From 85c0df2e642f1579fccff837533965121c7708d3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?m=C3=BCde?= <git@darkest.space>
Date: Sun, 17 May 2026 22:24:24 +0200
Subject: [PATCH] harness: enable nix-command + flakes for all agents

---
 nix/templates/harness-base.nix | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/nix/templates/harness-base.nix b/nix/templates/harness-base.nix
index 5dea0e2..26d059e 100644
--- a/nix/templates/harness-base.nix
+++ b/nix/templates/harness-base.nix
@@ -179,6 +179,14 @@
 
     boot.isNspawnContainer = true;
 
+    # Every agent gets flakes + the modern `nix` CLI out of the box.
+    # Equivalent to passing `--extra-experimental-features 'nix-command
+    # flakes'` on every invocation. Agents shell out to `nix build` /
+    # `nix flake` constantly (devshells, ad-hoc evals, fetching their
+    # own MCP-server flakes); without this they hit the "experimental
+    # feature not enabled" wall on the first try.
+    nix.settings.experimental-features = [ "nix-command" "flakes" ];
+
     # `claude-code` is unfree. Each per-agent container's nixosConfiguration
     # evaluates its own `nixpkgs` instance, so the operator's host-level
     # `nixpkgs.config.allowUnfreePredicate` does not propagate into here —