mirror of
https://github.com/nesquena/hermes-webui.git
synced 2026-07-14 19:50:17 +00:00
b7b6b3a4c8
* feat(#3351): add trusted-header auth core * fix(#3351): reconcile trusted sessions per request * fix(#3351): preserve valid trusted group mappings * fix(#3351): defer trusted logout reconciliation until after csrf * fix(auth): clear _pending_set_cookies in reset_trusted_auth_request_state (keep-alive cookie cross-request leak) Codex gate CORE finding: a Set-Cookie queued in request N but not flushed survived onto the reused HTTP/1.1 handler and could be emitted by request N+1 — after trusted-identity rotation on logout this could overwrite a valid login cookie and 401 the user. Reset the queue at the per-request boundary + add a keep-alive regression test. * docs(.env.example): document trusted-header auth / reverse-proxy SSO env vars HERMES_WEBUI_TRUSTED_AUTH_HEADER + TRUSTED_PROXY_CIDRS (with exact-proxy-IP security warning) + optional groups-header/JSON group-profile-map/logout-url. * Release exp-v0.52.43: trusted-header auth / reverse-proxy SSO (#5568, #3351) + keep-alive cookie fix + docs --------- Co-authored-by: Rod Boev <rod.boev@gmail.com> Co-authored-by: nesquena-hermes <agent@nesquena-hermes>
