@rizom/ops 0.2.0-alpha.71 → 0.2.0-alpha.72

package/dist/load-registry.d.ts

@@ -14,7 +14,6 @@ export interface ResolvedCohort {
     presetOverride?: PilotPreset;
     aiApiKeyOverride?: string;
     gitSyncTokenOverride?: string;
-    mcpAuthTokenOverride?: string;
 }
 export interface ResolvedAnchorProfileSocialLink {
     platform: "github" | "instagram" | "linkedin" | "email" | "website";
@@ -29,6 +28,10 @@ export interface ResolvedAnchorProfile {
     story?: string;
     socialLinks?: ResolvedAnchorProfileSocialLink[];
 }
+export interface ResolvedSetupDelivery {
+    delivery: "email";
+    email: string;
+}
 export interface ResolvedUserIdentity {
     handle: string;
     cohort: string;
@@ -41,7 +44,7 @@ export interface ResolvedUserIdentity {
     discordAnchorUserId?: string;
     effectiveAiApiKey: string;
     effectiveGitSyncToken: string;
-    effectiveMcpAuthToken: string;
+    setup?: ResolvedSetupDelivery;
     anchorProfile: ResolvedAnchorProfile;
     snapshotStatus: SnapshotStatus;
 }

package/dist/schema.d.ts

@@ -15,7 +15,6 @@ export declare const pilotSchema: z.ZodObject<{
     aiApiKey: z.ZodString;
     gitSyncToken: z.ZodString;
     contentRepoAdminToken: z.ZodString;
-    mcpAuthToken: z.ZodString;
     agePublicKey: z.ZodString;
 }, "strict", z.ZodTypeAny, {
     agePublicKey: string;
@@ -29,7 +28,6 @@ export declare const pilotSchema: z.ZodObject<{
     aiApiKey: string;
     gitSyncToken: string;
     contentRepoAdminToken: string;
-    mcpAuthToken: string;
 }, {
     agePublicKey: string;
     schemaVersion: 1;
@@ -42,7 +40,6 @@ export declare const pilotSchema: z.ZodObject<{
     aiApiKey: string;
     gitSyncToken: string;
     contentRepoAdminToken: string;
-    mcpAuthToken: string;
 }>;
 export declare const userSchema: z.ZodObject<{
     handle: z.ZodString;
@@ -58,7 +55,16 @@ export declare const userSchema: z.ZodObject<{
     }>;
     aiApiKeyOverride: z.ZodOptional<z.ZodString>;
     gitSyncTokenOverride: z.ZodOptional<z.ZodString>;
-    mcpAuthTokenOverride: z.ZodOptional<z.ZodString>;
+    setup: z.ZodOptional<z.ZodObject<{
+        delivery: z.ZodLiteral<"email">;
+        email: z.ZodString;
+    }, "strict", z.ZodTypeAny, {
+        email: string;
+        delivery: "email";
+    }, {
+        email: string;
+        delivery: "email";
+    }>>;
     anchorProfile: z.ZodOptional<z.ZodObject<{
         name: z.ZodOptional<z.ZodString>;
         description: z.ZodOptional<z.ZodString>;
@@ -109,7 +115,10 @@ export declare const userSchema: z.ZodObject<{
     };
     aiApiKeyOverride?: string | undefined;
     gitSyncTokenOverride?: string | undefined;
-    mcpAuthTokenOverride?: string | undefined;
+    setup?: {
+        email: string;
+        delivery: "email";
+    } | undefined;
     anchorProfile?: {
         name?: string | undefined;
         email?: string | undefined;
@@ -130,7 +139,10 @@ export declare const userSchema: z.ZodObject<{
     };
     aiApiKeyOverride?: string | undefined;
     gitSyncTokenOverride?: string | undefined;
-    mcpAuthTokenOverride?: string | undefined;
+    setup?: {
+        email: string;
+        delivery: "email";
+    } | undefined;
     anchorProfile?: {
         name?: string | undefined;
         email?: string | undefined;
@@ -150,33 +162,28 @@ export declare const cohortSchema: z.ZodEffects<z.ZodObject<{
     presetOverride: z.ZodOptional<z.ZodEnum<["core", "default", "pro"]>>;
     aiApiKeyOverride: z.ZodOptional<z.ZodString>;
     gitSyncTokenOverride: z.ZodOptional<z.ZodString>;
-    mcpAuthTokenOverride: z.ZodOptional<z.ZodString>;
 }, "strict", z.ZodTypeAny, {
     members: string[];
     aiApiKeyOverride?: string | undefined;
     gitSyncTokenOverride?: string | undefined;
-    mcpAuthTokenOverride?: string | undefined;
     brainVersionOverride?: string | undefined;
     presetOverride?: "default" | "core" | "pro" | undefined;
 }, {
     members: string[];
     aiApiKeyOverride?: string | undefined;
     gitSyncTokenOverride?: string | undefined;
-    mcpAuthTokenOverride?: string | undefined;
     brainVersionOverride?: string | undefined;
     presetOverride?: "default" | "core" | "pro" | undefined;
 }>, {
     members: string[];
     aiApiKeyOverride?: string | undefined;
     gitSyncTokenOverride?: string | undefined;
-    mcpAuthTokenOverride?: string | undefined;
     brainVersionOverride?: string | undefined;
     presetOverride?: "default" | "core" | "pro" | undefined;
 }, {
     members: string[];
     aiApiKeyOverride?: string | undefined;
     gitSyncTokenOverride?: string | undefined;
-    mcpAuthTokenOverride?: string | undefined;
     brainVersionOverride?: string | undefined;
     presetOverride?: "default" | "core" | "pro" | undefined;
 }>;

