gortium/infra
1
1
Fork 0
Code Issues 13 Pull Requests 21 Actions Packages Projects 1 Releases Wiki Activity
53 Commits 45 Branches 0 Tags
3e04ccc1e85faf30ce342b62860b5df2d177bfc9
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Hermes Agent 3e04ccc1e8 security: remove deployment commands from ai-worker sudo rules 
ai-worker only needs security audit commands, not deployment access.

Removed:
- nh os switch
- nixos-rebuild switch

Kept:
- Firewall checks (iptables)
- Fail2ban status
- Log inspection (journalctl)
- SSH config (sshd -T)
- Docker service checks
- Network diagnostics
2026-04-30 17:46:39 +00:00
.planning
Progress dump before ai agent
2026-04-04 04:57:47 -04:00
assets
Compose update
2026-04-27 06:11:34 -04:00
docker/hermes
security: harden lazyworkhorse with firewall, fail2ban, SSH hardening
2026-04-30 17:46:39 +00:00
hosts
security: harden lazyworkhorse with firewall, fail2ban, SSH hardening
2026-04-30 17:46:39 +00:00
lib
feat: isolate docker networks and add cyt-pi remote node config
2026-04-06 19:14:57 -04:00
modules/nixos
Forced restart for docker services
2026-04-27 06:02:25 -04:00
secrets
feat: isolate docker networks and add cyt-pi remote node config
2026-04-06 19:14:57 -04:00
shells
Used agenix to manage secrets, 4 services up, ssh
2025-08-08 17:00:47 -04:00
users
security: remove deployment commands from ai-worker sudo rules
2026-04-30 17:46:39 +00:00
.gitmodules
Used agenix to manage secrets, 4 services up, ssh
2025-08-08 17:00:47 -04:00
AGENTS.md
Starting work on fan control with opencode
2025-08-08 18:18:21 -04:00
flake.lock
feat: isolate docker networks and add cyt-pi remote node config
2026-04-06 19:14:57 -04:00
flake.nix
feat: isolate docker networks and add cyt-pi remote node config
2026-04-06 19:14:57 -04:00
Description
My whole infra configuration
702 KiB
Languages
Nix 91.8%
Dockerfile 8.2%