Overview
A configuration screen that lets users set environment variables and settings at the town level and per-agent, enabling manual token configuration (e.g., GitHub/GitLab API tokens for git operations) and other runtime configuration.
This is the highest priority item in Phase 2 because it unblocks manual configuration of git auth tokens that the container's git-manager.ts needs for clones and pushes to private repos. Until the integrations-based repo connection (PR 10.6) is complete, users need a way to manually provide a GitHub PAT or GitLab token.
Part of #204. See plans/gastown-cloud-proposal-d.md § "PR 10.5: Town Configuration" for the full design.
Key Deliverables
Configuration Model
Two-level config: town-level (applies to all agents) and agent-level overrides:
- Environment variables — Key-value pairs injected into all agent processes. Town-level with per-agent overrides (agent wins on conflict).
- Git authentication — GitHub PAT, GitLab token, GitLab instance URL. Mapped to env vars for
git-manager.ts to construct authenticated clone URLs (https://x-access-token:{token}@github.com/...).
- Agent defaults — Default model, max polecats per rig.
- Refinery config — Quality gate commands, auto-merge toggle.
- Container settings — Sleep timeout.
- Alarm intervals — Active/idle alarm periods.
Configuration Inheritance
When the container starts an agent process, env vars resolve in order (last wins):
- System defaults (
GASTOWN_API_URL, GASTOWN_SESSION_TOKEN, etc.)
- Town-level
env_vars
- Town-level
git_auth (mapped to GIT_TOKEN, etc.)
- Agent-level
env_vars overrides
Dashboard UI
New Settings page in the town sidebar (/gastown/[townId]/settings):
- Key-value editor for environment variables (with add/remove, sensitive value masking)
- Dedicated git authentication section with labeled inputs and helper text
- Agent defaults (model selector, polecat limits, alarm intervals)
- Refinery gates list editor
- Container sleep timeout
tRPC Procedures
| Procedure |
Type |
Purpose |
getTownConfig |
query |
Read town configuration |
updateTownConfig |
mutation |
Update town-level config (partial merge) |
getAgentConfig |
query |
Read agent-level overrides |
updateAgentConfig |
mutation |
Update per-agent overrides |
Security
- Sensitive values stored encrypted in DO and Postgres
- Dashboard masks sensitive values after save (last 4 chars)
- Env var keys validated (alphanumeric + underscore, no reserved
GASTOWN_ prefix)
Acceptance Criteria
Overview
A configuration screen that lets users set environment variables and settings at the town level and per-agent, enabling manual token configuration (e.g., GitHub/GitLab API tokens for git operations) and other runtime configuration.
This is the highest priority item in Phase 2 because it unblocks manual configuration of git auth tokens that the container's
git-manager.tsneeds for clones and pushes to private repos. Until the integrations-based repo connection (PR 10.6) is complete, users need a way to manually provide a GitHub PAT or GitLab token.Part of #204. See
plans/gastown-cloud-proposal-d.md§ "PR 10.5: Town Configuration" for the full design.Key Deliverables
Configuration Model
Two-level config: town-level (applies to all agents) and agent-level overrides:
git-manager.tsto construct authenticated clone URLs (https://x-access-token:{token}@github.com/...).Configuration Inheritance
When the container starts an agent process, env vars resolve in order (last wins):
GASTOWN_API_URL,GASTOWN_SESSION_TOKEN, etc.)env_varsgit_auth(mapped toGIT_TOKEN, etc.)env_varsoverridesDashboard UI
New Settings page in the town sidebar (
/gastown/[townId]/settings):tRPC Procedures
getTownConfigupdateTownConfiggetAgentConfigupdateAgentConfigSecurity
GASTOWN_prefix)Acceptance Criteria
gastown_towns.configgit-manager.tsuses token from config to construct authenticated git URLs for clone/push