state: exclude secrets from archives by design

benvinegar · benvinegar · commit e4788ada4470 · 2026-03-16T21:32:12.000-04:00
diff --git a/README.md b/README.md
@@ -119,6 +119,8 @@ sudo baudbot state restore /tmp/baudbot-state.zip
 sudo baudbot start
 ```
 
+State archives intentionally exclude secrets (`~/.config/.env`, `~/.pi/agent/auth.json`), so reconfigure secrets on the new host.
+
 See [CONFIGURATION.md](CONFIGURATION.md) for required environment variables and secret setup.
 
 ## The Slack broker (optional)
diff --git a/bin/state.sh b/bin/state.sh
@@ -5,7 +5,7 @@
 # - persistent memory (~/.pi/agent/memory)
 # - todos (~/.pi/todos)
 # - local runtime customizations (extensions/skills/subagents/settings)
-# - optional secrets (.config/.env and auth.json)
+# Secrets are intentionally excluded from state archives.
 
 SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
 # shellcheck source=bin/lib/shell-common.sh
@@ -28,15 +28,10 @@ STATE_PATHS=(
   ".pi/agent/subagents-state.json"
 )
 
-STATE_SECRET_PATHS=(
-  ".config/.env"
-  ".pi/agent/auth.json"
-)
-
 usage() {
   cat <<'EOF'
 Usage:
-  sudo baudbot state backup [ARCHIVE.zip] [--exclude-secrets] [--force]
+  sudo baudbot state backup [ARCHIVE.zip] [--force]
   sudo baudbot state restore <ARCHIVE.zip> [--restart]
 
 What gets backed up:
@@ -47,11 +42,13 @@ What gets backed up:
   - ~/.pi/agent/skills
   - ~/.pi/agent/subagents
   - ~/.pi/agent/subagents-state.json (if present)
-  - ~/.config/.env and ~/.pi/agent/auth.json (unless --exclude-secrets)
+
+Never backed up (private by design):
+  - ~/.config/.env
+  - ~/.pi/agent/auth.json
 
 Examples:
   sudo baudbot state backup /tmp/baudbot-state.zip
-  sudo baudbot state backup --exclude-secrets
   sudo baudbot stop
   sudo baudbot state restore /tmp/baudbot-state.zip
   sudo baudbot start
@@ -108,7 +105,6 @@ copy_path_if_present() {
 
 write_metadata_file() {
   local metadata_file="$1"
-  local include_secrets="$2"
   local now
   now="$(date -u +%Y-%m-%dT%H:%M:%SZ)"
 
@@ -118,11 +114,11 @@ write_metadata_file() {
   fi
 
   require_python3
-  python3 - "$metadata_file" "$STATE_FORMAT" "$now" "$host_name" "$BAUDBOT_AGENT_USER" "$BAUDBOT_AGENT_HOME" "$include_secrets" <<'PY'
+  python3 - "$metadata_file" "$STATE_FORMAT" "$now" "$host_name" "$BAUDBOT_AGENT_USER" "$BAUDBOT_AGENT_HOME" <<'PY'
 import json
 import sys
 
-metadata_path, state_format, created_at, host_name, agent_user, agent_home, include_secrets = sys.argv[1:]
+metadata_path, state_format, created_at, host_name, agent_user, agent_home = sys.argv[1:]
 
 with open(metadata_path, "w", encoding="utf-8") as handle:
     json.dump(
@@ -132,7 +128,7 @@ with open(metadata_path, "w", encoding="utf-8") as handle:
             "host": host_name,
             "agent_user": agent_user,
             "agent_home": agent_home,
-            "include_secrets": include_secrets == "1",
+            "secrets_included": False,
         },
         handle,
         indent=2,
@@ -248,7 +244,7 @@ restore_ownership_if_root() {
     return 0
   fi
 
-  for rel_path in "${STATE_PATHS[@]}" "${STATE_SECRET_PATHS[@]}"; do
+  for rel_path in "${STATE_PATHS[@]}"; do
     if [ -e "$BAUDBOT_AGENT_HOME/$rel_path" ]; then
       chown -R "$BAUDBOT_AGENT_USER:$BAUDBOT_AGENT_USER" "$BAUDBOT_AGENT_HOME/$rel_path"
     fi
@@ -258,7 +254,6 @@ restore_ownership_if_root() {
 cmd_backup() {
   local archive_raw=""
   local archive_path=""
-  local include_secrets="1"
   local overwrite="0"
   local tmp_dir=""
   local state_root=""
@@ -267,9 +262,6 @@ cmd_backup() {
 
   while [ "$#" -gt 0 ]; do
     case "$1" in
-      --exclude-secrets)
-        include_secrets="0"
-        ;;
       --force)
         overwrite="1"
         ;;
@@ -312,23 +304,13 @@ cmd_backup() {
     copy_path_if_present "$rel_path" "$payload_root"
   done
 
-  if [ "$include_secrets" = "1" ]; then
-    for rel_path in "${STATE_SECRET_PATHS[@]}"; do
-      copy_path_if_present "$rel_path" "$payload_root"
-    done
-  fi
-
-  write_metadata_file "$state_root/metadata.json" "$include_secrets"
+  write_metadata_file "$state_root/metadata.json"
   create_zip_archive "$state_root" "$archive_path"
 
   chmod 600 "$archive_path" 2>/dev/null || true
 
   echo "✓ state backup created: $archive_path"
-  if [ "$include_secrets" = "1" ]; then
-    echo "  includes secrets (.config/.env + auth.json)"
-  else
-    echo "  excludes secrets"
-  fi
+  echo "  secrets are excluded by design"
 }
 
 cmd_restore() {
diff --git a/bin/state.test.sh b/bin/state.test.sh
@@ -62,7 +62,7 @@ seed_agent_state() {
   printf '{"anthropic":{"type":"oauth"}}\n' > "$agent_home/.pi/agent/auth.json"
 }
 
-test_round_trip_with_secrets() {
+test_round_trip_excludes_secrets() {
   (
     set -euo pipefail
     local tmp source_home target_home archive
@@ -86,12 +86,12 @@ test_round_trip_with_secrets() {
     [ "$(stat -c '%a' "$target_home/.pi/agent/extensions/custom-ext/run.sh")" = "755" ]
     grep -q "custom skill" "$target_home/.pi/agent/skills/custom-skill/SKILL.md"
     grep -q "enabled" "$target_home/.pi/agent/subagents-state.json"
-    grep -q "ANTHROPIC_API_KEY" "$target_home/.config/.env"
-    grep -q "anthropic" "$target_home/.pi/agent/auth.json"
+    [ ! -f "$target_home/.config/.env" ]
+    [ ! -f "$target_home/.pi/agent/auth.json" ]
   )
 }
 
-test_backup_excludes_secrets_flag() {
+test_restore_does_not_overwrite_existing_secrets() {
   (
     set -euo pipefail
     local tmp source_home target_home archive
@@ -101,24 +101,26 @@ test_backup_excludes_secrets_flag() {
 
     source_home="$tmp/source-home"
     target_home="$tmp/target-home"
-    archive="$tmp/state-no-secrets.zip"
+    archive="$tmp/state.zip"
 
     seed_agent_state "$source_home"
 
-    run_state "$source_home" backup "$archive" --exclude-secrets
+    mkdir -p "$target_home/.config"
+    printf 'ANTHROPIC_API_KEY=keep-existing\n' > "$target_home/.config/.env"
+
+    run_state "$source_home" backup "$archive"
     run_state "$target_home" restore "$archive"
 
-    [ -f "$target_home/.pi/agent/memory/operational.md" ]
-    [ ! -f "$target_home/.config/.env" ]
+    grep -q "ANTHROPIC_API_KEY=keep-existing" "$target_home/.config/.env"
     [ ! -f "$target_home/.pi/agent/auth.json" ]
   )
 }
 
 echo "=== state backup/restore tests ==="
 echo ""
 
-run_test "round-trip backup/restore includes secrets" test_round_trip_with_secrets
-run_test "backup --exclude-secrets omits secret files" test_backup_excludes_secrets_flag
+run_test "round-trip backup/restore excludes secrets" test_round_trip_excludes_secrets
+run_test "restore keeps existing target secrets" test_restore_does_not_overwrite_existing_secrets
 
 echo ""
 echo "=== $PASSED/$TOTAL passed, $FAILED failed ==="
diff --git a/docs/operations.md b/docs/operations.md
@@ -81,10 +81,9 @@ sudo baudbot start
 ```
 
 Notes:
-- Archive includes `~/.config/.env` and `~/.pi/agent/auth.json` by default.
-- Treat archive files as sensitive secrets (store/encrypt/transfer accordingly).
-- Use `--exclude-secrets` if you need a shareable archive.
+- Archives intentionally exclude secrets (`~/.config/.env`, `~/.pi/agent/auth.json`).
 - Restore refuses to run while the service is active.
+- Reconfigure secrets on the new host via `sudo baudbot config` / `sudo baudbot env` / `sudo baudbot login`.
 
 ## Updating API keys after install
 
