Read-Only Hermes Vault Access + Context Packet Intake¶
Created: 2026-06-30 for PAR-226.
Decision¶
~/hermes-vaulton the Hermes machine remains the canonical writable vault.- External machines and agents get read-only access only.
- External machines submit context packets into PCM review; they do not write directly to the vault.
Renderer choice¶
Chosen v1 renderer: MkDocs Material.
Why:
- Already installed in the Hermes venv.
- Builds locally with no Node/Quartz bootstrap.
- Mobile-friendly theme and built-in search.
- Simple static output in
~/hermes-vault/.site. - Easy to serve behind Tailscale or Cloudflare Access.
Rejected/deferred for v1:
- Quartz: better Obsidian/backlink fidelity, but extra Node project setup and more moving parts. Keep as v2 if backlinks/graph become important.
- GitHub as primary surface: useful backup, bad human access surface for mobile reading.
Auth/access boundary¶
Preferred initial boundary: Tailscale-only.
- Bind any local static server to the Tailscale IP or localhost behind a Tailscale-accessible reverse proxy.
- Do not expose the vault to the public internet.
- Cloudflare Access is acceptable later if Adam wants browser access without Tailscale.
Suggested local serve command:
cd ~/hermes-vault
mkdocs build
python3 -m http.server 8008 --directory .site --bind 127.0.0.1
For persistent serving, wrap that command in systemd user service or Caddy/nginx behind Tailscale. Do not start it from the Slack gateway thread without telling Adam first if it would require gateway/service changes.
Git backup/sync path¶
The vault is already a Git repo with private remote:
origin git@github.com:parrottpy/hermes-vault.git
Operational rule:
- Hermes writes/promotes to
~/hermes-vault. - Hermes commits vault changes locally.
- Hermes pushes to the private GitHub backup remote.
- Git remains backup/recovery/sync plumbing, not the primary reading surface.
Do not create writable clones on work machines. Use web rendering or curated context packs instead.
Context packet intake¶
Template:
~/hermes-vault/Templates/Context-Packet-Template.md
Ingest command:
python3 ~/.hermes/scripts/ingest_context_packet.py /path/to/context-packet.md
This creates:
- raw copy:
~/.hermes/context-inbox/raw/context-packets/YYYY-MM-DD/<slug>-<hash>.md - PCM candidate:
~/.hermes/context-inbox/incoming/context-packets/YYYY-MM-DD/<slug>-<hash>.yaml
Then the existing PCM digest/review flow handles review/promote decisions:
cd ~/projects/prefect-flows
python scripts/pcm_weekly_review.py --dry-run
python scripts/pcm_weekly_review.py --decisions-file /path/to/decisions.yaml
External machine rules¶
- Work machine: read web vault or curated pack only; do not clone/write full vault.
- Claude Code/work agent: produce one daily context packet using the template.
- Phone: submit a short packet via Slack/message/file if needed; Hermes ingests it.
- Secrets/tokens never go in context packets.
- Work-sensitive context should be marked
work-sensitiveand defaults to review-required/raw-only unless Adam approves promotion.
Follow-up options¶
- Add Cloudflare Access deployment if Adam wants browser access outside Tailscale.
- Add a Slack/file watcher or email ingest job that saves attachments and calls
ingest_context_packet.pyautomatically. - Revisit Quartz if backlinks/graph become essential.