892e034908
Phase 3 of #273. Container plumbing for the bundled frontend dist: - flake.nix overlay: `pkgs.hyperhive-frontend` exposed for the agent / manager containers (mirrors the existing `pkgs.hyperhive` pattern); module argument `hyperhiveFrontend = system: self .packages.${system}.frontend` threads the package into the host hive-c0re module without forcing operators to apply the overlay on their host pkgs. - `services.hive-c0re.frontend` option: pinned to the flake's frontend package by default, overridable for custom dashboard SPAs. The hive-c0re systemd service gets `HIVE_STATIC_DIR = ${cfg.frontend}/dashboard` — the Rust binary will pick it up in Phase 4. - `hyperhive.frontend.dist` option: per-container, defaults to `pkgs.hyperhive-frontend`. Override to ship a fully custom agent SPA (advanced; the default + extraFiles flow handles the common 'add files' case). - `hyperhive.frontend.extraFiles` option: attrsOf submodule (mirroring the `hyperhive.extraMcpServers` shape per damocles' request so existing #322-style assertions keep their grip). Each entry has `source` (path relative to agent.nix) and `target` (URL/disk prefix within the merged static tree, defaulting to the attribute name). Operator-named example: the bitburner agent drops `bitburner-dist` into `/bitburner/` alongside the default agent UI at `/`. - `hyperhive.frontend.mergedDist` (readOnly): the runCommand derivation that composes `agent/` from the default dist plus every `extraFiles` entry. Aborts on overwrite so a filename collision becomes a build error rather than a silent dist swap. agent-base.nix + manager.nix set their respective systemd service `HIVE_STATIC_DIR` to this merged path. Until Phase 4 lands, the env var is set but unused — the Rust binaries still serve assets via `include_str!`. The cutover happens in the next commit on this branch. Refs #273.
151 lines
5.6 KiB
Nix
151 lines
5.6 KiB
Nix
{
|
|
hyperhivePackage,
|
|
hyperhiveFrontend,
|
|
hyperhiveFlake,
|
|
}:
|
|
{
|
|
pkgs,
|
|
lib,
|
|
config,
|
|
...
|
|
}:
|
|
let
|
|
cfg = config.services.hive-c0re;
|
|
in
|
|
{
|
|
# The forge is part of the standard install — hive-c0re mirrors
|
|
# every agent's applied config repo into it. On by default; opt out
|
|
# with `hyperhive.forge.enable = false`.
|
|
imports = [ ./hive-forge.nix ];
|
|
|
|
options.services.hive-c0re = {
|
|
enable = lib.mkEnableOption "hive-c0re — hyperhive coordinator daemon";
|
|
package = lib.mkOption {
|
|
type = lib.types.package;
|
|
default = hyperhivePackage pkgs.stdenv.hostPlatform.system;
|
|
defaultText = lib.literalExpression "hyperhive.packages.\${system}.default";
|
|
description = "Package that provides /bin/hive-c0re.";
|
|
};
|
|
frontend = lib.mkOption {
|
|
type = lib.types.package;
|
|
default = hyperhiveFrontend pkgs.stdenv.hostPlatform.system;
|
|
defaultText = lib.literalExpression "hyperhive.packages.\${system}.frontend";
|
|
description = ''
|
|
Bundled frontend dist (see `./nix/frontend.nix`). Output has
|
|
`dashboard/` and `agent/` subdirectories — hive-c0re serves
|
|
`dashboard/` via `tower_http::ServeDir` from the path passed
|
|
in `HIVE_STATIC_DIR`. Override to ship a custom dashboard SPA;
|
|
the JSON contract (`/api/state`, the SSE streams, the action
|
|
endpoints) is the source of truth for any replacement.
|
|
'';
|
|
};
|
|
hyperhiveFlake = lib.mkOption {
|
|
type = lib.types.str;
|
|
default = hyperhiveFlake;
|
|
defaultText = lib.literalMD "the flake's own store path";
|
|
description = ''
|
|
URL of the hyperhive flake (no fragment). Inlined into each
|
|
per-agent `flake.nix` at `inputs.hyperhive.url`. The per-agent
|
|
flake then pulls `hyperhive.nixosConfigurations.agent-base` to
|
|
build the container. Defaults to this flake's own store path —
|
|
only override if you want agents tracking a different ref.
