traicebox 0.1.0 → 0.1.2

package/README.md

@@ -0,0 +1,256 @@
+# Traicebox
+
+**Traicebox** is a zero-config local developer stack for tracing and session tracking around LLM and AI model workflows. It enables developers to have a working local tracing and inspection setup within minutes.
+
+### Key Use Cases
+
+- **Tool & Prompt Development**: Debug plugins, skills, or prompts for harness tools like [OpenCode](https://opencode.ai/) with full visibility.
+- **Model Evaluation**: Evaluate and compare local models with detailed trace logging. The built-in config generator makes setting up tools remarkably simple.
+- **Application Development**: Build AI applications with minimal code changes. Requests routed through the built-in LiteLLM proxy automatically generate traces in Langfuse. You can group these traces into sessions by adding an `x-litellm-session-id` header to your requests.
+
+### Included in the Stack
+
+- **LiteLLM**: Unified proxy for LLM backends with custom session-tracking callbacks.
+- **Langfuse**: Open-source tracing and observability for LLM applications.
+- **Auto-login Proxies**: Dynamic proxies providing immediate, authenticated access to LiteLLM UI and Langfuse.
+- **Harness Integration**: Automatic configuration generation for external tools like OpenCode.
+
+## Prerequisites
+
+Traicebox requires [Docker](https://www.docker.com/) and [Docker Compose](https://docs.docker.com/compose/) to be installed and running on your system.
+
+## Installation
+
+### Published Package (Recommended)
+
+You can install Traicebox via NPM or Bun:
+
+```bash
+# Using Bun
+bun install -g traicebox
+
+# Using NPM
+npm install -g traicebox
+```
+
+### Binary Release
+
+Download the latest prebuilt binary for your platform from the [GitHub Releases](https://github.com/fardjad/traicebox/releases) page.
+
+Once downloaded, make it executable and move it to your path:
+
+```bash
+chmod +x traicebox-macos-arm64
+mv traicebox-macos-arm64 /usr/local/bin/traicebox
+```
+
+## Shell Completion
+
+Traicebox supports shell completion for Bash and Zsh.
+
+### Zsh
+
+Add the following to your `~/.zshrc`:
+
+```bash
+# Enable completion if not already enabled
+autoload -Uz compinit && compinit
+
+source <(traicebox completion)
+```
+
+### Bash
+
+Add the following to your `~/.bashrc`:
+
+```bash
+source <(traicebox completion)
+```
+
+## Usage
+
+### 1. Initial Setup
+
+Initialize the Traicebox home directory:
+
+```bash
+traicebox setup
+```
+
+### 2. Import Models
+
+Before starting the stack, you need to import your available models into LiteLLM. Traicebox requires an endpoint URL or alias to fetch models from.
+
+Supported aliases for common local tools:
+
+| Alias       | Default Endpoint URL               |
+| :---------- | :--------------------------------- |
+| `lm-studio` | `http://127.0.0.1:1234/v1/models`  |
+| `ollama`    | `http://localhost:11434/v1/models` |
+| `llama-cpp` | `http://localhost:8080/v1/models`  |
+
+```bash
+traicebox models import-from-openai-api --endpoint lm-studio
+```
+
+To use a custom OpenAI-compatible endpoint URL:
+
+```bash
+traicebox models import-from-openai-api --endpoint http://your-api:port/v1/models
+```
+
+If the endpoint requires authentication, provide the API key via the `OPENAI_COMPATIBLE_API_KEY` environment variable:
+
+```bash
+OPENAI_COMPATIBLE_API_KEY="your-api-key" traicebox models import-from-openai-api --endpoint http://your-api:port/v1/models
+```
+
+### 3. Configure Harness Integration (Optional)
+
+If you use [OpenCode](https://opencode.ai/), you can synchronize its model configuration with Traicebox.
+
+> [!WARNING]
+> The following command will overwrite your existing OpenCode configuration file.
+
+```bash
+traicebox generate-harness-config opencode > ~/.config/opencode/opencode.jsonc
+```
+
+### 4. Start the Stack
+
+```bash
+traicebox start
+```
+
+Once running, you can access the public endpoints:
+
+- **LiteLLM**: `http://litellm.localhost:5483`
+- **Langfuse**: `http://langfuse.localhost:5483`
+
+### 5. Verify and Test
+
+If you configured OpenCode in step 3, you can test the integration:
+
+```bash
+# Refresh the models cache
+opencode models --refresh
+
+# Run a test prompt
+opencode run -m 'litellm/your/model' 'Just write a greeting message!'
