Management Console

The dynamic management dashboard and WebMCP server for Pharos.

While this site (iamrichardd.com/pharos/) provides static documentation and architectural guidance, the Pharos Console is the dynamic interface used for managing your infrastructure in real-time.

What is the Pharos Console?

The Pharos Console is the Agent-Native Control Plane of your lab. It serves as the primary Human/AI Interface, transforming the high-performance RFC 2378 engine into an actionable, resource-first command center. Rather than relying solely on the CLI, the Web Console provides a unified, real-time view of your inventory, node telemetry, and security configuration directly from your browser.

Key Features

  • WebMCP Gateway: A secure JSON-RPC 2.0 bridge for AI agents to interact with your lab resources.
  • Resource-First MDB: High-density inventory management with visual search and metadata “glance” blocks.
  • Identity Bonding: A “First-to-Claim” enrollment system for securing new nodes.
  • TUI/Web Hybrid: Access the full server dashboard from any browser.

AI Orchestration with WebMCP

Pharos is built for the Agent-Native era. The Console implements the Model Context Protocol (MCP) and WebMCP to allow LLMs to safely manage your lab as a first-class citizen.

How WebMCP Works

WebMCP acts as a secure bridge between your browser and an AI agent (like Gemini or Claude). Instead of the agent “scraping” the DOM, the Console exposes structured JSON-RPC tools via the /mcp endpoint.

  1. Tool Discovery: When you ask an agent to “Query my lab for Proxmox nodes,” the agent discovers and calls the query_mdb tool.
  2. Human-in-the-Loop (HitL): For destructive actions (like provision_node), the Console will trigger a browser-level confirmation modal. The agent cannot bypass your manual approval.
  3. Scoped Access: The agent only sees the tools and data you have explicitly granted access to via your current session.

Available Tools

ToolDescriptionHitL Required
query_mdbSearch machine and infrastructure records using RFC 2378 syntax.No
provision_nodeAdds a new machine record to the database.Yes
mcp.list_keysLists all SSH public keys currently authorized for write access.No
mcp.provision_keyEnrolls a new SSH public key into the security tier.Yes

Storage Tiers & Transparency

Pharos maintains strict engineering integrity by distinguishing between Home Lab and Enterprise capabilities.

Enterprise LDAP (Read-Only)

The Enterprise Tier utilizes LDAP-backed storage for seamless integration with existing corporate directories. In its current implementation, the LDAP Tier is Read-Only. This design decision ensures that Pharos can serve as a high-performance proxy for your existing source of truth without requiring administrative write-access to your corporate directory.

Home Lab (Full CRUD)

The Home Lab Tier uses a file-level, restart-survivable storage engine. This tier supports full Create, Read, Update, and Delete (CRUD) operations, allowing you to manage your lab with zero external dependencies.

Deployment & Separation

To maintain high availability, we recommend keeping these two sites separate:

  1. Documentation (This Site): Hosted on GitHub Pages or a CDN. Always available, even if your lab is offline.
  2. Management (Pharos Console): Hosted inside your private network (e.g., in a Proxmox LXC). Provides the direct interface to your pharos-server.

Running the Console

The console is included with the pharos-server binary or can be run via Node.js:

# Start the Pharos Server with the Console enabled
export PHAROS_CONSOLE_ENABLE=true
export PHAROS_CONSOLE_PORT=3000
./pharos-server

Access the dashboard at http://<your-server-ip>:3000.