package/dist/secrets-encrypt.d.ts

@@ -1,18 +1,15 @@
 import { z } from "@brains/utils";
 declare const encryptedUserSecretsSchema: z.ZodObject<{
     gitSyncToken: z.ZodOptional<z.ZodString>;
-    mcpAuthToken: z.ZodOptional<z.ZodString>;
     discordBotToken: z.ZodOptional<z.ZodString>;
     aiApiKey: z.ZodOptional<z.ZodString>;
 }, "strict", z.ZodTypeAny, {
     aiApiKey?: string | undefined;
     gitSyncToken?: string | undefined;
-    mcpAuthToken?: string | undefined;
     discordBotToken?: string | undefined;
 }, {
     aiApiKey?: string | undefined;
     gitSyncToken?: string | undefined;
-    mcpAuthToken?: string | undefined;
     discordBotToken?: string | undefined;
 }>;
 export type EncryptedUserSecrets = z.infer<typeof encryptedUserSecretsSchema>;

package/package.json

@@ -4,7 +4,7 @@
   "publishConfig": {
     "access": "public"
   },
-  "version": "0.2.0-alpha.71",
+  "version": "0.2.0-alpha.72",
   "type": "module",
   "exports": {
     ".": {

package/templates/rover-pilot/.env.schema

@@ -20,16 +20,19 @@ GIT_SYNC_TOKEN=
 # @required @sensitive
 CONTENT_REPO_ADMIN_TOKEN=
 
-# MCP interface
-# Comes from the decrypted users/<handle>.secrets.yaml.age file.
-# @required @sensitive
-MCP_AUTH_TOKEN=
-
 # Discord (optional, per-user)
 # Comes from the decrypted users/<handle>.secrets.yaml.age file when enabled.
 # @sensitive
 DISCORD_BOT_TOKEN=
 
+# Setup email delivery (optional, shared)
+# Used when a user file declares setup.delivery: email.
+# @sensitive
+SETUP_EMAIL_API_KEY=
+
+# @sensitive
+SETUP_EMAIL_FROM=
+
 # ---- deploy/provision vars ----
 
