feat: add Hermes Workspace alongside existing Hermes Agent

- Add HERMES_DASHBOARD=1 env vars to existing hermes service
  (enables multi-agent dashboard API on port 9119)
- Add healthcheck to hermes service (required for workspace dep)
- Add hermes-workspace service (ghcr.io/outsourc-e/hermes-workspace:latest)
  - Connects to existing gateway at hermes:8642 and dashboard at hermes:9119
  - Shares Hermes data volume for config/sessions/skills/memory
  - Exposed via Traefik at workspace.lazyworkhorse.net (port 3000)
  - Requires HERMES_WORKSPACE_PASSWORD in .env (agenix)
- Networks: ai_backend + ai_net (for Traefik)

ai/compose.yml

@@ -52,8 +52,16 @@ services:
       - ROCR_VISIBLE_DEVICES=0,1
       - HSA_ENABLE_SDMA=0
       - TZ=America/Montreal
+      # Hermes Workspace dashboard (port 9119) — enables multi-agent web UI
+      - HERMES_DASHBOARD=1
+      - HERMES_DASHBOARD_HOST=0.0.0.0
+      - HERMES_DASHBOARD_PORT=9119
     volumes:
       - /mnt/HoardingCow_docker_data/Hermes/data:/opt/data
+      # Syncthing-shared org files — read-only view of user's agenda
+      - /mnt/HoardingCow_docker_data/Syncthing/telos-ro:/opt/data/telos-ro:ro
+      # Syncthing-shared inbox — write tasks here, they sync to user's laptop
+      - /mnt/HoardingCow_docker_data/Syncthing/telos-rw:/opt/data/telos-rw:rw
     devices:
       - /dev/kfd:/dev/kfd
       - /dev/dri:/dev/dri
@@ -62,6 +70,41 @@ services:
       - "26"
     networks:
       - ai_backend
+    healthcheck:
+      test: ["CMD-SHELL", "curl -fsS http://localhost:8642/health && curl -fsS http://localhost:9119/api/status || exit 1"]
+      interval: 15s
+      timeout: 5s
+      retries: 5
+      start_period: 60s
+
+  syncthing:
+    image: syncthing/syncthing:latest
+    container_name: syncthing
+    hostname: syncthing
+    restart: always
+    ports:
+      - "8384:8384"
+      - "22000:22000"
+      - "21027:21027/udp"
+    environment:
+      - TZ=America/Montreal
+    volumes:
+      - /mnt/HoardingCow_docker_data/Syncthing/config:/var/syncthing/config
+      - /mnt/HoardingCow_docker_data/Syncthing/telos-ro:/telos-ro
+      - /mnt/HoardingCow_docker_data/Syncthing/telos-rw:/telos-rw
+    networks:
+      - ai_backend
+      - ai_net
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.syncthing-http.rule=Host(`syncthing.lazyworkhorse.net`)"
+      - "traefik.http.routers.syncthing-http.entrypoints=web"
+      - "traefik.http.routers.syncthing-http.middlewares=redirect-to-https"
+      - "traefik.http.routers.syncthing-https.rule=Host(`syncthing.lazyworkhorse.net`)"
+      - "traefik.http.routers.syncthing-https.entrypoints=websecure"
+      - "traefik.http.routers.syncthing-https.tls=true"
+      - "traefik.http.routers.syncthing-https.tls.certresolver=njalla"
+      - "traefik.http.services.syncthing.loadbalancer.server.port=8384"
 
   ollama:
     build:
@@ -96,6 +139,46 @@ services:
       - "303"
       - "26"
 
