Single-Command Host Stack
make stack-up brings the entire AuroraSOC stack up on a developer laptop in
host mode (no full Docker compose needed for the application code itself).
make stack-down stops everything that make stack-up started, and
make stack-status prints a single status table you can paste into bug
reports.
What it manages
| Component | Source | Port(s) | Managed by stack-up |
|---|---|---|---|
| Ollama | host daemon (ollama serve) | 11434 | Verified only |
| Postgres | docker-compose.dev.yml | ${DEV_PG_PORT:-55432} | Yes |
| Redis | docker-compose.dev.yml | ${DEV_REDIS_PORT:-6381} | Yes |
| NATS | docker-compose.dev.yml | ${DEV_NATS_PORT:-4222} | Yes |
| Alembic | alembic upgrade head | — | Yes (one-shot) |
| MCP domains | aurorasoc.tools.mcp_launcher | 8101–8115 | Yes |
| FastAPI | aurorasoc.api.main:app | ${API_PORT:-8001} | Yes |
| A2A agent mesh | scripts/run_local_agents.py | 9000–9010, 9012, 9015, 9016 | Yes |
| Agent task worker | aurorasoc.workers.agent_task_worker | — | Yes |
| Next dashboard | dashboard (Next.js dev) | ${DASHBOARD_PORT:-3100} | Yes |
Prerequisites
- Ollama daemon running with
granite3.2:8bpulled (make ollama-pull-granite). - A working Python virtualenv at
./.venvwithpip install -e ".[dev]". - Dashboard deps installed (
make dashboard-install). - Docker (or podman) available locally.
Bring everything up
make ollama-serve # (separate terminal, or already running as a service)
make stack-up
make agents-smoke # confirm the LLM chat path is green for all 14 agents
make stack-up is idempotent. If a component is already listening on its
expected port the script skips it. The host launcher defaults to real mode,
defaults MCP health probing to true, and treats Alembic failures as fatal so
the stack cannot come up against a stale or broken schema.
If your .env is still tuned for showcase or dry-run work, the host launcher
overrides only the runtime-critical pieces for this path:
STACK_SYSTEM_MODE=realSTACK_MCP_HEALTH_PROBE_ENABLED=trueSTACK_LOCAL_AUTH_ENABLED=true
Use those STACK_* variables if you want to override the host launcher
without rewriting .env.
Optional Log Bridges
If you want the live-fire host to feed local telemetry into AuroraSOC before you
start exercising it from Kali, run the matching VS Code tasks after make stack-up:
Bridge local host logs into AuroraSOC SIEMBridge Suricata EVE into AuroraSOC
Both bridge tasks source .env first and use AURORA_USER /
AURORA_PASSWORD for API login, falling back to admin /
admin123! only when those variables are unset.
The Suricata bridge expects a live EVE file at /var/log/suricata/eve.json.
If that file does not exist yet, start Suricata on the host first and then
rerun Bridge Suricata EVE into AuroraSOC.
Tear it down
make stack-down
# or to keep postgres/redis/nats running for the next iteration:
KEEP_INFRA=1 make stack-down
make stack-down kills the application processes by their PID files in
.stack/ and (unless KEEP_INFRA=1) takes the compose infra down.
Inspect status
$ make stack-status
Component Status Detail
---------------------- ---------- ------
Ollama up 127.0.0.1:11434
Compose infra up pg:55432 redis:6381 nats:4222
MCP domains up pid=219601 15/15 ports
API up pid=219842 :8001
Agent mesh up pid=220117 14/14 ports
Agent task worker up pid=220381
Dashboard up pid=220944 :3100
A down row means the component's TCP port is not listening. Logs for the
managed processes live under .stack/:
| File | Contents |
|---|---|
.stack/api.log | Uvicorn / FastAPI logs |
.stack/agents.log | A2A mesh logs (orchestrator + 13 specialists) |
.stack/worker.log | Agent task worker / queued automation execution |
.stack/dashboard.log | Next.js dev server |
.stack/migrations.log | Alembic upgrade output |
.stack/mcp/*.log | One log file per MCP domain server |
Customising ports
Every port is overridable from the environment. Defaults are chosen to avoid common conflicts on developer laptops:
API_PORT=8002 DASHBOARD_PORT=3200 DEV_PG_PORT=55433 make stack-up
The compose infra ports (DEV_PG_PORT, DEV_REDIS_PORT, DEV_NATS_PORT)
are forwarded into docker-compose.dev.yml.
The launcher sources .env automatically before resolving defaults, so host
mode uses the same connection, credentials, and port settings as the rest of
the repo while still forcing the host-run path into real-mode defaults.
Troubleshooting
| Symptom | Fix |
|---|---|
Ollama is NOT reachable on stack-up | Run make ollama-serve in a separate terminal first. |
API never listens on :8001 | Check .stack/api.log — most often a Postgres connection error. |
MCP domains stay down | Inspect .stack/mcp/*.log; host-run agents require the localhost MCP servers, not Compose DNS names. |
stack-up stops at migrations in real mode | Check .stack/migrations.log and fix the schema/env mismatch before retrying. |
Mesh listens on :9000 but agents-smoke fails | Run make llm-doctor to confirm BeeAI ↔ Ollama plumbing. |
| Playbooks or dispatches never execute | Check .stack/worker.log and confirm Agent task worker is up in make stack-status. |
Dashboard build error after stack-up | make dashboard-install then re-run make stack-up. |