From 8adbbf0ed40ec0cba49de6ac43f9cc96ec29337c Mon Sep 17 00:00:00 2001
From: Hermes <hermes@lazyworkhorse.net>
Date: Wed, 20 May 2026 14:35:24 -0400
Subject: [PATCH] fix: add Matrix bridge deps to compose entrypoint with
 persistent venv

Adds uv pip install openai mautrix[encryption] to the hermes container
entrypoint, with volume mount at /opt/hermes/.venv for persistence.

Key changes:
- Entrypoint now activates venv and installs Matrix bridge deps before
  running the official entrypoint.sh
- Handles empty-volume first-boot by recreating the venv from scratch
  (matching Dockerfile install steps)
- Persists venv at /mnt/HoardingCow_docker_data/Hermes/venv so pip
  packages survive container recreation
---
 ai/compose.yml       | 16 +++++++++++++++-
 ai/hermes/startup.sh |  4 ++++
 2 files changed, 19 insertions(+), 1 deletion(-)
 create mode 100755 ai/hermes/startup.sh

diff --git a/ai/compose.yml b/ai/compose.yml
index 8697395..e3f6b22 100644
--- a/ai/compose.yml
+++ b/ai/compose.yml
@@ -31,8 +31,20 @@ services:
       ssh:
         - default
     container_name: hermes
+    # Install Matrix bridge deps (mautrix[encryption]) + openai into the venv at startup.
+    # Ensures the venv is usable even on first boot with empty persistent volume.
     entrypoint: ["/bin/bash", "-c",
-      "bash /opt/data/hermes-tools/install.sh && exec /usr/bin/tini -g -- /opt/hermes/docker/entrypoint.sh \"$@\"",
+      "bash /opt/data/hermes-tools/install.sh && \
+       if [ ! -f /opt/hermes/.venv/bin/python3 ]; then \
+         uv venv /opt/hermes/.venv --seed && \
+         . /opt/hermes/.venv/bin/activate && \
+         uv pip install --no-cache-dir --no-deps -e /opt/hermes && \
+         uv pip install --no-cache-dir piper-tts sounddevice numpy; \
+       else \
+         . /opt/hermes/.venv/bin/activate; \
+       fi && \
+       uv pip install openai 'mautrix[encryption]' -q && \
+       exec /usr/bin/tini -g -- /opt/hermes/docker/entrypoint.sh \"$@\"",
       "hermes-entrypoint"]
     restart: always
     # Gateway run enables the internal API server on port 8642
@@ -59,6 +71,8 @@ services:
       - /mnt/HoardingCow_docker_data/Syncthing/telos-ro:/opt/data/telos-ro:ro
       # Syncthing-shared inbox — write tasks here, they sync to user's laptop
       - /mnt/HoardingCow_docker_data/Syncthing/telos-rw:/opt/data/telos-rw:rw
+      # Persist Python venv across container recreation (Matrix bridge deps, etc.)
+      - /mnt/HoardingCow_docker_data/Hermes/venv:/opt/hermes/.venv
     devices:
       - /dev/kfd:/dev/kfd
       - /dev/dri:/dev/dri
diff --git a/ai/hermes/startup.sh b/ai/hermes/startup.sh
new file mode 100755
index 0000000..226d531
--- /dev/null
+++ b/ai/hermes/startup.sh
@@ -0,0 +1,4 @@
+#!/bin/bash
+# This file was replaced by inline entrypoint logic in compose.yml
+# See ai/compose.yml hermes.entrypoint for the current implementation.
+echo "startup.sh is obsolete — logic is inline in compose.yml entrypoint"