gortium/infra
1
1
Fork 0
Code Issues 13 Pull Requests 21 Actions Packages Projects 1 Releases Wiki Activity
125 Commits 45 Branches 0 Tags
09c8211e58cc0f1a2cd096f32e1ab4b6ee36db4d
Commit Graph

125 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Hermes
09c8211e58 feat: add Hyperspace Pods NixOS module 
Create modules/nixos/services/hyperspace.nix for Hyperspace Pods P2P AI cluster agent. Registered in flake.nix under lazyworkhorse modules list.

- Fetches CLI binary v5.45.30 via fetchurl with SRI hash verification
- Systemd system service: auto profile, api port 8080, ai-worker user
- GPU device access via DeviceAllow (kfd+dri) and video+render groups
- Service hardening: NoNewPrivileges, ProtectHome, ProtectSystem, PrivateTmp
- Firewall: TCP 4001 (libp2p), 30301 (chain), 8080 (API); UDP 4001 (libp2p)
- AMD MI50 ROCm compatibility via HSA_OVERRIDE_GFX_VERSION=9.0.6
 2026-05-20 14:06:10 -04:00
Thierry Pouplier
36359de6aa Merge pull request 'feat: add Syncthing firewall port and update compose submodule' (#47) from feat/syncthing-org-sync into master 
Reviewed-on: #47
 2026-05-19 00:34:42 +00:00
Robert
10b8565fd6 Merge branch 'master' into feat/syncthing-org-sync 2026-05-18 20:33:29 -04:00
Robert
f672696b8e Update submodule for syncthing 2026-05-18 20:31:07 -04:00
Hermes
0980dca455 fix: update compose submodule to Traefik-routed Syncthing 2026-05-14 21:40:12 -04:00
Hermes
96bc20ab70 feat: add Syncthing firewall port and update compose submodule 2026-05-14 21:36:26 -04:00
Thierry Pouplier
670ae4f002 Merge pull request 'fix: update compose submodule — use ln -sf for iptables-nft' (#46) from fix/vpn-iptables-nft-v3 into master 
Reviewed-on: #46
 2026-05-13 17:00:16 +00:00
Hermes
f785abfd49 fix: update compose submodule — use ln -sf for iptables-nft 2026-05-13 12:59:04 -04:00
Thierry Pouplier
6f44aa7f76 Merge pull request 'fix: update compose submodule — remove apk add iptables-nft' (#45) from fix/vpn-iptables-nft-v2 into master 
Reviewed-on: #45
 2026-05-13 16:49:39 +00:00
Hermes
8d40f1691f fix: update compose submodule — remove apk add iptables-nft 2026-05-13 12:49:14 -04:00
Robert
2dd2e64986 Merge remote-tracking branch 'origin/master' 2026-05-13 12:42:54 -04:00
Robert
23fc5e0597 Give a little more ssh room for tramp 2026-05-13 12:41:09 -04:00
Thierry Pouplier
0c9c33d735 Merge pull request 'fix: update wg-easy to official ghcr image with iptables-nft' (#44) from fix/vpn-iptables-nft-upstream into master 
Reviewed-on: #44
 2026-05-13 16:39:56 +00:00
Hermes
0bb6890f1c chore: merge master into branch 2026-05-13 12:39:05 -04:00
Hermes
9d5434425f fix: update compose submodule for wg-easy iptables-nft fix 
Updates the assets/compose submodule to point to the fix/vpn-iptables-nft-upstream
branch which contains:
- Switch FROM weejewel/wg-easy:latest (Alpine 3.11, stale 4yr) to
  ghcr.io/wg-easy/wg-easy:latest (actively maintained, Alpine krypton)
- Use update-alternatives instead of raw ln -sf to flip iptables
  from legacy to nftables backend
- Fix compose build context: ./vpn -> . (Dockerfile is at same level)
 2026-05-13 12:30:47 -04:00
Thierry Pouplier
1fb4320dd1 Merge pull request 'feat: update compose submodule for custom tools startup' (#43) from feat/update-compose-submodule-custom-tools into master 
Reviewed-on: #43
 2026-05-13 13:58:27 +00:00
Hermes
51e9f47fd4 feat: update compose submodule for custom tools startup 2026-05-13 09:56:24 -04:00
Hermes
06b3eb840f fix: update compose submodule for wg-easy iptables-nft fix 2026-05-12 16:29:51 -04:00
Thierry Pouplier
28ab52209c Merge pull request 'Add restricted AI worker access with deployment capabilities' (#1) from ai-worker-restricted-access into master 
Reviewed-on: #1
 2026-05-11 00:48:29 +00:00
Robert
e6f7f0c263 Merge branch 'ai-worker-restricted-access' of ssh://code.lazyworkhorse.net:2222/gortium/infra into ai-worker-restricted-access 2026-05-10 18:06:46 -04:00
Robert
5c136e0765 Merge remote-tracking branch 'origin/master' into ai-worker-restricted-access 2026-05-10 17:06:58 -04:00
Robert
f722af7803 New ollama model creator module version 2026-05-10 16:56:09 -04:00
Robert
c07debf088 Added wireguard keys 2026-05-10 16:51:32 -04:00
Hermes
6806898f04 feat: update compose submodule for ollama-gfx906 (v0.23.2) + add ollama Dockerfile 2026-05-10 10:12:34 -04:00
Hermes
96e77c5ef2 Revert "feat: add ai-optimizer benchmark plan and state tracking for ollama GPU benchmarking" 
This reverts commit ff7303cf6a.
