NOT introduce environment-
+# specific literals here.

-default_model: {{ kottos_default_model | default('openai.Qwen3.5-35B-A3B-UD-Q4_K_XL.gguf') }}
+# Default Model Definition
+default_model: {{ kottos_default_model }}

-# ── Model Capabilities ──────────────────────────────────────────────────────
 # Declares capabilities for models not in fast-agent's ModelDatabase.
 # vision: true adds image/jpeg, image/png, image/webp to the tokenizer list.
 model_capabilities:
-  vision: {{ kottos_model_vision | default(true) | string | lower }}
-  context_window: {{ kottos_model_context_window | default(192000) }}
-  max_output_tokens: {{ kottos_model_max_output_tokens | default(16384) }}
+  vision: {{ kottos_model_vision }}
+  context_window: {{ kottos_model_context_window }}
+  max_output_tokens: {{ kottos_model_max_output_tokens }}

-# ── LLM Providers ───────────────────────────────────────────────────────────
+# LLM Providers
+anthropic:
+  base_url: {{ kottos_anthropic_base_url }}
+generic:
+  base_url: {{ kottos_generic_base_url }}
 openai:
-  base_url: {{ kottos_openai_base_url | default('http://nyx.helu.ca:22079/v1') }}
+  base_url: {{ kottos_openai_base_url }}

+# MCP Servers — alphabetical to match the dev sample (kottos/fastagent.config.yaml)
 mcp:
  servers:
-    # ── Web search via SearXNG (argos) ───────────────────────────────────────
-    argos:
-      transport: http
-      url: "{{ kottos_argos_url | default('http://miranda.incus:25534/mcp') }}"
-
-    # ── Knowledge graph — Neo4j ──────────────────────────────────────────────
-    neo4j_cypher:
-      transport: http
-      url: "{{ kottos_neo4j_cypher_url | default('http://circe.helu.ca:22034/mcp') }}"
-
-    # ── Shell + file operations — Kernos (Caliban) ───────────────────────────
-    kernos_scotty:
-      transport: http
-      url: "{{ kottos_kernos_scotty_url | default('http://caliban.incus:22062/mcp') }}"
-      load_on_start: false
-
-    # ── Agent S computer automation — Rommie on Caliban ──────────────────────
-    rommie:
-      transport: http
-      url: "{{ kottos_rommie_url | default('http://caliban.incus:20361/mcp') }}"
-      load_on_start: false
-
-    # ── Git repository management — Gitea MCP ────────────────────────────────
-    gitea:
-      transport: http
-      url: "{{ kottos_gitea_url | default('http://miranda.incus:25535/mcp') }}"
-
-    # ── Grafana observability ───────────────────────────────────────────────
-    grafana:
-      transport: http
-      url: "{{ kottos_grafana_url | default('http://miranda.incus:25533/mcp') }}"
-
-    # ── Shell + file operations — Kernos (Korax) ─────────────────────────────
+    ## Andromeda Shell & File Operations — Kernos for Harper
+    ### Auth header provided by fastagent.secrets.yaml (per-agent Kernos token)
    andromeda:
      transport: http
-      url: "{{ kottos_kernos_harper_url | default('http://caliban.helu.ca:20261/mcp') }}"
-      load_on_start: false
+      url: "{{ kottos_andromeda_mcp_url }}"

