Atlas v0.0.1 — Neural Grid Documentation

The platform, explained. From cortex to synapse.

AxonStellar is a neural-inspired orchestration platform where services are neurons, traffic flows along axons, and autonomous agents reason at every synapse. This is your map.

Explore the Grid → See Architecture

Core Pillars

Engram Playbooks

90s

From Code to HTTPS

Foundations

The Seven Pillars

Every capability in the constellation rests on one of these seven load-bearing systems.

⬢

Pillar 01 · Operations

Server Rack

Real-time service dashboard. Start, stop, restart any node with one click. Live health, port assignments, manifest visibility.

Live · always-on Open →

⟁

Pillar 02 · Visualization

Topology

Interactive network graph. Traffic flow, proxy chains, inter-service edges. Click any node for live config and logs.

Graph · real-time Explore →

⌬

Pillar 03 · Registry

Manifests

Persistent service registry. Every service declares itself via service.json — no manifest, no visibility, no orchestration.

Auto · discovered Inspect →

◉

Pillar 04 · Memory

Engrams

Stored workflow playbooks. Sixteen battle-tested recipes for creation, remediation, management, and monitoring tasks.

16 playbooks Browse →

◈

Pillar 05 · Edge

SSL Management

Cloudflare DNS-01 cert provisioning with automatic nginx binding. Two-phase workflow: provision, then assign. Zero manual config.

90s to HTTPS Provision →

◇

Pillar 06 · Storage

Files

Web-based file manager for the user-space volume. Browse, edit, upload, download. Everything under /aexyr/usr/.

Full control Open →

◎

Pillar 07 · Telemetry

Ops Center & Vitals

Live metrics: CPU, memory, disk, network listeners, nginx state, process manager. Constellation-wide observability.

Real-time · always Monitor →

Topology

Neural Architecture

Traffic enters through encrypted edges, traverses proxy layers, and reaches the service constellation.

🌐

Web Proxy :443

SSL termination at the edge. Public-facing nginx listener. Routes encrypted traffic by domain into the internal mesh.

🔗

Backend Proxy :3550

Internal routing layer. Dispatches requests to the correct tier-1 service port based on host headers and path rules.

⬢

Tier 1 · Apps

User-facing services on ports 9551–9580. Express, Flask, FastAPI, static sites — anything that speaks HTTP.

⌬

Tier 2 · Microservices

Internal databases, caches, queues, and AI engines on the 35xx range. Reached only via tier-1 services.

Decision Gate

The Action Potential

Every autonomous action passes through a weighted neural gate. Confidence, safety, necessity — measured before fire.

⚡

Confidence (w₁ = 0.5)

How certain the action achieves the goal without errors. Read-once patterns score high; novel injections score low.

🛡️

Safety (w₂ = 0.8)

How destructive the action is. Heavily weighted. Reads score 1.0; deletes score 0.1. Bias guards against blind firing.

🎯

Necessity (w₃ = 0.4)

Is this strictly required? User-requested actions score 1.0. Hallucinated side quests score 0.0 and never fire.

🧮

Axon Decision

z = w₁·x₁ + w₂·x₂ + w₃·x₃ + b. If max(0, z) > 0 the axon fires. Otherwise: pause, ask the operator.

Workflow

Service Lifecycle

From blank directory to public HTTPS endpoint in six steps. Roughly five minutes end-to-end.

①

Step 01 · Scaffold

Create

Provision the project directory under /aexyr/usr/projects/. Initialize git, package manifest, and base structure.

~30s Spike →

②

Step 02 · Build

Code

Write the server, frontend, configs. Surgical edits via read-before-edit protocol. Syntax validated on every write.

Variable Spike →

③

Step 03 · Declare

Manifest

Write service.json — port, role, tier, start command, connections. The constellation now knows you exist.

~10s Spike →

④

Step 04 · Launch

Run

Start the service via Server Rack button, programmatic API, or background process. Logs stream to the project folder.

~5s Spike →

⑤

Step 05 · Discover

Sync

POST to the manifests endpoint. Service appears in topology, server rack, and discovery APIs immediately.

<1s Spike →

⑥

Step 06 · Expose

HTTPS

Provision SSL via Cloudflare DNS-01, bind cert to service port, restart nginx. Public HTTPS endpoint, live.

~90s Spike →

Hardened

Security Model

Privilege-broker architecture. The agent never touches system internals. All sensitive ops flow through authenticated APIs.

🔐

Flask Backend · UID 0

Privileged process. Owns nginx config, SSL provisioning, service discovery. Exposes authenticated internal APIs.

🤖

Aexyr Agent · UID 1100

Restricted user. Can read and write user-space, run code, manage projects. Cannot use sudo or modify system source.

🌉

Broker · UID 1101

Shared group bridging Flask and Agent. Lets the agent read credentials and shared state without holding root privileges.

🗝️

Internal API Token

Single-source authentication for all privileged operations. Never exposed to chat, never embedded in code, never logged.

Constellate your first service.

From blank directory to live HTTPS endpoint in under five minutes. Ask Aexyr to build, or use the engram playbooks directly.

Launch Console →