+  # ── Hermes Workspace ──────────────────────────────────────────
+  # Web UI for Hermes Agent — chat, memory, skills, terminal,
+  # multi-agent swarm orchestration. Connects to the existing
+  # hermes gateway (port 8642) and dashboard (port 9119).
+  hermes-workspace:
+    image: ghcr.io/outsourc-e/hermes-workspace:latest
+    container_name: hermes-workspace
+    restart: unless-stopped
+    depends_on:
+      hermes:
+        condition: service_healthy
+    environment:
+      HERMES_API_URL: http://hermes:8642
+      HERMES_DASHBOARD_URL: http://hermes:9119
+      HERMES_API_TOKEN: ${API_SERVER_KEY}
+      HERMES_PASSWORD: ${HERMES_WORKSPACE_PASSWORD:?must be set}
+      COOKIE_SECURE: "1"
+    volumes:
+      # Share the same Hermes data — workspace reads config, sessions,
+      # skills, memory from the agent's persistent volume
+      - /mnt/HoardingCow_docker_data/Hermes/data:/home/workspace/.hermes
+    networks:
+      - ai_backend
+      - ai_net
+    labels:
+      - "traefik.enable=true"
+      - "traefik.docker.network=ai_net"
+
+      - "traefik.http.routers.workspace-http.rule=Host(`workspace.lazyworkhorse.net`)"
+      - "traefik.http.routers.workspace-http.entrypoints=web"
+      - "traefik.http.routers.workspace-http.middlewares=redirect-to-https"
+
+      - "traefik.http.routers.workspace-https.rule=Host(`workspace.lazyworkhorse.net`)"
+      - "traefik.http.routers.workspace-https.entrypoints=websecure"
+      - "traefik.http.routers.workspace-https.tls=true"
+      - "traefik.http.routers.workspace-https.tls.certresolver=njalla"
+
+      - "traefik.http.services.workspace.loadbalancer.server.port=3000"
+# ─────────────────────────────────────────────────────────────
+
 networks:
   ai_net:
     external: true

ai/hermes/Dockerfile

@@ -61,6 +61,24 @@ urllib.request.urlretrieve(url, base + '/en_US-ryan-high.onnx')
 urllib.request.urlretrieve(url + '.json', base + '/en_US-ryan-high.onnx.json')
 PYEOF
 
+# ---------- Install Himalaya email CLI ----------
+RUN /opt/hermes/.venv/bin/python3 /dev/stdin << 'PYEOF'
+import urllib.request, tarfile, os, shutil
+url = 'https://github.com/pimalaya/himalaya/releases/download/v1.2.0/himalaya.x86_64-linux.tgz'
+tgz = '/tmp/himalaya.tgz'
+urllib.request.urlretrieve(url, tgz)
+with tarfile.open(tgz) as t:
+    t.extractall('/tmp')
+shutil.move('/tmp/himalaya', '/usr/local/bin/himalaya')
+os.chmod('/usr/local/bin/himalaya', 0o755)
+os.remove(tgz)
+print('himalaya v1.2.0 installed')
+PYEOF
+
+# ---------- Install himalaya-ro wrapper ----------
+COPY --chmod=0755 himalaya-ro.sh /usr/local/bin/himalaya-ro
+
+
 # ---------- Runtime ----------
 USER hermes
 ENV HERMES_HOME=/opt/data