 # @required @sensitive

package/templates/rover-pilot/.github/workflows/deploy.yml

@@ -103,7 +103,8 @@ jobs:
         env:
           SHARED_AI_API_KEY: ${{ secrets[steps.user_secrets.outputs.shared_ai_api_key_secret_name] }}
           SHARED_GIT_SYNC_TOKEN: ${{ secrets[steps.user_secrets.outputs.shared_git_sync_token_secret_name] }}
-          SHARED_MCP_AUTH_TOKEN: ${{ secrets[steps.user_secrets.outputs.shared_mcp_auth_token_secret_name] }}
+          SETUP_EMAIL_API_KEY: ${{ secrets.SETUP_EMAIL_API_KEY }}
+          SETUP_EMAIL_FROM: ${{ secrets.SETUP_EMAIL_FROM }}
           HCLOUD_TOKEN: ${{ secrets.HCLOUD_TOKEN }}
           HCLOUD_SSH_KEY_NAME: ${{ secrets.HCLOUD_SSH_KEY_NAME }}
           HCLOUD_SERVER_TYPE: ${{ secrets.HCLOUD_SERVER_TYPE }}
@@ -117,7 +118,6 @@ jobs:
         run: |
           export AI_API_KEY="${AI_API_KEY:-$SHARED_AI_API_KEY}"
           export GIT_SYNC_TOKEN="${GIT_SYNC_TOKEN:-$SHARED_GIT_SYNC_TOKEN}"
-          export MCP_AUTH_TOKEN="${MCP_AUTH_TOKEN:-$SHARED_MCP_AUTH_TOKEN}"
           bun deploy/scripts/validate-secrets.ts
 
       - name: Seed content repo
@@ -175,14 +175,14 @@ jobs:
         env:
           SHARED_AI_API_KEY: ${{ secrets[steps.user_secrets.outputs.shared_ai_api_key_secret_name] }}
           SHARED_GIT_SYNC_TOKEN: ${{ secrets[steps.user_secrets.outputs.shared_git_sync_token_secret_name] }}
-          SHARED_MCP_AUTH_TOKEN: ${{ secrets[steps.user_secrets.outputs.shared_mcp_auth_token_secret_name] }}
+          SETUP_EMAIL_API_KEY: ${{ secrets.SETUP_EMAIL_API_KEY }}
+          SETUP_EMAIL_FROM: ${{ secrets.SETUP_EMAIL_FROM }}
           KAMAL_REGISTRY_PASSWORD: ${{ secrets.KAMAL_REGISTRY_PASSWORD }}
           CERTIFICATE_PEM: ${{ secrets.CERTIFICATE_PEM }}
           PRIVATE_KEY_PEM: ${{ secrets.PRIVATE_KEY_PEM }}
         run: |
           export AI_API_KEY="${AI_API_KEY:-$SHARED_AI_API_KEY}"
           export GIT_SYNC_TOKEN="${GIT_SYNC_TOKEN:-$SHARED_GIT_SYNC_TOKEN}"
-          export MCP_AUTH_TOKEN="${MCP_AUTH_TOKEN:-$SHARED_MCP_AUTH_TOKEN}"
           bun deploy/scripts/write-kamal-secrets.ts
 
       - name: Provision server

package/templates/rover-pilot/deploy/scripts/decrypt-user-secrets.ts

@@ -20,7 +20,6 @@ const pilot = parseFlatYaml(readFileSync("pilot.yaml", "utf8"));
 
 writeGitHubEnv("AI_API_KEY", secrets["aiApiKey"] ?? "");
 writeGitHubEnv("GIT_SYNC_TOKEN", secrets["gitSyncToken"] ?? "");
-writeGitHubEnv("MCP_AUTH_TOKEN", secrets["mcpAuthToken"] ?? "");
 writeGitHubEnv("DISCORD_BOT_TOKEN", secrets["discordBotToken"] ?? "");
 
