docs sync + revert auto-unfree removal

revert the earlier 'operator must set allowUnfree' move: per-agent containers evaluate their own nixpkgs and the operator's host-level allowUnfree doesn't propagate in. restoring the scoped allowUnfreePredicate inside both the claude-unstable overlay and harness-base.nix; documented in README + gotchas as 'nothing to set on the operator side'. docs: - claude.md file map adds crash_watch.rs, kick_agent on coordinator, /api/model + journald viewer + bind-with-retry references. - scratchpad rewritten to reflect the recent run. - web-ui.md: notification row + browser notifications section, state row (badge + model chip + last-turn chip + cancel button), per-agent inbox, /model slash, /cancel-question + journald endpoints, focus-preservation on refresh. - turn-loop.md: --model is read from Bus::model() per turn (runtime override via /model); recv(wait_seconds) up to 180s with the rationale; ask_operator gains ttl_seconds; new TurnState section; kick_agent inbox-on-startup hint. - approvals.md: ttl/cancel resolution paths for operator questions. - persistence.md: /state/hyperhive-model file. - gotchas.md: web UI port collision policy (rename, don't probe); bind retry + SO_REUSEADDR shape; auto-unfree restored. - todo.md: cleaned up empty sections and stale entries; /model shipped, dropped from the list.
2026-05-15 21:26:13 +02:00 · 2026-05-15 21:26:13 +02:00 · 62d1a74929
commit 62d1a74929
parent d275b50177
10 changed files with 239 additions and 95 deletions
--- a/flake.nix
+++ b/flake.nix
@ -67,14 +67,16 @@
        claude-unstable =
          final: prev:
          let
-            # Inherit the *user's* nixpkgs config so allowUnfree (or an
-            # `allowUnfreePredicate` they set on their flake) propagates
-            # into the unstable import. hyperhive does not silently
-            # bypass the unfree gate — if the operator hasn't opted in,
-            # this overlay's `claude-code` access fails honestly.
+            # The overlay imports its own nixpkgs-unstable instance to
+            # pin claude-code there. That instance has its own config
+            # (independent from the user's prev.config), so we have to
+            # set allowUnfreePredicate inline to whitelist claude-code
+            # specifically — otherwise the unstable import itself
+            # refuses to evaluate. This is scoped: only claude-code
+            # bypasses unfree, nothing else.
            unstable = import nixpkgs-unstable {
              inherit (prev.stdenv.hostPlatform) system;
-              config = prev.config;
+              config.allowUnfreePredicate = pkg: builtins.elem (prev.lib.getName pkg) [ "claude-code" ];
            };
          in
          {