fix: add iptables-nft to wg-easy for nftables-only kernels

wg-easy's Alpine wg-quick uses legacy iptables which requires the
iptable_nat kernel module. On NixOS kernels compiled without legacy
netfilter modules, the container crashes in a restart loop:

  iptables v1.8.3 (legacy): can't initialize iptables table 'nat'
  Table does not exist (do you need to insmod?)

Fix: build a custom image that installs Alpine's iptables-nft package
and symlinks iptables -> iptables-nft (nftables backend).

ai/Dockerfile

@@ -1,71 +1,116 @@
-FROM ghcr.io/astral-sh/uv:0.11.6-python3.13-trixie@sha256:b3c543b6c4f23a5f2df22866bd7857e5d304b67a564f4feab6ac22044dde719b AS uv_source
-FROM tianon/gosu:1.19-trixie@sha256:3b176695959c71e123eb390d427efc665eeb561b1540e82679c15e992006b8b9 AS gosu_source
-FROM debian:13.4
+# 1. On récupère la version la plus récente d'UV
+FROM ghcr.io/astral-sh/uv:latest AS uv_source
+
+# 2. Image de base stable
+FROM debian:stable-slim
 
 # Disable Python stdout buffering to ensure logs are printed immediately
 ENV PYTHONUNBUFFERED=1
 
-# Store Playwright browsers outside the volume mount so the build-time
-# install survives the /opt/data volume overlay at runtime.
-ENV PLAYWRIGHT_BROWSERS_PATH=/opt/hermes/.playwright
-
 # Install system dependencies in one layer, clear APT cache
 # tini reaps orphaned zombie processes (MCP stdio subprocesses, git, bun, etc.)
-# that would otherwise accumulate when hermes runs as PID 1. See #15012.
 RUN apt-get update && \
     apt-get install -y --no-install-recommends \
-        build-essential nodejs npm python3 ripgrep ffmpeg gcc python3-dev libffi-dev procps git openssh-client docker-cli tini \
+        build-essential python3 ripgrep ffmpeg gcc python3-dev libffi-dev procps git openssh-client docker-cli tini \
         curl poppler-utils imagemagick \
-        chromium xvfb fonts-noto-color-emoji fonts-unifont fonts-liberation fonts-ipafont-gothic fonts-wqy-zenhei fonts-tlwg-loma-otf fonts-freefont-ttf \
-        libasound2t64 libatk-bridge2.0-0t64 libatk1.0-0t64 libatspi2.0-0t64 libcairo2 libcups2t64 libdbus-1-3 libdrm2 libgbm1 libglib2.0-0t64 libnspr4 libnss3 libpango-1.0-0 libx11-6 libxcb1 libxcomposite1 libxdamage1 libxext6 libxfixes3 libxkbcommon0 libxrandr2 \
         texlive-latex-base texlive-latex-extra texlive-fonts-recommended texlive-xetex texlive-science \
         qemu-user-static binfmt-support qemu-user-binfmt \
         emacs-nox \
-        libportaudio2 && \
+        libportaudio2 \
+        ca-certificates && \
     rm -rf /var/lib/apt/lists/*
 
-# Non-root user for runtime; UID can be overridden via HERMES_UID at runtime
+# Création de l'utilisateur 'hermes' directement avec les bons accès
 RUN useradd -u 10000 -m -d /opt/data hermes
 
-COPY --chmod=0755 --from=gosu_source /gosu /usr/local/bin/
-COPY --chmod=0755 --from=uv_source /usr/local/bin/uv /usr/local/bin/uvx /usr/local/bin/
+# Copie d'uv (dernière version)
+COPY --chmod=0755 --from=uv_source /uv /usr/local/bin/
 
 WORKDIR /opt/hermes
 
-# ---------- Layer-cached dependency install ----------
-# Copy only package manifests first so npm install + Playwright are cached
-# unless the lockfiles themselves change.
-COPY package.json package-lock.json ./
-COPY web/package.json web/package-lock.json web/
+# On donne la propriété du dossier de travail à l'utilisateur hermes
+RUN chown hermes:hermes /opt/hermes
 
-RUN npm install --prefer-offline --no-audit && \
-    npx playwright install --with-deps chromium --only-shell && \
-    (cd web && npm install --prefer-offline --no-audit) && \
-    npm cache clean --force
+# ---------- Hermes venv ----------
+# Passer immédiatement sous l'utilisateur hermes pour tout le reste du build
+USER hermes
 
 # ---------- Source code ----------
-# .dockerignore excludes node_modules, so the installs above survive.
+# On copie tout le projet d'un coup sans assumer la présence de fichiers de lock spécifiques
 COPY --chown=hermes:hermes . .
 