 writeGitHubOutput(
@@ -31,10 +30,6 @@ writeGitHubOutput(
   "shared_git_sync_token_secret_name",
   requireFlatValue(pilot, "gitSyncToken", "pilot.yaml"),
 );
-writeGitHubOutput(
-  "shared_mcp_auth_token_secret_name",
-  requireFlatValue(pilot, "mcpAuthToken", "pilot.yaml"),
-);
 
 function extractAgeIdentity(contents: string): string {
   const line = contents

package/templates/rover-pilot/docs/onboarding-checklist.md

@@ -4,7 +4,7 @@
 2. Run `bunx brains-ops age-key:bootstrap <repo> --push-to gh`.
 3. Fill in `pilot.yaml`.
    - keep your pinned `brainVersion`
-   - confirm shared selectors for `aiApiKey`, `gitSyncToken`, `contentRepoAdminToken`, and `mcpAuthToken`
+   - confirm shared selectors for `aiApiKey`, `gitSyncToken`, and `contentRepoAdminToken`
    - use different tokens for `contentRepoAdminToken` and `gitSyncToken`: admin creates/checks content repos; sync is used by runtime directory-sync
    - confirm `agePublicKey`
 4. Run `bunx brains-ops user:add <repo> <handle> --cohort <cohort>`.
@@ -12,6 +12,8 @@
    - if the user should be an anchor there, add `--anchor-id <discord-user-id>`.
    - the command creates `users/<handle>.yaml`, `users/<handle>.secrets.yaml`, and the cohort membership without duplicating existing entries.
 5. Edit the generated user file if the anchor profile needs richer metadata.
+   - For browser/CMS-first onboarding, add `setup.delivery: email` and `setup.email` to the user file.
+   - Ensure `SETUP_EMAIL_API_KEY` and `SETUP_EMAIL_FROM` exist as GitHub Secrets before deploying any email-setup user.
 6. Run `bunx brains-ops render <repo>`.
 7. Run `bunx brains-ops ssh-key:bootstrap <repo> --push-to gh`.
 8. Run `bunx brains-ops cert:bootstrap <repo> --push-to gh`.
@@ -23,11 +25,11 @@
     - `https://<handle>.rizom.ai/health` returns `200`
     - unauthenticated `POST https://<handle>.rizom.ai/mcp` returns `401`
 14. For fleet upgrades, edit `pilot.yaml.brainVersion` and push once; CI rebuilds the shared image tag, refreshes generated user env files, and redeploys affected users.
-15. Hand the Discord setup details to the user.
+15. For Discord users, hand the Discord setup details to the user. For email-setup users, confirm they received the setup email and completed passkey registration.
 16. Hand over the browser defaults:
     - Dashboard: `https://<handle>.rizom.ai/`
     - CMS: `https://<handle>.rizom.ai/cms`
     - GitHub token guidance for CMS access to the user's private content repo
-17. If they need direct client access, also hand over the MCP connection details.
+17. If they need direct client access, use OAuth/passkey-capable clients where possible; do not use the deprecated static `MCP_AUTH_TOKEN` path for Rover pilot users.
 18. If you are also giving them a content repo workflow, describe it as optional and frame git/Obsidian as an advanced file-based path, not the default.
 19. Send `docs/user-onboarding.md` to the user as the pilot handoff guide.

package/templates/rover-pilot/docs/operator-playbook.md

@@ -70,6 +70,69 @@ Use these checks after deploy:
 - unauthenticated `POST https://<handle>.rizom.ai/mcp` should return `401 Unauthorized: Bearer token required`
 - a bare `GET /` may also return `401`; that is expected for rover core and does not indicate a bad deploy
 
