final docs + cleanup sync for meta-flake era
claude.md flips 'in flight' → 'just landed' for the meta overhaul + extends the file map with meta.rs and migrate.rs. docs/approvals.md replaces the in-flight callout with a proper 'Meta flake' section (two-phase deploy walkthrough, sync_agents semantics, single-phase variants), updates the two-repo box diagram to include the /var/lib/hyperhive/meta/ tree and tracks flake.nix in applied, rewrites the container --flake reference to meta#<name>, replaces the 'Manager view of applied' section with a unified '/agents + /applied + /meta' inventory listing every useful git incantation, and explains the in-place no-state-loss migration that now runs on hive-c0re startup. docs/persistence.md grows entries for the meta repo + the .meta-migration-done marker. readme box diagram picks up the /meta RO bind; approval-flow paragraph rewritten end to end to describe the meta lock dance. lifecycle::flake_base deleted — the meta render hardcodes the manager vs agent-base choice as nix expression.
This commit is contained in:
müde
parent
2f6ecc4dc0
commit
14aa7c7acc
5 changed files with 213 additions and 132 deletions
91
CLAUDE.md
91
CLAUDE.md
|
|
@ -31,10 +31,18 @@ hive-c0re/ host daemon + CLI (one binary, subcommand-dispatched)
|
|||
src/coordinator.rs shared state (broker/approvals/questions/transient/
|
||||
sockets) + tombstone enumeration + kick_agent
|
||||
src/actions.rs approve/deny/destroy (transient-aware)
|
||||
src/auto_update.rs startup rebuild scan + ensure_manager
|
||||
src/lifecycle.rs `nixos-container` shellouts, per-agent flake generator
|
||||
src/auto_update.rs startup rebuild scan + ensure_manager +
|
||||
meta::lock_update_hyperhive bump
|
||||
src/lifecycle.rs `nixos-container` shellouts; per-agent applied
|
||||
+ proposed git repo seeding; tag plumbing
|
||||
src/meta.rs single hive-c0re-owned flake at /var/lib/
|
||||
hyperhive/meta/ — sync_agents, two-phase
|
||||
prepare/finalize/abort, lock_update_*
|
||||
src/migrate.rs startup auto-migration from pre-meta layout
|
||||
(idempotent, marker-guarded phase 4)
|
||||
src/dashboard.rs axum HTTP: static shell + /api/state JSON + actions
|
||||
+ journald viewer + bind-with-retry (SO_REUSEADDR)
|
||||
+ deployed_sha chip per container
|
||||
assets/ index.html, dashboard.css, app.js (include_str!)
|
||||
|
||||
hive-ag3nt/ in-container harness crate; produces TWO binaries
|
||||
|
|
@ -114,51 +122,40 @@ read them à la carte.
|
|||
In-flight or recent context that hasn't earned a section yet.
|
||||
Prune freely.
|
||||
|
||||
- **In flight:** meta-flake overhaul. Each agent's applied
|
||||
repo becomes a tiny module-only flake (`nixosModules.default
|
||||
= import ./agent.nix`); `agent.nix` is just a NixOS module
|
||||
function `{ config, pkgs, lib, ... }: { ... }` — no
|
||||
extendModules, no hyperhive input visible to the manager.
|
||||
A single hive-c0re-owned repo at `/var/lib/hyperhive/meta/`
|
||||
declares one input per agent (pointing at that agent's
|
||||
applied repo via `git+file://`) and one
|
||||
`nixosConfigurations.<n>` output per agent, wrapping
|
||||
`inputs.agent-<n>.nixosModules.default` with the identity
|
||||
+ `HIVE_PORT` / `HIVE_LABEL` / `HIVE_DASHBOARD_PORT`
|
||||
injection that today's per-agent `setup_applied` does
|
||||
inline. Containers run against `meta#<n>` instead of
|
||||
`applied/<n>#default`. Every approval that lands does
|
||||
`nix flake lock --update-input agent-<n>` in meta and
|
||||
commits the lock — meta's git log is the system-wide
|
||||
deploy audit trail; per-agent tags stay as before for
|
||||
inside-baseball state.
