model persisted to /state; stop auto-allowing claude-code unfree
model persistence: /model <name> now writes to /state/hyperhive-model (in-container), Bus::new reads it on init. operator override survives harness restart and container rebuild; gone on --purge like every other piece of agent state. path overridable via HYPERHIVE_MODEL_FILE for tests. failure to persist is a warn, not fatal — runtime override still applies, just won't survive a restart. unfree opt-in: drop the auto-allowUnfreePredicate from harness-base.nix and the claude-unstable overlay. operator now has to set nixpkgs.config.allowUnfree (or a predicate listing claude-code) in their own host config. silent unfree bypass was sketchy; this is honest. readme + gotchas updated to spell out the snippet. todo: drops model-persistence + container-crash + journald (all shipped); adds per-agent send allow-list (constrain who an agent can message).
This commit is contained in:
müde
parent
58c3cd853b
commit
8b9f7d21b7
6 changed files with 84 additions and 19 deletions
11
README.md
11
README.md
|
|
@ -91,6 +91,17 @@ hive-c0re will then:
|
|||
- auto-create the manager container (`hm1nd`) if missing,
|
||||
- auto-rebuild any managed container whose hyperhive rev is stale.
|
||||
|
||||
`claude-code` is unfree; hyperhive does not auto-allow it for you.
|
||||
Add to your host config:
|
||||
|
||||
```nix
|
||||
nixpkgs.config.allowUnfreePredicate =
|
||||
pkg: builtins.elem (nixpkgs.lib.getName pkg) [ "claude-code" ];
|
||||
```
|
||||
|
||||
(or `nixpkgs.config.allowUnfree = true`, your call). Each per-agent
|
||||
container inherits this through the same nixpkgs evaluation.
|
||||
|
||||
## Build / deploy
|
||||
|
||||
```sh
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue