perplexity/Timmy-time-dashboard
Archived
1
0
Fork 0
forked from Rockachopa/Timmy-time-dashboard
Code Issues Pull Requests 1 Activity

feat: centralize L402 config, automate Metal install, fix watchdog cleanup

Browse Source 
- config.py: add L402_HMAC_SECRET, L402_MACAROON_SECRET, LIGHTNING_BACKEND
  to pydantic-settings with startup warnings for default secrets
- l402_proxy.py, mock_backend.py, factory.py: migrate from os.environ.get()
  to `from config import settings` per project convention
- Makefile: `make install-creative` now auto-installs PyTorch nightly with
  Metal (MPS) support on Apple Silicon instead of just printing a note
- activate_self_tdd.sh: add PID file (.watchdog.pid) and EXIT trap so
  Ctrl-C cleanly stops both the dashboard and the watchdog process
- .gitignore: add .watchdog.pid

https://claude.ai/code/session_01A81E5HMxZEPxzv2acNo35u
This commit is contained in:
Claude
2026-02-25 18:19:22 +00:00
parent c0ca166d43
commit 2e7f3d1b29
7 changed files with 70 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
src/config.py
View File

@@ -59,6 +59,14 @@ class Settings(BaseSettings):
video_transition_duration: float = 1.0
default_video_codec: str = "libx264"
# ── L402 Lightning ───────────────────────────────────────────────────
# HMAC secrets for macaroon signing and invoice verification.
# MUST be changed from defaults before deploying to production.
# Generate with: python3 -c "import secrets; print(secrets.token_hex(32))"
l402_hmac_secret: str = "timmy-hmac-secret"
l402_macaroon_secret: str = "timmy-macaroon-secret"
lightning_backend: Literal["mock", "lnd"] = "mock"
model_config = SettingsConfigDict(
env_file=".env",
env_file_encoding="utf-8",
@@ -67,3 +75,20 @@ class Settings(BaseSettings):
settings = Settings()
# ── Startup validation ───────────────────────────────────────────────────────
# Warn when security-sensitive settings are using defaults.
import logging as _logging
_startup_logger = _logging.getLogger("config")
if settings.l402_hmac_secret == "timmy-hmac-secret":
_startup_logger.warning(
"SEC: L402_HMAC_SECRET is using the default value — "
"set a unique secret in .env before deploying to production."
)
if settings.l402_macaroon_secret == "timmy-macaroon-secret":
_startup_logger.warning(
"SEC: L402_MACAROON_SECRET is using the default value — "
"set a unique secret in .env before deploying to production."
)