Olympus docs

Appearance

Quick start

The fastest reliable way to get a full Olympus running is the sandbox AWS deploy: a unified environment we provision end-to-end — a real 2-node kubeadm cluster on EC2, the dashboard via its Helm chart, and Let's Encrypt TLS — served at a domain you control. Because the whole stack is created and configured by the deploy itself, it reproduces exactly as specified and doesn't depend on your local machine's toolchain.

Where it ends up

You get the full group-chat dashboard at https://<your-domain>/ with auth, approvals, the capabilities consoles, and (optionally) the HPC pages and NetDB over MCP — the same thing running at demo.0lympu5.com.

Prerequisites

  • OS: Linux. Only tested on Ubuntu 24.04. Other operating systems or distributions aren't guaranteed to work.
  • AWS credentials for the target account (~/.aws or AWS_* env).
  • A domain in a Cloudflare zone + an API token with Zone:DNS:Edit.
  • Terraform ≥ 1.6, Ansible, curl, ssh on the machine you run the deploy from (these only drive the deploy — the stack itself runs on AWS).

Deploy

bash
git clone <the sandbox repo> && cd <sandbox>

# 1. configure — copy the template and fill in YOUR values
cp inf/env.sh.template inf/env.sh
$EDITOR inf/env.sh        # at minimum: TF_VAR_dns_hostname, a Cloudflare
                          # token + zone id, AWS creds

# 2. preflight — read-only checks (tools, creds, DNS token, config)
./inf/preflight.sh

# 3. deploy — terraform (cluster + DNS) then ansible (kubeadm + Olympus + TLS)
./inf/deploy.sh           # ~15-20 min; the image builds on the worker, cert issues

# 4. verify — DNS, TLS, /healthz, dashboard
./inf/verify.sh
# → open https://<your dns_hostname>/

That's it — one command brings up the cluster, deploys Olympus, and fronts it with TLS. deploy.sh runs preflight before applying and verify.sh after.

Options worth knowing

  • Router — defaults to manual (deterministic keyword routing, no LLM key needed). Set OLYMPUS_ROUTER=llm + a provider key in inf/env.sh to exercise the LLM-driven agents and the group-chat coordinator.
  • Login — set DEPLOY_AUTH_ALLOWED_DOMAINS (+ the Google/SMTP secrets) to gate the dashboard; leave it for a closed setup.
  • Redeploy / tear down./inf/deploy.sh --fresh (clean rebuild), --ansible-only (re-run the playbook), --destroy (tear down). The optional persistent NetDB/DNS server comes up once with ./inf/deploy.sh netdb-up.

Every configurable value is documented in Configuration; the full operator runbook is in Deployment.