+```
+
+> [!NOTE]
+> Replace `'litellm/your/model'` with one of the models imported in step 2.
+
+After running a prompt, you can inspect the captured traces in Langfuse by visiting:
+[http://langfuse.localhost:5483/project/local-project/sessions](http://langfuse.localhost:5483/project/local-project/sessions)
+
+There, you can select the latest session to inspect system prompts, user messages, and tool interactions.
+
+#### Application Integration (with Session Tracking)
+
+You can integrate Traicebox into your own applications by pointing your LLM client to the LiteLLM proxy. To group related traces together, simply include an `x-litellm-session-id` header in your requests.
+
+Here is an example using `curl` to demonstrate session grouping:
+
+```bash
+MODEL_NAME="your-model-name"
+
+# First request in a session
+curl http://litellm.localhost:5483/v1/chat/completions \
+  -H "Content-Type: application/json" \
+  -H "Authorization: Bearer sk-litellm-local-client" \
+  -H "x-litellm-session-id: my-test-session" \
+  -d "{
+    \"model\": \"$MODEL_NAME\",
+    \"messages\": [{\"role\": \"user\", \"content\": \"Hello! This is a test message to start my session.\"}]
+  }"
+
+# Second request in the same session
+curl http://litellm.localhost:5483/v1/chat/completions \
+  -H "Content-Type: application/json" \
+  -H "Authorization: Bearer sk-litellm-local-client" \
+  -H "x-litellm-session-id: my-test-session" \
+  -d "{
+    \"model\": \"$MODEL_NAME\",
+    \"messages\": [{\"role\": \"user\", \"content\": \"Goodbye! I am done with this test session.\"}]
+  }"
+```
+
+> [!NOTE]
+> Set `MODEL_NAME` to one of the exact model names imported in step 2. The default API key is `sk-litellm-local-client`.
+
+Refresh the [Langfuse sessions page](http://langfuse.localhost:5483/project/local-project/sessions) to see both traces grouped under the `my-test-session` ID.
+
+### Other Useful Commands
+
+| Command                  | Description                                     |
+| :----------------------- | :---------------------------------------------- |
+| `traicebox stop`         | Stop the stack.                                 |
+| `traicebox restart`      | Recreate and restart the stack.                 |
+| `traicebox destroy`      | Remove the stack and delete local data volumes. |
+| `traicebox models clear` | Clear the custom model list from LiteLLM.       |
+
+For more information on available commands and options, run `traicebox --help`.
+
+## Configuration
+
+Traicebox stores its configuration and data in `${TRAICEBOX_HOME}`. You can override this location by setting the `TRAICEBOX_HOME` environment variable.
+
+By default, it is located at:
+
+| OS                 | Default `${TRAICEBOX_HOME}`                            |
+| :----------------- | :----------------------------------------------------- |
+| **macOS**          | `~/Library/Application Support/Traicebox`              |
+| **Windows**        | `%APPDATA%\Traicebox`                                  |
+| **Linux / Others** | `~/.config/traicebox` (or respects `$XDG_CONFIG_HOME`) |
+
+### `traicebox.yaml`
+
+You can customize the stack behavior by creating or editing `${TRAICEBOX_HOME}/traicebox.yaml`.
+
+| Option | Type     | Default     | Description                                                  |
+| :----- | :------- | :---------- | :----------------------------------------------------------- |
+| `host` | `string` | `127.0.0.1` | The host address that Traicebox services will bind to.       |
+| `port` | `number` | `5483`      | The port that Traicebox services will be accessible through. |
+
+Example:
+
+```yaml
+host: 127.0.0.1
+port: 5483
+```
+
+## LiteLLM
+
+LiteLLM loads its proxy config from `${TRAICEBOX_HOME}/litellm/config.yaml`. The LiteLLM UI is available at `http://litellm.localhost:5483`, where Traicebox automatically manages your admin session for immediate access.
