- Add proxy devices on caliban for SSH (25512), Postgres (25515),
and three web ports (25516-25518) alongside existing RDP forward
- Remove HTTP/HTTPS proxy devices from prospero (now handled via
HAProxy on titania)
- Document Incus port forwarding ranges (25510-25599) per host in
ouranos.md and fix a typo
- Drop `FREECAD_MCP_` prefix from env vars (use `FREECAD_*`)
- Update freecad_mcp port from 22032 to 22061
- Document that FreeCAD bridge is required for tool calls
- Replace kottos deployment with pallas deployment
- Bump Qwen model from 3.5 to 3.6 and update inference endpoints
(nyx:22079→22072, pan:22078→22076) for caliban and puck hosts
- Add Rommie MCP server deployment to site.yml
- Update Rommie docs to reflect new port (20361), model versions,
and health check accepting 200/406 status codes
- Add SearXNG syslog ingestion and blackbox health probes on miranda
and rosalind for per-host attributable failure detection
- Scrape Argos MCP application metrics from miranda
- Add Pallas dashboard panels for downstream availability and turn
error ratios
Introduce structured journal relabel rules on puck to tag Pallas-managed
units with {service, project, component} labels matching the Mnemosyne
and Daedalus schema. Add kottos release variable and vault secrets
example entries for the new Pallas FastAgent runtime.
Remove the defunct mnemosyne syslog listener now that Mnemosyne ships
JSON logs via the docker-socket pipeline.
Add Jellyfin service to ansible inventory with hardware
transcoding and Casdoor SSO configuration. Configure
Alloy syslog listener to capture Jellyfin logs to Loki.
Update documentation with new service mapping and S3
bucket credential retrieval instructions.
Add `Red_Panda_Standards_Django_V1-01.md` which extends the main Red
Panda Standards with Django-specific conventions covering:
- Environment setup and pyproject.toml build backend (setuptools)
- Dependency pinning strategy (floor pin with ceiling)
- Project directory structure
- Settings, environment variable, and database configuration patterns
- Code organization, model, view, URL, and serializer conventions
- Authentication, permissions, and API design guidelines
- Testing standards and Docker/deployment practices
- Configure mnemosyne database credentials in ansible inventory
- Update postgresql playbook to provision user and database
- Add setup instructions and DB list to documentation
Add comprehensive terraform import documentation for Incus resources.
Includes syntax for importing containers with for_each keys, retrieving
image fingerprints, and specific import commands for Uranian hosts.
Covers troubleshooting for common import issues and state verification.
Removes obsolete korax.helu.ca host from ansible inventory.
Move TLS termination and reverse proxying entirely to Titania's
HAProxy, eliminating the redundant HAProxy instance on Prospero.
Backends now communicate over plain HTTP within the internal network.
- Remove HAProxy container, config, certs, and syslog from Prospero
- Remove ssl_backend flags from Titania backend definitions
- Replace pplg_haproxy_* vars with single pplg_domain variable
- Remove HAProxy syslog source from Alloy config
- Update OAuth2-Proxy to listen on all interfaces for Titania access
Added kernos_api_keys configuration variable to enable optional
request authentication via Bearer or X-Api-Key headers. Updated
Kernos documentation with setup instructions and usage examples.
Also corrected FastAPI project port assignments in Ouranos docs.
- Updated user addition tasks across multiple playbooks (mcp_switchboard, mcpo, neo4j, neo4j_mcp, openwebui, postgresql, rabbitmq, searxng, smtp4dev) to replace references to ansible_user and remote_user with keeper_user.
- Modified PostgreSQL deployment to create directories and manage files under keeper_user's home.
- Enhanced documentation to clarify account taxonomy and usage of keeper_user in playbooks.
- Introduced new deployment for Agent S, including environment setup, desktop environment installation, XRDP configuration, and accessibility support.
- Added staging playbook for preparing release tarballs from local repositories.
- Created templates for XRDP configuration and environment activation scripts.
- Removed obsolete sunwait documentation.
Replaces the minimal project description with a comprehensive README
including a component overview table, quick start instructions, common
Ansible operations, and links to detailed documentation. Aligns with
Red Panda Approval™ standards.
