marfrit/aish
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
f94d16fc89941648b7eabfe5c2d18695aaaab13d
aish/config.lua
T
marfrit f94d16fc89 repl: background CMD&: with handle/poll (closes #8) 
Builds, long-running network calls, and file watches no longer block
the turn. A new "CMD&: <cmd>" marker (analogue of CMD:) tells the REPL
to spawn the command in the background, return immediately, and poll
for completion between user inputs.

Process model: shell-wrapped to avoid needing fork()/execv() FFI.

  nohup sh -c '(<cmd>) > <log> 2>&1; echo $? > <status>' </dev/null
       >/dev/null 2>&1 & echo $!

The child is reparented to init; we hold only the PID and the path to
the .status sidecar. Completion is detected by the .status file
existing (the wrapper writes it as its last act). No waitpid needed —
the child isn't ours after the popen subshell exits.

Storage: <history.dir>/bg/<id>.log + <id>.status. The directory is
created lazily at startup (mkdir -p). Requires history.dir to be
configured; without it CMD&: emits an error status and the model
sees an "[bg failed to start]" exec-output note.

check_bg_done() runs at the top of each main-loop iteration alongside
check_every_due(). When a job is detected as exited, the REPL:
  - emits a status line "[bg:<id> exited <code>, <bytes>, <secs>s wall] <cmd>"
  - appends the same string to ctx as exec output, so the model sees
    the completion on its next turn (natural follow-up: "ok the build
    finished; let me check the log")

Meta surface:
  :bg-spawn <cmd>       start a bg job directly (no AI needed; also
                        useful for testing without depending on the
                        model emitting CMD&:)
  :bg-list              show running/done jobs (id, pid, state, runtime, cmd)
  :bg-output <id>       dump the log file to stdout
  :bg-kill <id>         SIGTERM (note: only delivers if the PID is
                        still the actual command — long-lived shells
                        may need pkill by name)

Scope (deliberately limited for v1):
  - No callback-mode readline: bg completion detection is pre-prompt,
    not mid-readline. If a build finishes while the user is typing,
    notification comes when they hit Enter.
  - Permission policy DSL (#9) does NOT apply to CMD&: — the
    asynchronous gating model wasn't designed for the y/N flow.
    Filed as follow-up if needed.
  - Norris not extended: helpers.exec_cmd is still synchronous; the
    planner doesn't dispatch bg jobs.
  - Plan mode interaction: CMD&: in plan mode emits "PLAN: & <cmd>"
    and a "[plan] would bg-run: <cmd>" exec-output note, no spawn.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-16 21:25:55 +00:00

