SpeedyFoxAi/true-recall-gems
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: Add tr-worker files, sanitize IPs, update validation checklists

Browse Source 
- Add realtime_qdrant_watcher.py and mem-qdrant-watcher.service to tr-worker/
- Sanitize private IPs (10.0.0.x → <QDRANT_IP>, <OLLAMA_IP>)
- Replace absolute paths with placeholders
- Add GIT_VALIDATION_CHECK.md for security validation
- Update validation checklists to v2.4
- Remove session.md from git (local-only file)
This commit is contained in:
root
2026-02-26 08:28:12 -06:00
parent df3b347d65
commit 08aaddb4d0
9 changed files with 611 additions and 602 deletions
Download Patch File Download Diff File Expand all files Collapse all files

113
GIT_VALIDATION_CHECK.md Normal file
View File

@@ -0,0 +1,113 @@
# TrueRecall v2 - Git Validation Checklist
**Environment:** Git Repository (`.git_projects/true-recall-v2/`)
**Purpose:** Validate git-ready directory for public sharing
**Version:** 2.4
**Last Updated:** 2026-02-26
---
## Overview
This checklist validates the **git repository** where **NO sensitive data** should exist. All private information must be sanitized before sharing.
**Key Principle:** In git, placeholders required:
- ❌ NO real private IPs (10.0.0.x, 192.168.x.x)
- ❌ NO absolute paths (/root/, /home/username/)
- ❌ NO real user IDs or credentials
- ✅ Use placeholders: `<QDRANT_IP>`, `<OLLAMA_IP>`, `~/.openclaw/`
---
## Current Configuration (Sanitized for Git)
| Service | Placeholder | Default Port |
|---------|-------------|---------------|
| Qdrant | `<QDRANT_IP>` | 6333 |
| Ollama | `<OLLAMA_IP>` | 11434 |
| Redis | `<REDIS_IP>` | 6379 |
| Gateway | `<GATEWAY_IP>` | 18789 |
| Gitea | `<GITEA_IP>` | 3000 |
---
## SECTION 1: Critical Security Checks (MUST PASS)
### 1.1 Private IP Addresses (FORBIDDEN in Git)
| # | Check | Status |
|---|-------|--------|
| 1.1.1 | No 10.x.x.x IPs | ✅ PASS |
| 1.1.2 | No 192.168.x.x IPs | ✅ PASS |
| 1.1.3 | No 172.16-31.x.x IPs | ✅ PASS |
**Verification:**
```bash
grep -rE '10\.[0-9]+\.[0-9]+\.[0-9]+' --include="*.py" --include="*.md" .
```
### 1.2 Absolute Paths (FORBIDDEN in Git)
| # | Check | Status |
|---|-------|--------|
| 1.2.1 | No /root/ paths | ✅ PASS |
| 1.2.2 | No /home/[user]/ paths | ✅ PASS |
**Verification:**
```bash
grep -rE '/root/|/home/[a-z]+/' --include="*.py" --include="*.md" .
```
### 1.3 Credentials & Secrets (FORBIDDEN in Git)
| # | Check | Status |
|---|-------|--------|
| 1.3.1 | No passwords | ✅ PASS |
| 1.3.2 | No API tokens | ✅ PASS |
| 1.3.3 | No private keys | ✅ PASS |
---
## SECTION 2: Files & Structure
### 2.1 Required Files
| File | Status |
|------|--------|
| README.md | ✅ Present (sanitized) |
| curator_timer.py | ✅ Present (sanitized) |
| curator_config.json | ✅ Present |
| .gitignore | ✅ Present (updated) |
### 2.2 Files NOT in Git (Local Only)
| File | Expected |
|------|----------|
| session.md | ❌ Not in git |
| VALIDATION_*.md | ❌ Not in git |
| audit_results_*.md | ❌ Not in git |
---
## SECTION 3: Placeholder Verification
| File | QDRANT_IP | OLLAMA_IP | ~/.openclaw |
|------|-----------|-----------|--------------|
| README.md | ✅ | ✅ | ✅ |
| curator_timer.py | ✅ | ✅ | ✅ |
---
## Validation Summary
- ✅ No private IPs found
- ✅ No absolute paths (/root/)
- ✅ No credentials/secrets
- ✅ Placeholders used correctly
- ✅ .gitignore updated
**Status:** ✅ READY FOR COMMIT
---
*Last validated: 2026-02-26 08:30 CST*