-# Build web dashboard (Vite outputs to hermes_cli/web_dist/)
-RUN cd web && npm run build
-
-# ---------- Permissions ----------
-# Make install dir world-readable so any HERMES_UID can read it at runtime.
-# The venv needs to be traversable too.
-USER root
-RUN chmod -R a+rX /opt/hermes
-# Start as root so the entrypoint can usermod/groupmod + gosu.
-# If HERMES_UID is unset, the entrypoint drops to the default hermes user (10000).
-
-# ---------- Python virtualenv ----------
+# ---------- Python virtualenv avec Piper TTS ----------
 RUN uv venv && \
-    uv pip install --no-cache-dir -e ".[all]" && \
-    uv pip install --no-cache-dir sounddevice numpy faster-whisper
+    uv pip install --no-cache-dir piper-tts sounddevice numpy faster-whisper
+
+# ---------- Télécharger la voix Piper Ryan (high quality) ----------
+RUN mkdir -p /opt/hermes/.venv/share/piper/voices && \
+    /opt/hermes/.venv/bin/python3 /dev/stdin << 'PYEOF'
+import urllib.request
+base = '/opt/hermes/.venv/share/piper/voices'
+url = 'https://huggingface.co/rhasspy/piper-voices/resolve/main/en/en_US/ryan/high/en_US-ryan-high.onnx'
+urllib.request.urlretrieve(url, base + '/en_US-ryan-high.onnx')
+urllib.request.urlretrieve(url + '.json', base + '/en_US-ryan-high.onnx.json')
+PYEOF
+ 
+# ---------- Patch atomic writes to preserve file permissions ----------
+# Fixes https://github.com/NousResearch/hermes-agent/issues/14181
+# tempfile.mkstemp() creates files as 0600; os.replace() preserves that mode,
+# so group-readable files silently collapse to owner-private 0600.
+# This affects: skills, sessions, memories, and any file written atomically.
+RUN /opt/hermes/.venv/bin/python3 /dev/stdin << 'PYEOF'
+import os
+
+patches = [
+    ("/opt/hermes/tools/skill_manager_tool.py", [
+        ("# Restore existing file mode if present", True),  # already patched
+    ]),
+    ("/opt/hermes/tools/skills_sync.py", [
+        ("# Restore existing file mode if present", True),  # already patched
+    ]),
+]
+
+for fpath, checks in patches:
+    if not os.path.exists(fpath):
+        print(f"SKIP {fpath} (not found)")
+        continue
+    with open(fpath) as f:
+        code = f.read()
+    all_ok = all(marker in code for marker, _ in checks)
+    if all_ok:
+        print(f"OK {fpath} (already patched)")
+        continue
+    print(f"PATCH {fpath}")
+    # _atomic_write_text in skill_manager_tool.py
+    code = code.replace(
+        "        os.replace(temp_path, file_path)",
+        "        if file_path.exists():\n"
+        "            existing_mode = file_path.stat().st_mode\n"
+        "            os.chmod(temp_path, existing_mode)\n"
+        "        os.replace(temp_path, file_path)",
+    )
+    # _write_manifest in skills_sync.py
+    code = code.replace(
+        "            os.replace(tmp_path, MANIFEST_FILE)",
+        "            if MANIFEST_FILE.exists():\n"
+        "                existing_mode = MANIFEST_FILE.stat().st_mode\n"
+        "                os.chmod(tmp_path, existing_mode)\n"
+        "            os.replace(tmp_path, MANIFEST_FILE)",
+    )
+    with open(fpath, 'w') as f:
+        f.write(code)
+    print(f"DONE {fpath}")
+PYEOF
 
