fix(oberon): restore PATH in hermes-agent systemd service#32
Merged
Conversation
`environment = lib.mkForce {...}` replaced the entire systemd environment
attrset, which wiped the PATH key that the upstream nixosModule injects via
its `path` option (expanded into environment.PATH). As a result the
hermes-agent process had no PATH, so basic commands like cat/rm were not
found and write_file failed.
Override only the MESSAGING_CWD key with `lib.mkForce null` instead of
replacing the whole attrset. null keys are omitted from the generated unit,
so the deprecated-warning suppression is preserved while PATH and the other
environment variables remain intact.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
概要
hermes-agent (oberon上) が
cat/rmなどのごく一般的なコマンドを実行できず、write_fileツールが失敗していた問題を修正する。根本原因
hosts/oberon/hermes-agent.nixのenvironment = lib.mkForce {...}が systemd サービスのenvironmentattrset を丸ごと置換していた。上流の nixosModule は PATH を
environment.PATHではなくpathオプション(内部的にenvironment.PATHへ展開される)で供給している。そのためmkForceによる全置換がPATHキーごと消去し、hermes-agent プロセスの PATH が空になっていた。修正
environment全体のmkForce置換をやめ、本来の意図だったMESSAGING_CWD(deprecated 警告の発生源)の除外だけを キー単位のlib.mkForce nullで実現する。nullのキーは systemd unit 生成時に出力から除外されるため、警告抑制を維持しつつ PATH と他の環境変数を温存できる。検証
config.systemd.services.hermes-agent.environmentの eval で確認:PATH:hermes-agent / bash / coreutils / git / findutils / gnugrep / gnused / systemdの bin が並ぶ(pathオプション由来が復活)MESSAGING_CWD:null(unit 出力から除外され deprecated 警告も維持されたまま抑制)HOME/HERMES_HOME/HERMES_MANAGED: 従来通りデプロイ
適用には oberon への
nixos-rebuildが必要。経路系(cloudflared/sshd/network)の変更ではなく hermes-agent サービスの再起動のみなので、通常の--target-hostデプロイで問題なし。🤖 Generated with Claude Code