- Update compose submodule to feat/hermes-workers branch
- Adds x-hermes-worker anchor template for isolated CPU-only
Hermes containers
- Adds scripts/provision-hermes-worker.sh for automated worker
creation with unique port, API key, and volume setup
- Workers connect via Discord only, use OpenCode Go provider
Updates the assets/compose submodule to point to the fix/vpn-iptables-nft-upstream
branch which contains:
- Switch FROM weejewel/wg-easy:latest (Alpine 3.11, stale 4yr) to
ghcr.io/wg-easy/wg-easy:latest (actively maintained, Alpine krypton)
- Use update-alternatives instead of raw ln -sf to flip iptables
from legacy to nftables backend
- Fix compose build context: ./vpn -> . (Dockerfile is at same level)