 # ---------- Runtime ----------
-ENV HERMES_WEB_DIST=/opt/hermes/hermes_cli/web_dist
 ENV HERMES_HOME=/opt/data
 ENV PATH="/opt/data/.local/bin:${PATH}"
+
 VOLUME [ "/opt/data" ]
-ENTRYPOINT [ "/usr/bin/tini", "-g", "--", "/opt/hermes/docker/entrypoint.sh" ]
+
+# Copie du script de réparation des permissions (lancement au démarrage)
+COPY --chmod=0755 fix-permissions.sh /opt/hermes/fix-permissions.sh
+
+# Le conteneur tourne de manière ultra-sécurisée sous l'utilisateur hermes dès le départ
+# fix-permissions.sh chown les répertoires critiques avant de chaîner vers entrypoint.sh
+ENTRYPOINT [ "/usr/bin/tini", "-g", "--", "/opt/hermes/fix-permissions.sh" ]

ai/compose.yml

@@ -39,6 +39,12 @@ services:
       - API_SERVER_KEY=hermes_local_key
       - GATEWAY_ALLOW_ALL_USERS=true
       - OPENROUTER_API_KEY=${OPENROUTER_API_KEY}
+      # ROCm for GPU-accelerated faster-whisper STT
+      - HSA_OVERRIDE_GFX_VERSION=9.0.6
+      - HCC_AMDGPU_TARGET=gfx906
+      - HIP_VISIBLE_DEVICES=0,1
+      - ROCR_VISIBLE_DEVICES=0,1
+      - HSA_ENABLE_SDMA=0
     volumes:
       - /mnt/HoardingCow_docker_data/Hermes/data:/opt/data
     devices:

ai/fix-permissions.sh

@@ -0,0 +1,31 @@
+#!/bin/bash
+# Startup permission fix for the Hermes data volume.
+# Runs as root before the entrypoint drops to the hermes user.
+# Fixes files that were created by root (host agent, cron jobs, etc.)
+# becoming inaccessible to the hermes runtime user.
+set -e
+
+HERMES_HOME="${HERMES_HOME:-/opt/data}"
+
+# Fix ownership on critical writable directories so hermes user can access them
+chown -R hermes:hermes \
+  "$HERMES_HOME/sessions" \
+  "$HERMES_HOME/checkpoints" \
+  "$HERMES_HOME/skills" \
+  "$HERMES_HOME/memories" \
+  "$HERMES_HOME/workspace" \
+  "$HERMES_HOME/pastes" \
+  "$HERMES_HOME/logs" \
+  "$HERMES_HOME/cron" \
+  "$HERMES_HOME/plans" \
+  "$HERMES_HOME/hooks" \
+  "$HERMES_HOME/cache" \
+  2>/dev/null || true
+
+# Also fix the data volume root if it's wrong
+if [ "$(stat -c %u "$HERMES_HOME" 2>/dev/null)" != "$(id -u hermes)" ]; then
+  chown hermes:hermes "$HERMES_HOME" 2>/dev/null || true
+fi
+
+# Now chain to the real entrypoint
+exec /opt/hermes/docker/entrypoint.sh "$@"