ai/hermes/himalaya-ro.sh

@@ -0,0 +1,73 @@
+#!/usr/bin/env bash
+# ─────────────────────────────────────────────────────────────
+# himalaya-ro — Read-only wrapper for himalaya
+#
+# Blocks destructive commands and logs audit trail.
+# Pass-through for read-only commands (list, read, search).
+#
+# Usage:  himalaya-ro [options] <command> [args...]
+#
+# Install: place in PATH before the real himalaya, or use
+#          `ln -sf himalaya-ro /usr/local/bin/himalaya`
+# ─────────────────────────────────────────────────────────────
+set -o pipefail
+
+# ── Configuration ───────────────────────────────────────────
+HIMALAYA_BIN="${HIMALAYA_BIN:-/usr/local/bin/himalaya}"
+AUDIT_LOG="${HIMALAYA_AUDIT_LOG:-/var/log/himalaya-audit.log}"
+
+# ── Destructive commands we block ──────────────────────────
+BLOCKED_CMDS=(
+  "message move"
+  "message delete"
+  "message copy"
+  "flag add"
+  "flag remove"
+  "folder create"
+  "folder delete"
+  "folder rename"
+  "template send"
+  "account configure"
+  "account delete"
+)
+
+# ── Determine the subcommand being invoked ─────────────────
+# Strip leading options (--account, --output, etc.) to find the verb
+ARGS=()
+SKIP_NEXT=false
+for arg in "$@"; do
+  if $SKIP_NEXT; then
+    SKIP_NEXT=false
+    continue
+  fi
+  if [[ "$arg" == --* ]]; then
+    case "$arg" in
+      --account|--output|--page|--page-size|--folder|--color|--format)
+        SKIP_NEXT=true ;;
+    esac
+    continue
+  fi
+  ARGS+=("$arg")
+done
+
+# Build subcommand string and check against blocklist
+CMD_STR=""
+for ((i=0; i<${#ARGS[@]}; i++)); do
+  if [ -z "$CMD_STR" ]; then
+    CMD_STR="${ARGS[$i]}"
+  else
+    CMD_STR="$CMD_STR ${ARGS[$i]}"
+  fi
+  for blocked in "${BLOCKED_CMDS[@]}"; do
+    if [[ "$CMD_STR" == "$blocked" ]]; then
+      TS=$(date '+%Y-%m-%d %H:%M:%S')
+      echo "[AUDIT] $TS BLOCKED: himalaya $*" >> "$AUDIT_LOG"
+      echo "ERROR: Command 'himalaya $CMD_STR ...' is blocked by read-only policy." >&2
+      echo "       Audit log: $AUDIT_LOG" >&2
+      exit 100
+    fi
+  done
+done
+
+# ── Allow pass-through ─────────────────────────────────────
+exec "$HIMALAYA_BIN" "$@"

versioncontrol/compose.yml

@@ -8,13 +8,10 @@ services:
       - USER_GID=1000
       - GITEA__server__ROOT_URL=https://code.lazyworkhorse.net
       - GITEA__actions__ENABLED=true
-      - GITEA__actions__DEFAULT_ACTIONS_URL=off
       - SSH_PORT=2222
       - SSH_LISTEN_PORT=2222
       # Enable Gitea Actions (act_runner required on host)
       - GITEA__actions__ENABLED=true
-      # Don't fetch actions from GitHub (offline mode + local only)
-      - GITEA__actions__DEFAULT_ACTIONS_URL=off
     volumes:
       - /mnt/HoardingCow_docker_data/Gitea:/data
     networks:

vpn/Dockerfile

@@ -1,16 +1,9 @@
 # Custom wg-easy with iptables-nft (nftables-backed iptables)
 # Fixes crash-loop when host kernel lacks legacy iptable_nat module.
-FROM weejewel/wg-easy:latest
+FROM ghcr.io/wg-easy/wg-easy:latest
 
-# Alpine's iptables-nft provides iptables that uses nftables kernel API
-# instead of the legacy iptable_nat module. This works on kernels
-# where only nftables netfilter modules are available.
-RUN apk add --no-cache iptables-nft
-
-# Ensure iptables-nft takes priority over legacy iptables
-RUN ln -sf /sbin/iptables-nft /sbin/iptables && \
-    ln -sf /sbin/iptables-nft-save /sbin/iptables-save && \
-    ln -sf /sbin/iptables-nft-restore /sbin/iptables-restore && \
-    ln -sf /sbin/ip6tables-nft /sbin/ip6tables && \
-    ln -sf /sbin/ip6tables-nft-save /sbin/ip6tables-save && \
-    ln -sf /sbin/ip6tables-nft-restore /sbin/ip6tables-restore
+# The upstream image registers only iptables-legacy with update-alternatives.
+# iptables-nft binary exists but isn't registered as an alternative key.
+# Override the alternatives-managed symlinks directly.
+RUN ln -sf /usr/sbin/iptables-nft /usr/sbin/iptables && \
+    ln -sf /usr/sbin/ip6tables-nft /usr/sbin/ip6tables

vpn/compose.yml

@@ -3,7 +3,7 @@ version: "3.8"
 services:
   wireguard:
     build:
-      context: ./vpn
+      context: .
       dockerfile: Dockerfile
     image: wg-easy-iptables-nft:latest
     container_name: wireguard