From c896330a61ad0db0819555be0cee38a24e2f6a30 Mon Sep 17 00:00:00 2001 From: Alexander Whitestone Date: Sat, 4 Apr 2026 18:26:12 -0400 Subject: [PATCH] Harden status surfaces auth defaults --- bin/timmy-dashboard | 20 +++++++++++++++--- bin/timmy-status.sh | 49 ++++++++++++++++++++++++++++++++++++--------- 2 files changed, 57 insertions(+), 12 deletions(-) diff --git a/bin/timmy-dashboard b/bin/timmy-dashboard index 2ec2fc42..7def9f77 100644 --- a/bin/timmy-dashboard +++ b/bin/timmy-dashboard @@ -31,14 +31,28 @@ CORE_REPOS = [ "Timmy_Foundation/timmy-config", "Timmy_Foundation/hermes-agent", ] -GITEA_URL = os.environ.get("GITEA_URL", "http://143.198.27.163:3000").rstrip("/") +def resolve_gitea_url() -> str: + env = os.environ.get("GITEA_URL") + if env: + return env.rstrip("/") + api_hint = HERMES_HOME / "gitea_api" + if api_hint.exists(): + raw = api_hint.read_text().strip().rstrip("/") + return raw[:-7] if raw.endswith("/api/v1") else raw + base_url = Path.home() / ".config" / "gitea" / "base-url" + if base_url.exists(): + return base_url.read_text().strip().rstrip("/") + raise FileNotFoundError("Set GITEA_URL or create ~/.hermes/gitea_api") + + +GITEA_URL = resolve_gitea_url() def read_token() -> str | None: for path in [ + Path.home() / ".config" / "gitea" / "timmy-token", Path.home() / ".hermes" / "gitea_token_vps", - Path.home() / ".config" / "gitea" / "token", - Path.home() / ".config" / "gitea" / "codex-token", + Path.home() / ".hermes" / "gitea_token_timmy", ]: if path.exists(): return path.read_text().strip() diff --git a/bin/timmy-status.sh b/bin/timmy-status.sh index b8dd3093..ed569cef 100755 --- a/bin/timmy-status.sh +++ b/bin/timmy-status.sh @@ -5,16 +5,47 @@ set -euo pipefail -GITEA_URL="${GITEA_URL:-http://143.198.27.163:3000}" -CORE_REPOS="${CORE_REPOS:-Timmy_Foundation/the-nexus Timmy_Foundation/timmy-home Timmy_Foundation/timmy-config Timmy_Foundation/hermes-agent}" - -for token_file in "$HOME/.hermes/gitea_token_vps" "$HOME/.config/gitea/token" "$HOME/.config/gitea/codex-token"; do - if [ -f "$token_file" ]; then - TOKEN=$(cat "$token_file") - break +resolve_gitea_url() { + if [ -n "${GITEA_URL:-}" ]; then + printf '%s\n' "${GITEA_URL%/}" + return 0 fi -done -TOKEN="${TOKEN:-}" + if [ -f "$HOME/.hermes/gitea_api" ]; then + python3 - "$HOME/.hermes/gitea_api" <<'PY' +from pathlib import Path +import sys + +raw = Path(sys.argv[1]).read_text().strip().rstrip("/") +print(raw[:-7] if raw.endswith("/api/v1") else raw) +PY + return 0 + fi + if [ -f "$HOME/.config/gitea/base-url" ]; then + tr -d '[:space:]' < "$HOME/.config/gitea/base-url" + return 0 + fi + echo "ERROR: set GITEA_URL or create ~/.hermes/gitea_api" >&2 + return 1 +} + +resolve_ops_token() { + local token_file + for token_file in \ + "$HOME/.config/gitea/timmy-token" \ + "$HOME/.hermes/gitea_token_vps" \ + "$HOME/.hermes/gitea_token_timmy"; do + if [ -f "$token_file" ]; then + tr -d '[:space:]' < "$token_file" + return 0 + fi + done + return 1 +} + +GITEA_URL="$(resolve_gitea_url)" +CORE_REPOS="${CORE_REPOS:-Timmy_Foundation/the-nexus Timmy_Foundation/timmy-home Timmy_Foundation/timmy-config Timmy_Foundation/hermes-agent}" +TOKEN="$(resolve_ops_token || true)" +[ -z "$TOKEN" ] && echo "WARN: no approved Timmy Gitea token found; status sidebar will use unauthenticated API calls" >&2 B='\033[1m' D='\033[2m'