m3ta-chiron
32677cfb40
fix(kratos): replace gdm with greetd/tuigreet login manager
2026-05-25 09:19:08 +02:00
m3ta-chiron
95aaddd8c0
fix: enable Hermes voice STT dependencies
2026-05-23 10:32:11 +02:00
m3ta-chiron
2c8d4da6ff
Set Hermes default model to GPT 5.5
2026-05-23 09:19:38 +02:00
m3ta-chiron
b49d5c4f72
Optimize Hermes Nix service configuration
2026-05-23 08:55:05 +02:00
m3ta-chiron
1bd78b5de8
Fix Hermes Matrix deps for v2026.5.16
2026-05-23 08:06:01 +02:00
m3ta-chiron
59ada8585f
feat(atlas): deploy self-hosted honcho
2026-05-20 20:52:15 +02:00
af08084692
chore: fix git identity for m3-hermes
2026-05-11 19:27:11 +02:00
4f9944101f
chore: optimize hermes
2026-05-11 19:01:17 +02:00
m3ta-chiron
a957fd1372
fix(m3-atlas): remove netbird-only middleware from dashboard router
...
Access control is handled at DNS level — dash.m3ta.dev resolves to
Netbird IP (100.81.142.56) which is unreachable from the public internet.
No need for IP whitelist middleware.
2026-05-11 17:15:16 +02:00
m3ta-chiron
fc39e05beb
feat: Hermes Dashboard via m3-atlas Traefik with TLS + Netbird-only access
...
m3-hermes:
- Add --insecure flag (required for 0.0.0.0 bind, safe behind Netbird firewall)
- Update comments to document the Traefik proxy flow
m3-atlas Traefik:
- New service: hermes-dashboard → http://100.81.231.152:9119 (Netbird)
- New router: dash.m3ta.dev with GoDaddy TLS cert
- New middleware: netbird-only (IP whitelist 100.64.0.0/16)
Flow: Browser → dash.m3ta.dev (TLS) → Traefik → Netbird → m3-hermes:9119
2026-05-11 15:53:04 +02:00
e6f184f24a
chore: hermes dashboard over netbird
2026-05-11 11:36:49 +02:00
m3ta-chiron
20bd28d567
feat(m3-hermes): add Hermes Dashboard as systemd service with Netbird-only firewall
...
- New hermes-dashboard.service: runs 'hermes dashboard' on 0.0.0.0:9119
- Firewall restricts port 9119 to Netbird mesh VPN range (100.64.0.0/16)
- Runs as hermes user with NoNewPrivileges + ProtectSystem hardening
- Depends on hermes-agent.service (starts after gateway)
- Added placeholder hermes-api-server-key.age (needs real encryption on host)
2026-05-11 11:19:21 +02:00
m3ta-chiron
c6df5d3836
feat(m3-hermes): add Netbird mesh VPN + enable API server for Hermes Desktop
2026-05-10 11:46:21 +02:00
1544764f37
chore: m3-atlas -coding
2026-05-09 10:46:47 +02:00
m3ta-chiron
ee94ebf660
feat(m3-hermes): enable kanban board + update for v0.13.0
...
- Add kanban config block with gateway-embedded dispatcher
(dispatch_in_gateway=true, 60s interval)
- Update venvSitePackages path from python3.11 to python3.12
(v0.13.0 upgraded Python runtime)
- Update checkpoints section comment for v2
2026-05-09 10:29:22 +02:00
6128d0ae61
chore: udate m3-atlas
2026-05-09 10:17:14 +02:00
22f15abd34
chore: flake update
2026-05-09 09:58:33 +02:00
m3ta-chiron
5cbb975c78
feat: complete host home.nix files + add m3-daedalus, clean up m3tam3re.nix
...
- hosts/m3-kratos/home.nix: XDG/MIME defaults + dual DP Hyprland monitors
- hosts/m3-ares/home.nix: XDG/MIME defaults + eDP+HDMI Hyprland monitors
- hosts/m3-daedalus/home.nix: XDG/MIME defaults (no Hyprland)
- hosts/common/users/m3tam3re.nix: refactored hostFlags into let binding,
added m3-daedalus profile (desktop/coding+media, no gaming/Hyprland)
2026-05-02 10:41:12 +02:00
m3ta-chiron
f2ecd13780
fix: set home-manager.useGlobalPkgs=true for m3ta-nixpkgs overlays
2026-05-02 10:08:50 +02:00
m3ta-chiron
ab1bdc9848
feat: integrate m3ta-home for centralized user profiles
2026-05-02 09:53:27 +02:00
m3ta-chiron
2403e54039
feat: enable orchestrator + switch TTS to Edge (Seraphina voice)
...
- Enable delegation.orchestrator_enabled with max_spawn_depth=2
- Switch TTS from ElevenLabs (paid) to Edge TTS (free)
- Voice: de-DE-SeraphinaMultilingualNeural — friendly, multilingual German female
- No API key required
2026-05-01 16:06:49 +02:00
m3ta-chiron
a615ab61e8
fix: add uv to hermes-agent service PATH
...
