hyperhive/hive-c0re/src/main.rs

use std::path::PathBuf;
use std::sync::Arc;

use anyhow::{Result, bail};
use clap::{Parser, Subcommand};
use hive_sh4re::{HostRequest, HostResponse};

mod actions;
mod agent_server;
mod approvals;
mod auto_update;
mod broker;
mod client;
mod coordinator;
mod dashboard;
mod lifecycle;
mod manager_server;
mod server;

use coordinator::Coordinator;

#[derive(Parser)]
#[command(name = "hive-c0re", about = "hyperhive coordinator daemon and CLI")]
struct Cli {
    /// Path to the host admin socket.
    #[arg(long, global = true, default_value = "/run/hyperhive/host.sock")]
    socket: PathBuf,

    #[command(subcommand)]
    cmd: Cmd,
}

#[derive(Subcommand)]
enum Cmd {
    /// Run the coordinator daemon.
    Serve {
        /// URL of the hyperhive flake. Inlined into each per-agent
        /// `flake.nix` as the `hyperhive` input.
        #[arg(long, default_value = "/etc/hyperhive")]
        hyperhive_flake: String,
        /// Path to the sqlite message store.
        #[arg(long, default_value = "/var/lib/hyperhive/broker.sqlite")]
        db: PathBuf,
        /// Dashboard HTTP port.
        #[arg(long, default_value_t = 7000)]
        dashboard_port: u16,
    },
    /// Spawn a new agent container directly (`hive-agent-<name>`). Bypasses
    /// the approval queue — use only as an operator on the host. For
    /// approval-gated spawns, use `request-spawn` instead.
    Spawn { name: String },
    /// Queue a spawn request as an approval. The container is created on
    /// `approve <id>` (CLI) or the dashboard's APPR0VE button.
    RequestSpawn { name: String },
    /// Stop a managed container (graceful).
    Kill { name: String },
    /// Tear down a sub-agent container. Container is removed; persistent
    /// state (config repos + Claude credentials) is kept by default.
    Destroy { name: String },
    /// Apply pending config to a managed container.
    Rebuild { name: String },
    /// List managed containers.
    List,
    /// List pending approval requests submitted by the manager.
    Pending,
    /// Approve a pending request by id; the action runs immediately.
    Approve { id: i64 },
    /// Deny a pending request by id.
    Deny { id: i64 },
}

#[tokio::main]
async fn main() -> Result<()> {
    tracing_subscriber::fmt()
        .with_env_filter(
            tracing_subscriber::EnvFilter::try_from_default_env()
                .unwrap_or_else(|_| tracing_subscriber::EnvFilter::new("info")),
        )
        .init();

    let cli = Cli::parse();
    match cli.cmd {
        Cmd::Serve {
            hyperhive_flake,
            db,
            dashboard_port,
        } => {
            let coord = Arc::new(Coordinator::open(&db, hyperhive_flake)?);
            // Run auto-update in the background — don't block service start.
            // Operators sometimes need the admin socket up to debug a stuck
            // agent, and the rebuild loop can take tens of seconds.
            let update_coord = coord.clone();
            tokio::spawn(async move {
                if let Err(e) = auto_update::run(update_coord).await {
                    tracing::warn!(error = ?e, "auto-update task failed");
                }
            });
            manager_server::start(coord.clone())?;
            let dash_coord = coord.clone();
            tokio::spawn(async move {
                if let Err(e) = dashboard::serve(dashboard_port, dash_coord).await {
                    tracing::error!(error = ?e, "dashboard failed");
                }
            });
            server::serve(&cli.socket, coord).await
        }
        Cmd::Spawn { name } => {
            render(client::request(&cli.socket, HostRequest::Spawn { name }).await?)
        }
        Cmd::RequestSpawn { name } => {
            render(client::request(&cli.socket, HostRequest::RequestSpawn { name }).await?)
        }
        Cmd::Kill { name } => {
            render(client::request(&cli.socket, HostRequest::Kill { name }).await?)
        }
        Cmd::Destroy { name } => {
            render(client::request(&cli.socket, HostRequest::Destroy { name }).await?)
        }
        Cmd::Rebuild { name } => {
            render(client::request(&cli.socket, HostRequest::Rebuild { name }).await?)
        }
        Cmd::List => render(client::request(&cli.socket, HostRequest::List).await?),
        Cmd::Pending => render(client::request(&cli.socket, HostRequest::Pending).await?),
        Cmd::Approve { id } => {
            render(client::request(&cli.socket, HostRequest::Approve { id }).await?)
        }
        Cmd::Deny { id } => render(client::request(&cli.socket, HostRequest::Deny { id }).await?),
    }
}

fn render(resp: HostResponse) -> Result<()> {
    println!("{}", serde_json::to_string_pretty(&resp)?);
    if !resp.ok {
        bail!(resp.error.unwrap_or_else(|| "request failed".to_owned()));
    }
    Ok(())
}