model persisted to /state; stop auto-allowing claude-code unfree

model persistence: /model <name> now writes to /state/hyperhive-model (in-container), Bus::new reads it on init. operator override survives harness restart and container rebuild; gone on --purge like every other piece of agent state. path overridable via HYPERHIVE_MODEL_FILE for tests. failure to persist is a warn, not fatal — runtime override still applies, just won't survive a restart. unfree opt-in: drop the auto-allowUnfreePredicate from harness-base.nix and the claude-unstable overlay. operator now has to set nixpkgs.config.allowUnfree (or a predicate listing claude-code) in their own host config. silent unfree bypass was sketchy; this is honest. readme + gotchas updated to spell out the snippet. todo: drops model-persistence + container-crash + journald (all shipped); adds per-agent send allow-list (constrain who an agent can message).
2026-05-15 21:05:40 +02:00 · 2026-05-15 21:05:40 +02:00 · 8b9f7d21b7
commit 8b9f7d21b7
parent 58c3cd853b
6 changed files with 84 additions and 19 deletions
--- a/flake.nix
+++ b/flake.nix
@ -67,9 +67,14 @@
        claude-unstable =
          final: prev:
          let
+            # Inherit the *user's* nixpkgs config so allowUnfree (or an
+            # `allowUnfreePredicate` they set on their flake) propagates
+            # into the unstable import. hyperhive does not silently
+            # bypass the unfree gate — if the operator hasn't opted in,
+            # this overlay's `claude-code` access fails honestly.
            unstable = import nixpkgs-unstable {
              inherit (prev.stdenv.hostPlatform) system;
-              config.allowUnfreePredicate = pkg: builtins.elem (prev.lib.getName pkg) [ "claude-code" ];
+              config = prev.config;
            };
          in
          {