+
+`${TRAICEBOX_HOME}/litellm/config.yaml` is the source of truth for model routing and upstream API wiring. Imported models are written directly into `model_list`, with `api_base` inferred from the import endpoint and `api_key` read from `os.environ/OPENAI_COMPATIBLE_API_KEY`.
+
+`OPENAI_COMPATIBLE_API_KEY` is intentionally not persisted by Tr**ai**cebox. For local backends such as LM Studio, Ollama, or llama.cpp, no secret is needed. For authenticated upstreams, run `traicebox` through your password manager CLI so it injects `OPENAI_COMPATIBLE_API_KEY` into the process; Tr**ai**cebox will materialize that into an ephemeral Docker secret for LiteLLM only.
+
+To replace the LiteLLM `model_list` from an OpenAI-compatible `/v1/models` endpoint (or alias like `lm-studio`, `ollama`, `llama-cpp`):
+
+```bash
+traicebox models import-from-openai-api --endpoint lm-studio
+```
+
+If that endpoint requires auth, inject `OPENAI_COMPATIBLE_API_KEY` into the command environment first. If it does not, the command works without a key.
+
+To clear the LiteLLM `model_list`:
+
+```bash
+traicebox models clear
+```
+
+To print an OpenCode config snippet for the current LiteLLM models:
+
+```bash
+traicebox generate-harness-config opencode
+```
+
+## Langfuse
+
+LiteLLM sends OTEL traces to Langfuse using the built-in `langfuse_otel` callback and `LANGFUSE_OTEL_HOST=http://langfuse-web:3000`.
+
+Langfuse is accessible at `http://langfuse.localhost:5483`. By default, Traicebox disables public signups and automatically creates a browser session for the seeded admin user so you can start tracing immediately.

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "traicebox",
-  "version": "0.1.0",
+  "version": "0.1.2",
   "description": "A zero-config local developer stack for tracing and session tracking around LLM and AI model workflows",
   "license": "MIT",
   "author": "Fardjad Davari <public@fardjad.com>",
@@ -29,7 +29,7 @@
   "scripts": {
     "traicebox": "TRAICEBOX_DEV=1 bun ./cli/index.ts",
     "build": "bun build ./cli/index.ts --outdir ./dist --target node",
-    "prepublishOnly": "bun run build",
+    "prepack": "bun run build",
     "test": "bun test",
     "typecheck": "tsc",
     "check": "biome check . && dprint check",
@@ -47,4 +47,4 @@
     "yaml": "^2.8.3",
     "yargs": "^18.0.0"
   }
-}
+}

package/dist/compose-1b8sxndd.yml

@@ -1,266 +0,0 @@
-services:
-  db:
-    image: pgautoupgrade/pgautoupgrade:18-alpine
-    environment:
-      - POSTGRES_DB=postgres
-      - POSTGRES_USER=${POSTGRES_SUPERUSER}
-      - POSTGRES_PASSWORD=${POSTGRES_SUPERPASS}
-      - PGAUTO_DEVEL=
-      - PGAUTO_ONESHOT=no
-      - LITELLM_DB_NAME=${LITELLM_DB_NAME}
-      - LITELLM_DB_USER=${LITELLM_DB_USER}
-      - LITELLM_DB_PASSWORD=${LITELLM_DB_PASSWORD}
-      - LANGFUSE_DB_NAME=${LANGFUSE_DB_NAME}
-      - LANGFUSE_DB_USER=${LANGFUSE_DB_USER}
-      - LANGFUSE_DB_PASSWORD=${LANGFUSE_DB_PASSWORD}
-    healthcheck:
-      test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_SUPERUSER} -d postgres && psql -U ${POSTGRES_SUPERUSER} -d postgres -tAc \"SELECT 1 FROM pg_database WHERE datname IN ('${LITELLM_DB_NAME}','${LANGFUSE_DB_NAME}')\" | grep -q 1"]
