Skip to content

DevOps Agent#

One of the worst jobs in the universe is SSH-ing into servers and typing df -h. Do this five days a week, fifty-two weeks a year, and you arrive at a piece of advice more important than the hitchhiker's classic "always know where your towel is": make an AI do it.

VeriTeknik's DevOps Agent is a server management layer built directly into Morpheus AI chat. No separate interface, no separate panel — you tell Morpheus "check the disk usage on my server" and it handles the rest. Like the "Don't Panic" inscription on the Hitchhiker's Guide, DevOps Agent is always calm, always in control.

Features#

SSH Connection#

Morpheus connects to your server over SSH using key-based authentication. No passwords, no insecure access — only cryptographically signed keys.

Ansible Playbooks#

Instead of typing raw commands into a blank terminal, VeriTeknik's pre-built Ansible playbooks run behind the scenes. Every operation is repeatable, logged, and tested.

OS-Aware#

Distribution Support
Ubuntu 20.04 / 22.04 / 24.04 Full
Debian 11 / 12 Full
CentOS 7 / Stream 8-9 Full
Rocky Linux 8 / 9 Full

Morpheus auto-detects your server's distribution and uses the correct package manager (apt, dnf, yum). You never have to wonder whether it's apt update or dnf upgrade — leave that kind of thinking to the Vogons.

Server Health Check#

Get a full picture of your server's status with a single command:

  • Disk usage — which disk, what percentage, estimated time until full
  • CPU & memory — real-time and trending
  • Service status — nginx, MySQL, PostgreSQL, Docker, and other services: running or not
  • Uptime and load average

Security Hardening#

Morpheus can harden your server to CIS Benchmark and VeriTeknik security standards:

  • SSH hardening — disable root login, change port, disable password auth
  • Firewall rules — open only required ports via UFW/firewalld
  • Unnecessary service shutdown — reduce attack surface
  • File permissions — audit critical file permissions

Patch Management#

  • Security updates — CVE patches, critical package updates
  • Kernel updates — reports reboot requirement
  • Scheduled updates — plan ahead: "apply security patches every Wednesday at 03:00"

Proactive Monitoring#

DevOps Agent isn't passive — it detects anomalies and warns you:

  • Capacity warnings — "85% disk usage, estimated full in 10 days"
  • Abnormal CPU/memory — "CPU has been above 95% for the last 2 hours"
  • Service crashes — "nginx stopped 3 minutes ago, would you like me to restart it?"

Unlike Marvin, it doesn't just complain — it fixes things

Proactive monitoring alerts you before problems grow. Marvin complained about the entire universe but never did anything about it — Morpheus's DevOps Agent warns you AND proposes solutions.

Security Model#

Approval-Based Execution#

Every write operation (service restart, file deletion, update) requires your approval. Morpheus never makes unauthorized changes.

You: "Apply security updates"
  ↓
Morpheus: "3 package updates available:
  - openssl 3.0.2 → 3.0.14 (CVE-2024-5535)
  - nginx 1.24.0 → 1.26.1
  - linux-image 5.15.0-91 → 5.15.0-97
  Are you sure you want to proceed?"
  ↓
You: "Yes"
  ↓
Morpheus: Runs playbook → Reports results

Observe-Only Mode#

Want to connect to your server but ensure nothing gets changed? Enable Observe-only mode. In this mode, Morpheus uses read-only access:

  • Disk, CPU, memory queries ✓
  • Log reading ✓
  • Service status checks ✓
  • Service restarts ✗
  • Package updates ✗
  • File modifications ✗

Semantic Command Classification#

Morpheus understands the intent behind commands. If you attempt rm -rf / — and we'd rather not ask why — Morpheus won't run it. Dangerous commands are semantically classified and blocked.

Category Behavior
Read-only (df, top, cat log) Runs directly
Service management (restart, reload) Requires approval
System changes (update, config changes) Requires approval + OTP
Dangerous (rm -rf, dd, mkfs) Blocked

Key Rotation#

SSH keys are automatically renewed. Old keys are deactivated, new ones are injected. You don't need to manage this process manually — there are better uses for your time, like reading the Hitchhiker's Guide.

Split-View Terminal#

When working with the DevOps Agent, your screen splits in two:

  • Left panel: Morpheus AI chat — where you type commands and review results
  • Right panel: Live terminal output — playbook output, log streams, real-time results

Think of it as Ford Prefect reading the Guide with one hand while drinking a Pan-Galactic Gargle Blaster with the other — two things at once, both fully under your control.

Audit Trail#

Every command, every operation, every approval — all recorded:

  • Who ran it
  • What was executed
  • When it happened
  • Result — success or failure
  • Approval status — approved or rejected

Logs are written to PCI-DSS compliant, write-only Elasticsearch. They cannot be deleted or modified. More meticulous than Vogon bureaucracy itself.

Audit logs cannot be deleted

The immutable audit trail is designed to meet PCI-DSS 10.x requirements. No user — including admins — can delete historical operation records.

Getting Started — DevOps Agent in 4 Steps#

To connect your server to the DevOps Agent:

  1. Go to the VPS Servers page and select your server
  2. Click the DevOps Settings tab
  3. Click Enable Connection — the SSH key is automatically injected into your server
  4. Return to Hub Chat and start talking to Morpheus about your server

Automatic SSH Key Injection

When you click "Enable Connection," VeriTeknik's DevOps SSH key is automatically installed on your server. No manual configuration required on your end.

Example Flow#

You: "Check disk usage on my server"
  ↓
Morpheus → Selects appropriate Ansible playbook → Requests approval
  ↓
You approve → Playbook runs → Results reported
  ↓
Morpheus: "87% usage on /. /var/log cleanup recommended.
           Shall I proceed?"
  ↓
You: "Yes, clean it up"
  ↓
Morpheus → Runs log cleanup playbook → "87% → 34%. Cleanup complete."

Don't Panic

The DevOps Agent reduces server management to natural language. You don't need to know SSH, memorize commands, or remember distribution differences. Tell Morpheus what you need — it handles the rest. Just like the inscription on the cover of the Hitchhiker's Guide: Don't Panic.