# DAGI / microdao Architecture Inventory — Executive Summary

Generated: 2026-02-16
Scope basis: `docs/SESSION_STARTER.md` + repository scan + operator clarifications (current thread decisions).

## Executive Findings (Updated)
- Canonical deployment authority is **per-node compose manifests**, not a single universal file.
  - NODE1: `docker-compose.node1.yml`
  - NODE3: `docker-compose.node3.yml`
  - Staging: `docker-compose.staging.yml` (+ overrides)
- Drift-check policy should run per node against its local compose stack (services/images/ports/volumes/networks/env-nonsecret/healthcheck).
- `ingest-service`, `parser-pipeline`, `control-plane` are currently treated as **not active on NODE1**; catalog now uses lifecycle statuses (`DEPLOYED`, `DEFINED`, `PLANNED/EXTERNAL`).
- NATS canonical run subject policy is set to:
  - publish: `agent.run.requested.{agent_id}`
  - subscribe: `agent.run.requested.*`
  with dual-subscribe/publish migration window.
- Proxy policy is fixed at architectural level: single owner for 80/443 in production (nginx **or** Caddy), second proxy internal-only or disabled.

## Priority Contradictions To Resolve
1. Memory API contract mismatch (`/store` in docs vs `/memories`/`/events`/`/retrieve` in code).
2. NATS run subject shape mismatch (legacy flat subject still in worker/producer paths).
3. Proxy ownership conflict (nginx vs Caddy) in runtime runbooks.
4. Architecture diagrams include services not currently deployed on NODE1.

## Source pointers
- `docs/SESSION_STARTER.md`
- `docker-compose.node1.yml`
- `docker-compose.node3.yml`
- `docker-compose.staging.yml`
- `services/crewai-worker/main.py`
- `services/router/main.py`
- `ops/nginx/node1-api.conf`
- `docs/OPENAPI_CONTRACTS.md`
- `docs/ARCHITECTURE_DIAGRAM.md`