rotate leaked MEMORY_API_KEY: use wrapper script instead of plaintext env vars
- Remove MEMORY_API_KEY and CLAUDE_MEMORY_API_KEY from settings.json env block - Replace mcp.json inline config with wrapper script that sources GPG-encrypted secrets - Add new rotated key to encrypted secrets.zsh
This commit is contained in:
Viktor Barzin
parent
91e81da944
commit
7a1090795c
4 changed files with 30 additions and 31 deletions
7
dot_local/bin/executable_claude-memory-mcp-wrapper
Normal file
7
dot_local/bin/executable_claude-memory-mcp-wrapper
Normal file
|
|
@ -0,0 +1,7 @@
|
|||
#!/bin/bash
|
||||
# Wrapper for claude-memory MCP server that sources secrets from GPG-encrypted file.
|
||||
# This avoids committing API keys in plaintext JSON configs.
|
||||
source ~/.oh-my-zsh/custom/secrets.zsh 2>/dev/null
|
||||
export MEMORY_API_URL="${MEMORY_API_URL:-https://claude-memory.viktorbarzin.me}"
|
||||
export PYTHONPATH="/Users/viktorbarzin/code/claude-memory-mcp/src"
|
||||
exec python3 /Users/viktorbarzin/code/claude-memory-mcp/src/claude_memory/mcp_server.py "$@"
|
||||
Loading…
Add table
Add a link
Reference in a new issue