caddy-shortcuts: render shortcuts from private Forgejo sibling repos #121

Closed
opened 2026-05-25 05:30:21 +00:00 by coilysiren · 1 comment
Owner

After the port in #118 and the regression fix in #120, the script reads sibling coily.yaml from Forgejo anonymously. That covers ~35 public coilysiren/* repos. The ~10 private ones are silently skipped, so any tailnet.shortcut declared in a private repo's coily.yaml will not render.

Fix options:

  1. Use a Forgejo Actions secret with org-wide read scope (e.g. a personal token belonging to a service user that has read access across coilysiren/*). Stash in SSM, sync to Forgejo Actions secret via API.
  2. Mark the relevant private repos public if there's no real reason for them to be private.

Needs: an audit of which private repos actually declare tailnet.shortcut. If none do today, this is dormant and can stay open as a placeholder.

After the port in #118 and the regression fix in #120, the script reads sibling `coily.yaml` from Forgejo anonymously. That covers ~35 public coilysiren/* repos. The ~10 private ones are silently skipped, so any `tailnet.shortcut` declared in a private repo's coily.yaml will not render. Fix options: 1. Use a Forgejo Actions secret with org-wide read scope (e.g. a personal token belonging to a service user that has read access across `coilysiren/*`). Stash in SSM, sync to Forgejo Actions secret via API. 2. Mark the relevant private repos public if there's no real reason for them to be private. Needs: an audit of which private repos actually declare `tailnet.shortcut`. If none do today, this is dormant and can stay open as a placeholder.
Author
Owner

Backlog burndown 2026-06-17: closing low-priority (P3/P4) to bring the open count to a manageable level. Nothing lost — reopen if this resurfaces. Batch tag: burndown-2026-06.

Backlog burndown 2026-06-17: closing low-priority (P3/P4) to bring the open count to a manageable level. Nothing lost — reopen if this resurfaces. Batch tag: `burndown-2026-06`.
coilysiren 2026-06-17 08:22:42 +00:00
Sign in to join this conversation.
No description provided.