|
||||
- **Companion change:** the manager's `/agents/<n>/config/`
|
||||
(proposed) gets `applied` pre-configured as a git remote
|
||||
pointing at `/applied/<n>/.git` (the RO bind already
|
||||
there). `git fetch applied` / `git show
|
||||
applied/refs/tags/deployed/<id>` / `git rebase
|
||||
applied/main` etc. all just work from inside the
|
||||
manager. The manager additionally gets `/meta` RO-bound,
|
||||
so `git -C /meta log --oneline` and
|
||||
`cat /meta/flake.lock` answer "what's actually deployed
|
||||
across the swarm right now."
|
||||
- **Auto-migration on startup:** new phase before
|
||||
`auto_update::run` rewrites each existing
|
||||
`applied/<n>/flake.nix` to the module-only shape +
|
||||
relocates `deployed/0`, adds the `applied` remote to each
|
||||
proposed repo, bootstraps the meta repo from the agent
|
||||
list if missing, and `nixos-container update`s every
|
||||
container to point at `meta#<n>` (no fs wipe, no
|
||||
re-login). Idempotent; `HIVE_SKIP_META_MIGRATION=1`
|
||||
defers it.
|
||||
- **Just landed (prior overhaul still in place):** tag-driven
|
||||
config-apply. Two-repo split (proposed = manager RW,
|
||||
applied = core-only); `request_apply_commit` fetches the
|
||||
manager's commit into applied and pins it as
|
||||
`proposal/<id>`; approve / deny / build walk through tags
|
||||
on the same commit; `applied/main` only fast-forwards on
|
||||
`deployed/`. `failed/` + `denied/` are annotated. See
|
||||
`docs/approvals.md` for the state machine.
|
||||
- **Just landed:** meta-flake overhaul. Each agent's applied
|
||||
repo is a tiny module-only flake (`nixosModules.default =
|
||||
import ./agent.nix`); `agent.nix` is a plain NixOS module
|
||||
function — no extendModules, no hyperhive input visible to
|
||||
the manager. A single hive-c0re-owned repo at
|
||||
`/var/lib/hyperhive/meta/` declares one input per agent
|
||||
(pointing at that agent's applied repo via `git+file://`)
|
||||
and one `nixosConfigurations.<n>` output per agent,
|
||||
wrapping `inputs.agent-<n>.nixosModules.default` with the
|
||||
identity + `HIVE_PORT` / `HIVE_LABEL` /
|
||||
`HIVE_DASHBOARD_PORT` injection. Containers run against
|
||||
`meta#<n>`. Every approve runs `nix flake lock
|
||||
--update-input agent-<n>` (two-phase: prepare on the
|
||||
build path, finalize/abort on the result) — meta's git
|
||||
log is the system-wide deploy audit trail; failures and
|
||||
denials live as annotated tags in applied. The manager
|
||||
has `/applied` and `/meta` RO-bound and the `applied`
|
||||
remote pre-wired in every proposed repo so `git fetch
|
||||
applied`, `git show applied/refs/tags/deployed/<id>`,
|
||||
`git -C /meta log --oneline`, `cat /meta/flake.lock`
|
||||
all just work. Migration runs idempotently on
|
||||
hive-c0re startup (`HIVE_SKIP_META_MIGRATION=1` skips it):
|
||||
rewrites pre-meta applied flakes to module-only, wires
|
||||
the proposed remote, seeds meta, and repoints every
|
||||
container at `meta#<n>` (guarded by a marker so the
|
||||
expensive phase only runs once).
|
||||
- **Just landed (prior overhaul still underneath):** tag-
|
||||
driven config-apply. Two-repo split (proposed = manager
|
||||
RW, applied = core-only); `request_apply_commit` fetches
|
||||
the manager's commit into applied and pins it as
|
||||
`proposal/<id>`; approve / deny / build walk through
|
||||
tags on the same commit; `applied/main` only fast-
|
||||
forwards on `deployed/`. `failed/` + `denied/` are
|
||||
annotated. See `docs/approvals.md`.
|
||||
- **Recent (since last compaction):** inline +/- diffs on
|
||||
Write/Edit, send full body via collapsed details, operator
|
||||
cancel + ttl on questions, deny-with-reason, dashboard
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue