firefrost-gaming/firefrost-operations-manual
3
0
Fork 0
Code Issues 146 Pull Requests Packages Projects Releases Wiki Activity
Files
e3197c386f16fcdc779b5d15f1a4e1b65b49b83a
firefrost-operations-manual/docs/tasks/scoped-gitea-token
History
Claude e317952c3f docs: Add deployment guide for Scoped Gitea Token 
Created comprehensive guide for creating scoped Gitea token for Pokerole project:
- Step-by-step token creation in Gitea UI
- Proper scope selection (repo read/write only)
- Vaultwarden storage procedure
- Testing procedures (verify access/no-access)
- Session prompt update instructions
- Security benefits comparison
- Troubleshooting common issues
- Rollback plan

Implements Iron Wall principle: enforce boundaries technically,
not through honor system. Isolates Pokerole project from
Firefrost infrastructure.

Task: Scoped Gitea Token (Tier 1)
FFG-STD-002 compliant
2026-02-17 17:14:34 +00:00
..
deployment-guide.md
docs: Add deployment guide for Scoped Gitea Token
2026-02-17 17:14:34 +00:00
README.md
Create scoped-gitea-token task
2026-02-16 06:56:02 -06:00

README.md

Scoped Gitea Token for Pokerole Project

Status: Ready
Priority: Tier 1 - Security
Time: 15 minutes
Depends: Vaultwarden operational
Last Updated: 2026-02-16

Overview

Create scoped Gitea API token limited to Pokerole repos only. Replace master token with defense-in-depth boundary enforcement.

Problem

Pokerole project currently uses master Gitea token with "honor system" scoping. Iron Wall principle: enforce technically, not socially.

Actions

  1. Create new Gitea token scoped to 4 Pokerole repos only
  2. Store in Vaultwarden
  3. Update pokerole-project/misc-docs/SESSION-START-PROMPT.md
  4. Test Claudius access (Pokerole repos ONLY)
  5. Remove master token reference

Success Criteria

  • Scoped token created and stored
  • Claudius isolated from Firefrost infrastructure
  • Defense in depth enforced

Fire + Frost + Foundation 💙🔥❄️

Reference in New Issue View Git Blame Copy Permalink