diff --git a/PLAN.md b/PLAN.md index 9596cd8..fe5fd7a 100644 --- a/PLAN.md +++ b/PLAN.md @@ -68,7 +68,7 @@ A multi-Claude-Code-agent setup on a single host: │ │ update_shared_instructions │ │ │ └────────────────────────────────────────────────┘ │ │ │ -│ ┌─ nixos-container: hive- ────────────────┐ │ +│ ┌─ nixos-container: hive-agent- ──────────┐ │ │ │ hive-ag3nt (Rust) │ │ │ │ MCP client → /run/hyperhive/agents/.sock │ │ │ state/ RW, config/ + prompts/ + shared RO │ │ @@ -82,7 +82,7 @@ A multi-Claude-Code-agent setup on a single host: **Sockets, not identity gating.** One unix socket per principal, bind-mounted into the right place. The socket *is* the principal — no `SO_PEERCRED` lookups, no token plumbing. Perms are filesystem perms on the host side, plus the fact that only the matching container has the bind-mount. Each socket runs the MCP tool surface appropriate to its principal. -**Container naming.** All nixos-containers managed by `hive-c0re` are prefixed `hive-`. An agent named `foo` runs as nixos-container `hive-foo`; the manager runs as `hive-manager`. The prefix prevents collisions with other containers on the host and makes ownership obvious. On-disk paths (`/var/lib/hyperhive/agents/foo/`) and socket paths (`/run/hyperhive/agents/foo.sock`) use the bare logical name; the prefix lives only at the nixos-container layer. +**Container naming.** All nixos-containers managed by `hive-c0re` are prefixed `hive-`. The manager runs as `hive-manager`. Sub-agents run as `hive-agent-` — the extra `-agent-` segment keeps sub-agents from colliding with the manager slot (even if someone names an agent `manager`) and makes ownership obvious. On-disk paths (`/var/lib/hyperhive/agents/foo/`) and socket paths (`/run/hyperhive/agents/foo.sock`) use the bare logical name; the prefixing lives only at the nixos-container layer. **Approvals are git commits.** `hive-c0re` maintains a `state-repo` on host that records the world (which agents exist, their roles, etc.). Per-agent flake configs (`agents//config/`) are themselves git repos. The manager edits clones with plain `git` CLI inside its container and asks `hive-c0re` to apply a commit via `request_apply_commit(agent, sha)`. `hive-c0re` queues it; once approved, fast-forwards `main` and reconciles state (rebuild containers, etc.). **No abstract "approval token" — the commit hash is the token.** @@ -117,7 +117,7 @@ A multi-Claude-Code-agent setup on a single host: - **Exit:** `nixos-container create test-agent --flake .#agent-base && nixos-container start test-agent` brings up a container whose `hive-ag3nt` prints "hello" and exits. ### Phase 1 — container lifecycle + Risk 1 -- `hive-c0re`: open host admin socket (`/run/hyperhive/host.sock`); verbs `spawn(name)`, `kill(name)`, `rebuild(name)`, `list()`. Uses `nixos-container` underneath; container name on the host is `hive-`. +- `hive-c0re`: open host admin socket (`/run/hyperhive/host.sock`); verbs `spawn(name)`, `kill(name)`, `rebuild(name)`, `list()`. Uses `nixos-container` underneath; container name on the host is `hive-agent-`. - CLI tool talking to the admin socket (same `hive-c0re` binary, subcommand-driven). - Manually mutate an agent's config flake, call `rebuild`, observe whether `hive-ag3nt` survives. - **Decision:** if hot-reload doesn't preserve the harness, that becomes a hard requirement of `hive-ag3nt`'s design (resume from disk state). Document the outcome.