152 lines
7.3 KiB
Bash
152 lines
7.3 KiB
Bash
# Hermes Web UI -- local machine config template
|
|
# Copy this to .env and fill in your values.
|
|
# start.sh sources .env automatically if present.
|
|
# All values are optional -- auto-discovery will fill in anything left blank.
|
|
|
|
# Path to your hermes-agent checkout (the repo that contains run_agent.py)
|
|
# HERMES_WEBUI_AGENT_DIR=/path/to/hermes-agent
|
|
|
|
# Python executable to use (defaults to the agent venv if found)
|
|
# HERMES_WEBUI_PYTHON=/path/to/python
|
|
|
|
# Bind address (default: 127.0.0.1 -- loopback only, safe default)
|
|
# HERMES_WEBUI_HOST=127.0.0.1
|
|
|
|
# Port to listen on (default: 8787)
|
|
# HERMES_WEBUI_PORT=8787
|
|
|
|
# Where to store sessions, workspaces, and other state (default: ~/.hermes/webui)
|
|
# HERMES_WEBUI_STATE_DIR=~/.hermes/webui
|
|
|
|
# Default workspace directory shown on first launch
|
|
# HERMES_WEBUI_DEFAULT_WORKSPACE=~/workspace
|
|
|
|
# Optional model override. Leave unset to use the active Hermes provider default.
|
|
# HERMES_WEBUI_DEFAULT_MODEL=
|
|
|
|
# Base directory for all Hermes state (affects all paths above if set)
|
|
# HERMES_HOME=~/.hermes
|
|
|
|
# Path to your Hermes config.yaml (for toolsets and model config)
|
|
# HERMES_CONFIG_PATH=~/.hermes/config.yaml
|
|
|
|
# Display name for the assistant in the UI (default: Hermes)
|
|
# HERMES_WEBUI_BOT_NAME=Hermes
|
|
|
|
# ── Security & remote access ─────────────────────────────────────────────────
|
|
|
|
# Password for the login page. REQUIRED if you bind to anything other than
|
|
# 127.0.0.1 — without it, anyone who can reach the port can run commands.
|
|
# HERMES_WEBUI_PASSWORD=change-me-to-something-strong
|
|
|
|
# Enable the passkey/WebAuthn login surface (default: off).
|
|
# Alternative: set `webui_passkey_enabled: true` in the profile's config.yaml.
|
|
# HERMES_WEBUI_PASSKEY=1
|
|
|
|
# Auth cookie lifetime in seconds (default: 2592000 = 30 days).
|
|
# Clamped to [60, 31536000]. Also settable as session_ttl_seconds in settings.json.
|
|
# HERMES_WEBUI_SESSION_TTL=2592000
|
|
|
|
# Force the Secure flag on auth cookies: 1/true or 0/false.
|
|
# Unset = auto-detect (direct TLS socket, or a trusted X-Forwarded-Proto).
|
|
# HERMES_WEBUI_SECURE=1
|
|
|
|
# Override the auth cookie name (default: derived internally).
|
|
# HERMES_WEBUI_COOKIE_NAME=hermes_webui_session
|
|
|
|
# Extra allowed origins for CSRF/origin checks when serving behind a reverse
|
|
# proxy or on a public hostname. Comma-separated; each entry MUST include the
|
|
# scheme. Entries without a scheme are ignored with a warning.
|
|
# HERMES_WEBUI_ALLOWED_ORIGINS=https://myapp.example.com:8000
|
|
|
|
# Serve HTTPS directly (both must be set; otherwise plain HTTP).
|
|
# HERMES_WEBUI_TLS_CERT=/path/to/fullchain.pem
|
|
# HERMES_WEBUI_TLS_KEY=/path/to/privkey.pem
|
|
|
|
# Extra sources appended to the Content-Security-Policy (space-separated).
|
|
# HERMES_WEBUI_CSP_CONNECT_EXTRA=https://api.example.com wss://api.example.com
|
|
# HERMES_WEBUI_CSP_FRAME_EXTRA=https://embed.example.com
|
|
|
|
# ── Reverse-proxy header trust (opt-in; only enable behind a proxy YOU run) ───
|
|
# By default these forwarded headers are NOT trusted, because any direct client
|
|
# could forge them. Enable (1/true/yes/on) only when a reverse proxy you control
|
|
# sets them. TRUST_FORWARDED_HOST: honor X-Forwarded-Host/X-Real-Host in origin
|
|
# checks. TRUST_FORWARDED_FOR: honor X-Forwarded-For for the client IP.
|
|
# TRUST_FORWARDED_PROTO: honor X-Forwarded-Proto for HTTPS detection.
|
|
# HERMES_WEBUI_TRUST_FORWARDED_HOST=1
|
|
# HERMES_WEBUI_TRUST_FORWARDED_FOR=1
|
|
# HERMES_WEBUI_TRUST_FORWARDED_PROTO=1
|
|
|
|
# ── Trusted-header auth / reverse-proxy SSO (opt-in; OFF by default) ──────────
|
|
# Delegate authentication to a reverse proxy you run (Authelia, oauth2-proxy,
|
|
# corporate SSO, …) that authenticates the user and forwards their identity in a
|
|
# header. When HERMES_WEBUI_TRUSTED_AUTH_HEADER is set, the WebUI treats a request
|
|
# as that identity — but ONLY when the request's un-spoofable raw socket peer is
|
|
# an allowlisted proxy (HERMES_WEBUI_TRUSTED_PROXY_CIDRS below). With no header
|
|
# set, this path is disabled and normal password/passkey auth applies.
|
|
#
|
|
# ⚠️ SECURITY: HERMES_WEBUI_TRUSTED_PROXY_CIDRS MUST list the EXACT IP(s) of your
|
|
# proxy — e.g. 10.0.0.5/32 or 127.0.0.1/32. NEVER use 0.0.0.0/0 or a broad range:
|
|
# any client whose peer IP falls in the range could forge the identity header and
|
|
# log in as anyone. If the allowlist is empty/malformed, the header is ignored
|
|
# (fails closed). Loopback is trusted by default. Set the CIDR to your proxy only.
|
|
# HERMES_WEBUI_TRUSTED_AUTH_HEADER=Remote-User
|
|
# HERMES_WEBUI_TRUSTED_PROXY_CIDRS=10.0.0.5/32
|
|
# Optional: map a forwarded groups header to WebUI profiles (JSON object), and a
|
|
# logout URL to redirect to after clearing the local session (SSO single-logout).
|
|
# HERMES_WEBUI_TRUSTED_GROUPS_HEADER=Remote-Groups
|
|
# HERMES_WEBUI_GROUP_PROFILE_MAP={"admins":"default","team-a":"projecta"}
|
|
# HERMES_WEBUI_TRUSTED_AUTH_LOGOUT_URL=https://sso.example.com/logout
|
|
|
|
# ── Uploads & limits ─────────────────────────────────────────────────────────
|
|
|
|
# Where chat attachments are stored (default: <state dir>/attachments).
|
|
# Attachments are transient agent context, kept out of the workspace by default.
|
|
# HERMES_WEBUI_ATTACHMENT_DIR=~/.hermes/webui/attachments
|
|
|
|
# Cap on total bytes an uploaded archive may expand to (zip-bomb guard).
|
|
# Default derives from the upload size limit; override in MB.
|
|
# HERMES_WEBUI_MAX_EXTRACTED_MB=2048
|
|
|
|
# Caps for the "download folder as ZIP" feature in the workspace browser.
|
|
# HERMES_WEBUI_FOLDER_ZIP_MAX_MB=1024
|
|
# HERMES_WEBUI_FOLDER_ZIP_MAX_FILES=50000
|
|
|
|
# Requests slower than this many seconds get a stack-dump diagnostic in the log
|
|
# (default: 5.0; set 0 to log every request's timing).
|
|
# HERMES_WEBUI_SLOW_REQUEST_SECONDS=5.0
|
|
|
|
# ── Onboarding ───────────────────────────────────────────────────────────────
|
|
|
|
# Skip the first-run onboarding wizard entirely.
|
|
# HERMES_WEBUI_SKIP_ONBOARDING=1
|
|
|
|
# ── Advanced integrations ────────────────────────────────────────────────────
|
|
|
|
# Script whose stdout prefills new-session context (legacy generic hook; the
|
|
# WebUI dynamic-recall hook in config.yaml takes precedence when configured).
|
|
# HERMES_WEBUI_PREFILL_MESSAGES_SCRIPT=/path/to/script
|
|
# HERMES_WEBUI_PREFILL_MESSAGES_SCRIPT_TIMEOUT=5
|
|
# HERMES_WEBUI_PREFILL_CONTEXT_MAX_CHARS=12000
|
|
|
|
# Extra sources for the notes drawer (see docs for the expected format).
|
|
# HERMES_WEBUI_EXTERNAL_NOTES_SOURCES=
|
|
|
|
# Directory scanned for WebUI plugins (default: ~/.hermes/plugins).
|
|
# HERMES_WEBUI_PLUGINS_DIR=~/.hermes/plugins
|
|
|
|
# API key used when polling the Hermes gateway health endpoint.
|
|
# HERMES_WEBUI_GATEWAY_API_KEY=
|
|
|
|
# Override the Claude Code projects directory scanned by the CLI session
|
|
# bridge (default: auto-discovered ~/.claude/projects).
|
|
# HERMES_WEBUI_CLAUDE_PROJECTS_DIR=~/.claude/projects
|
|
|
|
# Override the Codex CLI home scanned by the CLI session bridge and model
|
|
# catalog merge (default: ~/.codex).
|
|
# CODEX_HOME=~/.codex
|
|
|
|
# Path to the LLM wiki root shown in the wiki panel (default: resolved from
|
|
# HERMES_HOME's wiki env file).
|
|
# WIKI_PATH=/path/to/wiki
|