bd daemon sync: 2026-01-22 15:32:28
This commit is contained in:
Dan
parent
bfedd00a6f
commit
3189ba1361
|
|
@ -168,7 +168,7 @@
|
||||||
{"id":"ops-jrz1-w1mb","title":"Bug: VS Code Claude extension loses auth on restart","description":"## Symptom\nClaude Code VS Code extension loses API key authentication after VS Code restart.\n\n## Root Cause Found\nhome-manager symlinks ~/.config/Code/User/settings.json to read-only Nix store.\nVS Code extensions cannot persist settings/auth state.\n\n## Workaround\nLogin via CLI first: claude /login\nExtension reads shared credentials from ~/.claude/.credentials.json\n\n## Fix\nFiled dotfiles-j06 to address home-manager VS Code config.\n\n## References\n- GitHub anthropics/claude-code#12204","status":"closed","priority":3,"issue_type":"bug","owner":"dleink@gmail.com","created_at":"2026-01-15T21:55:03.276834742-08:00","created_by":"Dan","updated_at":"2026-01-16T11:58:58.256452631-08:00","closed_at":"2026-01-16T11:58:58.256452631-08:00","close_reason":"Root cause identified: home-manager read-only symlink. Filed dotfiles-j06 for fix."}
|
{"id":"ops-jrz1-w1mb","title":"Bug: VS Code Claude extension loses auth on restart","description":"## Symptom\nClaude Code VS Code extension loses API key authentication after VS Code restart.\n\n## Root Cause Found\nhome-manager symlinks ~/.config/Code/User/settings.json to read-only Nix store.\nVS Code extensions cannot persist settings/auth state.\n\n## Workaround\nLogin via CLI first: claude /login\nExtension reads shared credentials from ~/.claude/.credentials.json\n\n## Fix\nFiled dotfiles-j06 to address home-manager VS Code config.\n\n## References\n- GitHub anthropics/claude-code#12204","status":"closed","priority":3,"issue_type":"bug","owner":"dleink@gmail.com","created_at":"2026-01-15T21:55:03.276834742-08:00","created_by":"Dan","updated_at":"2026-01-16T11:58:58.256452631-08:00","closed_at":"2026-01-16T11:58:58.256452631-08:00","close_reason":"Root cause identified: home-manager read-only symlink. Filed dotfiles-j06 for fix."}
|
||||||
{"id":"ops-jrz1-w68","title":"Remote dev environment security and setup research","description":"Research and test security/setup questions for learner remote dev environments.\n\n## Context\nTwo dev paths identified:\n1. **Server-first**: SSH in, run agentic coders on server\n2. **Local VS Code**: Remote-SSH extension, code on server\n\nBoth have open questions around sandboxing, system packages, deployment access, and security boundaries.\n\n## Scope\n- System package management for learners\n- User isolation and sandboxing options\n- Agentic coder security (what can Claude do?)\n- Deployment pipeline security\n- VS Code extension behavior testing\n- Resource limits and quotas\n\n## Deliverables\n- Answers to open questions (documented)\n- Security recommendations\n- Implementation plan for chosen approach","status":"open","priority":2,"issue_type":"epic","created_at":"2026-01-02T12:26:48.104374079-08:00","created_by":"dan","updated_at":"2026-01-02T12:26:48.104374079-08:00","dependencies":[{"issue_id":"ops-jrz1-w68","depends_on_id":"ops-jrz1-9pe","type":"blocks","created_at":"2026-01-02T12:27:59.277687811-08:00","created_by":"dan"},{"issue_id":"ops-jrz1-w68","depends_on_id":"ops-jrz1-ghd","type":"blocks","created_at":"2026-01-02T12:27:59.32841874-08:00","created_by":"dan"},{"issue_id":"ops-jrz1-w68","depends_on_id":"ops-jrz1-3b1","type":"blocks","created_at":"2026-01-02T12:27:59.375858081-08:00","created_by":"dan"},{"issue_id":"ops-jrz1-w68","depends_on_id":"ops-jrz1-3au","type":"blocks","created_at":"2026-01-02T12:27:59.428509997-08:00","created_by":"dan"},{"issue_id":"ops-jrz1-w68","depends_on_id":"ops-jrz1-3jo","type":"blocks","created_at":"2026-01-02T12:27:59.473581774-08:00","created_by":"dan"},{"issue_id":"ops-jrz1-w68","depends_on_id":"ops-jrz1-bbn","type":"blocks","created_at":"2026-01-02T12:27:59.523975339-08:00","created_by":"dan"}]}
|
