feat: add setup-claude-auth.sh — one-command headless server auth for Claude Code#1
Open
paulschraven wants to merge 12 commits intofloomhq:mainfrom
Open
feat: add setup-claude-auth.sh — one-command headless server auth for Claude Code#1paulschraven wants to merge 12 commits intofloomhq:mainfrom
paulschraven wants to merge 12 commits intofloomhq:mainfrom
Conversation
Automates pushing Claude Code OAuth credentials from Mac to Linux dev server. Updates enforce-hetzner hook to recognize 'dev' SSH alias. Documents the headless server auth setup in server/README.md.
- Validate $SERVER arg against safe hostname charset - Remove OAuth token prefix from log output - Use printf instead of echo for credentials pipe - Store ANTHROPIC_AUTH_TOKEN dynamically in .bashrc (reads from credentials file, no plaintext token) - Remove -i flag from auth verification bash (non-interactive) - Replace fragile grep JSON check with python3 parse
…hmod, empty auth check)
…s, hook word boundary)
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
…es 401 Setting ANTHROPIC_AUTH_TOKEN to an OAuth token (sk-ant-oat01-...) causes "OAuth authentication is currently not supported" errors. Claude Code reads ~/.claude/.credentials.json natively for Max/Pro plan auth. The env var is only for API keys (ANTHROPIC_API_KEY). Script now removes any stale ANTHROPIC_AUTH_TOKEN from ~/.bashrc instead of injecting a new one. Verified working on dev server. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
dev() opens one iTerm2 tab per tmux session on the dev server. devs lists running sessions without attaching. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- server/terminal/start-claude-sessions.sh: on @reboot, finds every git repo under /root (maxdepth 2) and starts a named tmux session for each, cding into the repo and running "happy claude". Idempotent. - server/terminal/README.md: documents Happy (mobile/web Claude access), the boot script, and install steps - server/README.md: Quick Deploy steps 6 (auto-start) and 7 (Happy) - VERSION: 0.0.1.0 → 0.0.2.0 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
tmux.conf sets default-command, so send-keys was typing into the already-running Claude Code session. Pass the command directly to tmux new-session instead. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Documents the end-to-end pattern: Mac iTerm2 → dev server tmux sessions → happy claude for mobile access, with day-to-day commands and re-auth note. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Auth setup (v0.0.1.0)
server/setup-claude-auth.sh: one-command script that pushes Claude Code OAuth credentials from the Mac Keychain to a headless Linux server. Fixes the broken headless OAuth flow by copying~/.claude/.credentials.jsondirectly. Removes any staleANTHROPIC_AUTH_TOKENfrom~/.bashrc(that env var is for API keys only — setting it to an OAuth token causes 401 errors).mac/zshrc: Mac-side shell helpers —dev()opens one iTerm2 tab per server tmux session,devslists sessions without attaching.Boot + Happy (v0.0.2.0)
server/terminal/start-claude-sessions.sh:@rebootcron script that auto-starts one tmux session per git repo in/root, each runninghappy claude. Idempotent.server/terminal/README.mdandserver/README.md.Pre-Landing Review
No issues found.
Test plan
setup-claude-auth.shtested end-to-end: credentials extracted from Mac Keychain, copied to server,ANTHROPIC_AUTH_TOKENremoved, onboarding marked complete,claude auth statusverifieddev()function tested: opens multiple iTerm2 tabs, one per tmux sessionstart-claude-sessions.shtested: found 3 repos, created 3 named sessions, each runninghappy claude@rebootcron confirmed viacrontab -l🤖 Generated with Claude Code