nix: replace weston RDP backend with VNC, add hyperhive.gui.enable option

Removes weston-rdp.nix (hyperhive.westonRdp.enable) and adds weston-vnc.nix (hyperhive.gui.enable). The ExecStart wrapper script computes a deterministic VNC port via FNV-1a hash of the agent name (derived from hostname, same algorithm as lifecycle::agent_web_port) in the range [15900, 16799], then writes /etc/hyperhive/gui.json {"vnc_port": N, "auth": "none"} for the harness WebSocket relay (issue #51), and execs weston with the VNC backend + pixman renderer. Type=simple so it can never abort nixos-container update; a misconfigured weston degrades to a restart loop, not a blocked rebuild. Closes #50
2026-05-20 14:01:53 +02:00 · 2026-05-20 14:01:53 +02:00 · 37522fd629
commit 37522fd629
parent 0b237d7d8c
3 changed files with 136 additions and 19 deletions
--- a/CLAUDE.md
+++ b/CLAUDE.md
@ -145,8 +145,10 @@ nix/
  templates/harness-base.nix    shared scaffolding for sub-agents + manager
  templates/agent-base.nix      sub-agent nixosConfiguration
  templates/manager.nix         manager nixosConfiguration
-  templates/weston-rdp.nix      optional `hyperhive.westonRdp.enable`
-                                 — weston + RDP backend systemd unit
+  templates/weston-vnc.nix      optional `hyperhive.gui.enable`
+                                 — weston + VNC backend systemd unit; writes
+                                 /etc/hyperhive/gui.json (vnc_port + auth) for
+                                 the harness WebSocket relay (issue #51)

 docs/
  conventions.md       naming, identity=socket, async forms, commit style
@ -255,22 +257,21 @@ Prune freely.
  appends nothing if the journal can't be read. The manager's
  `update` tool / rebuild errors now carry the failing-unit
  detail without a second `get_logs` call.
- **Just landed:** `hyperhive.westonRdp.enable` option. New
-  `nix/templates/weston-rdp.nix` declares a per-agent bool;
-  enabling it runs weston with the RDP backend as a systemd
-  service (software/pixman render, self-signed TLS cert
-  generated first-boot under `/var/lib/weston`). Imported by
-  `harness-base.nix` so every agent has the option; an agent
-  opts in from its own `agent.nix`. Design note: it's a FLAT
-  per-agent option, not `hyperhive.agents.<name>.*` — each
-  agent is its own nixosConfiguration with no cross-agent
-  view, so the `<name>` indirection is meaningless. The unit
-  is `Type = "simple"` with an always-exit-0 `ExecStartPre` so
-  it can never abort `nixos-container update` (a `Type=notify`
-  weston that never signals READY would fail activation every
-  reload — the trap `tea-login` documents). A misconfigured
-  weston degrades to a restart loop in `journalctl`, not a
-  blocked rebuild.
+- **Just landed:** `hyperhive.gui.enable` option (replaces
+  `hyperhive.westonRdp.enable`). New
+  `nix/templates/weston-vnc.nix` declares a per-agent bool;
+  enabling it runs weston with the VNC backend as a systemd
+  service (software/pixman render). Port is deterministic:
+  FNV-1a hash of the agent name (from hostname) in
+  [15900, 16799], mirroring `lifecycle::agent_web_port`.
+  The ExecStart wrapper script computes the port, writes
+  `/etc/hyperhive/gui.json` (`{ "vnc_port": N, "auth": "none" }`)
+  for the harness WebSocket relay (issue #51), then execs
+  weston. Imported by `harness-base.nix`; an agent opts in
+  from its own `agent.nix`. `Type = "simple"` so it can never
+  abort `nixos-container update`. A misconfigured weston
+  degrades to a restart loop in `journalctl`, not a blocked
+  rebuild. Old `weston-rdp.nix` / `westonRdp.enable` removed.
 - **Just landed:** `get_logs` now resolves the machine name.
  `journalctl -M` wants the *machine* name (`h-gui`), not the
  logical agent name (`gui`) — `get_logs` was the one manager