feat: containerize agent fleet for sovereign reproducibility

deploy-containers.yml

@@ -0,0 +1,29 @@
+---
+- name: Deploy Sovereign Wizard Fleet (Docker)
+  hosts: wizards
+  become: yes
+  tasks:
+    - name: Install Docker
+      shell: curl -fsSL https://get.docker.com | sh
+      args:
+        creates: /usr/bin/docker
+
+    - name: Install Docker Compose
+      shell: apt-get update && apt-get install -y docker-compose-plugin
+
+    - name: Create Docker Compose directory
+      file:
+        path: /opt/hermes-fleet
+        state: directory
+        mode: "0755"
+
+    - name: Copy Docker Compose files
+      copy:
+        src: "{{ item }}"
+        dest: "/opt/hermes-fleet/{{ item }}"
+      with_items:
+        - docker-compose.yml
+        - docker/
+
+    - name: Start the Fleet
+      shell: "cd /opt/hermes-fleet && docker compose up -d --build"

docker-compose.yml

@@ -0,0 +1,44 @@
+version: "3.8"
+
+services:
+  ezra:
+    build:
+      context: .
+      dockerfile: docker/agent.Dockerfile
+    container_name: wizard-ezra
+    ports:
+      - "8643:8643"
+    volumes:
+      - /root/wizards/ezra/.hermes:/root/.hermes
+      - /root/wizards/ezra/models:/app/models
+    environment:
+      - WIZARD_NAME=ezra
+    restart: always
+
+  bezalel:
+    build:
+      context: .
+      dockerfile: docker/agent.Dockerfile
+    container_name: wizard-bezalel
+    ports:
+      - "8644:8643"
+    volumes:
+      - /root/wizards/bezalel/.hermes:/root/.hermes
+      - /root/wizards/bezalel/models:/app/models
+    environment:
+      - WIZARD_NAME=bezalel
+    restart: always
+
+  allegro:
+    build:
+      context: .
+      dockerfile: docker/agent.Dockerfile
+    container_name: wizard-allegro
+    ports:
+      - "8645:8643"
+    volumes:
+      - /root/wizards/allegro/.hermes:/root/.hermes
+      - /root/wizards/allegro/models:/app/models
+    environment:
+      - WIZARD_NAME=allegro
+    restart: always

docker/agent.Dockerfile

@@ -0,0 +1,31 @@
+# --- Build Stage ---
+FROM python:3.11-slim AS builder
+
+# Install build essentials and uv
+RUN apt-get update && apt-get install -y --no-install-recommends     curl git build-essential cmake ca-certificates &&     curl -LsSf https://astral.sh/uv/install.sh | sh &&     rm -rf /var/lib/apt/lists/*
+
+ENV PATH="/root/.local/bin:${PATH}"
+
+WORKDIR /app
+# Copy only dependency files first for caching
+COPY pyproject.toml uv.lock* ./
+RUN uv sync --frozen --no-install-project --no-dev
+
+# --- Final Stage ---
+FROM python:3.11-slim
+
+# Install runtime dependencies
+RUN apt-get update && apt-get install -y --no-install-recommends     curl git socat ripgrep ffmpeg ca-certificates &&     rm -rf /var/lib/apt/lists/*
+
+# Copy the virtual environment from builder
+COPY --from=builder /app/.venv /app/.venv
+ENV PATH="/app/.venv/bin:${PATH}"
+
+WORKDIR /app
+COPY . .
+
+# Expose the gateway port (default)
+EXPOSE 8643
+
+# Run the gateway
+ENTRYPOINT ["hermes", "gateway"]