diff --git a/.claude/CLAUDE.md b/.claude/CLAUDE.md index 67befd0..4b067b7 100644 --- a/.claude/CLAUDE.md +++ b/.claude/CLAUDE.md @@ -48,6 +48,7 @@ Paliad — the patent paladin. All-in-one patent practice platform for HLC (form | `SMTP_HOST` / `SMTP_PORT` / `SMTP_USERNAME` / `SMTP_PASSWORD` / `SMTP_FROM` / `SMTP_FROM_NAME` / `SMTP_USE_TLS` | for email | SMTP credentials for Paliad's transactional mail (reminders, invitations). Port 465 uses implicit TLS. `MailService` silently no-ops when any required var is missing — the server still boots for knowledge-platform-only deployments. | | `ANTHROPIC_API_KEY` | not used in PoC | Reserved for the eventual production-v1 Paliadin (the Anthropic Messages API path, see `docs/design-paliadin-2026-05-07.md` §2). The Phase 0 PoC (t-paliad-146) does NOT use this — it shells out to a local `claude` CLI via tmux instead, which uses m's existing Claude Code subscription. Set this env var only after the PoC validates and we cut over to the API-backed path. The earlier "Phase H Frist-Extraktion" reservation is dead — that feature is deferred separately (memory `b6a11b55…`). | | `PALIADIN_SESSION_PREFIX` | optional (default `paliad-paliadin`) | Prefix for the per-user tmux session names the Paliadin service uses (t-paliad-155). Each Paliad user gets their own session named `-` (first 8 hex chars of the user's UUID); conversation history accumulates per visit, `ResetSession` kills the session entirely. The persona + response protocol now live in `~/.claude/skills/paliadin/SKILL.md` (installed via `scripts/install-paliadin-skill`) — no in-process system prompt is sent. | +| `PALIADIN_REMOTE_CWD` | shim env (default `/home/m/dev/paliad`) | Working directory `paliadin-shim` uses when spawning the long-lived `claude` pane on mRiver. Must be the paliad repo root so claude picks up `.mcp.json` (project-scoped Supabase MCP); without it, the SKILL.md SQL recipes have no DB tool. Set on mRiver only — paliad's Go side never reads this. | | `PALIADIN_RESPONSE_DIR` | optional (default `/tmp/paliadin`) | Directory where Claude writes its per-turn response files. The Go service polls this directory for `{turn_id}.txt` files. | > *Note on Paliadin gating (t-paliad-146):* there is **no** `PALIADIN_ENABLED` env var. Access is gated in code via `services.PaliadinOwnerEmail` (currently `matthias.siebels@hoganlovells.com`). Every other authenticated user gets a 404 on `/paliadin` and `/admin/paliadin`. This means the routes register on every paliad deploy (including paliad.de prod), but only m can reach them — and even then, prod only works if the host has `tmux` + a `claude` CLI in PATH (which the Dokploy container does not). PoC remains a laptop-only feature; the gate is in the code, not the deploy. diff --git a/scripts/paliadin-shim b/scripts/paliadin-shim index 118b9af..6032069 100755 --- a/scripts/paliadin-shim +++ b/scripts/paliadin-shim @@ -31,6 +31,11 @@ umask 077 readonly RESPONSE_DIR="${PALIADIN_RESPONSE_DIR:-/tmp/paliadin}" readonly TIMEOUT_S="${PALIADIN_TIMEOUT_S:-60}" +# Working directory for the claude pane. Must be the paliad repo root so +# claude picks up .mcp.json (project-scoped Supabase MCP) — without it, +# the SKILL.md SQL recipes fail with no DB tool. Override via env var if +# the repo lives elsewhere on this host. +readonly CLAUDE_CWD="${PALIADIN_REMOTE_CWD:-/home/m/dev/paliad}" readonly PANE_READY_S=60 # max wait for claude pane to settle readonly TURN_ID_RE='^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}$' # Session names are constructed by the Go side as `paliad-paliadin-`; @@ -95,7 +100,11 @@ ensure_pane() { log_err "claude CLI not found in PATH" exit 3 fi - idx=$(tmux new-window -t "$session" -n claude-paliadin -P -F '#{window_index}' claude) + if [[ ! -d "$CLAUDE_CWD" ]]; then + log_err "claude cwd $CLAUDE_CWD does not exist — set PALIADIN_REMOTE_CWD" + exit 3 + fi + idx=$(tmux new-window -c "$CLAUDE_CWD" -t "$session" -n claude-paliadin -P -F '#{window_index}' claude) target="$session:$idx" # Wait for claude to settle. Matches Go waitForPaneReady (paliadin.go).