1.7 KiB
1.7 KiB
Authentication
Agents need Gitea credentials to work autonomously via both MCP tools and the tea CLI fallback.
Credential Source
Credentials are stored in a project-level .claude/.env file (never in global env, to avoid overriding user's personal credentials).
Required variables
GITEA_HOST=https://git.marlerino-apps.io
GITEA_ACCESS_TOKEN=<api-token>
GITEA_USER=<username>
GITEA_PASS=<password>
GITEA_ACCESS_TOKEN— primary auth method (API token, used by MCP andtea)GITEA_USER/GITEA_PASS— fallback for basic auth when token is unavailable
Bootstrap
If .claude/.env does not exist, create it with empty values as a template:
mkdir -p .claude
cat > .claude/.env << 'EOF'
GITEA_HOST=
GITEA_ACCESS_TOKEN=
GITEA_USER=
GITEA_PASS=
EOF
Then tell the user: "Created .claude/.env — please fill in your Gitea credentials and re-run."
Stop execution — do not proceed without credentials.
Also ensure .claude/.env is in .gitignore:
grep -qxF '.claude/.env' .gitignore 2>/dev/null || echo '.claude/.env' >> .gitignore
Loading credentials
Before any Gitea operation, load credentials:
set -a; source .claude/.env; set +a
After loading, verify values are non-empty. If any required variable is empty, tell the user to fill in .claude/.env and stop.
tea CLI login
If tea is not yet logged in for this project, authenticate using loaded credentials:
tea login add \
--name project \
--url "$GITEA_HOST" \
--token "$GITEA_ACCESS_TOKEN" \
--user "$GITEA_USER"
Security
.claude/.envMUST be in.gitignore— never commit credentials- Agents bootstrap
.claude/.envautomatically if missing, but never fill in credential values themselves