Hermes Agent
f0e21d95e4
Remove infra repo bind mount and sudo access from ai-worker user. Now ai-worker can only: - SSH into host from Hermes container - Run docker commands via docker group membership - Execute ollama benchmarks via docker exec Results saved to /opt/data/ai-optimizer/ in Hermes container.
26 lines
891 B
Nix
26 lines
891 B
Nix
{ pkgs, inputs, config, keys, ... }: {
|
|
users.users.ai-worker = {
|
|
isSystemUser = true;
|
|
group = "ai-worker";
|
|
home = "/home/ai-worker";
|
|
createHome = true;
|
|
extraGroups = [ "docker" ];
|
|
shell = pkgs.bashInteractive;
|
|
openssh.authorizedKeys.keys = [
|
|
keys.users.ai-worker.main
|
|
];
|
|
# No password login - SSH key only
|
|
hashedPassword = "!";
|
|
};
|
|
users.groups.ai-worker = {};
|
|
|
|
# Enable restricted AI worker SSH access for ollama benchmarking
|
|
# SECURITY: ai-worker can only:
|
|
# - SSH into host from Hermes container
|
|
# - Run docker commands (docker exec ollama ...) via docker group
|
|
# - NO access to infra repo (no bind mount)
|
|
# - NO sudo access (no nh, nixos-rebuild, nixpkgs-fmt, nix)
|
|
# WORKFLOW: SSH from Hermes container, run docker benchmarks, return and save results to /opt/data/ai-optimizer/
|
|
services.aiWorkerAccess = true;
|
|
}
|