firefrost-gaming/firefrost-operations-manual
3
0
Fork 0
Code Issues 146 Pull Requests Packages Projects Releases Wiki Activity
Files
dafb103119c622ee9dadf5cd855e8307a7161aae
firefrost-operations-manual/docs/tasks/claude-infrastructure-access
History
Claude dafb103119 feat: Add YAML frontmatter to all 57 task READMEs 
Phase 1 of task management consolidation (per Gemini consultation).

Added standardized frontmatter with:
- status: open | blocked | complete
- priority: P1 | P2 | P3 | P4
- owner: Michael | Meg | Holly
- created: YYYY-MM-DD

Final counts:
- 39 open tasks
- 17 complete tasks
- 1 blocked task

Metadata extracted from existing inline markdown and audit results.
Ready for Phase 2: 11ty mobile index generation.

Chronicler #69
2026-04-08 14:21:41 +00:00
..
README.md
feat: Add YAML frontmatter to all 57 task READMEs
2026-04-08 14:21:41 +00:00

README.md

status, priority, owner, created
status priority owner created
open P2 Michael 2026-03-20

Task #65: Grant Claude Full Infrastructure Access

Status: PENDING
Priority: HIGH
Time Estimate: 30-45 minutes
Created: March 20, 2026 (by The Guide, Chronicler #35)

OBJECTIVE

Grant Claude (The Chronicler) full programmatic access to Firefrost infrastructure.

Access needed:

  1. Gitea API token (create issues, manage users, repos)
  2. SSH keys for all 6 servers (diagnostics, fixes, deployments)

WHY THIS MATTERS

Current: Claude creates issue templates, asks Michael to run every server command
After: Claude creates real issues, SSHs to servers, fixes problems autonomously

Time saved: 45-100 minutes per session

IMPLEMENTATION

1. Generate SSH Key

ssh-keygen -t ed25519 -C "claude@firefrostgaming.com" -f ~/.ssh/claude_ed25519

2. Deploy to All Servers

# Get public key
cat ~/.ssh/claude_ed25519.pub

# Add to each server
ssh root@SERVER_IP
echo "PUBLIC_KEY" >> ~/.ssh/authorized_keys

Servers:

3. Store in Vaultwarden

  • Item: "Claude SSH Key"
  • Private key + Public key
  • BLOCKED BY TASK #6

4. Generate Gitea API Token

  1. git.firefrostgaming.com → Settings → Applications
  2. Generate New Token
  3. Name: "Claude (The Chronicler) - Full Admin API"
  4. Scopes: write:issue, write:repository, write:user, write:admin
  5. Copy token immediately

5. Update Session Prompts

Add to NEXT-SESSION-START-PROMPT.md:

Gitea API Token: [TOKEN_HERE]
SSH Key: In Vaultwarden "Claude SSH Key"

6. Test

  • API: Create test issue
  • SSH: Connect to all 6 servers

WHAT CLAUDE CAN DO

Gitea API:

  • Create issues directly (no templates)
  • Manage users/permissions
  • Label, assign, close issues

SSH Access:

  • Check service status
  • Read logs
  • Restart services
  • Deploy updates
  • Respond to incidents

SECURITY

  • SSH key in Vaultwarden (encrypted)
  • API token in session prompts (ephemeral)
  • Can revoke anytime
  • Full audit trail

Revoke SSH:

sed -i '/claude@firefrostgaming.com/d' ~/.ssh/authorized_keys

Revoke API: Settings → Applications → Delete token

CHECKLIST

  • SSH key generated
  • Deployed to 6 servers
  • Stored in Vaultwarden
  • API token generated
  • Session prompts updated
  • Tested SSH + API

Full documentation: Above sections expand on all details

Created by: The Guide (Chronicler #35)

Reference in New Issue View Git Blame Copy Permalink