{"id":"ops-jrz1-w68","title":"Remote dev environment security and setup research","description":"Research and test security/setup questions for learner remote dev environments.\n\n## Context\nTwo dev paths identified:\n1. **Server-first**: SSH in, run agentic coders on server\n2. **Local VS Code**: Remote-SSH extension, code on server\n\nBoth have open questions around sandboxing, system packages, deployment access, and security boundaries.\n\n## Scope\n- System package management for learners\n- User isolation and sandboxing options\n- Agentic coder security (what can Claude do?)\n- Deployment pipeline security\n- VS Code extension behavior testing\n- Resource limits and quotas\n\n## Deliverables\n- Answers to open questions (documented)\n- Security recommendations\n- Implementation plan for chosen approach","status":"open","priority":2,"issue_type":"epic","created_at":"2026-01-02T12:26:48.104374079-08:00","created_by":"dan","updated_at":"2026-01-02T12:26:48.104374079-08:00","dependencies":[{"issue_id":"ops-jrz1-w68","depends_on_id":"ops-jrz1-9pe","type":"blocks","created_at":"2026-01-02T12:27:59.277687811-08:00","created_by":"dan"},{"issue_id":"ops-jrz1-w68","depends_on_id":"ops-jrz1-ghd","type":"blocks","created_at":"2026-01-02T12:27:59.32841874-08:00","created_by":"dan"},{"issue_id":"ops-jrz1-w68","depends_on_id":"ops-jrz1-3b1","type":"blocks","created_at":"2026-01-02T12:27:59.375858081-08:00","created_by":"dan"},{"issue_id":"ops-jrz1-w68","depends_on_id":"ops-jrz1-3au","type":"blocks","created_at":"2026-01-02T12:27:59.428509997-08:00","created_by":"dan"},{"issue_id":"ops-jrz1-w68","depends_on_id":"ops-jrz1-3jo","type":"blocks","created_at":"2026-01-02T12:27:59.473581774-08:00","created_by":"dan"},{"issue_id":"ops-jrz1-w68","depends_on_id":"ops-jrz1-bbn","type":"blocks","created_at":"2026-01-02T12:27:59.523975339-08:00","created_by":"dan"}]}
|
||||||
{"id":"ops-jrz1-wj2","title":"Design API key provisioning strategy","description":"opencode needs API keys (OpenAI, Anthropic). Options: 1) Shared key with proxy + rate limiting, 2) Per-user keys in sops-nix. Need to prevent key exposure and enable usage tracking.","status":"closed","priority":1,"issue_type":"task","created_at":"2025-12-05T15:32:19.526073243-08:00","updated_at":"2025-12-05T17:25:10.534718515-08:00","closed_at":"2025-12-05T17:25:10.534718515-08:00","dependencies":[{"issue_id":"ops-jrz1-wj2","depends_on_id":"ops-jrz1-3so","type":"parent-child","created_at":"2025-12-05T17:05:47.103332379-08:00","created_by":"daemon","metadata":"{}"}]}
|
{"id":"ops-jrz1-wj2","title":"Design API key provisioning strategy","description":"opencode needs API keys (OpenAI, Anthropic). Options: 1) Shared key with proxy + rate limiting, 2) Per-user keys in sops-nix. Need to prevent key exposure and enable usage tracking.","status":"closed","priority":1,"issue_type":"task","created_at":"2025-12-05T15:32:19.526073243-08:00","updated_at":"2025-12-05T17:25:10.534718515-08:00","closed_at":"2025-12-05T17:25:10.534718515-08:00","dependencies":[{"issue_id":"ops-jrz1-wj2","depends_on_id":"ops-jrz1-3so","type":"parent-child","created_at":"2025-12-05T17:05:47.103332379-08:00","created_by":"daemon","metadata":"{}"}]}
|
||||||
{"id":"ops-jrz1-xoad","title":"Create release cycle and changelog process","description":"Need a way to communicate changes to users - changelog, release notes, or similar.\n\nIdeas:\n- MOTD on SSH login showing recent changes\n- /etc/motd.d/ with dynamic changelog\n- bd-powered changelog generation\n\nNext session priority.","status":"in_progress","priority":2,"issue_type":"task","created_at":"2026-01-10T13:49:46.492349303-08:00","created_by":"dan","updated_at":"2026-01-16T15:29:40.249800763-08:00"}
|
{"id":"ops-jrz1-xoad","title":"Create release cycle and changelog process","description":"Need a way to communicate changes to users - changelog, release notes, or similar.\n\nIdeas:\n- MOTD on SSH login showing recent changes\n- /etc/motd.d/ with dynamic changelog\n- bd-powered changelog generation\n\n## Release Checklist (future)\n- [ ] Review/validate user-facing docs (~/AGENTS.md, ~/README.md)\n- [ ] Update changelog\n- [ ] Deploy\n- [ ] Notify users\n\nNext session priority.","status":"in_progress","priority":2,"issue_type":"task","created_at":"2026-01-10T13:49:46.492349303-08:00","created_by":"dan","updated_at":"2026-01-22T15:32:27.591031778-08:00"}
