Data Flow

This sequence shows a typical user request with identity checks, service routing, AI/tool use, and observability/alerting.

sequenceDiagram
  participant User
  participant Traefik
  participant Auth as oauth2-proxy / NextAuth
  participant Zitadel
  participant Service as App Service (agent-studio / pmo-admin / crm)
  participant Postgres
  participant Redis
  participant Norns
  participant Bifrost
  participant Tool as Tool Service (n8n / MCP / external)
  participant Observability as Alloy -> Prometheus/Loki/Tempo
  participant Alerting as Grafana/Alertmanager
  participant Status as Uptime Kuma

  User->>Traefik: HTTPS request
  Traefik->>Auth: Forward auth
  Auth->>Zitadel: OIDC flow
  Zitadel-->>Auth: ID token
  Auth-->>Traefik: Allow + user context
  Traefik->>Service: Route request
  Service->>Postgres: Read/write data
  Service->>Redis: Cache/session
  Service->>Norns: Optional AI request
  Norns->>Bifrost: Tool lookup + policy
  Bifrost->>Tool: Execute tool (MCP/n8n)
  Tool-->>Bifrost: Result
  Bifrost-->>Norns: Tool result
  Norns-->>Service: AI response
  Service-->>User: Response
  Service-->>Observability: Logs/Metrics/Traces
  Observability-->>Alerting: Trigger alerts on rules
  Status-->>Alerting: Uptime checks signal issues

Observability and Alerting Flow

flowchart LR
  services[All Services] --> alloy[Alloy]
  alloy --> prometheus[Prometheus]
  alloy --> loki[Loki]
  alloy --> tempo[Tempo]
  prometheus --> grafana[Grafana]
  loki --> grafana
  tempo --> grafana
  grafana --> alerts[Grafana Alerts]
  uptime[Uptime Kuma] --> alerts