feat: honcho-only memory provider with Traefik + Authelia

- Remove OpenViking/Holographic dependencies (only Honcho stays)
- Remove httpx install from Dockerfile (was for OpenViking)
- Add Traefik routing for honcho at honcho.lazyworkhorse.net
- Add Authelia auth middleware on honcho HTTPS
- Add ai_net network to honcho for Traefik access

ai/compose.yml

@@ -175,11 +175,29 @@ services:
       - /mnt/HoardingCow_docker_data/Honcho/data:/app/data
     networks:
       - ai_backend
+      - ai_net
     depends_on:
       honcho-db:
         condition: service_healthy
       honcho-redis:
         condition: service_healthy
+    labels:
+      - "traefik.enable=true"
+
+      # Router for HTTP + redirect to HTTPS
+      - "traefik.http.routers.honcho-http.rule=Host(`honcho.lazyworkhorse.net`)"
+      - "traefik.http.routers.honcho-http.entrypoints=web"
+      - "traefik.http.routers.honcho-http.middlewares=redirect-to-https"
+
+      # Router for HTTPS with TLS — protected by Authelia
+      - "traefik.http.routers.honcho-https.rule=Host(`honcho.lazyworkhorse.net`)"
+      - "traefik.http.routers.honcho-https.entrypoints=websecure"
+      - "traefik.http.routers.honcho-https.tls=true"
+      - "traefik.http.routers.honcho-https.tls.certresolver=njalla"
+      - "traefik.http.routers.honcho-https.middlewares=hermes-auth"
+
+      # Service Loadbalancer
+      - "traefik.http.services.honcho.loadbalancer.server.port=8000"
 
   honcho-db:
     image: pgvector/pgvector:pg15

ai/hermes/Dockerfile

@@ -43,6 +43,8 @@ RUN apt-get update && \
 # ---------- UV ----------
 COPY --chmod=0755 --from=ghcr.io/astral-sh/uv:latest /uv /usr/local/bin/
 
+WORKDIR /opt/hermes
+
 # ---------- Matrix bridge + extra pip deps ----------
 # Previously installed inline at container startup and persisted via volume mount.
 # Now baked into the image so the fragile venv volume mount can be removed.