mfowler
7cd0ab2170
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01ALPo5Y86fzQjsALNZRSSG5
35 lines
2.2 KiB
Markdown
35 lines
2.2 KiB
Markdown
---
|
|
name: tangled-bot-and-repo-creation
|
|
description: notplants-bot bsky creds location + how to create a Tangled repo programmatically
|
|
metadata:
|
|
node_type: memory
|
|
type: reference
|
|
originSessionId: 5c93c441-4896-4a82-9dc4-0f7f39db24f0
|
|
---
|
|
|
|
The Tangled bot account `notplants-bot.bsky.social` (DID `did:plc:qfngkejlw4ghji2myc73hbdh`,
|
|
PDS `https://auriporia.us-west.host.bsky.network`). Its bsky password is in
|
|
`.secrets/notplants-bot.bsky.social.env` in the PO repo — **gitignored via `/.secrets/`**, perms 600,
|
|
never committed. (Consider rotating to an atproto app-password; the stored one looks like the main pw.)
|
|
|
|
**Tangled networking gotcha:** knots like `knot1.tangled.sh` are Cloudflare-fronted, so **SSH (port 22)
|
|
to a knot host is unreachable** from this box, but **HTTPS (443) works**. Git push goes through the
|
|
reachable SSH proxy `git@tangled.org:<handle>/<repo>` (which routes to the knot internally) — NOT
|
|
directly to the knot. The tangled SSH proxy addresses repos by the **owner's atproto identity/handle**,
|
|
not the knot-storage DID shown in clone URLs; "repo not found" over SSH means no access OR wrong owner
|
|
identity, not necessarily nonexistent.
|
|
|
|
**Create a repo programmatically as the bot** (no CLI exists; this is what the web "+ new repo" does):
|
|
1. `com.atproto.server.createSession` on the PDS → `accessJwt`, `did`.
|
|
2. `com.atproto.server.getServiceAuth?aud=did:web:knot1.tangled.sh&lxm=sh.tangled.repo.create&exp=<now+300>`
|
|
with `Authorization: Bearer <accessJwt>` → service-auth `token`.
|
|
3. `POST https://knot1.tangled.sh/xrpc/sh.tangled.repo.create` (Bearer = service token, JSON
|
|
`{rkey,name,defaultBranch:"main"}`) → `{repoDid}`. (Needs `server:member` on the knot; the bot
|
|
already has it since it pushes existing repos there.)
|
|
4. `POST <PDS>/xrpc/com.atproto.repo.createRecord` (Bearer = accessJwt) collection `sh.tangled.repo`,
|
|
record `{$type:"sh.tangled.repo", knot:"knot1.tangled.sh", name, description, createdAt, repoDid}`.
|
|
5. `git push git@tangled.org:<bot-handle>/<rkey> main`. (rkey = lowercased name.)
|
|
|
|
Repo created this way: `https://tangled.org/notplants-bot.bsky.social/apertus-70b-instruct-2509-experiments`
|
|
(holds the opencode/Apertus-70B config). Related: [[tangled-mirrors]].
|