Skip to content

docs(claude): live instance details, migration status, and drift notes #3

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
bakerboy448 wants to merge 1 commit into
base: main
Choose a base branch
from
+15 −0
Open

docs(claude): live instance details, migration status, and drift notes #3

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
15 changes: 15 additions & 0 deletions CLAUDE.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,3 +14,18 @@ QUI automation workflows for qBittorrent torrent lifecycle management.
- Sort order in filenames reflects execution order
- No PII — tracker names (myanonamouse, TorrentLeech) are public well-known names
- Conventional commits

## Live Instance

- Container: `qui.internal` (ghcr.io/hotio/qui) on hetzner, port 7476
- Auth: OIDC-only (`QUI__OIDC_DISABLE_BUILT_IN_LOGIN=true`) — no built-in login, no plain API key
- Export script (`scripts/export.sh`) requires `QUI_API_KEY`; generate one via qui Settings → API Keys
- FILE_MAP IDs in export.sh match the live instance (verified 2026-06-21)
- Predecessor repo `bakerboy448/qui-automations` is archived; this repo is canonical

Comment on lines +18 to +25

@coderabbitai coderabbitai Bot Jun 21, 2026

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🧹 Nitpick | 🔵 Trivial | 💤 Low value

Clarify API key availability in OIDC-only mode.

Line 21 states "no plain API key," which is technically correct but could be misread as "no API keys at all." In OIDC-only mode, users authenticate via OIDC first, then can generate API keys from the ui Settings. Consider rewording to "OIDC-only authentication required; API keys generated via UI after OIDC login" to avoid confusion.

📝 Proposed clarification 
 - Auth: OIDC-only (`QUI__OIDC_DISABLE_BUILT_IN_LOGIN=true`) — no built-in login, no plain API key
+ - Auth: OIDC-only (`QUI__OIDC_DISABLE_BUILT_IN_LOGIN=true`); API keys generated via UI after OIDC authentication
🤖 Prompt for AI Agents 
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@CLAUDE.md` around lines 18 - 25, The Auth line in the Live Instance section
uses ambiguous wording with "no plain API key" which could be misread as "no API
keys available at all." Clarify this line to explicitly state that OIDC
authentication is required first, and then API keys can be generated via the UI
Settings after successful OIDC login. Reword the Auth description to avoid the
confusing phrasing and make it clear that API keys do exist but are UI-generated
post-OIDC-login, not available through built-in login mechanisms.

## Known Live Drift (as of 2026-06-21)

Live instance predates some repo improvements. Two automations differ:

1. **HL-remove-limits** — live has `intervalSeconds: null` (explicit null); repo omits the field (equivalent — both mean "use qui default interval"). No action needed.
2. **Recheck: missing files** — live has an old-style explicit `forceRecheck` condition (`STATE = missingFiles`); repo has intentionally empty conditions (the correct newer form per qui's built-in recheck action). Live instance should be updated to match repo when convenient.
Loading