AI Memory Ops | Djalma Jr.

Production self-hosting for ai-memory on Kubernetes — a Helm chart and container images that run the engine behind OIDC, with a git→wiki ETL and a bundled web UI.

ai-memory is brilliant on a laptop and awkward on a cluster. AI Memory Ops closes that gap: it packages the engine to run on Kubernetes the way you would actually ship it — behind OIDC, with machine and human traffic split cleanly, a scheduled git→wiki ETL feeding it, and a custom web UI baked in. One helm upgrade and you have a shared, authenticated memory for your whole team.

The problem it solves

Out of the box, ai-memory has no opinion about who can reach it, how secrets are handled, or how knowledge gets in. Run it as-is on a cluster and you are improvising ingress, auth, and credential hygiene by hand. AI Memory Ops makes those decisions for you and encodes them as a chart: agents authenticate with OIDC JWTs, browsers get an interactive login, the engine’s real token never leaves the cluster, and real secrets never touch the repo.

Architecture

flowchart LR
  client([Client]) --> ingress[Traefik ingress]
  ingress -->|/web| oauth[oauth2-proxy]
  ingress -->|/mcp| auth["mcp-auth · JWT validate, inject bearer"]
  oauth --> engine["ai-memory · engine + SPA"]
  auth --> engine
  repos[(Source repos)] -->|git ETL · CronJob| engine

Two doors into one engine. /mcp is for machines: the mcp-auth sidecar validates the caller’s OIDC JWT at the edge and swaps it for the engine’s static AI_MEMORY_AUTH_TOKEN, which never leaves the pod. /web is for humans: oauth2-proxy handles the interactive OIDC login. Both land on the same ai-memory engine, which also serves the bundled SPA.

What’s in it

Helm chart (charts/ai-memory-svc) — deploys the engine plus an auth sidecar, an ETL CronJob, an optional oauth2-proxy and a Traefik ingress.
images/ai-memory — builds the engine image and can bake in a custom web-UI SPA via --web-ui-dir.
images/mcp-auth — a tiny Go sidecar that validates Keycloak/OIDC JWTs at the edge (Traefik forwardAuth) and injects the upstream bearer token for /mcp and /hook.
images/etl — a git→wiki ETL that clones source repos and ingests them into ai-memory as wiki pages, run as a CronJob.
images/mcp-write — an optional MCP write proxy for durable page writes.
deploy/rbac-deployer.yaml — a scoped Role/RoleBinding so a CI service account can helm upgrade the release without cluster-admin.

Secrets stay out of git

The chart never templates real secrets: secrets.create: false is the default, so you create them out-of-band. Environment overrides (values-*.yaml) are gitignored, and a .gitleaks.toml config plus a pre-commit hook keep credentials from ever landing in the repo. Least privilege carries through to CI, which deploys with a scoped role instead of cluster-admin.

Stack

Go, Helm, Docker, Shell and Python. The reference frontend it can bundle is AI Memory UI.

Availability

Source: github.com/djalmajr/ai-memory-ops
Related: AI Memory UI — the reference frontend

Source-available; the ai-memory engine is licensed upstream.