# Derived layer over the upstream NousResearch/hermes-agent image.
#
# Upstream ships /opt/hermes (the app: Python source + .venv + scripts) as a
# read-only tree owned by root (0555/0444). That stops the runtime `hermes`
# user (uid 10000) from self-modifying and, concretely, stops the gateway from
# auto-installing the WhatsApp Node bridge's node_modules in place.
#
# We make the whole app tree writable by uid 10000 so the agent has "untied
# hands". This is done in the IMAGE (not a volume) on purpose: a volume over
# /opt/hermes would copy-up once and then freeze the app, silently defeating
# AutoUpdate=registry. As a baked layer it ships hands-free on every pull AND
# refreshes cleanly on every update. Anything that must PERSIST across updates
# belongs on the /opt/data volume (skills, memory, sessions, the WhatsApp
# bridge via the gateway's `bridge_script` config), not in /opt/hermes.
#
# BASE is the upstream image the `images` workflow builds from the git context.
ARG BASE
FROM ${BASE}
USER root
RUN chown -R 10000:10000 /opt/hermes && chmod -R u+w /opt/hermes
