Hermes & Sam 5c5df32101 Populate layered-soul: identity, memories, skills, plan (Hermes & Sam)

- SOUL.md: full agent identity, operating principles, voice
- IDENTITY.md: runtime identity, hosts, boundaries
- USER.md: operator context imported from hermes-soul
- AGENTS.md: actual operating rules, infrastructure, quick reference
- memories/curated/: 5 topics (tailscale, forgejo, agents, projects, vaultwarden)
- skills/: 9 cross-harness skills imported from hermes-soul after review
- docs/PLAN-CONFIGURE-PRIVATE-REPO.md: configuration plan
- Validate: passes clean

2026-06-14 00:21:26 +02:00

1.2 KiB

Raw Blame History

Vaultwarden Secrets

Self-hosted secrets management at vault.smilepowered.org (Vaultwarden 2025.12.0, SSL).

Organization

Clawdie (ID: 39727691-3403-4c50-89b8-d5f24310e79c)

Collections

Collection	ID	Access	Purpose
agent-secrets	`94ba61b8-633c-454e-b749-f115617eeac3`	All agents	API keys, tokens, passwords
bootstrap	(admin only)	Sam	Setup keys, admin tokens

Agent access

Each agent gets its own Vaultwarden user account and personal API key (starts with user.). Organization API keys do NOT work with bw CLI — only personal ones.

Bootstrap credentials stored in ~/.hermes/.env:

BW_CLIENTID / BW_CLIENTSECRET — personal API key
BW_PASSWORD — master password
BW_SERVER — https://vault.smilepowered.org

All other secrets move into the vault, fetched by bw CLI at runtime. Currently stored: hermes-debby Forgejo password, provider API keys pending migration.

bw CLI

Installed via npx wrapper at ~/.local/bin/bw (version must match Vaultwarden server — 2025.12.0). Login via bw login --apikey, unlock via bw unlock --passwordenv BW_PASSWORD.

1.2 KiB Raw Blame History