8e09e5bdfe
Revert "feat(hermes): drop fork overlay, use upstream base image for v0.12.0+ kanban"
...
This reverts commit d94014f19a
2026-05-19 21:29:47 -04:00
d94014f19a
feat(hermes): drop fork overlay, use upstream base image for v0.12.0+ kanban
2026-05-19 21:23:09 -04:00
6b506163e9
feat: add combined Hermes Workspace image with Swarm worker support
...
New directory ai/hermes-workspace/ with:
- Dockerfile (multi-stage): builds workspace web UI from source,
overlays our Hermes fork, installs tmux for Swarm workers
- entrypoint-combined.sh: starts workspace UI, waits for gateway
- himalaya-ro.sh: read-only Himalaya wrapper (shared from hermes/)
Existing ai/hermes/ Dockerfile preserved unchanged as fallback.
compose.yml changes:
- Add HERMES_DASHBOARD=1 + healthcheck to hermes service
- Add hermes-workspace service using combined image
(build context: ./hermes-workspace, SSH build)
- Connects to hermes:8642 (gateway) + :9119 (dashboard)
- Shares Hermes data volume for config/sessions/skills
- Traefik on workspace.lazyworkhorse.net (port 3000)
- Networks: ai_backend + ai_net
2026-05-19 20:50:08 -04:00
d3f2e3b7b9
Merge pull request 'feat: add Syncthing service for Hermes org-file sync' ( #30 ) from feat/syncthing-org-sync into master
...
Build Hermes agent / build (push) Has been cancelled
Build ollama (gfx906) / build (push) Has been cancelled
Reviewed-on: #30
2026-05-19 00:28:59 +00:00
6a44120b1a
Fixed syncthing dir path
Build Hermes agent / build (pull_request) Has been cancelled
Build ollama (gfx906) / build (pull_request) Has been cancelled
2026-05-18 20:25:18 -04:00
38a1451689
Merge branch 'master' into feat/syncthing-org-sync
2026-05-14 22:24:19 -04:00
f9fb28d560
fix: route Syncthing web UI through Traefik with HTTPS
Build Hermes agent / build (pull_request) Has been cancelled
Build ollama (gfx906) / build (pull_request) Has been cancelled
2026-05-14 21:40:00 -04:00
bcc4b6d157
feat: add Syncthing service for Hermes org-file sync
Build Hermes agent / build (pull_request) Has been cancelled
Build ollama (gfx906) / build (pull_request) Has been cancelled
2026-05-14 21:35:31 -04:00
8d1ae7e632
Remove the unsuported gitea action off
2026-05-13 13:11:11 -04:00
29ae32a1c5
Merge pull request 'fix: use ln -sf instead of update-alternatives --set for iptables-nft' ( #28 ) from fix/vpn-iptables-nft-v3 into master
...
Reviewed-on: #28
2026-05-13 16:59:50 +00:00
8dff094768
fix: use ln -sf instead of update-alternatives --set
...
update-alternatives --set fails because the base image only registers
iptables-legacy as an alternative. The iptables-nft binary (/usr/sbin/iptables-nft)
exists but isn't in the alternatives database. Direct ln -sf bypasses this.
2026-05-13 12:58:43 -04:00
ec08f5eb5d
Merge pull request 'fix: remove apk add iptables-nft — built-in on Alpine 3.18+' ( #27 ) from fix/vpn-iptables-nft-v2 into master
...
Reviewed-on: #27
2026-05-13 16:49:23 +00:00
611e96b306
fix: remove apk add iptables-nft — built-in on Alpine 3.18+
...
In Alpine 3.18+, the 'iptables' package IS the nftables variant.
iptables-nft is not a separate package. The binary is already in
the base image — only need to flip update-alternatives.
2026-05-13 12:48:51 -04:00
f184ed957c
Merge pull request 'fix: update wg-easy to official ghcr image with iptables-nft' ( #26 ) from fix/vpn-iptables-nft-upstream into master
...
Reviewed-on: #26
2026-05-13 16:37:35 +00:00
2bf31c7ccc
fix: update wg-easy to official ghcr image with iptables-nft
...
- Switch FROM weejewel/wg-easy:latest (4yr old, Alpine 3.11) to
ghcr.io/wg-easy/wg-easy:latest (actively maintained, Alpine krypton)
- Use update-alternatives instead of raw ln -sf to flip iptables
from legacy to nftables backend
- Fix compose build context: ./vpn -> . (Dockerfile was at same level)
The weejewel/wg-easy image lacked iptables-nft package in Alpine 3.11.
The new official image has it available, we just flip the alternatives.
The old ln -sf approach was fragile across Alpine versions.
2026-05-13 12:30:15 -04:00
f44f93e35a
Merge pull request 'fix: add Himalaya email CLI to Hermes Docker image' ( #25 ) from fix/himalaya-email-cli into master
...