232 lines
11 KiB
Lua
Raw Blame History

-- config.lua — model registry, routing rules, user preferences.
-- Loaded with dofile() at startup; returns a plain Lua table.
-- See docs/PHASE0.md §10 for resolution order and full schema.
--
-- Per issue #12: hossenfelder is the canonical single-URL broker. It does
-- model-aware routing server-side (local models on boltzmann; cloud routes
-- through OpenRouter using its own bearer auth — no client-side key here).
-- Discovery: GET http://hossenfelder.fritz.box:8082/v1/models.
local HOSSENFELDER = "http://hossenfelder.fritz.box:8082"
return {
default_model = "fast",
models = {
fast = {
endpoint = HOSSENFELDER,
model = "qwen2.5-coder-1.5b-q4_k_m.gguf",
temperature = 0.2,
},
deep = {
endpoint = HOSSENFELDER,
-- 2026-05-13: qwen3-30b not loaded on hossenfelder right now;
-- using deepseek-coder-v2-lite (16B MoE, ~2.4B active) for the
-- time being. Restore qwen3-30b when the slot is back up.
model = "deepseek-coder-v2-lite",
timeout_ms = 300000, -- 5 min; MoE inference is faster than dense 30B
temperature = 0.1,
},
cloud = {
endpoint = HOSSENFELDER,
model = "anthropic/claude-haiku-4.5",
temperature = 0.2,
},
},
shell = {
known_commands = {
"ls", "cat", "cd", "grep", "find", "cp", "mv", "rm",
"mkdir", "rmdir", "git", "make", "cmake", "gcc", "clang",
"python3", "luajit", "ssh", "scp", "curl", "wget",
},
capture_output = true, -- inject exec output into context
confirm_cmd = true, -- prompt before executing CMD: suggestions
-- Issue #10: prompt template. When set, replaces the default
-- "[aish:<model>]> " prompt. Variables (substituted via {name}):
-- {model} {ctx_used} {ctx_max} {turn}
-- {cwd} {cwd_short} (cwd with $HOME -> ~)
-- {last_status} (last exec exit code, empty if none yet)
-- {mode} (norris / plan / normal)
-- prompt = "[{model} {ctx_used}/{ctx_max}t T{turn} {mode}] {cwd_short} > ",
},
context = {
max_turns = 40,
token_budget = 4096,
},
history = {
dir = (os.getenv("HOME") or ".") .. "/.local/share/aish",
},
-- Issue #3: pre/post CMD hooks. Optional shell scripts triggered around
-- every CMD: execution. Each hook receives the command on stdin and
-- AISH_CMD / AISH_TURN / AISH_CWD as env vars. Non-zero exit on pre_cmd
-- aborts execution; post_cmd's exit code is ignored but its stdout is
-- logged. Default off (no hooks). Uncomment to enable.
-- hooks = {
-- pre_cmd = (os.getenv("HOME") or ".") .. "/.aish/hooks/pre-cmd",
-- post_cmd = (os.getenv("HOME") or ".") .. "/.aish/hooks/post-cmd",
-- },
-- Issue #8: background CMD (CMD&: marker). Requires history.dir set
-- (logs land at <history.dir>/bg/<id>.log + .status sidecar). The
-- feature is always-on once history.dir exists — no config flag — but
-- only fires when the model emits "CMD&: " or the user runs :bg-spawn.
-- Issue #9: permission policy DSL for AI-suggested CMD: lines. When set,
-- supersedes shell.confirm_cmd. Patterns are Lua patterns (NOT regex)
-- per substrate invariant §3 (no compiled extensions). Priority order:
-- deny > confirm > allow; first match in the chosen category wins.
-- Unmatched commands default to "confirm". Probe with :perms check <cmd>.
-- permissions = {
-- allow = { "^ls%s", "^cat%s", "^git status", "^git diff" },
-- confirm = { "^rm%s", "^git push", "^docker%s", "^sudo%s" },
-- deny = { "^ssh%s+root@", "^curl%s+http[^s]" },
-- },
-- Phase 2 (docs/PHASE2.md): MCP server registry + tool-call policy.
-- The block is OFF by default — connect-at-startup happens only when
-- `servers` is non-empty. Uncomment + adjust per your fleet.
--
-- mcp = {
-- servers = {
-- -- Each entry: alias = { url = "...", auth_token = "..." | auth_env = "..." }
-- -- auth_token literal > auth_env env-var indirection > nil (no auth).
-- -- Aliases become the namespace prefix on tool names sent to the model
-- -- ("<alias>__<tool>" — e.g. "boltzmann__list_dir"). The separator is
-- -- "__" (two underscores) because Anthropic via Bedrock validates tool
-- -- names against ^[a-zA-Z0-9_-]{1,128}$ — dots are rejected.
-- -- Aliases themselves must not contain "__".
-- boltzmann = {
-- url = "http://boltzmann.fritz.box:8080/mcp",
-- auth_env = "BOLTZMANN_MCP_TOKEN",
-- },
-- hertz = {
-- url = "http://hertz.fritz.box:8080/mcp",
-- auth_env = "HERTZ_MCP_TOKEN",
-- },
-- broglie = {
-- url = "http://broglie.fritz.box:8080/mcp", -- LAN-only, no auth
-- },
-- },
--
-- -- Per-call confirm gate auto-approve policy.
-- -- Key forms:
-- -- "<alias>__<tool>" — auto-approve one specific tool
-- -- "<alias>__*" — auto-approve every tool on that server
-- -- Anything not matched falls back to the [y/N] prompt.
-- auto_approve = {
-- ["boltzmann__read_file"] = true,
-- ["boltzmann__list_dir"] = true,
-- ["boltzmann__search_files"] = true,
