- Add GrokBackend class in src/timmy/backends.py with full sync/async
support, health checks, usage stats, and cost estimation in sats
- Add consult_grok tool to Timmy's toolkit for proactive Grok queries
- Extend cascade router with Grok provider type for failover chain
- Add Grok Mode toggle card to Mission Control dashboard (HTMX live)
- Add "Ask Grok" button on chat input for direct Grok queries
- Add /grok/* routes: status, toggle, chat, stats endpoints
- Integrate Lightning invoice generation for Grok usage monetization
- Add GROK_ENABLED, XAI_API_KEY, GROK_DEFAULT_MODEL, GROK_MAX_SATS_PER_QUERY,
GROK_FREE config settings via pydantic-settings
- Update .env.example and docker-compose.yml with Grok env vars
- Add 21 tests covering backend, tools, and route endpoints (all green)
Local-first ethos preserved: Grok is premium augmentation only,
disabled by default, and Lightning-payable when enabled.
https://claude.ai/code/session_01FygwN8wS8J6WGZ8FPb7XGV
## Security (Workset A)
- XSS: Verified templates use safe DOM methods (textContent, createElement)
- Secrets: Fail-fast in production mode when L402 secrets not set
- Environment mode: Add TIMMY_ENV (development|production) validation
## Privacy (Workset C)
- Add telemetry_enabled config (default: False for sovereign AI)
- Pass telemetry setting to Agno Agent
- Update .env.example with TELEMETRY_ENABLED and TIMMY_ENV docs
## Agent Intelligence (Workset D)
- Enhanced TIMMY_SYSTEM_PROMPT with:
- Tool usage guidelines (when to use, when not to)
- Memory awareness documentation
- Operating mode documentation
- Help reduce unnecessary tool calls for simple queries
All 895 tests pass.
Telemetry disabled by default aligns with sovereign AI vision.
Introduces a vendor-agnostic chat platform architecture:
- chat_bridge/base.py: ChatPlatform ABC, ChatMessage, ChatThread
- chat_bridge/registry.py: PlatformRegistry singleton
- chat_bridge/invite_parser.py: QR + Ollama vision invite extraction
- chat_bridge/vendors/discord.py: DiscordVendor with native threads
Workflow: paste a screenshot of a Discord invite or QR code at
POST /discord/join → Timmy extracts the invite automatically.
Every Discord conversation gets its own thread, keeping channels clean.
Bot responds to @mentions and DMs, routes through Timmy agent.
43 new tests (base classes, registry, invite parser, vendor, routes).
https://claude.ai/code/session_01WU4h3cQQiouMwmgYmAgkMM
Add complete production deployment stack so Timmy can be deployed to any
cloud provider (DigitalOcean, AWS, Hetzner, etc.) with a single command.
New files:
- docker-compose.prod.yml: production stack (Caddy auto-HTTPS, Ollama LLM,
Dashboard, Timmy agent, Watchtower auto-updates)
- deploy/Caddyfile: reverse proxy with security headers and WebSocket support
- deploy/setup.sh: interactive one-click setup script for any Ubuntu/Debian server
- deploy/cloud-init.yaml: paste as User Data when creating a cloud VM
- deploy/timmy.service: systemd unit for auto-start on boot
- deploy/digitalocean/create-droplet.sh: create a DO droplet via doctl CLI
Updated:
- Dockerfile: non-root user, healthcheck, missing deps (GitPython, moviepy, redis)
- Makefile: cloud-deploy, cloud-up/down/logs/status/update/scale targets
- .env.example: DOMAIN setting for HTTPS
- .dockerignore: exclude deploy configs from image
https://claude.ai/code/session_018CduUZoEJzFynBwMsxaP8T
Bridges Telegram messages to Timmy via python-telegram-bot (optional
dependency). The bot token can be supplied through the TELEGRAM_TOKEN
env var or at runtime via the new POST /telegram/setup dashboard
endpoint, which (re)starts the bot without a restart.
Changes:
- src/telegram_bot/bot.py — TelegramBot singleton: token persistence
(telegram_state.json), lifecycle (start/stop), /start command and
message handler that forwards to Timmy
- src/dashboard/routes/telegram.py — /telegram/setup and /telegram/status
FastAPI routes
- src/dashboard/app.py — register telegram router; auto-start/stop bot
in lifespan hook
- src/config.py — TELEGRAM_TOKEN setting (pydantic-settings)
- pyproject.toml — [telegram] optional extra (python-telegram-bot>=21),
telegram_bot wheel include
- .env.example — TELEGRAM_TOKEN section
- .gitignore — exclude telegram_state.json (contains token)
- tests/conftest.py — stub telegram/telegram.ext for offline test runs
- tests/test_telegram_bot.py — 16 tests covering token helpers,
lifecycle, and all dashboard routes (370 total, all passing)
https://claude.ai/code/session_01CNBm3ZLobtx3Z1YogHq8ZS
- payment_handler.py: warn when L402_HMAC_SECRET uses default value
- l402_proxy.py: warn when L402_MACAROON_SECRET uses default value
- .env.example: document L402_HMAC_SECRET, L402_MACAROON_SECRET, and
LIGHTNING_BACKEND with generation instructions
These warnings ensure operators are alerted before deploying with
insecure default secrets.
Config (src/config.py):
- pydantic-settings Settings class: OLLAMA_URL, OLLAMA_MODEL, DEBUG
- Reads from .env (gitignored) with sane defaults
- settings singleton imported by health.py and agent.py
Removes two hardcodes:
- health.py: OLLAMA_URL="http://localhost:11434" → settings.ollama_url
- agent.py: Ollama(id="llama3.2") → settings.ollama_model
app.py:
- logging.basicConfig at INFO — requests/errors now visible in terminal
- docs_url/redoc_url gated on settings.debug (off by default)
pyproject.toml:
- pydantic-settings>=2.0.0 added to main dependencies
- hatch wheel config updated to include src/config.py
.env.example: documents all three env vars with inline comments
.gitignore: add !.env.example negation so the template gets committed
.github/workflows/tests.yml: runs pytest --cov on every push/PR
(ubuntu-latest, Python 3.11, pip cache)
All 27 tests pass.
https://claude.ai/code/session_01M4L3R98N5fgXFZRvV8X9b6