|
||||||
{"id":"ops-jrz1-xz1","title":"Fix maubot admin UI exposed to internet (port 29316)","description":"Maubot admin UI on port 29316 is publicly accessible (returns 401 but API surface exposed). Firewall explicitly allows this port. Risk: brute force on admin password, direct exploit of any maubot vulnerabilities. Fix: bind to 127.0.0.1 only, remove from firewall, access via SSH tunnel.","status":"closed","priority":1,"issue_type":"bug","created_at":"2025-12-04T21:03:22.531676543-08:00","updated_at":"2025-12-04T22:35:24.162735368-08:00","closed_at":"2025-12-04T22:35:24.162735368-08:00"}
|
{"id":"ops-jrz1-xz1","title":"Fix maubot admin UI exposed to internet (port 29316)","description":"Maubot admin UI on port 29316 is publicly accessible (returns 401 but API surface exposed). Firewall explicitly allows this port. Risk: brute force on admin password, direct exploit of any maubot vulnerabilities. Fix: bind to 127.0.0.1 only, remove from firewall, access via SSH tunnel.","status":"closed","priority":1,"issue_type":"bug","created_at":"2025-12-04T21:03:22.531676543-08:00","updated_at":"2025-12-04T22:35:24.162735368-08:00","closed_at":"2025-12-04T22:35:24.162735368-08:00"}
|
||||||
{"id":"ops-jrz1-xz7","title":"Research: Multi-user auth storage for agentic coders","description":"Investigate where auth credentials are stored for each agentic coder when multiple users authenticate:\n\n## Questions\n- Claude Code: Where is OAuth token stored? ~/.claude? Conflicts between users?\n- opencode: Auth storage location?\n- gemini-cli: Auth storage?\n- codex: Auth storage?\n\n## Goal\nUnderstand if there are isolation issues when multiple users auth on same server.","status":"open","priority":2,"issue_type":"task","created_at":"2026-01-02T17:30:15.028994987-08:00","created_by":"dan","updated_at":"2026-01-02T17:30:15.028994987-08:00"}
|
{"id":"ops-jrz1-xz7","title":"Research: Multi-user auth storage for agentic coders","description":"Investigate where auth credentials are stored for each agentic coder when multiple users authenticate:\n\n## Questions\n- Claude Code: Where is OAuth token stored? ~/.claude? Conflicts between users?\n- opencode: Auth storage location?\n- gemini-cli: Auth storage?\n- codex: Auth storage?\n\n## Goal\nUnderstand if there are isolation issues when multiple users auth on same server.","status":"open","priority":2,"issue_type":"task","created_at":"2026-01-02T17:30:15.028994987-08:00","created_by":"dan","updated_at":"2026-01-02T17:30:15.028994987-08:00"}
|
||||||
{"id":"ops-jrz1-y8le","title":"Stop Matrix before backup for RocksDB consistency","description":"RocksDB is backed up while running, risking corrupt snapshots. Add systemd pre-hook to stop matrix-continuwuity during backup window.","status":"closed","priority":4,"issue_type":"task","created_at":"2026-01-10T14:01:50.945222296-08:00","created_by":"dan","updated_at":"2026-01-10T20:15:25.90394816-08:00","closed_at":"2026-01-10T20:15:25.90394816-08:00","close_reason":"Accepting risk: RocksDB has crash consistency, 3 AM backup window has minimal activity, and we have multiple daily snapshots. Can re-evaluate if restore drill shows corruption."}
|
{"id":"ops-jrz1-y8le","title":"Stop Matrix before backup for RocksDB consistency","description":"RocksDB is backed up while running, risking corrupt snapshots. Add systemd pre-hook to stop matrix-continuwuity during backup window.","status":"closed","priority":4,"issue_type":"task","created_at":"2026-01-10T14:01:50.945222296-08:00","created_by":"dan","updated_at":"2026-01-10T20:15:25.90394816-08:00","closed_at":"2026-01-10T20:15:25.90394816-08:00","close_reason":"Accepting risk: RocksDB has crash consistency, 3 AM backup window has minimal activity, and we have multiple daily snapshots. Can re-evaluate if restore drill shows corruption."}
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue