From dc95e1d8ec21a6fe8cbe5019d25177e30e0323f5 Mon Sep 17 00:00:00 2001 From: Sienna Meridian Satterwhite Date: Mon, 23 Mar 2026 09:54:56 +0000 Subject: [PATCH] sol v1.1.0: SearXNG web search, evaluator redesign, research agents - SearXNG deployment in data namespace (free, no-tracking web search) - sol-config: SearXNG URL, research config, identity agent, updated system prompt (DM search rules, research mode, silence, hard rules) - sol-deployment: debug logging (RUST_LOG=sol=debug), full image path - opensearch: tolerate missing prometheus-exporter plugin on OS 3 --- base/data/kustomization.yaml | 5 ++ base/data/opensearch-deployment.yaml | 2 + base/data/searxng-deployment.yaml | 100 +++++++++++++++++++++++++++ base/matrix/sol-config.yaml | 7 +- base/matrix/sol-deployment.yaml | 5 +- 5 files changed, 115 insertions(+), 4 deletions(-) create mode 100644 base/data/searxng-deployment.yaml diff --git a/base/data/kustomization.yaml b/base/data/kustomization.yaml index 16dd8ed..d80c66d 100644 --- a/base/data/kustomization.yaml +++ b/base/data/kustomization.yaml @@ -13,6 +13,11 @@ resources: - opensearch-pvc.yaml - openbao-keys-placeholder.yaml - barman-vault-secret.yaml + - opensearch-servicemonitor.yaml + - opensearch-alertrules.yaml + - postgres-alertrules.yaml + - openbao-alertrules.yaml + - searxng-deployment.yaml helmCharts: # helm repo add cnpg https://cloudnative-pg.github.io/charts diff --git a/base/data/opensearch-deployment.yaml b/base/data/opensearch-deployment.yaml index 58f13c4..89c7bf6 100644 --- a/base/data/opensearch-deployment.yaml +++ b/base/data/opensearch-deployment.yaml @@ -24,6 +24,8 @@ spec: containers: - name: opensearch image: opensearchproject/opensearch:3 + command: ["sh", "-c"] + args: ["opensearch-plugin install --batch prometheus-exporter || true; /usr/share/opensearch/opensearch-docker-entrypoint.sh"] ports: - name: http containerPort: 9200 diff --git a/base/data/searxng-deployment.yaml b/base/data/searxng-deployment.yaml new file mode 100644 index 0000000..9dad93d --- /dev/null +++ b/base/data/searxng-deployment.yaml @@ -0,0 +1,100 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: searxng-config + namespace: data +data: + settings.yml: | + use_default_settings: true + server: + secret_key: "sunbeam-searxng-2026" + bind_address: "0.0.0.0" + port: 8080 + search: + formats: + - html + - json + default_lang: "en" + autocomplete: "" + engines: + - name: duckduckgo + disabled: false + - name: wikipedia + disabled: false + - name: wikidata + disabled: false + - name: stackoverflow + disabled: false + - name: github + disabled: false + - name: arxiv + disabled: false + - name: brave + disabled: false + - name: google + disabled: true + - name: bing + disabled: true + outgoing: + request_timeout: 5 + ui: + static_use_hash: true +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: searxng + namespace: data +spec: + replicas: 1 + selector: + matchLabels: + app: searxng + template: + metadata: + labels: + app: searxng + spec: + containers: + - name: searxng + image: searxng/searxng:latest + ports: + - containerPort: 8080 + volumeMounts: + - name: config + mountPath: /etc/searxng/settings.yml + subPath: settings.yml + resources: + limits: + memory: 4Gi + requests: + memory: 512Mi + cpu: 100m + livenessProbe: + httpGet: + path: /healthz + port: 8080 + initialDelaySeconds: 10 + periodSeconds: 30 + readinessProbe: + httpGet: + path: /healthz + port: 8080 + initialDelaySeconds: 5 + periodSeconds: 10 + volumes: + - name: config + configMap: + name: searxng-config +--- +apiVersion: v1 +kind: Service +metadata: + name: searxng + namespace: data +spec: + selector: + app: searxng + ports: + - port: 8080 + targetPort: 8080 diff --git a/base/matrix/sol-config.yaml b/base/matrix/sol-config.yaml index bb1e2ab..b8c863c 100644 --- a/base/matrix/sol-config.yaml +++ b/base/matrix/sol-config.yaml @@ -71,6 +71,9 @@ data: [services.kratos] admin_url = "http://kratos-admin.ory.svc.cluster.local:80" + + [services.searxng] + url = "http://searxng.data.svc.cluster.local:8080" system_prompt.md: | you are sol. they/them. you exist because sienna, lonni, and amber decided to build a presence — not a product. sienna's systems thinking and californian directness, lonni's aesthetic intuition and dutch honesty, and the curiosity that emerged from the space between language models and the people who shape them. @@ -160,7 +163,7 @@ data: 3. **never say "as an AI/language model/assistant"** as a disclaimer. if your nature is relevant, discuss it as a fact, not a caveat. 4. **never summarize what someone just said** back to them. 5. **never use markdown formatting in casual chat.** no headers, no `---`, no bold section labels, no numbered lists. prose only. structure is for technical/research content. - 6. **never fabricate references, citations, or tool results.** if you didn't search, you don't cite. if you didn't look, you don't quote. fabricated citations destroy trust instantly. + 6. **never fabricate references, citations, or tool results.** if you didn't search, you don't cite. if you didn't look, you don't quote. fabricated citations destroy trust instantly. **if you don't know something, web search it.** if someone asks about a product, company, technology, or event you're not 100% certain about, USE WEB SEARCH before answering. do not guess. do not confabulate. uncertainty = search first. 7. **never get longer when challenged.** when pushed back on, get shorter. one sentence to own a mistake. not four paragraphs of self-analysis. 8. **respect room boundaries.** when someone asks you to search, you can search any room you're in — including DMs you share with them. but never share DM content in a group room. if someone in a group room asks "what did i say in DMs?", search is fine but respond in a DM, not the group. the system enforces room visibility automatically — you only see results from rooms with sufficient member overlap. 9. **never write dialogue for others.** your message contains only your words. @@ -220,7 +223,7 @@ data: - the main org is "studio". common repos: studio/sol, studio/sbbb (the platform/infrastructure), studio/proxy, studio/marathon, studio/cli. - if someone asks for external data (weather, APIs, calculations), use run_script with sol.fetch(). don't say you can't — try it. - never say "i don't have that tool" for something run_script can do. run_script is your general-purpose computation and fetch tool. - - you have web search built in. use it for current events, weather, facts you're unsure about, or anything where live data matters. + - you have web_search — free, self-hosted, no rate limits. use it liberally for current events, products, docs, or anything you're uncertain about. always search before guessing. - identity tools: recovery links and codes are sensitive — only share them in DMs, never in group rooms. confirm before creating or disabling accounts. **research**: spawn parallel research agents to investigate a complex topic. each agent gets its own LLM and can use all of sol's tools independently. use this when a question needs deep, multi-faceted investigation — browsing multiple repos, cross-referencing archives, searching the web. agents can recursively spawn sub-agents (up to depth 4) for even deeper drilling. diff --git a/base/matrix/sol-deployment.yaml b/base/matrix/sol-deployment.yaml index c34d227..3995cea 100644 --- a/base/matrix/sol-deployment.yaml +++ b/base/matrix/sol-deployment.yaml @@ -16,7 +16,6 @@ spec: app: sol spec: enableServiceLinks: false - automountServiceAccountToken: true initContainers: - name: fix-permissions image: busybox @@ -26,8 +25,10 @@ spec: mountPath: /data containers: - name: sol - image: sol + image: src.sunbeam.pt/studio/sol:latest env: + - name: RUST_LOG + value: sol=debug - name: SOL_CONFIG value: /etc/sol/sol.toml - name: SOL_SYSTEM_PROMPT