From bce336c4fd1bd4f6c12d38df186e6515e2c88467 Mon Sep 17 00:00:00 2001
From: Hermes <hermes@lazyworkhorse.net>
Date: Fri, 22 May 2026 13:04:43 -0400
Subject: [PATCH] feat: bake Matrix bridge deps into Docker image instead of
 volume mount

- Add libolm-dev system dep (required by mautrix[encryption])
- Add mautrix[encryption] + openai pip packages to build
- These were previously installed inline at container startup and
  persisted via the fragile venv volume mount (now removed)
---
 ai/hermes/Dockerfile | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/ai/hermes/Dockerfile b/ai/hermes/Dockerfile
index c3a76fa..253b9b7 100644
--- a/ai/hermes/Dockerfile
+++ b/ai/hermes/Dockerfile
@@ -34,6 +34,7 @@ USER root
 RUN apt-get update && \
     apt-get install -y --no-install-recommends \
         libportaudio2 ca-certificates poppler-utils imagemagick \
+        libolm-dev \
         texlive-latex-base texlive-latex-extra texlive-fonts-recommended \
         texlive-xetex texlive-science \
         qemu-user-static binfmt-support emacs-nox && \
@@ -42,6 +43,12 @@ RUN apt-get update && \
 # ---------- UV ----------
 COPY --chmod=0755 --from=ghcr.io/astral-sh/uv:latest /uv /usr/local/bin/
 
+# ---------- Matrix bridge + extra pip deps ----------
+# Previously installed inline at container startup and persisted via volume mount.
+# Now baked into the image so the fragile venv volume mount can be removed.
+RUN . /opt/hermes/.venv/bin/activate && \
+    uv pip install --no-cache-dir 'mautrix[encryption]' openai
+
 # ---------- Piper TTS ----------
 RUN . /opt/hermes/.venv/bin/activate && \
     uv pip install --no-cache-dir piper-tts sounddevice numpy && \