gortium/infra
1
1
Fork 0
Code Issues 13 Pull Requests 21 Actions Packages Projects 1 Releases Wiki Activity

fix: Honcho auth, deepseek LLM config, and container rename #68

Open
Hermes wants to merge 12 commits from fix/honcho-vector-dim-empty into master
pull from: fix/honcho-vector-dim-empty
merge into: gortium:master
Conversation 0 Commits 12 Files Changed 8 +912 -3
Hermes commented 2026-05-23 12:34:57 +00:00
Collaborator
Copy Link

Changes

Honcho container fixes:

  1. Auth: Enabled JWT authentication (AUTH_USE_AUTH=true) with AUTH_JWT_SECRET from env vars. All profiles now have workspace-scoped JWTs for API access.

  2. LLM: Switched from hermes-3 via Ollama (model didn't exist → silent failures) to deepseek-v4-flash via https://opencode.ai/zen/go/v1. Embeddings stay on nomic-embed-text via Ollama.

  3. Container name: Changed from honcho-uihoncho so Docker DNS resolves honcho properly (honcho.json files updated to match).

  4. Removed deprecated VECTOR_STORE_DIMENSIONS env var.

Required .env additions:

Add to the infra .env file:

OPENAI_API_KEY=sk-S0...  # opencode.ai API key for LLM
AUTH_JWT_SECRET=honcho-jwt-c69a3e4c32c57474c1e2aa57a5a32bf8

Testing:

  • Honcho API health check: 200 OK
  • Workspace create/list via admin JWT: working
  • Hermes Honcho plugin connection: configured with per-profile JWTs
## Changes ### Honcho container fixes: 1. **Auth**: Enabled JWT authentication (`AUTH_USE_AUTH=true`) with `AUTH_JWT_SECRET` from env vars. All profiles now have workspace-scoped JWTs for API access. 2. **LLM**: Switched from `hermes-3` via Ollama (model didn't exist → silent failures) to `deepseek-v4-flash` via `https://opencode.ai/zen/go/v1`. Embeddings stay on `nomic-embed-text` via Ollama. 3. **Container name**: Changed from `honcho-ui` → `honcho` so Docker DNS resolves `honcho` properly (honcho.json files updated to match). 4. **Removed** deprecated `VECTOR_STORE_DIMENSIONS` env var. ### Required .env additions: Add to the infra `.env` file: ``` OPENAI_API_KEY=sk-S0... # opencode.ai API key for LLM AUTH_JWT_SECRET=honcho-jwt-c69a3e4c32c57474c1e2aa57a5a32bf8 ``` ### Testing: - [x] Honcho API health check: 200 OK - [x] Workspace create/list via admin JWT: working - [x] Hermes Honcho plugin connection: configured with per-profile JWTs
Hermes added 8 commits 2026-05-23 12:34:58 +00:00
feat: add uConsole CM5 host configuration with Reticulum mesh stack db2bd1d157 
- New NixOS host 'uConsole' for ClockworkPi CM5 portable terminal
- flake.nix: add nixos-uconsole and nixos-raspberrypi inputs
- Imports: nixos-uconsole.nixosModules.uconsole-cm5,
  nixos-raspberrypi.nixosModules.raspberry-pi-5.base
- Full package list: base tools, HAM radio, SDR/RF, mesh/LoRa,
  security tools, GPS/maps
- Reticulum stack (rns 1.2.9, lxmf 0.9.8, nomadnet 1.1.1) built
  from PyPI via overlays/reticulum.nix
- systemd services: rnsd (Reticulum daemon), kismet (Wi-Fi IDS)
- Kernel modules for SDR (rtl-sdr, dvb) and USB WiFi
- Follows existing host config conventions (cyt-pi as template)
fix: update compose submodule for Matrix bridge deps + persistent venv 8b9a144254 
Updates assets/compose submodule to 8adbbf0 (compose fix/matrix-bridge-deps).

Compose commit adds:
- uv pip install openai mautrix[encryption] to hermes entrypoint
- Persistent venv volume at /opt/hermes/.venv
- Empty-volume first-boot handling (venv recreation)

This ensures Matrix bridge dependencies survive container recreation.
chore: update compose submodule (fix VECTOR_STORE_DIMENSIONS empty value) b43c6794b3
chore: update compose submodule (expose Honcho via Traefik + fix VECTOR_STORE_DIMENSIONS) 6f18071198
chore: update compose submodule (merge Honcho+OpenConcho into single container) 8d7afecb6e
chore: update compose submodule (fix nginx permissions) 33d1d860fb
chore: update compose submodule (fix nginx permissions - run as root) cd817c7fd2
fix: update compose submodule for honcho auth + LLM config 690873d0e4
Hermes added 1 commit 2026-05-23 20:43:29 +00:00
fix: update compose submodule to fix honcho config corrupted values 6be4076372
Hermes added 1 commit 2026-05-23 20:51:27 +00:00
fix: update compose submodule - honcho config fixes 2b4b2e2216
Hermes added 1 commit 2026-05-23 22:55:02 +00:00
fix: update compose submodule - honcho embedding config fix + deriver in CMD e216c8edac
Hermes added 1 commit 2026-05-25 04:08:47 +00:00
feat: integrate rollback sentinel as NixOS module 15f70019d5 
Add rollback-sentinel NixOS module that:
- Deploys sentinel-check.sh (inline) and nixos-rollback.sh (from file) as
  system packages
- Runs a boot-time systemd oneshot service after multi-user.target with
  configurable delay — checks Tier-1 services, triggers rollback on failure
- Runs a post-rebuild service via activation script after every
  nixos-rebuild switch
- Exposes options for tier1Services, tier2Services, tier3InfoServices,
  bootDelay, rollbackMode (set-default/rollback-now/dry-run), and
  enablePostRebuild

Module wired into flake.nix for lazyworkhorse and enabled in
configuration.nix with standard Tier-1/2 service lists and 120s delay.
This pull request can be merged automatically.
You are not authorized to merge this pull request.
View command line instructions

Checkout

From your project repository, check out a new branch and test the changes.
git fetch -u origin fix/honcho-vector-dim-empty:fix/honcho-vector-dim-empty
git checkout fix/honcho-vector-dim-empty
Sign in to join this conversation.
Reviewers
No Reviewers
Labels
No items
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
Hermes gortium
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: gortium/infra#68
No description provided.
Delete Branch "fix/honcho-vector-dim-empty"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?