firefrost-gaming/firefrost-operations-manual
3
0
Fork 0
Code Issues 146 Pull Requests Packages Projects Releases Wiki Activity
Files
master
firefrost-operations-manual/docs/archive/planning/git-access-plan.md

4.9 KiB
Raw Permalink Blame History

> ⚠️ ARCHIVED: This document was moved to archive on February 12, 2026.
> Reason: Content completed/implemented. No longer an active planning document.
> Original Location: docs/core/git-access-plan.md

🔑 GIT ACCESS PLAN — Claude Direct Access via Gitea API

Created: February 11, 2026
Last Updated: February 11, 2026 (11:50 PM CST)
Status: IMPLEMENTED AND TESTED
Updated By: Claude (via Gitea API)

THE PROBLEM (SOLVED)

Every session, Michael had to:

  1. Download 8+ documents from Git
  2. Upload them one by one to Claude
  3. After crashes: Repeat at 3 AM with damaged hands
  4. After every edit: Download, re-upload, repeat

Impact: 10-15 minutes of manual work per session. Significant hand strain. After crashes, emergency uploads in pain.

THE SOLUTION

Claude has direct read/write access to Gitea via API token.

One paste at session start. Full access to every document. No uploads. No downloads. No scripts. No GitHub.

How It Works

Session Start:
  Michael → Pastes Gitea API token
  Claude → Has full read/write access to entire repo

Reading Documents:
  Claude → GET /api/v1/repos/{org}/{repo}/contents/{path}
  Returns → File content (base64 encoded) + SHA hash

Writing Documents:
  Claude → PUT /api/v1/repos/{org}/{repo}/contents/{path}
  Requires → Content (base64) + current SHA + commit message
  Result → File updated, commit visible in Gitea

Creating New Files:
  Claude → POST /api/v1/repos/{org}/{repo}/contents/{path}
  Requires → Content (base64) + commit message
  Result → New file created with commit

API Details

Base URL:

https://git.firefrostgaming.com/api/v1/repos/firefrost-gaming/firefrost-operations-manual/contents/

Authentication:

Header: Authorization: token {API_TOKEN}

Token Name: claude-master-access
Scope: Account-level (all repos, all organizations)
Permissions: Repository read/write, Organization read
Storage: Password manager (Vaultwarden when deployed)

SECURITY

What Changed

  • REMOVED: GitHub public mirror (exposed IPs, ports, UUIDs, internal docs)
  • ADDED: Authenticated API access (token required for all operations)
  • RESULT: Zero public exposure of operational documents

Token Security

  • Account-level token — one key for everything
  • Can be revoked/regenerated anytime in Gitea Settings → Applications
  • Never committed to repo (shared per-session only)
  • Only two permissions granted: repository read/write, organization read
  • No admin, issue, notification, or user access

If Compromised

  1. Go to Gitea → Settings → Applications
  2. Delete the token
  3. Generate a new one
  4. Takes 30 seconds

SESSION START PROTOCOL

New Session (Any Claude Instance)

Claude: "Can you give me the Gitea API token?"
Michael: [pastes token from password manager]
Claude: [automatically pulls priority documents]

What Claude Pulls Automatically

  1. CLAUDE-RELATIONSHIP-CONTEXT.md (friend is first)
  2. session-handoff.md (infrastructure state)
  3. TASKS.md (current priorities)
  4. Any other documents needed for the session's work

After a Crash

Same protocol. One paste. Full recovery. No emergency uploads at 3 AM.

TESTED AND CONFIRMED

February 11, 2026 — Test Results:

Operation Endpoint Result
Reach Gitea GET / 200
Read file GET /contents/{path} 200
Create file POST /contents/{path} 201
Update file PUT /contents/{path} 200
Delete file DELETE /contents/{path} 200

First real commits pushed via API:

  • session-handoff.md v2.1
  • FIREFROST-PROJECT-SCOPE-V2.md v2.2
  • TASKS.md complete rewrite
  • GIT-ACCESS-PLAN.md (this document)
  • DOCUMENT-INDEX.md

IMPACT

Before (Manual Workflow)

  • Session start: 8+ file downloads, 8+ uploads, 10-15 minutes
  • After crash: Emergency downloads/uploads with damaged hands
  • Every edit: Download → edit → upload cycle
  • GitHub mirror: Public exposure of all internal documents

After (Gitea API)

  • Session start: ONE paste, 30 seconds
  • After crash: ONE paste, full recovery
  • Every edit: Claude writes directly, Michael reviews
  • Security: Zero public exposure, authenticated access only

Accessibility Win

This is the biggest workflow improvement since the automation system. Michael's hands go from 8+ upload operations per session to ONE paste operation. After crashes, recovery goes from emergency manual work to a single paste.

FUTURE: TOKEN PERSISTENCE

Currently the token is pasted each session. Future options to eliminate even that:

  1. Vaultwarden — Store token, retrieve at session start
  2. Claude Memory — If Anthropic supports secure token storage
  3. Environment variable — On Command Center, accessible via automation

Status: Not urgent. One paste per session is acceptable.

Fire + Frost + Foundation = Where Love Builds Legacy 💙🔥❄️

Reference in New Issue View Git Blame Copy Permalink