-      interval: 3s
-      timeout: 3s
-      retries: 20
-      start_period: 5s
-    volumes:
-      - postgres_data:/var/lib/postgresql
-      - ./postgres/init/00-app-databases.sh:/docker-entrypoint-initdb.d/00-app-databases.sh:ro
-  langfuse-clickhouse:
-    image: clickhouse/clickhouse-server
-    user: "101:101"
-    environment:
-      - CLICKHOUSE_DB=${CLICKHOUSE_DB}
-      - CLICKHOUSE_USER=${CLICKHOUSE_USER}
-      - CLICKHOUSE_PASSWORD=${CLICKHOUSE_PASSWORD}
-      - TZ=UTC
-    healthcheck:
-      test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:8123/ping"]
-      interval: 5s
-      timeout: 5s
-      retries: 10
-      start_period: 1s
-    volumes:
-      - langfuse_clickhouse_data:/var/lib/clickhouse
-      - langfuse_clickhouse_logs:/var/log/clickhouse-server
-  langfuse-redis:
-    image: redis:latest
-    command:
-      - --requirepass
-      - ${LANGFUSE_REDIS_PASSWORD}
-      - --maxmemory-policy
-      - noeviction
-    healthcheck:
-      test: ["CMD", "redis-cli", "-a", "${LANGFUSE_REDIS_PASSWORD}", "ping"]
-      interval: 3s
-      timeout: 10s
-      retries: 10
-    volumes:
-      - langfuse_redis_data:/data
-  langfuse-minio:
-    image: cgr.dev/chainguard/minio
-    entrypoint: sh
-    command:
-      - -c
-      - mkdir -p /data/langfuse && minio server --address ":9000" --console-address ":9001" /data
-    environment:
-      - MINIO_ROOT_USER=${MINIO_ROOT_USER}
-      - MINIO_ROOT_PASSWORD=${MINIO_ROOT_PASSWORD}
-    healthcheck:
-      test: ["CMD", "mc", "ready", "local"]
-      interval: 1s
-      timeout: 5s
-      retries: 5
-      start_period: 1s
-    volumes:
-      - langfuse_minio_data:/data
-  langfuse-worker:
-    image: langfuse/langfuse-worker:3
-    depends_on:
-      db:
-        condition: service_healthy
-      langfuse-web:
-        condition: service_healthy
-      langfuse-minio:
-        condition: service_healthy
-      langfuse-redis:
-        condition: service_healthy
-      langfuse-clickhouse:
-        condition: service_healthy
-    environment: &langfuse-env
-      NEXTAUTH_URL: http://langfuse.localhost:${TRAICEBOX_PORT}
-      DATABASE_URL: postgresql://${LANGFUSE_DB_USER}:${LANGFUSE_DB_PASSWORD}@db:5432/${LANGFUSE_DB_NAME}
-      SALT: ${LANGFUSE_SALT}
-      ENCRYPTION_KEY: "${LANGFUSE_ENCRYPTION_KEY}"
-      TELEMETRY_ENABLED: "${LANGFUSE_TELEMETRY_ENABLED}"
-      LANGFUSE_ENABLE_EXPERIMENTAL_FEATURES: "${LANGFUSE_EXPERIMENTAL_FEATURES}"
-      CLICKHOUSE_MIGRATION_URL: clickhouse://langfuse-clickhouse:9000
-      CLICKHOUSE_URL: http://langfuse-clickhouse:8123
-      CLICKHOUSE_USER: ${CLICKHOUSE_USER}
-      CLICKHOUSE_PASSWORD: ${CLICKHOUSE_PASSWORD}
-      CLICKHOUSE_CLUSTER_ENABLED: "false"
-      LANGFUSE_S3_EVENT_UPLOAD_BUCKET: langfuse
-      LANGFUSE_S3_EVENT_UPLOAD_REGION: auto
-      LANGFUSE_S3_EVENT_UPLOAD_ACCESS_KEY_ID: ${MINIO_ROOT_USER}
-      LANGFUSE_S3_EVENT_UPLOAD_SECRET_ACCESS_KEY: ${MINIO_ROOT_PASSWORD}
-      LANGFUSE_S3_EVENT_UPLOAD_ENDPOINT: http://langfuse-minio:9000
