@openape/nest 0.3.0 → 1.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +39 -0
- package/dist/index.mjs +244 -1476
- package/package.json +1 -1
- package/dist/node-WKMHQLLZ-IJUWLHGB.mjs +0 -20
package/README.md
CHANGED
|
@@ -18,6 +18,45 @@ apes nest authorize # set the YOLO policy — covers the inner
|
|
|
18
18
|
# `apes agents spawn` calls the daemon makes
|
|
19
19
|
```
|
|
20
20
|
|
|
21
|
+
Set the bridge default model at install time so every spawn uses the
|
|
22
|
+
same one without `--bridge-model` repetition:
|
|
23
|
+
|
|
24
|
+
```bash
|
|
25
|
+
apes nest install --bridge-model gpt-5.4 # ChatGPT-only LiteLLM proxy
|
|
26
|
+
apes nest install --bridge-model claude-haiku-4-5 # Anthropic
|
|
27
|
+
```
|
|
28
|
+
|
|
29
|
+
This writes `APE_CHAT_BRIDGE_MODEL=<value>` to `~/litellm/.env`,
|
|
30
|
+
which `resolveBridgeConfig()` reads at every `apes [nest|agents] spawn
|
|
31
|
+
--bridge`. Re-run with a different value to overwrite.
|
|
32
|
+
|
|
33
|
+
### Optional: privilege isolation with a dedicated service user
|
|
34
|
+
|
|
35
|
+
By default, `apes nest install` configures the daemon as a user-domain
|
|
36
|
+
`LaunchAgent` running under your own Mac user account, with state at
|
|
37
|
+
`~/.openape/nest`. That works fine for personal use. For a more
|
|
38
|
+
hardened setup the daemon can be promoted to a system-domain
|
|
39
|
+
`LaunchDaemon` running under a dedicated `_openape_nest` macOS service
|
|
40
|
+
user (uid 481, hidden, no shell, no GUI session) with state under
|
|
41
|
+
`/var/openape/nest`.
|
|
42
|
+
|
|
43
|
+
To migrate an existing user-domain install:
|
|
44
|
+
|
|
45
|
+
```bash
|
|
46
|
+
apes run --as root --wait -- bash apps/openape-nest/scripts/migrate-to-service-user.sh
|
|
47
|
+
```
|
|
48
|
+
|
|
49
|
+
The script creates the user/group, copies your data dir to
|
|
50
|
+
`/var/openape/nest`, and swaps the plist. The Nest's IdP identity is
|
|
51
|
+
bound to its ssh keypair (which moves with the data dir), so the same
|
|
52
|
+
`nest-…@id.openape.ai` identity continues to work — no re-enroll
|
|
53
|
+
needed, all existing approved delegations / grants stay valid.
|
|
54
|
+
|
|
55
|
+
After migration you may want a fresh `apes login --key` for the Nest
|
|
56
|
+
to refresh the access token (the migrated `auth.json` carries the
|
|
57
|
+
old token; `cli-auth`'s challenge-response refresh handles it on
|
|
58
|
+
expiry, but a manual login also works).
|
|
59
|
+
|
|
21
60
|
After that, day-to-day lifecycle goes through `apes nest`:
|
|
22
61
|
|
|
23
62
|
```bash
|