diff options
Diffstat (limited to 'README.org')
| -rw-r--r-- | README.org | 29 |
1 files changed, 29 insertions, 0 deletions
@@ -49,6 +49,35 @@ What gets installed: The install is re-runnable. Running it again refreshes files in place; personal tweaks live in =.claude/settings.local.json= and are not touched. +** MCP servers (user scope) + +Registers MCP servers globally (=user= scope) so every Claude Code project +sees them. Reads structure from =mcp/servers.json= (placeholders =${VAR}=), +decrypts secrets from =mcp/secrets.env.gpg= via gpg-agent, expands the +placeholders, then registers anything not already present in +=claude mcp list=. Idempotent — re-running is safe. + +#+begin_src bash +make install-mcp # decrypt + register everything in servers.json +make uninstall-mcp # remove every server listed in servers.json +make check-mcp # dry-run drift report (no decryption, no writes) +#+end_src + +=check-mcp= classifies each server as =ok= (in both), =MISSING= (configured +but not registered — run =install-mcp=), or =EXTRA= (registered but not +configured — usually intentional manual additions like the claude.ai web +servers). Exit code is non-zero only on =MISSING=, since =EXTRA= entries +are often deliberate. + +What lands on disk during =install-mcp=: +- =mcp/gcp-oauth.keys.json= (mode 600) — extracted for google-calendar-mcp +- =~/.config/google-docs-mcp/{personal,work}/token.json= (mode 600) — + per-profile OAuth tokens for =@a-bonus/google-docs-mcp= + +Secrets never touch disk in plain form outside the OAuth artifacts above. +The =.gpg= file is the source of truth; rotate via =gpg --edit-key= and +re-encrypt. See [[file:mcp/README.org][mcp/README.org]] for the full pipeline. + * Available languages | Language | Path | Notes | |