-      LANGFUSE_S3_EVENT_UPLOAD_FORCE_PATH_STYLE: "true"
-      LANGFUSE_S3_EVENT_UPLOAD_PREFIX: events/
-      LANGFUSE_S3_MEDIA_UPLOAD_BUCKET: langfuse
-      LANGFUSE_S3_MEDIA_UPLOAD_REGION: auto
-      LANGFUSE_S3_MEDIA_UPLOAD_ACCESS_KEY_ID: ${MINIO_ROOT_USER}
-      LANGFUSE_S3_MEDIA_UPLOAD_SECRET_ACCESS_KEY: ${MINIO_ROOT_PASSWORD}
-      LANGFUSE_S3_MEDIA_UPLOAD_ENDPOINT: http://langfuse-minio:9000
-      LANGFUSE_S3_MEDIA_UPLOAD_FORCE_PATH_STYLE: "true"
-      LANGFUSE_S3_MEDIA_UPLOAD_PREFIX: media/
-      REDIS_HOST: langfuse-redis
-      REDIS_PORT: "6379"
-      REDIS_AUTH: ${LANGFUSE_REDIS_PASSWORD}
-  langfuse-web:
-    image: langfuse/langfuse:3
-    depends_on:
-      db:
-        condition: service_healthy
-      langfuse-minio:
-        condition: service_healthy
-      langfuse-redis:
-        condition: service_healthy
-      langfuse-clickhouse:
-        condition: service_healthy
-    environment:
-      <<: *langfuse-env
-      NEXTAUTH_SECRET: ${LANGFUSE_NEXTAUTH_SECRET}
-      AUTH_DISABLE_SIGNUP: ${LANGFUSE_AUTH_DISABLE_SIGNUP}
-      LANGFUSE_INIT_ORG_ID: ${LANGFUSE_INIT_ORG_ID}
-      LANGFUSE_INIT_ORG_NAME: ${LANGFUSE_INIT_ORG_NAME}
-      LANGFUSE_INIT_PROJECT_ID: ${LANGFUSE_INIT_PROJECT_ID}
-      LANGFUSE_INIT_PROJECT_NAME: ${LANGFUSE_INIT_PROJECT_NAME}
-      LANGFUSE_INIT_PROJECT_PUBLIC_KEY: ${LANGFUSE_INIT_PROJECT_PUBLIC_KEY}
-      LANGFUSE_INIT_PROJECT_SECRET_KEY: ${LANGFUSE_INIT_PROJECT_SECRET_KEY}
-      LANGFUSE_INIT_USER_EMAIL: ${LANGFUSE_INIT_USER_EMAIL}
-      LANGFUSE_INIT_USER_NAME: ${LANGFUSE_INIT_USER_NAME}
-      LANGFUSE_INIT_USER_PASSWORD: ${LANGFUSE_INIT_USER_PASSWORD}
-    healthcheck:
-      test: ["CMD", "node", "-e", "const host = process.env.HOSTNAME || 'localhost'; fetch('http://' + host + ':3000/api/auth/csrf').then(async (r) => { const ok = r.ok && (await r.text()).includes('csrfToken'); process.exit(ok ? 0 : 1); }).catch(() => process.exit(1))"]
-      interval: 5s
-      timeout: 5s
-      retries: 24
-      start_period: 20s
-  langfuse-proxy:
-    build:
-      context: .
-      dockerfile: langfuse-proxy/Dockerfile
-    depends_on:
-      langfuse-web:
-        condition: service_healthy
-    environment:
-      - PORT=3000
-      - LANGFUSE_PUBLIC_ORIGIN=http://langfuse.localhost:${TRAICEBOX_PORT}
-      - LANGFUSE_UPSTREAM_ORIGIN=http://langfuse-web:3000
-      - LANGFUSE_PROXY_AUTOLOGIN=${LANGFUSE_PROXY_AUTOLOGIN}
-      - LANGFUSE_INIT_USER_EMAIL=${LANGFUSE_INIT_USER_EMAIL}
-      - LANGFUSE_INIT_USER_PASSWORD=${LANGFUSE_INIT_USER_PASSWORD}
-    healthcheck:
-      test: ["CMD", "bun", "-e", "fetch('http://127.0.0.1:3000/readyz').then((r) => process.exit(r.ok ? 0 : 1)).catch(() => process.exit(1))"]
-      interval: 5s
-      timeout: 5s
-      retries: 24
-      start_period: 10s
-  litellm:
-    image: docker.litellm.ai/berriai/litellm:main-latest
-    depends_on:
-      db:
-        condition: service_healthy
-      langfuse-web:
-        condition: service_healthy
-    environment:
-      - DATABASE_URL=postgresql://${LITELLM_DB_USER}:${LITELLM_DB_PASSWORD}@db:5432/${LITELLM_DB_NAME}
