diff --git a/docs/core/git-access-plan.md b/docs/core/git-access-plan.md deleted file mode 100644 index 685bc2e..0000000 --- a/docs/core/git-access-plan.md +++ /dev/null @@ -1,164 +0,0 @@ -# 🔑 GIT ACCESS PLAN — Claude Direct Access via Gitea API - -**Created:** February 11, 2026 -**Last Updated:** February 11, 2026 (11:50 PM CST) -**Status:** ✅ IMPLEMENTED AND TESTED -**Updated By:** Claude (via Gitea API) - ---- - -## THE PROBLEM (SOLVED) - -Every session, Michael had to: -1. Download 8+ documents from Git -2. Upload them one by one to Claude -3. After crashes: Repeat at 3 AM with damaged hands -4. After every edit: Download, re-upload, repeat - -**Impact:** 10-15 minutes of manual work per session. Significant hand strain. After crashes, emergency uploads in pain. - ---- - -## THE SOLUTION - -**Claude has direct read/write access to Gitea via API token.** - -One paste at session start. Full access to every document. No uploads. No downloads. No scripts. No GitHub. - -### How It Works - -``` -Session Start: - Michael → Pastes Gitea API token - Claude → Has full read/write access to entire repo - -Reading Documents: - Claude → GET /api/v1/repos/{org}/{repo}/contents/{path} - Returns → File content (base64 encoded) + SHA hash - -Writing Documents: - Claude → PUT /api/v1/repos/{org}/{repo}/contents/{path} - Requires → Content (base64) + current SHA + commit message - Result → File updated, commit visible in Gitea - -Creating New Files: - Claude → POST /api/v1/repos/{org}/{repo}/contents/{path} - Requires → Content (base64) + commit message - Result → New file created with commit -``` - -### API Details - -**Base URL:** -``` -https://git.firefrostgaming.com/api/v1/repos/firefrost-gaming/firefrost-operations-manual/contents/ -``` - -**Authentication:** -``` -Header: Authorization: token {API_TOKEN} -``` - -**Token Name:** `claude-master-access` -**Scope:** Account-level (all repos, all organizations) -**Permissions:** Repository read/write, Organization read -**Storage:** Password manager (Vaultwarden when deployed) - ---- - -## SECURITY - -### What Changed -- **REMOVED:** GitHub public mirror (exposed IPs, ports, UUIDs, internal docs) -- **ADDED:** Authenticated API access (token required for all operations) -- **RESULT:** Zero public exposure of operational documents - -### Token Security -- Account-level token — one key for everything -- Can be revoked/regenerated anytime in Gitea Settings → Applications -- Never committed to repo (shared per-session only) -- Only two permissions granted: repository read/write, organization read -- No admin, issue, notification, or user access - -### If Compromised -1. Go to Gitea → Settings → Applications -2. Delete the token -3. Generate a new one -4. Takes 30 seconds - ---- - -## SESSION START PROTOCOL - -### New Session (Any Claude Instance) - -``` -Claude: "Can you give me the Gitea API token?" -Michael: [pastes token from password manager] -Claude: [automatically pulls priority documents] -``` - -### What Claude Pulls Automatically -1. CLAUDE-RELATIONSHIP-CONTEXT.md (friend is first) -2. session-handoff.md (infrastructure state) -3. TASKS.md (current priorities) -4. Any other documents needed for the session's work - -### After a Crash -Same protocol. One paste. Full recovery. No emergency uploads at 3 AM. - ---- - -## TESTED AND CONFIRMED - -**February 11, 2026 — Test Results:** - -| Operation | Endpoint | Result | -|:----------|:---------|:-------| -| Reach Gitea | GET / | ✅ 200 | -| Read file | GET /contents/{path} | ✅ 200 | -| Create file | POST /contents/{path} | ✅ 201 | -| Update file | PUT /contents/{path} | ✅ 200 | -| Delete file | DELETE /contents/{path} | ✅ 200 | - -**First real commits pushed via API:** -- session-handoff.md v2.1 -- FIREFROST-PROJECT-SCOPE-V2.md v2.2 -- TASKS.md complete rewrite -- GIT-ACCESS-PLAN.md (this document) -- DOCUMENT-INDEX.md - ---- - -## IMPACT - -### Before (Manual Workflow) -- Session start: 8+ file downloads, 8+ uploads, 10-15 minutes -- After crash: Emergency downloads/uploads with damaged hands -- Every edit: Download → edit → upload cycle -- GitHub mirror: Public exposure of all internal documents - -### After (Gitea API) -- Session start: ONE paste, 30 seconds -- After crash: ONE paste, full recovery -- Every edit: Claude writes directly, Michael reviews -- Security: Zero public exposure, authenticated access only - -### Accessibility Win -This is the biggest workflow improvement since the automation system. Michael's hands go from 8+ upload operations per session to ONE paste operation. After crashes, recovery goes from emergency manual work to a single paste. - ---- - -## FUTURE: TOKEN PERSISTENCE - -Currently the token is pasted each session. Future options to eliminate even that: - -1. **Vaultwarden** — Store token, retrieve at session start -2. **Claude Memory** — If Anthropic supports secure token storage -3. **Environment variable** — On Command Center, accessible via automation - -Status: Not urgent. One paste per session is acceptable. - ---- - -**Fire + Frost + Foundation = Where Love Builds Legacy** 💙🔥❄️