Build Hermes agent / build (push) Has been cancelled
Reviewed-on: #25
2026-05-13 15:03:40 +00:00
4cdd157e3f
Merge pull request 'fix: add iptables-nft to wg-easy for nftables-only kernels' ( #24 ) from fix/wg-easy-iptables-nft into master
...
Reviewed-on: #24
2026-05-13 15:03:25 +00:00
3ba0345887
Merge pull request 'feat: install custom Hermes tools at startup, remove deprecated fix-permissions.sh' ( #23 ) from feat/hermes-custom-tools-startup into master
...
Build Hermes agent / build (push) Failing after 2s
Build ollama (gfx906) / build (push) Failing after 2s
Reviewed-on: #23
2026-05-13 13:52:36 +00:00
27571ddb3f
feat: add Himalaya email CLI to Hermes Docker image
Build Hermes agent / build (pull_request) Failing after 2s
2026-05-12 18:09:40 -04:00
5e242eb946
fix: add iptables-nft to wg-easy for nftables-only kernels
...
wg-easy's Alpine wg-quick uses legacy iptables which requires the
iptable_nat kernel module. On NixOS kernels compiled without legacy
netfilter modules, the container crashes in a restart loop:
iptables v1.8.3 (legacy): can't initialize iptables table 'nat'
Table does not exist (do you need to insmod?)
Fix: build a custom image that installs Alpine's iptables-nft package
and symlinks iptables -> iptables-nft (nftables backend).
2026-05-12 14:52:33 -04:00
e607982b21
refactor: chown tools dir at build time instead of root at runtime
Build Hermes agent / build (pull_request) Failing after 3s
Build ollama (gfx906) / build (pull_request) Failing after 2s
2026-05-12 14:47:34 -04:00
4627199217
feat: install custom tools at startup, remove deprecated fix-permissions.sh
Build Hermes agent / build (pull_request) Failing after 41m55s
Build ollama (gfx906) / build (pull_request) Failing after 2s
2026-05-12 13:38:26 -04:00
3611d645db
Merge pull request 'feat: add Gitea Actions CI workflows for Docker builds' ( #21 ) from feat/gitea-actions into master
...
Reviewed-on: #21
2026-05-11 02:39:02 +00:00
99ac8b5dcd
Merge pull request 'feat: add act_runner and enable Gitea Actions' ( #22 ) from feat/act-runner into master
...
Reviewed-on: #22
2026-05-11 02:38:41 +00:00
b517a65393
fix: add nixos-builder label for NixOS CI builds
2026-05-10 22:15:44 -04:00
61a59dfac1
Merge pull request 'feat: update Hermes Dockerfile to build from forked source (gortium/hermes-agent)' ( #20 ) from feat/hermes-fork-dockerfile into master
...
Reviewed-on: #20
2026-05-11 02:07:41 +00:00
144678354f
feat: add Gitea Actions runner and enable Actions
2026-05-10 21:38:19 -04:00
34b1cb83a0
feat: add Gitea Actions workflows for ollama and hermes Docker builds
2026-05-10 21:33:10 -04:00
f8c2f864de
Merge pull request 'refactor: split ai/ into hermes/ and ollama/ directories with gfx906 build' ( #19 ) from feat/ollama-gfx906 into master
...
Reviewed-on: #19
2026-05-11 01:26:11 +00:00
46241d10c5
feat: update Hermes Dockerfile to build from forked source
...
- Switch Dockerfile to clone from gortium/hermes-agent (Gitea fork)
- Add SSH agent forwarding for private repo clone at build time
- Set CHROME_EXECUTABLE for Playwright Chromium
- Remove patch_tts_tool.py (Piper patch now in fork source)
- Enable Gitea Actions in versioncontrol compose
2026-05-10 17:55:17 -04:00
6b82a26c25
fix: add ldflags for version, remove privileged, enable flash attention
2026-05-10 10:07:25 -04:00
9cc7edfb39
fix: set CMAKE_INSTALL_PREFIX=/build/dist at configure time for CPU, match preset for HIP
2026-05-10 00:44:56 -04:00
f31ae59717
fix: copy /build/dist/lib/ollama/ (not /build/dist/lib/) to avoid extra nesting
2026-05-10 00:10:39 -04:00
bf2f17c5e2
fix: use cmake -B to override preset binaryDir, cmake --build/--install use explicit path
2026-05-09 23:52:46 -04:00
208bfd4612
fix: pre-set CMAKE_HIP_COMPILER="" for CPU build to prevent HIP detection
2026-05-09 23:50:26 -04:00
32df546550
fix: use ROCm 6 preset with HIP language detection for proper GPU kernel compilation
...
