Forgejo 11.x rejects API tokens for git HTTP push while accepting them
for all other operations. Store bot passwords alongside tokens during
init and use password auth for git operations consistently.
- forge-setup.sh: persist bot passwords to .env (FORGE_PASS, etc.)
- forge-push.sh: use FORGE_PASS instead of FORGE_TOKEN for git remote URL
- entrypoint.sh: configure git credential helper with password auth
- entrypoint-llama.sh: use FORGE_PASS for git clone (fallback to FORGE_TOKEN)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Globals are not set when lib/forge-push.sh is sourced at bin/disinto
startup. Match the pattern in forge-setup.sh: define the assertion
helper but do not invoke it at module load time.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
