startup auto-migration from pre-meta layout

new migrate module runs before auto_update on hive-c0re boot. four idempotent phases: 1. for every applied/<n>/ whose flake.nix isn't already the module-only boilerplate, rewrite + commit + relocate deployed/0 to HEAD so setup_applied's existence check passes 2. for every proposed/<n>/config without an 'applied' remote, wire it (delegates to setup_proposed which is now idempotent and adds the remote itself) 3. meta::sync_agents over the current container list — inits the meta repo on first call, rerender + relock if drifted 4. nixos-container update <c> --flake meta#<name> for every container, guarded by /var/lib/hyperhive/.meta-migration-done so phase 4's expensive eval only runs once across restarts env kill-switch HIVE_SKIP_META_MIGRATION=1 defers the whole thing. each agent's failure is logged + skipped so one broken agent doesn't block the rest. runs ahead of ensure_manager so the manager auto-spawn comes up against meta from the first attempt.
2026-05-16 00:34:58 +02:00 · 2026-05-16 00:34:58 +02:00 · 59a89314f0
commit 59a89314f0
parent 87016cd567
3 changed files with 194 additions and 1 deletions
--- a/hive-c0re/src/lifecycle.rs
+++ b/hive-c0re/src/lifecycle.rs
@ -498,7 +498,7 @@ fn initial_agent_nix(name: &str) -> String {
 /// hive-c0re-owned meta flake at `/var/lib/hyperhive/meta/` as a flake
 /// input. Identity injection (`HIVE_PORT` / `HIVE_LABEL` / dashboard
 /// port / git committer) lives in the meta flake's wrapper, not here.
-fn initial_flake_nix() -> &'static str {
+pub fn initial_flake_nix() -> &'static str {
    "{\n  description = \"hyperhive agent\";\n  inputs = { };\n  outputs = { self }: {\n    nixosModules.default = import ./agent.nix;\n  };\n}\n"
 }