ai/patch_tts_tool.py

@@ -0,0 +1,96 @@
+#!/usr/bin/env python3
+"""Patch Hermes TTS tool: remove Edge TTS, replace with Piper as default/fallback."""
+import sys
+
+tts_path = '/opt/hermes/tools/tts_tool.py'
+
+with open(tts_path) as f:
+    code = f.read()
+
+# Replace the Edge fallback with Piper fallback
+old_edge = '''        else:
+            # Default: Edge TTS (free), with NeuTTS as local fallback
+            edge_available = True
+            try:
+                _import_edge_tts()
+            except ImportError:
+                edge_available = False
+
+            if edge_available:
+                logger.info("Generating speech with Edge TTS...")
+                try:
+                    import concurrent.futures
+                    with concurrent.futures.ThreadPoolExecutor(max_workers=1) as pool:
+                        pool.submit(
+                            lambda: asyncio.run(_generate_edge_tts(text, file_str, tts_config))
+                        ).result(timeout=60)
+                except RuntimeError:
+                    asyncio.run(_generate_edge_tts(text, file_str, tts_config))
+            elif _check_neutts_available():
+                logger.info("Edge TTS not available, falling back to NeuTTS (local)...")
+                provider = "neutts"
+                _generate_neutts(text, file_str, tts_config)
+            else:
+                return json.dumps({
+                    "success": False,
+                    "error": "No TTS provider available. Install edge-tts (pip install edge-tts) "
+                             "or set up NeuTTS for local synthesis."
+                }, ensure_ascii=False)'''
+
+new_piper = '''        else:
+            # Default: Piper TTS (local, CPU, no cloud, no Microsoft)
+            piper_available = False
+            try:
+                piper_binary = "/opt/hermes/.venv/bin/piper"
+                piper_config = tts_config.get("piper", {})
+                voice = piper_config.get("voice", "en_US-lessac-medium")
+                model_dir = piper_config.get("model_dir", "/opt/hermes/.venv/share/piper/voices")
+                model_path = os.path.join(model_dir, f"{voice}.onnx")
+                if os.path.exists(model_path):
+                    piper_available = True
+            except Exception:
+                pass
+
+            if piper_available:
+                logger.info("Generating speech with Piper TTS (local, CPU)...")
+                import subprocess
+                piper_binary = "/opt/hermes/.venv/bin/piper"
+                piper_config = tts_config.get("piper", {})
+                voice = piper_config.get("voice", "en_US-lessac-medium")
+                model_dir = piper_config.get("model_dir", "/opt/hermes/.venv/share/piper/voices")
+                model_path = os.path.join(model_dir, f"{voice}.onnx")
+                cmd = [piper_binary, "--model", model_path, "--output-raw"]
+                proc = subprocess.Popen(cmd, stdin=subprocess.PIPE, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
+                raw_audio, stderr = proc.communicate(input=text.encode(), timeout=60)
+                if proc.returncode != 0:
+                    raise RuntimeError(f"Piper TTS failed: {stderr.decode()[:200]}")
+                ffmpeg_cmd = ["ffmpeg", "-f", "s16le", "-ar", "22050", "-ac", "1", "-i", "-", "-y", file_str]
+                subprocess.run(ffmpeg_cmd, input=raw_audio, capture_output=True, timeout=30)
+                logger.info("Piper TTS audio saved: %s", file_str)
+            else:
+                return json.dumps({
+                    "success": False,
+                    "error": "No TTS provider available. Install Piper TTS (pip install piper-tts) "
+                             "and download a voice model."
+                }, ensure_ascii=False)'''
+
+if old_edge in code:
+    code = code.replace(old_edge, new_piper)
+    print("Edge fallback replaced with Piper")
+else:
+    if 'Default: Piper TTS' in code:
+        print("Piper fallback already present")
+    else:
+        print("ERROR: Could not find Edge fallback in tts_tool.py")
+        # Debug output
+        import re
+        for m in re.finditer(r'        else:\n            # Default:', code):
+            start = max(0, m.start() - 100)
+            end = min(len(code), m.end() + 200)
+            print(f"Found else/default at position {m.start()}:")
+            print(code[start:end])
+        sys.exit(1)
+
+with open(tts_path, 'w') as f:
+    f.write(code)
+print("tts_tool.py patched successfully")

vpn/Dockerfile

@@ -0,0 +1,16 @@
+# Custom wg-easy with iptables-nft (nftables-backed iptables)
+# Fixes crash-loop when host kernel lacks legacy iptable_nat module.
+FROM weejewel/wg-easy:latest
+
+# Alpine's iptables-nft provides iptables that uses nftables kernel API
+# instead of the legacy iptable_nat module. This works on kernels
+# where only nftables netfilter modules are available.
+RUN apk add --no-cache iptables-nft
+
+# Ensure iptables-nft takes priority over legacy iptables
+RUN ln -sf /sbin/iptables-nft /sbin/iptables && \
+    ln -sf /sbin/iptables-nft-save /sbin/iptables-save && \
+    ln -sf /sbin/iptables-nft-restore /sbin/iptables-restore && \
+    ln -sf /sbin/ip6tables-nft /sbin/ip6tables && \
+    ln -sf /sbin/ip6tables-nft-save /sbin/ip6tables-save && \
+    ln -sf /sbin/ip6tables-nft-restore /sbin/ip6tables-restore

vpn/compose.yml

@@ -2,7 +2,10 @@ version: "3.8"
 
 services:
   wireguard:
-    image: weejewel/wg-easy:latest
+    build:
+      context: ./vpn
+      dockerfile: Dockerfile
+    image: wg-easy-iptables-nft:latest
     container_name: wireguard
     cap_add:
       - NET_ADMIN