infra/modules/nixos/security/ai-worker-restricted.nix

{ config, pkgs, lib, ... }:

with lib;

{
  options.services.aiWorkerAccess = mkOption {
    type = types.bool;
    default = false;
    description = "Enable AI worker SSH access with docker group membership for ollama benchmarking";
  };

  config = mkIf config.services.aiWorkerAccess {
    # ai-worker is member of docker group - can run docker commands via SSH
    # No bind mounts, no sudo access - docker-only for ollama benchmarking
    users.groups.docker.members = [ "ai-worker" ];
  };
}
Add restricted AI worker access with deployment capabilities - New module: modules/nixos/security/ai-worker-restricted.nix - Bind mount for infra repo access (RW) - Whitelisted sudo commands: nh, nixos-rebuild, nixpkgs-fmt, nix - Audit logging for infra changes - Documentation in README-ai-worker.md - Updated users/ai-worker.nix: - Enable services.aiWorkerAccess - Lock password (SSH key only) - Security documentation comments - Updated flake.nix: - Include new security module SECURITY: AI must ask for user confirmation before running nh os switch 2026-04-28 15:34:38 +00:00			`{ config, pkgs, lib, ... }:`

			`with lib;`

			`{`
			`options.services.aiWorkerAccess = mkOption {`
			`type = types.bool;`
			`default = false;`
fix: ai-worker docker-only access for ollama benchmarking Remove infra repo bind mount and sudo access from ai-worker user. Now ai-worker can only: - SSH into host from Hermes container - Run docker commands via docker group membership - Execute ollama benchmarks via docker exec Results saved to /opt/data/ai-optimizer/ in Hermes container. 2026-04-29 19:55:19 +00:00			`description = "Enable AI worker SSH access with docker group membership for ollama benchmarking";`
Add restricted AI worker access with deployment capabilities - New module: modules/nixos/security/ai-worker-restricted.nix - Bind mount for infra repo access (RW) - Whitelisted sudo commands: nh, nixos-rebuild, nixpkgs-fmt, nix - Audit logging for infra changes - Documentation in README-ai-worker.md - Updated users/ai-worker.nix: - Enable services.aiWorkerAccess - Lock password (SSH key only) - Security documentation comments - Updated flake.nix: - Include new security module SECURITY: AI must ask for user confirmation before running nh os switch 2026-04-28 15:34:38 +00:00			`};`

			`config = mkIf config.services.aiWorkerAccess {`
fix: ai-worker docker-only access for ollama benchmarking Remove infra repo bind mount and sudo access from ai-worker user. Now ai-worker can only: - SSH into host from Hermes container - Run docker commands via docker group membership - Execute ollama benchmarks via docker exec Results saved to /opt/data/ai-optimizer/ in Hermes container. 2026-04-29 19:55:19 +00:00			`# ai-worker is member of docker group - can run docker commands via SSH`
			`# No bind mounts, no sudo access - docker-only for ollama benchmarking`
			`users.groups.docker.members = [ "ai-worker" ];`
Add restricted AI worker access with deployment capabilities - New module: modules/nixos/security/ai-worker-restricted.nix - Bind mount for infra repo access (RW) - Whitelisted sudo commands: nh, nixos-rebuild, nixpkgs-fmt, nix - Audit logging for infra changes - Documentation in README-ai-worker.md - Updated users/ai-worker.nix: - Enable services.aiWorkerAccess - Lock password (SSH key only) - Security documentation comments - Updated flake.nix: - Include new security module SECURITY: AI must ask for user confirmation before running nh os switch 2026-04-28 15:34:38 +00:00			`};`
			`}`