-    # ── GitHub MCP Server (local Docker, stdio) ──────────────────────────────
-    # GITHUB_PERSONAL_ACCESS_TOKEN provided by fastagent.secrets.yaml
+    ## Argos Web Search & Page Fetch
+    ### No Auth
+    argos:
+      transport: http
+      url: "{{ kottos_argos_mcp_url }}"
+
+    ## Argus Shell & File Operations — Kernos for Scotty
+    ### Auth header provided by fastagent.secrets.yaml (per-agent Kernos token)
+    argus:
+      transport: http
+      url: "{{ kottos_argus_mcp_url }}"
+
+    ## Context7 Library/framework documentation (local stdio)
+    context7:
+      command: "npx"
+      args: ["-y", "@upstash/context7-mcp"]
+
+    ## Gitea Git Repository Management
+    ### No client auth (server-side auth only)
+    gitea:
+      transport: http
+      url: "{{ kottos_gitea_mcp_url }}"
+
+    ## GitHub MCP Server (local Docker, stdio)
+    ### GITHUB_PERSONAL_ACCESS_TOKEN provided by fastagent.secrets.yaml
    github:
      command: "docker"
      args:
@@ -71,38 +69,57 @@ mcp:
        - "GITHUB_PERSONAL_ACCESS_TOKEN"
        - "ghcr.io/github/github-mcp-server"

-    # ── Library/framework documentation — Context7 (local stdio) ─────────────
-    context7:
-      command: "npx"
-      args: ["-y", "@upstash/context7-mcp"]
+    ## Grafana Observability
+    ### No Auth
+    grafana:
+      transport: http
+      url: "{{ kottos_grafana_mcp_url }}"

-    # ── Current time and timezone (local stdio) ──────────────────────────────
-    time:
-      command: "mcp-server-time"
-      args: ["--local-timezone={{ kottos_timezone | default('America/Toronto') }}"]
+    ## Korax Shell & File Operations — Kernos for CASE
+    ### Auth header provided by fastagent.secrets.yaml (per-agent Kernos token)
+    korax:
+      transport: http
+      url: "{{ kottos_korax_mcp_url }}"
+      load_on_start: false

-    # ── Mnemosyne knowledge search — workspace-scoped ────────────────────────
-    # Auth is a long-lived team JWT supplied by fastagent.secrets.yaml
-    # (forward_inbound_auth=false — Mnemosyne validates the team JWT).
+    ## Mnemosyne Knowledge Library — workspace-scoped
+    ### Auth is a long-lived team JWT rendered into fastagent.secrets.yaml from
+    ### the OCI Vault entry {env}-mnemosyne-kottos-token.
    mnemosyne:
      transport: http
-      url: "{{ kottos_mnemosyne_url | default('https://mnemosyne.ouranos.helu.ca/mcp/') }}"
+      url: "{{ kottos_mnemosyne_mcp_url }}"

-    # ── Kottos internal sub-agents ───────────────────────────────────────────
-    # These stay on localhost regardless of environment — Pallas serves the
-    # sub-agents on the same host as the top-level agents.
+    ## Neo4j Cypher Memory Graph
+    neo4j_cypher:
+      transport: http
+      url: "{{ kottos_neo4j_mcp_url }}"
+
+    ## Kottos internal sub-agents
+    ### Research (Web, Knowledge)
    research:
      transport: http
-      url: "http://localhost:{{ kottos_research_port | default(24150) }}/mcp"
+      url: "{{ kottos_research_mcp_url }}"

+    ## Rommie Agent S Computer Use Agent
+    rommie:
+      transport: http
+      url: "{{ kottos_rommie_mcp_url }}"
+      load_on_start: false
+
+    ### Research (Web, Context7)
    tech_research:
      transport: http
-      url: "http://localhost:{{ kottos_tech_research_port | default(24151) }}/mcp"
+      url: "{{ kottos_tech_research_mcp_url }}"
+
+    ## Current time and time calculator (local stdio)
+    time:
+      command: "{{ kottos_directory }}/.venv/bin/mcp-server-time"
+      args: ["--local-timezone={{ kottos_timezone | default('America/Toronto') }}"]

 logger:
-  type: none
-  level: {{ kottos_fastagent_log_level | default('info') }}
-  progress_display: false
-  show_chat: false
-  show_tools: false
+  type: console
+  level: info
+  progress_display: true
+  show_chat: true
+  show_tools: true
  truncate_tools: true