Create modules/nixos/services/hyperspace.nix for Hyperspace Pods P2P AI cluster agent. Registered in flake.nix under lazyworkhorse modules list.
- Fetches CLI binary v5.45.30 via fetchurl with SRI hash verification
- Systemd system service: auto profile, api port 8080, ai-worker user
- GPU device access via DeviceAllow (kfd+dri) and video+render groups
- Service hardening: NoNewPrivileges, ProtectHome, ProtectSystem, PrivateTmp
- Firewall: TCP 4001 (libp2p), 30301 (chain), 8080 (API); UDP 4001 (libp2p)
- AMD MI50 ROCm compatibility via HSA_OVERRIDE_GFX_VERSION=9.0.6
Hermes
09c8211e58