grant/matrix-bridge
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
ee8408d182183d2d46a93a0478c874ec773a66b5
matrix-bridge/config.example.toml
T
Keysat 8ad1cd8465 Add headless "ask" mode: ?-prefixed message runs claude -p, answer posted back 
A message starting with `?` in a mapped room runs `claude -p` one-shot in that
repo on the Mac and posts the full answer back into the room — Matrix as a
request/response interface, not just a trigger. Non-`?` messages keep launching
interactive sessions as before.

New scripts/ask-claude.sh is a login-shell wrapper (so ~/.zprofile puts claude on
PATH) that exports CLAUDE_CODE_OAUTH_TOKEN from the Mac's .env and runs
`claude -p "$prompt" < /dev/null`, printing the answer to stdout. The bot adds a
`?`-dispatch with run_ask/ask: SSH stdout captured, 300s timeout, fail-loud, output
chunked under Matrix's event cap (no truncation).

Headless claude -p needs the long-lived token because a non-GUI SSH session can't
reach the login Keychain (reports "Not logged in") — the deliberate Approach A that
the interactive GUI-Terminal path (D11) avoided. Token is kept Mac-side only; the
Spark never runs claude. Sovereignty unchanged: claude -p uses the subscription, no
frontier API touches message payloads.

Proven live on the Spark; fresh-eyes reviewed before commit.
2026-06-15 19:50:36 -05:00

37 lines
1.8 KiB
TOML
Raw Blame History

# matrix-bridge — room → repo mapping (EXAMPLE)
#
# Copy to config.toml (gitignored) and fill in real values during Phase 0.
# The room you message in determines which repo the Claude Code session launches in —
# routing is deterministic in v1 (decision D6). Adding a project is a config edit, not code.
[homeserver]
url = "https://<your-synapse-host>" # existing StartOS Synapse, reached over WireGuard/LAN
user = "@matrix-bridge-bot:<your-domain>" # a dedicated bot Matrix account (not your own user)
# Credentials (access token or password) come from the environment or a gitignored secret —
# never commit them. The bot reads the homeserver URL + bot creds at startup.
# How the bot reaches the Mac (the proven Phase 0 seam). The bot runs on the Spark,
# where `ssh_alias` resolves; `launcher` is the absolute path to gui-launch.sh on the Mac.
[mac]
ssh_alias = "mac-bridge"
launcher = "/Users/macpro/Projects/<your-repo>/scripts/gui-launch.sh"
ask_launcher = "/Users/macpro/Projects/<your-repo>/scripts/ask-claude.sh" # headless `?`-prefix ask mode
# Container only: docker-entrypoint.sh generates ~/.ssh/config for `ssh_alias` from these.
# (On a host with `ssh_alias` already in ~/.ssh/config these are ignored.)
hostname = "10.0.0.0" # the Mac's address reachable from the Spark (e.g. WireGuard IP)
user = "<mac-username>"
# One [[room]] block per project.
# room_id — the internal Matrix room ID (starts with '!'), NOT the human alias (#name:domain)
# repo_dir — an absolute path on the Mac (note: ~/Projects uses a capital P)
# label — human-readable name, for logs and error messages
[[room]]
room_id = "!exampleRoomId:your-domain"
repo_dir = "/Users/macpro/Projects/<your-repo>"
label = "<project-name>"
[[room]]
room_id = "!anotherRoomId:your-domain"
repo_dir = "/Users/macpro/Projects/<another-repo>"
label = "<another-project>"
Reference in New Issue View Git Blame Copy Permalink