 2026-05-09 20:19:26 +00:00
Hermes
ff7303cf6a feat: add ai-optimizer benchmark plan and state tracking for ollama GPU benchmarking 2026-05-09 20:13:08 +00:00
Thierry Pouplier
9e42f5d2cc Merge pull request 'feat(hermes): update compose submodule for Piper TTS' (#34) from feat/voice-support-v2 into master 
Reviewed-on: #34
 2026-05-09 19:40:05 +00:00
Hermes Agent
614883f3c3 fix: update compose submodule - startup permission fix for data volume 2026-05-09 16:04:39 +00:00
Hermes Agent
374d022593 fix: update compose submodule - permission fix for atomic writes 2026-05-09 15:50:42 +00:00
Hermes Agent
9679846cdb feat: update compose submodule - Ryan high voice 2026-05-09 15:21:59 +00:00
Hermes Agent
4056f91ec6 fix: update compose submodule - remove patch step 2026-05-09 14:28:44 +00:00
Hermes Agent
1ba7d31d2f fix: update compose submodule - patch path fix 2026-05-09 14:27:16 +00:00
Hermes Agent
c7e9f8a1e0 feat: update compose submodule for Norman voice 2026-05-09 14:20:55 +00:00
Hermes Agent
bbe1a4a850 fix: update compose submodule - ca-certificates 2026-05-09 14:15:01 +00:00
Hermes Agent
2b8316060c fix: update compose submodule - COPY path fix 2026-05-09 14:12:15 +00:00
Hermes Agent
cc2c62faf7 fix: update compose submodule - Dockerfile heredoc fix 2026-05-09 14:09:59 +00:00
Hermes Agent
47f1ba6cf2 fix: update compose submodule - clean patch script 2026-05-09 13:59:17 +00:00
Hermes Agent
db89881d75 fix: update compose submodule for full OPENROUTER_API_KEY 2026-05-09 13:55:47 +00:00
Hermes Agent
0bb0a270e6 fix: update compose submodule for clean Piper Dockerfile 2026-05-09 13:42:02 +00:00
Hermes Agent
41256ccbde fix: update compose submodule for Piper TTS (replaces Coqui/ROCm) 2026-05-09 13:24:17 +00:00
Hermes Agent
e551f0e5c5 feat: update compose submodule for ROCm + Coqui TTS Dockerfile 2026-05-09 04:10:05 +00:00
Hermes Agent
b11d599f37 fix: update compose submodule for simplified Dockerfile 2026-05-09 02:38:41 +00:00
Hermes Agent
782f2fa9ed feat(hermes): update compose submodule for ROCm GPU voice STT support 2026-05-09 00:22:08 +00:00
Thierry Pouplier
2e14069584 Merge pull request 'feat: add WireGuard VPN stack' (#33) from feat/wireguard-vpn into master 
Reviewed-on: #33
 2026-05-09 00:13:36 +00:00
Hermes Agent
c53460c400 fix: remove dns option from wireguard config (not a valid nixos option) 2026-05-05 03:26:44 +00:00
Robert
ee96593e3d Merge branch 'feat/wireguard-vpn' of ssh://code.lazyworkhorse.net:2222/gortium/infra into feat/wireguard-vpn 2026-05-04 23:22:35 -04:00
Robert
030125ab01 Added wireguard pass 2026-05-04 23:21:36 -04:00
Robert
5935747902 Security fixes 2026-05-04 23:20:57 -04:00
Robert
9ae0f6ad62 Submodule update 2026-05-04 23:20:03 -04:00
Hermes Agent
5c481d664a fix: split tunnel on host VPN - only route 10.8.0.0/24 2026-05-05 02:41:29 +00:00