Latte
b1bc726a95
The DCR client registry created its storage directory eagerly in __init__,
and DCR_STORAGE_PATH defaulted to /var/lib/aegis-mcp — a path that is neither
created in the image nor mounted as a writable volume. Under the hardened
read-only docker-compose, every /oauth/authorize, /oauth/token, and /register
call hit `mkdir('/var/lib/aegis-mcp')` on a read-only filesystem, raising an
unhandled OSError and returning a bare "Internal Server Error" during login.
- oauth_flow.py: defer the storage-dir mkdir from __init__ to _persist (the
only write path). authorize/token only read the registry, so they no longer
require a writable filesystem and stop 500-ing.
- docker/Dockerfile: create and chown /var/lib/aegis-mcp.
- docker-compose.yml + docker/docker-compose.yml: add a persistent
aegis-mcp-data volume mounted at /var/lib/aegis-mcp so DCR registrations
survive restarts.
- .env.example: document DCR_STORAGE_PATH and set PUBLIC_BASE_URL to the real
MCP host.
- README.md: spell out exact values (Gitea host, MCP host, callback URL, MCP
URL) and add a "required writable volumes" section explaining the cause of
the login 500.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
75 lines
2.4 KiB
Bash
75 lines
2.4 KiB
Bash
# Runtime environment
|
|
ENVIRONMENT=production
|
|
|
|
# Gitea OAuth/OIDC resource server
|
|
GITEA_URL=https://git.hiddenden.cafe
|
|
|
|
# OAuth mode (recommended and required for per-user repository isolation)
|
|
OAUTH_MODE=true
|
|
GITEA_OAUTH_CLIENT_ID=your-gitea-oauth-client-id
|
|
GITEA_OAUTH_CLIENT_SECRET=your-gitea-oauth-client-secret
|
|
# Server secret used to HMAC-sign the OAuth proxy state parameter.
|
|
# Required when OAUTH_MODE=true; must be at least 32 characters.
|
|
# Generate with: openssl rand -hex 32
|
|
OAUTH_STATE_SECRET=
|
|
# Optional explicit audience override; defaults to GITEA_OAUTH_CLIENT_ID
|
|
OAUTH_EXPECTED_AUDIENCE=
|
|
# OIDC discovery and JWKS cache TTL
|
|
OAUTH_CACHE_TTL_SECONDS=300
|
|
# Where dynamically registered OAuth clients (RFC 7591 /register) are stored.
|
|
# This file MUST live on a writable, persistent volume. The default below is
|
|
# mounted as the `aegis-mcp-data` volume in docker-compose; if you run the
|
|
# container read-only without that volume the OAuth flow returns 500 because the
|
|
# directory is not writable. Point this at any writable path if you deploy
|
|
# differently.
|
|
DCR_STORAGE_PATH=/var/lib/aegis-mcp/dcr_clients.json
|
|
|
|
# MCP server configuration
|
|
MCP_HOST=127.0.0.1
|
|
MCP_PORT=8080
|
|
# Public, externally-reachable base URL of THIS MCP server (no trailing slash).
|
|
# Used to build OAuth metadata and the /oauth/callback URL behind a reverse proxy.
|
|
# This is the host you give to Claude (its MCP URL is PUBLIC_BASE_URL + /mcp).
|
|
PUBLIC_BASE_URL=https://gitea-mcp.hiddenden.cafe
|
|
ALLOW_INSECURE_BIND=false
|
|
|
|
# Logging / observability
|
|
LOG_LEVEL=INFO
|
|
AUDIT_LOG_PATH=/var/log/aegis-mcp/audit.log
|
|
METRICS_ENABLED=true
|
|
EXPOSE_ERROR_DETAILS=false
|
|
STARTUP_VALIDATE_GITEA=true
|
|
|
|
# Authentication failure controls
|
|
MAX_AUTH_FAILURES=5
|
|
AUTH_FAILURE_WINDOW=300
|
|
|
|
# Request rate limiting
|
|
RATE_LIMIT_PER_MINUTE=60
|
|
TOKEN_RATE_LIMIT_PER_MINUTE=120
|
|
|
|
# Tool output limits
|
|
MAX_FILE_SIZE_BYTES=1048576
|
|
MAX_TOOL_RESPONSE_ITEMS=200
|
|
MAX_TOOL_RESPONSE_CHARS=20000
|
|
REQUEST_TIMEOUT_SECONDS=30
|
|
|
|
# Security controls
|
|
SECRET_DETECTION_MODE=mask # off|mask|block
|
|
POLICY_FILE_PATH=policy.yaml
|
|
|
|
# Write mode (disabled by default)
|
|
WRITE_MODE=false
|
|
WRITE_REPOSITORY_WHITELIST=
|
|
WRITE_ALLOW_ALL_TOKEN_REPOS=false
|
|
|
|
# Automation mode (disabled by default)
|
|
AUTOMATION_ENABLED=false
|
|
AUTOMATION_SCHEDULER_ENABLED=false
|
|
AUTOMATION_STALE_DAYS=30
|
|
|
|
# Legacy compatibility (not used for OAuth-protected MCP tool execution)
|
|
# GITEA_TOKEN=
|
|
# MCP_API_KEYS=
|
|
# AUTH_ENABLED=true
|