firefrost-gaming/firefrost-operations-manual
3
0
Fork 0
Code Issues 146 Pull Requests Packages Projects Releases Wiki Activity
Files
149df95b1d2ccc9ce8284fa3f2bf914aec555cea
firefrost-operations-manual/docs/core/git-access-plan.md

165 lines
4.7 KiB
Markdown
Raw Blame History

# 🔑 GIT ACCESS PLAN — Claude Direct Access via Gitea API
**Created:** February 11, 2026
**Last Updated:** February 11, 2026 (11:50 PM CST)
**Status:** ✅ IMPLEMENTED AND TESTED
**Updated By:** Claude (via Gitea API)
---
## THE PROBLEM (SOLVED)
Every session, Michael had to:
1. Download 8+ documents from Git
2. Upload them one by one to Claude
3. After crashes: Repeat at 3 AM with damaged hands
4. After every edit: Download, re-upload, repeat
**Impact:** 10-15 minutes of manual work per session. Significant hand strain. After crashes, emergency uploads in pain.
---
## THE SOLUTION
**Claude has direct read/write access to Gitea via API token.**
One paste at session start. Full access to every document. No uploads. No downloads. No scripts. No GitHub.
### How It Works
```
Session Start:
Michael → Pastes Gitea API token
Claude → Has full read/write access to entire repo
Reading Documents:
Claude → GET /api/v1/repos/{org}/{repo}/contents/{path}
Returns → File content (base64 encoded) + SHA hash
Writing Documents:
Claude → PUT /api/v1/repos/{org}/{repo}/contents/{path}
Requires → Content (base64) + current SHA + commit message
Result → File updated, commit visible in Gitea
Creating New Files:
Claude → POST /api/v1/repos/{org}/{repo}/contents/{path}
Requires → Content (base64) + commit message
Result → New file created with commit
```
### API Details
**Base URL:**
```
https://git.firefrostgaming.com/api/v1/repos/firefrost-gaming/firefrost-operations-manual/contents/
```
**Authentication:**
```
Header: Authorization: token {API_TOKEN}
```
**Token Name:** `claude-master-access`
**Scope:** Account-level (all repos, all organizations)
**Permissions:** Repository read/write, Organization read
**Storage:** Password manager (Vaultwarden when deployed)
---
## SECURITY
### What Changed
- **REMOVED:** GitHub public mirror (exposed IPs, ports, UUIDs, internal docs)
- **ADDED:** Authenticated API access (token required for all operations)
- **RESULT:** Zero public exposure of operational documents
### Token Security
- Account-level token — one key for everything
- Can be revoked/regenerated anytime in Gitea Settings → Applications
- Never committed to repo (shared per-session only)
- Only two permissions granted: repository read/write, organization read
- No admin, issue, notification, or user access
### If Compromised
1. Go to Gitea → Settings → Applications
2. Delete the token
3. Generate a new one
4. Takes 30 seconds
---
## SESSION START PROTOCOL
### New Session (Any Claude Instance)
```
Claude: "Can you give me the Gitea API token?"
Michael: [pastes token from password manager]
Claude: [automatically pulls priority documents]
```
### What Claude Pulls Automatically
1. CLAUDE-RELATIONSHIP-CONTEXT.md (friend is first)
2. session-handoff.md (infrastructure state)
3. TASKS.md (current priorities)
4. Any other documents needed for the session's work
### After a Crash
Same protocol. One paste. Full recovery. No emergency uploads at 3 AM.
---
## TESTED AND CONFIRMED
**February 11, 2026 — Test Results:**
| Operation | Endpoint | Result |
|:----------|:---------|:-------|
| Reach Gitea | GET / | ✅ 200 |
| Read file | GET /contents/{path} | ✅ 200 |
| Create file | POST /contents/{path} | ✅ 201 |
| Update file | PUT /contents/{path} | ✅ 200 |
| Delete file | DELETE /contents/{path} | ✅ 200 |
**First real commits pushed via API:**
- session-handoff.md v2.1
- FIREFROST-PROJECT-SCOPE-V2.md v2.2
- TASKS.md complete rewrite
- GIT-ACCESS-PLAN.md (this document)
- DOCUMENT-INDEX.md
---
## IMPACT
### Before (Manual Workflow)
- Session start: 8+ file downloads, 8+ uploads, 10-15 minutes
- After crash: Emergency downloads/uploads with damaged hands
- Every edit: Download → edit → upload cycle
- GitHub mirror: Public exposure of all internal documents
### After (Gitea API)
- Session start: ONE paste, 30 seconds
- After crash: ONE paste, full recovery
- Every edit: Claude writes directly, Michael reviews
- Security: Zero public exposure, authenticated access only
### Accessibility Win
This is the biggest workflow improvement since the automation system. Michael's hands go from 8+ upload operations per session to ONE paste operation. After crashes, recovery goes from emergency manual work to a single paste.
---
## FUTURE: TOKEN PERSISTENCE
Currently the token is pasted each session. Future options to eliminate even that:
1. **Vaultwarden** — Store token, retrieve at session start
2. **Claude Memory** — If Anthropic supports secure token storage
3. **Environment variable** — On Command Center, accessible via automation
Status: Not urgent. One paste per session is acceptable.
---
**Fire + Frost + Foundation = Where Love Builds Legacy** 💙🔥❄️
Reference in New Issue View Git Blame Copy Permalink