+## Setup email checklist
+
+Use this for browser/CMS-first users who should receive their own first-passkey setup link by email.
+
+1. Add setup delivery to the user file:
+
+   ```yaml
+   setup:
+     delivery: email
+     email: user@example.com
+   ```
+
+2. Configure these GitHub Secrets before deploy:
+   - `SETUP_EMAIL_API_KEY`
+   - `SETUP_EMAIL_FROM`
+
+3. Reconcile/deploy the user or cohort:
+   - `bunx brains-ops onboard . <handle>`
+   - or `bunx brains-ops reconcile-cohort . <cohort>`
+
+4. Verify the generated `users/<handle>/brain.yaml` contains `auth-service.setupEmail` and `email-resend` config.
+5. Ask the user to complete passkey setup from the email link, then use:
+   - Dashboard: `https://<handle>.rizom.ai/`
+   - CMS: `https://<handle>.rizom.ai/cms`
+
+Notes:
+
+- The setup URL is generated and sent by the running brain; operators should not scrape logs or SSH into the instance to retrieve it.
+- The auth service owns setup email dedupe. It should not resend for the same persisted setup token after restart, but should retry failed delivery and resend after token rotation.
+- `SETUP_EMAIL_FROM` is not marked required because fleets without email setup can omit it, but it is required for users with `setup.delivery: email`.
+
+## Legacy MCP token cleanup
+
+Rover pilot onboarding no longer uses the deprecated static `MCP_AUTH_TOKEN` fallback. OAuth/passkeys and setup email are the default browser/CMS path.
+
+For existing Rover pilot repos:
+
+1. Update the checked-in deploy contract first:
+   - remove `mcpAuthToken` from `pilot.yaml`
+   - remove `MCP_AUTH_TOKEN` from `.env.schema`
+   - remove `SHARED_MCP_AUTH_TOKEN` / `MCP_AUTH_TOKEN` exports from `.github/workflows/deploy.yml`
+   - update `deploy/scripts/decrypt-user-secrets.ts` so it no longer reads or writes `mcpAuthToken`
+
+2. Confirm no per-user or cohort MCP overrides exist:
+
+   ```sh
+   rg "mcpAuthToken|MCP_AUTH_TOKEN" users cohorts pilot.yaml
+   ```
+
+3. If there were no user/cohort overrides, no `.age` re-encryption is needed: the default token lived only as the GitHub Secret named `MCP_AUTH_TOKEN`, not inside `users/<handle>.secrets.yaml.age`.
+4. Redeploy all existing Rover users while the GitHub Secret still exists. A secret existing in GitHub is not inherited by jobs or containers unless the workflow references it.
+5. Verify the new deploy does not pass the token:
+   - generated `.kamal/secrets` does not contain `MCP_AUTH_TOKEN`
+   - the running container environment does not contain `MCP_AUTH_TOKEN`
+
+6. Delete the unused GitHub Secret last:
+
+   ```sh
+   gh secret delete MCP_AUTH_TOKEN
+   ```
+
+Only decrypt and re-encrypt `users/<handle>.secrets.yaml.age` files if step 2 or a direct audit shows an actual `mcpAuthToken` override was stored there.
+
 ## Discord bot token checklist
 
 Use this when enabling Discord for a pilot user.
@@ -97,7 +160,7 @@ Notes:
 - Do not reuse the same Discord bot token across multiple pilot users.
 - Discord is the default pilot interface moving forward.
 - The encrypted `users/<handle>.secrets.yaml.age` file is the durable checked-in deploy input; your local env is only the operator staging source.
-- MCP is optional and mainly for direct client access or specific testing workflows.
+- Direct MCP client access should use OAuth/passkey-capable clients where possible; do not reintroduce `MCP_AUTH_TOKEN` for Rover pilot users.
 - When explaining the content workflow, describe it first as a normal **git repo** of **markdown/text files**.
 - Position **Obsidian** as optional: it is just one possible editor for those same files, not the default requirement.
 

package/templates/rover-pilot/pilot.yaml

@@ -8,5 +8,4 @@ preset: core
 aiApiKey: AI_API_KEY
 gitSyncToken: GIT_SYNC_TOKEN
 contentRepoAdminToken: CONTENT_REPO_ADMIN_TOKEN
-mcpAuthToken: MCP_AUTH_TOKEN
 agePublicKey: age1replace-with-your-public-key