|
|
'';
|
|
};
|
|
dashboardPort = lib.mkOption {
|
|
type = lib.types.port;
|
|
default = 7000;
|
|
description = "TCP port the hive-c0re dashboard listens on.";
|
|
};
|
|
operatorPronouns = lib.mkOption {
|
|
type = lib.types.str;
|
|
default = "she/her";
|
|
example = "they/them";
|
|
description = ''
|
|
Operator pronouns, free text. Threaded into every agent
|
|
container as the `HIVE_OPERATOR_PRONOUNS` env var; the
|
|
harness substitutes it into the agent / manager system
|
|
prompt at boot so claude refers to the operator naturally
|
|
in third person ("ask her", "tell them", etc.). Changes
|
|
propagate to running agents on the next `↻ R3BU1LD` —
|
|
forwards as a meta flake env-var bump, no per-agent
|
|
approval needed.
|
|
'';
|
|
};
|
|
contextWindowTokens = lib.mkOption {
|
|
type = lib.types.attrsOf lib.types.int;
|
|
default = {
|
|
haiku = 200000;
|
|
sonnet = 1000000;
|
|
opus = 1000000;
|
|
};
|
|
example = {
|
|
haiku = 150000;
|
|
sonnet = 900000;
|
|
};
|
|
description = ''
|
|
Per-model context-window sizes in tokens. Each key is a
|
|
model-family short name matched case-insensitively as a
|
|
substring of the active model name at runtime (e.g. `"sonnet"`
|
|
matches `"claude-sonnet-4-5"`). The defaults cover the known
|
|
Anthropic families; add entries for new models or override
|
|
existing ones here to change the window for all agents at once.
|
|
|
|
Passed to `hive-c0re serve` as JSON and injected into every
|
|
container's harness service environment as
|
|
`HIVE_CONTEXT_WINDOW_TOKENS_<KEY_UPPER>`. Changes propagate
|
|
on the next `↻ R3BU1LD` — no per-agent approval needed.
|
|
'';
|
|
};
|
|
};
|
|
|
|
config = lib.mkIf cfg.enable {
|
|
environment.systemPackages = [
|
|
cfg.package
|
|
pkgs.git
|
|
];
|
|
|
|
# Dashboard + per-container web UIs share the host's network namespace and
|
|
# need their ports reachable. Dashboard: `cfg.dashboardPort` (default 7000).
|
|
# Manager: 8000. Sub-agents: 8100..8999 (deterministic hash; see
|
|
# `lifecycle::agent_web_port`).
|
|
networking.firewall.allowedTCPPorts = [
|
|
cfg.dashboardPort
|
|
8000
|
|
];
|
|
networking.firewall.allowedTCPPortRanges = [
|
|
{
|
|
from = 8100;
|
|
to = 8999;
|
|
}
|
|
];
|
|
|
|
systemd.services.hive-c0re = {
|
|
description = "hyperhive coordinator daemon";
|
|
wantedBy = [ "multi-user.target" ];
|
|
path = [
|
|
pkgs.git
|
|
"/run/current-system/sw"
|
|
];
|
|
environment = {
|
|
HYPERHIVE_GIT = "${pkgs.git}/bin/git";
|
|
# Path to the dashboard static dist. The hive-c0re axum router
|
|
# serves this via `tower_http::ServeDir` for any path it doesn't
|
|
# match against an API/action route.
|
|
HIVE_STATIC_DIR = "${cfg.frontend}/dashboard";
|
|
} // lib.optionalAttrs config.hyperhive.forge.enable {
|
|
# Agents poll this URL for Forgejo notifications. Derived from
|
|
# hyperhive.forge.{domain,httpPort} so it tracks forge config changes.
|
|
HIVE_FORGE_URL = "http://${config.hyperhive.forge.domain}:${toString config.hyperhive.forge.httpPort}";
|
|
};
|
|
serviceConfig = {
|
|
ExecStart = "${cfg.package}/bin/hive-c0re --socket /run/hyperhive/host.sock serve --hyperhive-flake ${cfg.hyperhiveFlake} --dashboard-port ${toString cfg.dashboardPort} --operator-pronouns ${lib.escapeShellArg cfg.operatorPronouns} --context-window-tokens ${lib.escapeShellArg (builtins.toJSON cfg.contextWindowTokens)}";
|
|
Restart = "on-failure";
|
|
RestartSec = 2;
|
|
RuntimeDirectory = "hyperhive";
|
|
RuntimeDirectoryMode = "0750";
|
|
RuntimeDirectoryPreserve = "yes";
|
|
StateDirectory = "hyperhive";
|
|
};
|
|
};
|
|
};
|
|
}
|