# AI Worker Restricted Access

This module provides SSH access for the AI worker (hermes-agent) to run ollama benchmarks on the host.

## Security Model

The `ai-worker` user has:

### Filesystem Access
- **Home directory**: `/home/ai-worker` (standard user home)
- **No bind mounts**: Cannot access `/home/gortium/infra` or other host files
- **Cannot access**: Any files outside standard system paths

### Sudo Access
- **NONE**: ai-worker has no sudo privileges
- Cannot run `nh`, `nixos-rebuild`, `nixpkgs-fmt`, or `nix` with elevated permissions

### Docker Access
- Member of `docker` group - can run `docker` and `docker exec` commands
- Primary use: `docker exec ollama ollama ...` for benchmarking
- Can run `docker exec --privileged ollama rocm-smi ...` for VRAM monitoring

## Workflow: SSH + Docker Benchmarking

The AI worker connects from the Hermes container to the host via SSH, runs ollama benchmarks, then returns to save results.

### Example Workflow

```bash
# From Hermes container, SSH to host
ssh -i /path/to/ssh/key ai-worker@host.docker.internal

# On host, run ollama benchmarks via docker
docker exec ollama ollama pull devstral-small-2:24b

# Create test modelfile
docker exec ollama bash -c 'cat <<EOF > /root/.ollama/test.modelfile
FROM devstral-small-2:24b
PARAMETER num_ctx 65536
PARAMETER num_gpu 99
PARAMETER flash_attn true
EOF'

# Create and test model
docker exec ollama ollama create test-model -f /root/.ollama/test.modelfile
docker exec ollama ollama run test-model "Write a Python async function"

# Check VRAM usage
docker exec --privileged ollama rocm-smi --showmeminfo vram

# Cleanup
docker exec ollama ollama rm test-model

# Exit SSH, return to Hermes container
exit

# Save results in Hermes container
# /opt/data/ai-optimizer/state.json
# /opt/data/ai-optimizer/results.csv
```

## SSH Access

Connect as:
```bash
ssh ai-worker@lazyworkhorse
```

The working directory will be `/home/ai-worker`. No infra repo access.

## Verification

Check ai-worker permissions:
```bash
# On the host, as root or gortium:
sudo -u ai-worker sudo -l
# Should show: no sudo access

# Check docker group membership
groups ai-worker
# Should show: ai-worker docker
```

## Troubleshooting

If ai-worker cannot run docker commands:
```bash
# Check docker group membership
groups ai-worker

# Verify ollama container is running
docker ps | grep ollama

# Test docker access
sudo -u ai-worker docker exec ollama ollama list
```

If SSH connection fails:
```bash
# Check SSH key is authorized
cat /home/ai-worker/.ssh/authorized_keys

# Check SSH service
systemctl status sshd
```