Hiddenden/AegisGitea-MCP
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
8c84d76bd5e4805b950facae8984f1f27e5aabe3
AegisGitea-MCP/.env.example
T
Latte 8c84d76bd5 docs(raw-api): document gitea_request, env vars and policy examples 
Adds docs/raw-api.md (two-layer policy, sensitive denylist, env vars, write-mode
warning), links it from index and api-reference, documents RAW_API_ENABLED /
RAW_API_ALLOW_SENSITIVE in .env.example, and adds commented virtual-tool-name
deny examples to policy.yaml.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-26 12:26:57 +02:00

95 lines
3.6 KiB
Bash
Raw Blame History

# Runtime environment
ENVIRONMENT=production
# Gitea OAuth/OIDC resource server
GITEA_URL=https://git.hiddenden.cafe
# OAuth mode (recommended and required for per-user repository isolation)
OAUTH_MODE=true
GITEA_OAUTH_CLIENT_ID=your-gitea-oauth-client-id
GITEA_OAUTH_CLIENT_SECRET=your-gitea-oauth-client-secret
# Server secret used to HMAC-sign the OAuth proxy state parameter.
# Required when OAUTH_MODE=true; must be at least 32 characters.
# Generate with: openssl rand -hex 32
OAUTH_STATE_SECRET=
# Optional explicit audience override; defaults to GITEA_OAUTH_CLIENT_ID
OAUTH_EXPECTED_AUDIENCE=
# OIDC discovery and JWKS cache TTL
OAUTH_CACHE_TTL_SECONDS=300
# Where dynamically registered OAuth clients (RFC 7591 /register) are stored.
# This file MUST live on a writable, persistent volume. The default below is
# mounted as the `aegis-mcp-data` volume in docker-compose; if you run the
# container read-only without that volume the OAuth flow returns 500 because the
# directory is not writable. Point this at any writable path if you deploy
# differently.
DCR_STORAGE_PATH=/var/lib/aegis-mcp/dcr_clients.json
# MCP server configuration
MCP_HOST=127.0.0.1
MCP_PORT=8080
# Public, externally-reachable base URL of THIS MCP server (no trailing slash).
# Used to build OAuth metadata and the /oauth/callback URL behind a reverse proxy.
# This is the host you give to Claude (its MCP URL is PUBLIC_BASE_URL + /mcp).
PUBLIC_BASE_URL=https://gitea-mcp.hiddenden.cafe
ALLOW_INSECURE_BIND=false
# Logging / observability
LOG_LEVEL=INFO
AUDIT_LOG_PATH=/var/log/aegis-mcp/audit.log
METRICS_ENABLED=true
EXPOSE_ERROR_DETAILS=false
STARTUP_VALIDATE_GITEA=true
# Authentication failure controls
MAX_AUTH_FAILURES=5
AUTH_FAILURE_WINDOW=300
# Request rate limiting
RATE_LIMIT_PER_MINUTE=60
TOKEN_RATE_LIMIT_PER_MINUTE=120
# Tool output limits
MAX_FILE_SIZE_BYTES=1048576
MAX_TOOL_RESPONSE_ITEMS=200
MAX_TOOL_RESPONSE_CHARS=20000
REQUEST_TIMEOUT_SECONDS=30
# Security controls
SECRET_DETECTION_MODE=mask # off|mask|block
POLICY_FILE_PATH=policy.yaml
# Write mode (disabled by default)
WRITE_MODE=false
WRITE_REPOSITORY_WHITELIST=
WRITE_ALLOW_ALL_TOKEN_REPOS=false
# Raw API dispatch (gitea_request escape hatch). See docs/raw-api.md.
# gitea_request can call any Gitea REST endpoint (method + path). It is still
# subject to policy.yaml, WRITE_MODE + the write whitelist, and a built-in
# admin/credential denylist. Set RAW_API_ENABLED=false to remove the tool's
# ability to dispatch entirely.
RAW_API_ENABLED=true
# Allow gitea_request to reach admin/credential surfaces (/admin, *tokens*,
# *secrets*, *hooks*, *keys*, applications/oauth2, runner registration tokens).
# Leave false unless you fully understand the exposure.
RAW_API_ALLOW_SENSITIVE=false
# Automation mode (disabled by default)
AUTOMATION_ENABLED=false
AUTOMATION_SCHEDULER_ENABLED=false
AUTOMATION_STALE_DAYS=30
# Service PAT for Gitea REST execution (recommended in OAuth mode).
# Gitea's OIDC access tokens carry only openid/profile/email and CANNOT call the
# repository REST API, so without this most tools fail. Set GITEA_TOKEN to a
# Personal Access Token from a DEDICATED bot account with least privilege:
# - scope: read:repository (add write:repository only if WRITE_MODE=true)
# The user's OAuth identity is still authoritative: before every repository call
# the server checks that the signed-in user has permission on the target repo and
# denies it otherwise — the PAT only performs the API call after that check.
GITEA_TOKEN=
# API-key mode only (used when OAUTH_MODE=false). Leave unset in OAuth mode.
# MCP_API_KEYS=
# AUTH_ENABLED=true
Reference in New Issue View Git Blame Copy Permalink