gortium/infra
1
1
Fork 0
Code Issues 13 Pull Requests 21 Actions Packages Projects 1 Releases Wiki Activity

fix: ai-worker docker-only access for ollama benchmarking

Browse Source 
Remove infra repo bind mount and sudo access from ai-worker user.
Now ai-worker can only:
- SSH into host from Hermes container
- Run docker commands via docker group membership
- Execute ollama benchmarks via docker exec

Results saved to /opt/data/ai-optimizer/ in Hermes container.
This commit is contained in:
Hermes Agent
2026-04-29 19:55:19 +00:00
parent 18df45819d
commit f0e21d95e4
3 changed files with 68 additions and 95 deletions
Download Patch File Download Diff File Expand all files Collapse all files

48
modules/nixos/security/ai-worker-restricted.nix
View File

@@ -6,52 +6,12 @@ with lib;
options.services.aiWorkerAccess = mkOption {
type = types.bool;
default = false;
description = "Enable restricted AI worker access to infra repo with deployment capabilities";
description = "Enable AI worker SSH access with docker group membership for ollama benchmarking";
};
config = mkIf config.services.aiWorkerAccess {
# Bind mount for infra repo access (read-write for editing)
fileSystems."/home/ai-worker/infra" = {
device = "/home/gortium/infra";
fsType = "none";
options = [ "bind" ];
};
# Restricted sudo access - only specific commands allowed
security.sudo.extraRules = [
{
users = [ "ai-worker" ];
commands = [
{
command = "/run/current-system/sw/bin/nh";
options = [ "NOPASSWD" ];
}
{
command = "/run/current-system/sw/bin/nixos-rebuild";
options = [ "NOPASSWD" ];
}
{
command = "/run/current-system/sw/bin/nixpkgs-fmt";
options = [ "NOPASSWD" ];
}
{
command = "/run/current-system/sw/bin/nix";
options = [ "NOPASSWD" ];
}
];
}
];
# Ensure ai-worker has necessary tools available
environment.systemPackages = with pkgs; [
nh
nixpkgs-fmt
];
# Audit logging for ai-worker actions on infra directory
security.audit.enable = mkDefault true;
security.audit.rules = [
"-w /home/gortium/infra -p wa -k infra_changes"
];
# ai-worker is member of docker group - can run docker commands via SSH
# No bind mounts, no sudo access - docker-only for ollama benchmarking
users.groups.docker.members = [ "ai-worker" ];
};
}