Remmer/stiftung-management-system
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix MCP config: replace hardcoded token with env-var wrapper script
Some checks failed
CI/CD Pipeline / test (push) Has been cancelled
Details
CI/CD Pipeline / deploy (push) Has been cancelled
Details
Code Quality / quality (push) Has been cancelled
Details

Browse Source 
MCP_AUTH_TOKEN was stored in plain text in .mcp.json and thus in git
history. Now connect.sh reads the token from the environment variable
MCP_AUTH_TOKEN — set via export in ~/.bashrc or a secrets manager.

⚠️ Old token is in git history and should be rotated on the server.
Rotate: python manage.py create_agent_token <username>

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
SysAdmin Agent
2026-03-21 22:05:21 +00:00
parent 5f1a3fd27d
commit f7c122515f
2 changed files with 18 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
.mcp.json
View File

@@ -1,11 +1,9 @@
{
"mcpServers": {
"stiftung": {
"command": "ssh",
"command": "bash",
"args": [
"-o", "StrictHostKeyChecking=no",
"deployment@217.154.84.225",
"cd /opt/stiftung && docker compose run --rm -T -e MCP_AUTH_TOKEN=a66d2bf53b83489693a59af6ff0e3dd2a09885b98aced40f6bbb7423a173e173 -e DJANGO_ALLOW_ASYNC_UNSAFE=true mcp"
"/home/remmer/stiftung/app/mcp_server/connect.sh"
]
}
}