Hermes Agent f0e21d95e4 fix: ai-worker docker-only access for ollama benchmarking ...

Remove infra repo bind mount and sudo access from ai-worker user.
Now ai-worker can only:
- SSH into host from Hermes container
- Run docker commands via docker group membership
- Execute ollama benchmarks via docker exec

Results saved to /opt/data/ai-optimizer/ in Hermes container.

2026-04-29 19:55:19 +00:00

.planning

Progress dump before ai agent

2026-04-04 04:57:47 -04:00

assets

Compose update

2026-04-27 06:11:34 -04:00

hosts

feat: isolate docker networks and add cyt-pi remote node config

2026-04-06 19:14:57 -04:00

lib

feat: isolate docker networks and add cyt-pi remote node config

2026-04-06 19:14:57 -04:00

modules/nixos

fix: ai-worker docker-only access for ollama benchmarking

2026-04-29 19:55:19 +00:00

secrets

feat: isolate docker networks and add cyt-pi remote node config

2026-04-06 19:14:57 -04:00

shells

Used agenix to manage secrets, 4 services up, ssh

2025-08-08 17:00:47 -04:00

users

fix: ai-worker docker-only access for ollama benchmarking

2026-04-29 19:55:19 +00:00

.gitmodules

Used agenix to manage secrets, 4 services up, ssh

2025-08-08 17:00:47 -04:00

AGENTS.md

Starting work on fan control with opencode

2025-08-08 18:18:21 -04:00

flake.lock

feat: isolate docker networks and add cyt-pi remote node config

2026-04-06 19:14:57 -04:00

flake.nix

Add restricted AI worker access with deployment capabilities

2026-04-28 15:34:38 +00:00

Description

My whole infra configuration

702 KiB

Languages

Nix 91.8%

Dockerfile 8.2%