kyle/imladris
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

straylight: enable MCP agent (becoming core host)

Browse Source 
Add configs/mcp.nix (mcp user UID 850 + mcp-agent service) and open
firewall ports for DNS/mc-proxy/agent/master as straylight takes over
the master + MCIAS + MCNS core role from rift.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This commit is contained in:
Kyle Isom
2026-06-10 17:12:47 -07:00
parent b3a52dc12b
commit f2a76df239
1 changed files with 21 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
hw/straylight/default.nix
View File

@@ -5,8 +5,18 @@
../../configs/desktop.nix ../../configs/desktop.nix
../../configs/qemu.nix ../../configs/qemu.nix
../../configs/mcpkg.nix ../../configs/mcpkg.nix
../../configs/mcp.nix # MCP agent + mcp user (straylight is becoming the core host)
]; ];
config = {
# Allow rootless containers (podman) to bind low ports (53 for MCNS,
# 443/8443/9443 for mc-proxy) as straylight takes over the core role.
boot.kernel.sysctl."net.ipv4.ip_unprivileged_port_start" = 53;
# Open ports: DNS (53), mc-proxy (443/8443/9443), agent (9444), master (9555).
networking.firewall.allowedTCPPorts = [ 53 443 8443 9443 9444 9555 ];
networking.firewall.allowedUDPPorts = [ 53 ];
# DNS: MCNS for internal zones, public resolvers as fallback. # DNS: MCNS for internal zones, public resolvers as fallback.
networking.nameservers = [ networking.nameservers = [
"192.168.88.181" "192.168.88.181"
@@ -17,4 +27,5 @@
services.resolved.domains = [ services.resolved.domains = [
"~mcp.metacircular.net" "~mcp.metacircular.net"
]; ];
};
} }