This directory documents ground truth — what is actually installed, how it is reached, and what blocks each service from being live. It is descriptive, not aspirational: a service is only "installed" here if a process or resolvable command actually exists on the box.

Service	Nature	Installed	Reachable from HQ01	Blocker
Hermes	Internal AAF system (no OSS package)	No (content only)	n/a	Must be built, not installed
Honcho	Real OSS (Plastic Labs)	No	No	Postgres+pgvector, LLM provider key, plane decision
MemPalace	Internal AAF system (no OSS package)	No (empty placeholder)	n/a	Must be built, not installed
Serena	Real OSS MCP toolkit (Oraios)	Prereq (`uv`/`uvx`) only	Not yet	Source not ratified as chosen method

See readiness-report.md for the full bring-up findings.

Verified host facts (2026-06-14)

HQ01 runs on the host via hq01.service on :4000; traefik (Docker) is the only other running service. No honcho/postgres/pgvector/serena processes or containers exist.
Toolchain present: node v20.20.2, npm 10.8.2, python3 3.10.12, docker 29.5.3, git, claude 2.1.177. Absent: pip3, pipx.
Added this pass: uv 0.11.21 + uvx at ~/.local/bin (user-space, reversible — the standard prerequisite for running Serena). Nothing else installed.
Egress works (github / astral.sh / ghcr.io reachable).

Governing constraint

The canon (canonical/, constitutions/) describes Hermes/Honcho/MemPalace as architecture ("Shared AI Framework", "dual deployments") — it specifies no concrete install method, image, version pin, or source URL for any of them. No "chosen method already chosen for this stack" exists to follow. Hence services are installed only where a genuine official method and the required inputs both exist; everything else is reported as a blocker rather than faked. No mock services, no filesystem substitutes.

root · /srv/aaf