# update:#2026.4.21 FROM docker.io/nikolaik/python-nodejs:python3.11-nodejs20 USER root # 1. 基础依赖 RUN apt-get update && apt-get install -y \ ripgrep ffmpeg git lsof build-essential psmisc \ && rm -rf /var/lib/apt/lists/* # 2. 安装核心包 RUN pip install --no-cache-dir git+https://github.com/NousResearch/hermes-agent.git RUN npm install -g hermes-web-ui@latest # 🌟 关键修复:把 Web UI 全局安装目录的读写权限交给 user (1000) RUN chown -R 1000:1000 /usr/local/lib/node_modules/hermes-web-ui # 3. 配置文件预注入 RUN mkdir -p /home/user/.hermes /home/user/.hermes-web-ui COPY config.yaml /home/user/.hermes/config.yaml # 4. 生成稳如泰山的启动脚本 RUN { \ echo '#!/bin/bash'; \ echo '# 前台更新,确保完成后再启动服务'; \ echo 'echo "=> Updating hermes-web-ui to latest..."'; \ echo 'npm install -g hermes-web-ui@latest 2>&1 | tail -3'; \ echo 'sed -i "s/sk-666666/${GEMINI_API_KEY}/g" /home/user/.hermes/config.yaml'; \ echo 'sed -i "s/nvapi-666666/${NVIDIA_API_KEY}/g" /home/user/.hermes/config.yaml'; \ echo 'echo "=> Starting Hermes Gateway..."'; \ echo 'hermes gateway run &'; \ echo 'sleep 5'; \ echo 'echo "=> Starting Hermes Web UI..."'; \ echo 'fuser -k 7860/tcp 2>/dev/null || true'; \ echo 'hermes-web-ui start --host 0.0.0.0 --port 7860'; \ echo 'echo "========= WEB UI SERVER LOG ========="'; \ echo 'cat /home/user/.hermes-web-ui/server.log || echo "Warning: log file not generated."'; \ echo 'echo "====================================="'; \ echo '# 预创建日志文件防止 tail 报错'; \ echo 'mkdir -p /home/user/.hermes/logs && touch /home/user/.hermes/logs/gateway.log'; \ echo 'tail -f /home/user/.hermes-web-ui/server.log /home/user/.hermes/logs/gateway.log'; \ } > /home/user/start.sh && chmod +x /home/user/start.sh # 5. 权限与环境切换 RUN chown -R 1000:1000 /home/user \ && chown -R 1000:1000 /usr/local/lib/node_modules \ && chown -R 1000:1000 /usr/local/bin USER 1000 WORKDIR /home/user ENV HOME=/home/user ENV PATH="/home/user/.local/bin:${PATH}" # 6. 执行脚本 CMD ["/home/user/start.sh"]