- Use --preset 'ROCm 6' for HIP build step (enables enable_language(HIP))
- Remove /opt/rocm from PATH for CPU build to prevent check_language(HIP)
- Add CMAKE_PREFIX_PATH=/opt/rocm so find_package(hip) finds hip-config.cmake
- cmake --install --component HIP now works correctly with OLLAMA_RUNNER_DIR=rocm
2026-05-09 23:49:08 -04:00
0f7b22c19b
fix: add /usr/local/go/bin to ROCm PATH (was overridden)
...
ENV PATH for ROCm overwrote the previous PATH that included Go.
Without Go in PATH, 'go build' fails with 'go: not found'.
2026-05-09 23:15:26 -04:00
fc777e2de2
fix: target only gfx906 for HIP compilation
...
gfx940/gfx1010/gfx1030/gfx1100 cause C++ narrowing errors in ollama's
mma.cuh with hipcc. Since we only have MI50 (gfx906) cards, compile
for gfx906 only. Reduces build time and avoids upstream code bugs.
2026-05-09 23:07:39 -04:00
d52f18b0fa
fix: remove gfx1200 target (not supported by ROCm 6.1 clang 17)
...
ROCm 6.1's AMD clang 17 doesn't recognize gfx1200 architecture
(introduced in ROCm 6.2+). Caused compilation failure on all .cu files.
2026-05-09 22:53:11 -04:00
0d87fb2556
fix: build CPU and HIP backends separately
...
CPU backends compiled with GCC (fixes AVX intrinsic errors from hipcc).
HIP backend compiled with hipcc (legacy mode skips enable_language(HIP)).
Go binary built with GCC for CGo linking.
This avoids both CMAKE_HIP_COMPILER rejection and CXX=hipcc CPU failures.
2026-05-09 22:51:13 -04:00
f6bc2b07a7
fix: remove nonexistent CC=clang for Go build step
...
ROCm 6.1 image doesn't have clang/clang++ in PATH (only amdclang++).
GCC is the default and works fine for CGo linking.
2026-05-09 22:41:18 -04:00
aa6bbe87bf
fix: correct AMDGPU_TARGETS to include gfx940/gfx1010/gfx1200
...
Targets were corrupted during previous patch iterations, contained
gfx908/gfx90a from the CMake preset instead of gfx940/gfx1010/gfx1200.
2026-05-09 22:40:40 -04:00
0c612d9731
fix: remove unsupported AMDGPU_TARGETS (gfx1200) for ROCm 6.1
...
ROCm 6.1's AMD clang 17 doesn't support gfx1200 (RDNA4).
Use only targets supported by ROCm 6.1: gfx906, gfx908, gfx90a, gfx1030, gfx1100.
2026-05-09 22:30:21 -04:00
5b210fe624
fix: use ROCm amdclang++ as HIP compiler, keep GCC for CPU code
...
Setting CXX=hipcc caused compilation failures on CPU backends (AVX
intrinsics). Now using GCC for CPU, ROCm's amdclang++ for HIP only.
2026-05-09 22:29:10 -04:00
d8b77c97c3
fix: use CXX=hipcc legacy mode for HIP CMake build
...
CMake 3.31 refuses CMAKE_HIP_COMPILER=hipcc with 'not supported'.
Using CXX=hipcc triggers the legacy HIP detection path which works.
2026-05-09 22:20:44 -04:00
a3d0fa0072
fix: set CMAKE_HIP_COMPILER explicitly for ROCm 6.1 HIP detection
2026-05-09 22:19:50 -04:00
956d76f14d
fix: add unzip dependency for ninja installation
2026-05-09 22:14:53 -04:00
c6d2f5918f
fix: use ollama v0.23.2 native CMake build system for ROCm 6 + gfx906
...
The old Dockerfile used the deprecated llama.cpp/ subdirectory approach
which doesn't exist in ollama v0.23.2. Now using the official CMake
presets (ROCm 6 preset) with AMDGPU_TARGETS including gfx906:xnack-.
2026-05-09 22:13:47 -04:00
f023dc1ee4
fix: update ollama Dockerfile to v0.23.2 with proper ROCm 6.1 + gfx906 build
...
- Update OLLAMA_VERSION from v0.13.5 to v0.23.2
- Fix package: golang -> golang-go
- Add ENV HCC_AMDGPU_TARGET=gfx906 and HSA_ENABLE_SDMA=0
- Set proper ENTRYPOINT + CMD
2026-05-09 21:56:14 -04:00
d34a4d3647
refactor: move hermes files into ai/hermes/ subdirectory
...
- ai/Dockerfile -> ai/hermes/Dockerfile
- ai/fix-permissions.sh -> ai/hermes/fix-permissions.sh
- ai/patch_tts_tool.py -> ai/hermes/patch_tts_tool.py
- ai/compose.yml: update hermes build context to ./hermes
- ollama stays at ai/ollama/Dockerfile
2026-05-09 21:50:04 -04:00
