50fa79407d
Some checks are pending
CI — CoM Config Validation / Validate JSON Configs (push) Waiting to run
CI — CoM Config Validation / Validate YAML Configs (push) Waiting to run
CI — CoM Config Validation / Lint Shell Scripts (push) Waiting to run
CI — CoM Config Validation / Secret Detection (push) Waiting to run
CI — CoM Config Validation / Lint Markdown (push) Waiting to run
CI — CoM Config Validation / Validate CODEOWNERS (push) Waiting to run
Public, sanitized mirror of an AI orchestration command center: agents, skills, MCP servers, slash-command workflows. All infrastructure identifiers, hostnames, mesh IPs/subnets, repo paths, maintainer identity, and hardware fleet specifics scrubbed to <placeholders>; session debug logs and host-specific memory removed. No live credentials. Verified clean by automated leak sweep. See SANITIZATION.md. churchofmalware.org . authorized research only
5.7 KiB
5.7 KiB
MCP Admin System — Token Setup Guide
Status: 2026-03-25 | Owner: CADevO Purpose: Complete admin system health restoration
Current MCP Health Status
| Server | Status | Action Required |
|---|---|---|
| desktop-commander | ✅ OK | None |
| filesystem-synos | ✅ OK | None |
| memory | ✅ OK | None |
| sequential-thinking | ✅ OK | None |
| playwright | ✅ OK | None |
| semgrep | ✅ OK | Token set |
| todoist | ✅ OK | Token set |
| github | ✅ FIXED | Token set from gh keyring |
| notion (local) | ⚠️ NEEDS TOKEN | See Step 1 below |
| slack | ❌ BROKEN | See Step 2 below |
| brave-search | ❌ BROKEN | See Step 3 below |
| context7 | ⚠️ UNKNOWN | May work without key on free tier |
| n8n | ❌ NOT DEPLOYED | n8n server needs to be stood up first |
| google-calendar | ❌ BROKEN | OAuth setup required |
Cloud MCP (claude.ai integrations)
These connect through the claude.ai web session and will drop if the session times out.
The local notion server above replaces the cloud Notion integration for reliability.
| Integration | How to Keep Alive |
|---|---|
| Notion (cloud) | Will be replaced by local server |
| Gmail | Re-authenticate at claude.ai → Settings → Integrations if it drops |
| Slack | Backed by local Slack MCP once token is set |
| Google Calendar | OAuth setup fixes this permanently |
Step 1: Notion API Key (CRITICAL)
The local Notion MCP replaces the flaky cloud integration. One-time setup.
- Go to: https://www.notion.so/my-integrations
- Click "New integration"
- Name: "Claude Code — "
- Type: Internal integration
- Capabilities: Read content, Update content, Insert content
- Copy the "Internal Integration Secret" (starts with
secret_) - Run this command (replace YOUR_KEY):
[System.Environment]::SetEnvironmentVariable('NOTION_API_KEY', 'secret_YOUR_KEY_HERE', 'User') - Share pages with integration: For each Notion page you want accessible:
- Open the page → Share → Invite → search for your integration name
Pages to share immediately:
- CoM Solutions (main)
- Business Hub
- Mission Control
- ARCANUM Operations Hub
- Library of Nerd / Lib_CYBR
Step 2: Slack Bot Token
- Go to: https://api.slack.com/apps
- Find or create "CoM CADevO" app in CoM Solutions HQ workspace
- OAuth & Permissions → Bot Token Scopes: channels:read, channels:history, chat:write, files:read
- Install to workspace → Copy "Bot User OAuth Token" (starts with
xoxb-) - Run:
[System.Environment]::SetEnvironmentVariable('SLACK_BOT_TOKEN', 'xoxb-YOUR-TOKEN', 'User') - Note: The Slack MCP config in
settings.jsoncurrently hardcodesSLACK_TEAM_IDtoCoMsolutionshq, so setting aSLACK_TEAM_IDenvironment variable will not affect behavior unless you updatesettings.jsonto read from the environment. If you later changesettings.jsonto reference${SLACK_TEAM_ID}, set it with:[System.Environment]::SetEnvironmentVariable('SLACK_TEAM_ID', 'YOUR_TEAM_ID', 'User')
Step 3: Brave Search API Key
- Go to: https://api.search.brave.com/register
- Create account → API Keys → Generate key (free tier: 2,000 queries/month)
- Run:
[System.Environment]::SetEnvironmentVariable('BRAVE_API_KEY', 'YOUR_KEY', 'User')
Step 4: n8n Deployment (Admin Automation Backbone)
All 10 HEARTBEAT workflows depend on n8n. Priority after Notion.
Fastest path — Docker on :
Security note:
- Bind n8n to localhost only unless you explicitly intend to expose it.
- Set
N8N_BASIC_AUTH_PASSWORDto a long, unique password (e.g. stored in a password manager).Example (PowerShell) to set the password for the current user:
[System.Environment]::SetEnvironmentVariable('N8N_BASIC_AUTH_PASSWORD', 'REPLACE_WITH_A_STRONG_UNIQUE_PASSWORD', 'User')
docker run -d --restart unless-stopped \
-p 127.0.0.1:5678:5678 \
-v n8n_data:/home/node/.n8n \
-e N8N_BASIC_AUTH_ACTIVE=true \
-e N8N_BASIC_AUTH_USER=admin \
-e N8N_BASIC_AUTH_PASSWORD="${N8N_BASIC_AUTH_PASSWORD:?set a strong N8N_BASIC_AUTH_PASSWORD}" \
--name n8n \
n8nio/n8n
Then:
[System.Environment]::SetEnvironmentVariable('N8N_API_URL', 'http://localhost:5678', 'User')
# Get API key from n8n UI: Settings → API → Create API Key
[System.Environment]::SetEnvironmentVariable('N8N_API_KEY', 'YOUR_N8N_KEY', 'User')
Step 5: Google Calendar OAuth
- Go to: https://console.cloud.google.com
- Create project "CoM Admin" → Enable Google Calendar API
- Credentials → Create OAuth Client ID → Desktop app
- Download JSON → extract client_id and client_secret
- Run:
[System.Environment]::SetEnvironmentVariable('GOOGLE_CALENDAR_CLIENT_ID', 'YOUR_ID', 'User') [System.Environment]::SetEnvironmentVariable('GOOGLE_CALENDAR_CLIENT_SECRET', 'YOUR_SECRET', 'User')
After Each Token Set
Restart Claude Code after setting env vars — the new process will inherit them.
Verify with:
echo "NOTION: ${NOTION_API_KEY:+SET}" && echo "SLACK: ${SLACK_BOT_TOKEN:+SET}" && echo "BRAVE: ${BRAVE_API_KEY:+SET}" && echo "N8N: ${N8N_API_URL:+SET}"
Unimplemented Admin Systems (HEARTBEAT backlog)
All 10 n8n workflows are planned but not built. Priority order:
- Morning Report (needs n8n + Notion + Slack)
- Tailscale Mesh Monitor (needs n8n + Slack)
- GitHub PR Watchdog (needs n8n + GitHub webhook + Slack)
- Notion Sync (needs n8n + Notion + Google Drive)
- Dependency Audit (
cargo audit→ Slack alert)
These require n8n to be running first (Step 4 above).