-- ["hertz__*"] = true, -- trust the hub fully
-- },
--
-- -- Tool-call sub-loop budget per ask_ai turn. Hitting the cap surfaces
-- -- a status and breaks; default 8 if absent.
-- max_tool_depth = 8,
-- },
-- Phase 3 (docs/PHASE3.md): Chuck Norris autonomous mode + destructive-op
-- heuristic. The block is OFF by default (sane defaults kick in when
-- absent); uncomment to tune.
--
-- safety = {
-- -- LLM second-opinion on commands the static patterns don't flag.
-- -- Default true. Set false for static-only operation (faster, but
-- -- misses novel destructive patterns the static list doesn't know
-- -- about — bash -c content, custom destructive idioms, etc.).
-- llm_second_opinion = true,
--
-- -- Which configured model to use for the YES/NO destructive probe.
-- -- Precedence: this field → models.deep → models[default_model].
-- -- R-B2: prefer an INDEPENDENT model class from the action-emitting
-- -- model (avoids self-policing). Recommended values:
-- -- "cloud" — anthropic/claude-haiku-4.5 via openrouter. Fast and
-- -- reliable. Costs money per probe (typical Norris
-- -- session = 16 probes max, often cached).
-- -- "deep" — local large model (qwen3-30b on this fleet). Free
-- -- but slow on RK3588 hardware (~1-3s per probe).
-- -- Falls back here automatically if not set.
-- -- "fast" — same model as the action-emitter. NOT RECOMMENDED
-- -- (circular trust); use only when no other option.
-- llm_model = "cloud",
--
-- -- Norris planning-loop budget. Iterations of safety.norris_step.
-- -- Each iteration is one broker round-trip + dispatch of actions.
-- -- Default 8. Bump for long-running goals; cap low for testing.
-- max_norris_steps = 8,
-- },
-- Phase 4 (docs/PHASE4.md): cross-session memory.jsonl + startup
-- injection + :memory management surface. The block is OFF by
-- default (no startup injection); uncomment to tune. Note that
-- :remember / :memory list / :memory forget / :memory summarize
-- all work without this block — they store to <history.dir>/
-- memory.jsonl regardless. The block only configures the
-- injection-into-system-prompt behavior at startup.
--
-- memory = {
-- -- Cap on total characters injected at startup. ~2000 chars ≈
-- -- 500 tokens. LRU-by-ts selection if your memory.jsonl has
-- -- more recent items than fit. Older items remain in the
-- -- file; only injection is bounded. Suppressed entirely in
-- -- Norris mode (R-C1).
-- inject_max_chars = 2000,
--
-- -- Which configured model to use for :memory summarize.
-- -- Defaults to the active model when nil. Use "fast" for
-- -- speed; "deep" or "cloud" for better extraction quality
-- -- (cloud may have variable cost per session).
-- summarizer_model = "fast",
-- },
-- Phase 5 (docs/PHASE5.md): multi-model routing + cloud fallback +
-- summarize-on-evict. OFF by default — auto-routing can spend money
-- silently on the cloud preset; require explicit opt-in.
--
-- routing = {
-- -- Enable auto-routing per request. When true, router.classify_model
-- -- inspects each prompt and may switch the model for THAT request
-- -- only (the :model selection is preserved across requests).
-- -- Default false. Toggle at runtime with :route on / :route off.
-- auto = true,
--
-- -- Class → model mapping. nil = "keep current" (heuristic fires
-- -- but no override). Ships with reasoning = nil because mapping
-- -- "explain ..." prompts to a paid cloud model would spend money
-- -- silently — opt in by uncommenting the reasoning line below.
-- classes = {
-- code = "deep", -- code-like prompts to local deep
-- -- reasoning = "cloud", -- OPT-IN: "explain"/"why"/"how does" → paid
-- -- default = nil, -- keep active model
-- },
--
-- -- Single-hop retry on transport failure (HTTP 5xx, 408,
-- -- 404 model_not_found, DNS, connection refused, timeouts).
-- -- Retries against fallback_model once. Skipped if any text
-- -- has already streamed (no partial-output duplication).
-- -- Toggle at runtime with :fallback on / :fallback off.
-- fallback = false, -- default off (cost-safety)
-- fallback_model = "cloud",
-- },
-- ── Phase 5 context summarization on sliding-window eviction.
-- Set INSIDE the context = { ... } block above to enable:
-- context = {
-- max_turns = 40,
-- token_budget = 4096,
-- summarize_on_evict = true,
-- summarizer_model = "fast", -- model name in models{}
-- max_summary_chars = 2000,
-- },
-- When summarize_on_evict is true, evicted turn pairs are fed to
-- summarizer_model and the result lives on ctx.summary, appended to
-- the system prompt as [earlier conversation summary]. Suppressed
-- in Norris mode (R-C4 — planner stays on its goal). If broker
-- fails, falls back to Phase 0 silent eviction (no crash).
}
Reference in New Issue View Git Blame Copy Permalink