Add pkgs.uv to systemd.services.hermes-agent.path so that CronJobs
and terminal sessions can execute PEP 723 scripts via 'uv run'
(e.g. garmin-daily.py for Garmin Connect health data).
Also adds uv to environment.systemPackages for general availability.
2026-04-29 16:18:41 +02:00
936eb13794
feat: add global skills to hermes environment
2026-04-26 15:14:54 +02:00
5b0e6cbd5d
feat(hermes-agent): add copy-hermes-skills systemd service
2026-04-26 14:37:43 +02:00
25ac47a422
feat(hermes-agent): add mkOpencodeSkills integration for skills provisioning
...
- Add inputs parameter to module signature for flake input access
- Define hermesSkills via inputs.agents.lib.mkOpencodeSkills
- Includes customSkills from agents flake and external skills:
- skills-basecamp (basecamp/basecamp-cli)
- skills-anthropic (anthropics/skills)
- skills-kestra (kestra-io/agent-skills)
- Verified with nixos-rebuild dry-run --flake .#m3-hermes (no errors)
2026-04-26 14:35:06 +02:00
eb06533174
Merge feature/home-profile-restructuring: home-manager profile refactoring
...
Refactor home-manager configuration structure:
- Reorganize from features/ to base/coding/desktop/server/profiles/
- Add language runtime modules (go, js, python, rust, typescript)
- Add LSP server configuration
- Add gaming and media profiles
- Add shell modules (fish, nushell, starship)
- Consolidate editor and git configuration
2026-04-26 13:53:00 +02:00
d59a6b82b6
chore: remove features.old archive and format all files
...
- Delete home/features.old/ (archived old flat feature modules)
- All content migrated to new profile-based structure
- Run alejandra formatter over 13 changed files
- nix flake check passes cleanly
2026-04-26 11:29:49 +02:00
06b430e067
fix: code review fixes
...
- Fix hardcoded user path in webapps.nix (use homeDirectory)
- Normalize wallpapers option to use .enable suffix
- Remove duplicate FZF keybind declaration
- Update comments to match actual implementation
2026-04-26 10:48:52 +02:00
383f4ef56f
feat: tuwunel matrix server + hermes update
2026-04-24 21:38:57 +02:00
382b4c8c98
chore: hermes update
2026-04-21 19:00:49 +02:00
7e0d60c95b
feat: pi-agent wrapper
2026-04-14 18:36:55 +02:00
4684c5dc3e
chore: include local changes and bump home-manager state to 26.05
2026-04-13 19:23:49 +02:00
m3tam3re
fa608ae399
Merge pull request 'fix(hermes): inject matrix-nio via PYTHONPATH in container' ( #2 ) from fix/matrix-nio-pythonpath into master
...
Reviewed-on: #2
2026-04-13 17:00:10 +02:00
7bf686481c
feat: config with agents rework
2026-04-13 16:44:18 +02:00
3868f69958
fix(hermes): inject matrix-nio via PYTHONPATH in container
...
matrix-nio is installed in the container's writable venv layer
(~/.venv) but the hermes process uses the read-only Nix store Python.
This adds PYTHONPATH and LD_LIBRARY_PATH as container-level env vars
so matrix-nio + libolm (e2e encryption) are importable.
2026-04-11 05:17:51 +00:00
ab3332e45b
feat: hermes agent for m3-ares
2026-04-09 19:56:19 +02:00
6a58b3656a
flake update + hermes workaround for upstream bug
2026-04-08 17:48:27 +02:00
6853bb3063
+m3-hermes
2026-04-07 06:19:05 +02:00
38c27eff1c
+basic hermes config
2026-04-06 18:44:07 +02:00
43523cf2d8
+television, flake-update
2026-03-21 09:39:19 +01:00
411c67d2c6
add mcps to home-config; +ghostty
2026-03-14 09:26:13 +01:00
4ae2bb0f48
chore: flake update
2026-03-07 11:44:04 +01:00
e4195230a5
chore: fix netbird ssh
2026-03-02 19:24:28 +01:00
674ce6957c
feat: authentik
2026-02-28 10:06:42 +01:00
a9022a4f55
refactor(netbird): use port registry and named IP variables
2026-02-27 16:03:12 +01:00
fa9747f3e9
refactor(ports): add netbird port definitions
2026-02-27 16:03:08 +01:00
a12958b68f
chore: flake update
2026-02-18 16:28:31 +01:00
8ead26a791
update opencode config, secrets, tailscale, and agents input
...
- opencode: remove deprecated google_auth, add git_master config,
experimental truncation, use glm-4.6v for multimodal-looker,
upgrade categories to glm-5, remove opencode-memory plugin
- m3-atlas: add ref/exa/outline/basecamp secret declarations
- m3-kratos: enable tailscale with ssh and reset flags
- agents: switch back to remote git input
2026-02-17 08:54:13 +01:00
87baf2377f
+opencode-memory
2026-02-16 19:57:16 +01:00
7b9caedaa4
headscale ssh acl
2026-02-16 18:59:34 +01:00
m3ta-chiron
m3tam3re
m3tam3re