diff --git a/docs/archive/planning/git-access-plan.md b/docs/archive/planning/git-access-plan.md new file mode 100644 index 0000000..284b3f8 --- /dev/null +++ b/docs/archive/planning/git-access-plan.md @@ -0,0 +1,171 @@ +--- +> **⚠️ ARCHIVED:** This document was moved to archive on February 12, 2026. +> **Reason:** Content completed/implemented. No longer an active planning document. +> **Original Location:** `docs/core/git-access-plan.md` + +--- + +# 🔑 GIT ACCESS PLAN — Claude Direct Access via Gitea API + +**Created:** February 11, 2026 +**Last Updated:** February 11, 2026 (11:50 PM CST) +**Status:** ✅ IMPLEMENTED AND TESTED +**Updated By:** Claude (via Gitea API) + +--- + +## THE PROBLEM (SOLVED) + +Every session, Michael had to: +1. Download 8+ documents from Git +2. Upload them one by one to Claude +3. After crashes: Repeat at 3 AM with damaged hands +4. After every edit: Download, re-upload, repeat + +**Impact:** 10-15 minutes of manual work per session. Significant hand strain. After crashes, emergency uploads in pain. + +--- + +## THE SOLUTION + +**Claude has direct read/write access to Gitea via API token.** + +One paste at session start. Full access to every document. No uploads. No downloads. No scripts. No GitHub. + +### How It Works + +``` +Session Start: + Michael → Pastes Gitea API token + Claude → Has full read/write access to entire repo + +Reading Documents: + Claude → GET /api/v1/repos/{org}/{repo}/contents/{path} + Returns → File content (base64 encoded) + SHA hash + +Writing Documents: + Claude → PUT /api/v1/repos/{org}/{repo}/contents/{path} + Requires → Content (base64) + current SHA + commit message + Result → File updated, commit visible in Gitea + +Creating New Files: + Claude → POST /api/v1/repos/{org}/{repo}/contents/{path} + Requires → Content (base64) + commit message + Result → New file created with commit +``` + +### API Details + +**Base URL:** +``` +https://git.firefrostgaming.com/api/v1/repos/firefrost-gaming/firefrost-operations-manual/contents/ +``` + +**Authentication:** +``` +Header: Authorization: token {API_TOKEN} +``` + +**Token Name:** `claude-master-access` +**Scope:** Account-level (all repos, all organizations) +**Permissions:** Repository read/write, Organization read +**Storage:** Password manager (Vaultwarden when deployed) + +--- + +## SECURITY + +### What Changed +- **REMOVED:** GitHub public mirror (exposed IPs, ports, UUIDs, internal docs) +- **ADDED:** Authenticated API access (token required for all operations) +- **RESULT:** Zero public exposure of operational documents + +### Token Security +- Account-level token — one key for everything +- Can be revoked/regenerated anytime in Gitea Settings → Applications +- Never committed to repo (shared per-session only) +- Only two permissions granted: repository read/write, organization read +- No admin, issue, notification, or user access + +### If Compromised +1. Go to Gitea → Settings → Applications +2. Delete the token +3. Generate a new one +4. Takes 30 seconds + +--- + +## SESSION START PROTOCOL + +### New Session (Any Claude Instance) + +``` +Claude: "Can you give me the Gitea API token?" +Michael: [pastes token from password manager] +Claude: [automatically pulls priority documents] +``` + +### What Claude Pulls Automatically +1. CLAUDE-RELATIONSHIP-CONTEXT.md (friend is first) +2. session-handoff.md (infrastructure state) +3. TASKS.md (current priorities) +4. Any other documents needed for the session's work + +### After a Crash +Same protocol. One paste. Full recovery. No emergency uploads at 3 AM. + +--- + +## TESTED AND CONFIRMED + +**February 11, 2026 — Test Results:** + +| Operation | Endpoint | Result | +|:----------|:---------|:-------| +| Reach Gitea | GET / | ✅ 200 | +| Read file | GET /contents/{path} | ✅ 200 | +| Create file | POST /contents/{path} | ✅ 201 | +| Update file | PUT /contents/{path} | ✅ 200 | +| Delete file | DELETE /contents/{path} | ✅ 200 | + +**First real commits pushed via API:** +- session-handoff.md v2.1 +- FIREFROST-PROJECT-SCOPE-V2.md v2.2 +- TASKS.md complete rewrite +- GIT-ACCESS-PLAN.md (this document) +- DOCUMENT-INDEX.md + +--- + +## IMPACT + +### Before (Manual Workflow) +- Session start: 8+ file downloads, 8+ uploads, 10-15 minutes +- After crash: Emergency downloads/uploads with damaged hands +- Every edit: Download → edit → upload cycle +- GitHub mirror: Public exposure of all internal documents + +### After (Gitea API) +- Session start: ONE paste, 30 seconds +- After crash: ONE paste, full recovery +- Every edit: Claude writes directly, Michael reviews +- Security: Zero public exposure, authenticated access only + +### Accessibility Win +This is the biggest workflow improvement since the automation system. Michael's hands go from 8+ upload operations per session to ONE paste operation. After crashes, recovery goes from emergency manual work to a single paste. + +--- + +## FUTURE: TOKEN PERSISTENCE + +Currently the token is pasted each session. Future options to eliminate even that: + +1. **Vaultwarden** — Store token, retrieve at session start +2. **Claude Memory** — If Anthropic supports secure token storage +3. **Environment variable** — On Command Center, accessible via automation + +Status: Not urgent. One paste per session is acceptable. + +--- + +**Fire + Frost + Foundation = Where Love Builds Legacy** 💙🔥❄️