MosswartOverlord/.gitignore at f8943991659db7a57ed5d4f3f7d339c342f1efdc - SawatoMosswartsEnjoyersClub/MosswartOverlord - Forgejo: Beyond coding. We Forge. Snakes.

SawatoMosswartsEnjoyersClub/MosswartOverlord

Erik f894399165 feat(agent): isolate from erik — dedicated overlord-agent user

The agent service was running as User=erik, which meant:
- Sessions polluted erik's ~/.claude/projects/
- erik's .claude/settings.local.json (months of accumulated dev permissions
  for docker/git/dotnet/etc.) was loaded by the production agent, defeating
  the --allowed-tools whitelist
- Subscription rate quota mingled between human-erik's interactive Claude
  Code use and the production assistant
- Theoretical access to /home/erik/.ssh, .bash_history, .gitconfig

Now:
- User=overlord-agent (system account, no shell, /var/lib/overlord-agent home)
- HOME=/var/lib/overlord-agent — claude state fully isolated from erik
- /home/erik/.claude permissions tightened to 0700 (was 0755)
- group=overlord-agent on the repo + /etc/overlord/agent.env (read-only)

Project settings:
- New strict committed .claude/settings.json: deny Bash/Read/Write/Edit/
  Glob/Grep/NotebookEdit/WebSearch; allow only WebFetch(domain:acpedia.org)
- .claude/settings.local.json now gitignored (was leaking dev permissions
  to the server through the deploy)

2026-04-25 21:50:57 +02:00

9 lines

270 B

Text

Raw Blame History

 .venv
 __pycache__
 static/v2/
 frontend/node_modules/
 # Claude Code per-machine permissions (do NOT deploy to server — production
 # agent must run with the strict permissions in committed .claude/settings.json)
 .claude/settings.local.json
 .claude/settings.local.json.*