{ pkgs, lib, ... }:
{
  # Shared scaffolding for any hyperhive harness container — both
  # sub-agents (`agent-base.nix`) and the manager (`manager.nix`) extend
  # this. The systemd service that actually runs the harness binary
  # differs per role and lives in the child module.

  boot.isNspawnContainer = true;

  # `claude-code` is unfree. hyperhive intentionally does NOT auto-allow
  # it — the operator opts in by setting
  # `nixpkgs.config.allowUnfreePredicate` (or `allowUnfree = true`) in
  # their own host config / agent.nix. Without that, the per-agent
  # build fails on this package and the operator sees an honest "this
  # is unfree, are you sure?" error.

  environment.systemPackages = with pkgs; [
    hyperhive
    claude-code
    bashInteractive
    coreutils-full
    # procps for pkill — used by the web UI's /api/cancel to SIGINT the
    # in-flight claude turn.
    procps
  ];

  # Git is needed by claude's Bash tool (for the agent <-> manager config
  # request flow) and by hive-c0re's own setup_applied / setup_proposed.
  # The per-agent `applied/<name>/flake.nix` overrides `user.name` and
  # `user.email` with the agent's identity — values here are `mkDefault`
  # so the per-agent override wins without needing `mkForce`.
  programs.git = {
    enable = true;
    config = {
      user = {
        name = lib.mkDefault "hyperhive";
        email = lib.mkDefault "hyperhive@local";
      };
      init.defaultBranch = lib.mkDefault "main";
    };
  };

  # claude's Bash tool refuses to run without a POSIX shell + $SHELL set.
  environment.variables.SHELL = "${pkgs.bashInteractive}/bin/bash";

  system.stateVersion = "25.11";
}