78f21ccc5d
journal showed three concurrent rebuilds racing on the meta repo's .git/index.lock — auto_update::run kicks off parallel tokio::spawn for every stale agent, each rebuild eventually calls into meta::sync_agents / lock_update_for_rebuild which do git add + commit, git isn't safe across concurrent processes on the same .git/, and one of the failing-mid-write children left index.lock behind. subsequent ops blocked until somebody rm'd it manually. fix: static META_LOCK (tokio::sync::Mutex<()>) acquired at the top of every public meta function. concurrent rebuilds take turns on meta ops; the actual nix build (nixos-container update) releases the lock first and runs without it, so parallel agent builds still parallelize on nix-daemon's own concurrency model. migrate::run additionally clears /var/lib/hyperhive/meta/.git/ index.lock on startup if it exists — we just booted, nothing of ours is holding it. covers the 'previous crash left a stale lock' case the user just hit so the daemon recovers without manual intervention.
55 lines
1.8 KiB
Diff
55 lines
1.8 KiB
Diff
From e0b18ff3c2ec5a7f771ab9a1a247ff4a24a8c475 Mon Sep 17 00:00:00 2001
|
|
From: damocles <damocles@hyperhive>
|
|
Date: Sat, 16 May 2026 02:28:21 +0200
|
|
Subject: [PATCH] mcp: wire extra server allowedTools into --allowedTools arg
|
|
|
|
---
|
|
hive-ag3nt/src/mcp.rs | 18 +++++++++++++++++-
|
|
1 file changed, 17 insertions(+), 1 deletion(-)
|
|
|
|
diff --git a/hive-ag3nt/src/mcp.rs b/hive-ag3nt/src/mcp.rs
|
|
index d8831b4..cb0918a 100644
|
|
--- a/hive-ag3nt/src/mcp.rs
|
|
+++ b/hive-ag3nt/src/mcp.rs
|
|
@@ -539,6 +539,8 @@ impl ManagerServer {
|
|
)]
|
|
impl ServerHandler for ManagerServer {}
|
|
|
|
+
|
|
+
|
|
/// Name of the hyperhive MCP server inside claude's view. Claude prefixes
|
|
/// tools as `mcp__<this>__<tool>` (e.g. `mcp__hyperhive__send`).
|
|
pub const SERVER_NAME: &str = "hyperhive";
|
|
@@ -601,7 +603,9 @@ pub fn allowed_mcp_tools(flavor: Flavor) -> Vec<String> {
|
|
}
|
|
|
|
/// Combined allow-list passed to `--allowedTools` (auto-approve) — covers
|
|
-/// both the built-ins and the MCP surface.
|
|
+/// the built-ins, the hyperhive MCP surface, and any extra MCP servers.
|
|
+/// Extra server tools are read from the same `/etc/hyperhive/extra-mcp.json`
|
|
+/// file that `render_claude_config` uses, so the two are always in sync.
|
|
#[must_use]
|
|
pub fn allowed_tools_arg(flavor: Flavor) -> String {
|
|
let mut all: Vec<String> = ALLOWED_BUILTIN_TOOLS
|
|
@@ -609,6 +613,18 @@ pub fn allowed_tools_arg(flavor: Flavor) -> String {
|
|
.map(|s| (*s).to_owned())
|
|
.collect();
|
|
all.extend(allowed_mcp_tools(flavor));
|
|
+ for (name, spec) in load_extra_mcp() {
|
|
+ if name == SERVER_NAME {
|
|
+ continue; // already covered above
|
|
+ }
|
|
+ for tool in &spec.allowed_tools {
|
|
+ if tool == "*" {
|
|
+ all.push(format!("mcp__{name}__*"));
|
|
+ } else {
|
|
+ all.push(format!("mcp__{name}__{tool}"));
|
|
+ }
|
|
+ }
|
|
+ }
|
|
all.join(",")
|
|
}
|
|
|
|
--
|
|
2.51.2
|
|
|