-      - LANGFUSE_PUBLIC_KEY=${LANGFUSE_INIT_PROJECT_PUBLIC_KEY}
-      - LANGFUSE_SECRET_KEY=${LANGFUSE_INIT_PROJECT_SECRET_KEY}
-      - LANGFUSE_OTEL_HOST=http://langfuse-web:3000
-      - LANGFUSE_TRACING_ENVIRONMENT=${LANGFUSE_TRACING_ENVIRONMENT}
-      - LITELLM_MASTER_KEY=${LITELLM_MASTER_KEY}
-    extra_hosts:
-      - host.docker.internal:host-gateway
-    secrets:
-      - source: openai_compatible_api_key
-        target: openai_compatible_api_key
-    volumes:
-      - ./litellm:/app/litellm-config:ro
-    entrypoint:
-      - /bin/sh
-      - /app/litellm-config/start-litellm.sh
-    command:
-      - --config
-      - /app/litellm-config/config.yaml
-      - --log_config
-      - /app/litellm-config/logging.json
-      - --port
-      - "4000"
-    healthcheck:
-      test: ["CMD", "python3", "-c", "import sys, urllib.request; sys.exit(0 if urllib.request.urlopen('http://127.0.0.1:4000/health/readiness', timeout=5).getcode() == 200 else 1)"]
-      interval: 5s
-      timeout: 5s
-      retries: 24
-      start_period: 20s
-  litellm-ui-proxy:
-    build:
-      context: .
-      dockerfile: litellm-ui-proxy/Dockerfile
-    depends_on:
-      litellm:
-        condition: service_healthy
-    environment:
-      - PORT=4000
-      - LITELLM_UPSTREAM_ORIGIN=http://litellm:4000
-      - LITELLM_MASTER_KEY=${LITELLM_MASTER_KEY}
-    healthcheck:
-      test: ["CMD", "bun", "-e", "fetch('http://127.0.0.1:4000/readyz').then((r) => process.exit(r.ok ? 0 : 1)).catch(() => process.exit(1))"]
-      interval: 5s
-      timeout: 5s
-      retries: 24
-      start_period: 10s
-  litellm-bootstrap:
-    image: curlimages/curl:8.16.0
-    depends_on:
-      litellm:
-        condition: service_healthy
-    environment:
-      - LITELLM_MASTER_KEY=${LITELLM_MASTER_KEY}
-      - LITELLM_CLIENT_KEY=${LITELLM_CLIENT_KEY}
-    volumes:
-      - ./litellm/bootstrap-client-key.sh:/bootstrap-client-key.sh:ro
-    entrypoint:
-      - sh
-      - /bootstrap-client-key.sh
-  caddy:
-    image: caddy:2-alpine
-    depends_on:
-      langfuse-proxy:
-        condition: service_healthy
-      litellm:
-        condition: service_healthy
-      litellm-ui-proxy:
-        condition: service_healthy
-    ports:
-      - 127.0.0.1:${TRAICEBOX_PORT}:${TRAICEBOX_PORT}
-    environment:
-      - TRAICEBOX_PORT=${TRAICEBOX_PORT}
-    volumes:
-      - ./caddy/Caddyfile:/etc/caddy/Caddyfile:ro
-    healthcheck:
-      test: ["CMD-SHELL", "wget -qO- --header='Host: litellm.localhost:${TRAICEBOX_PORT}' http://127.0.0.1:${TRAICEBOX_PORT}/health/readiness >/dev/null && wget -qO- --header='Host: litellm.localhost:${TRAICEBOX_PORT}' http://127.0.0.1:${TRAICEBOX_PORT}/ui/ >/dev/null && wget -qO- --header='Host: langfuse.localhost:${TRAICEBOX_PORT}' http://127.0.0.1:${TRAICEBOX_PORT}/readyz >/dev/null"]
-      interval: 5s
-      timeout: 5s
-      retries: 24
-      start_period: 10s
-volumes:
-  postgres_data:
-    driver: local
-  langfuse_clickhouse_data:
-    driver: local
-  langfuse_clickhouse_logs:
-    driver: local
-  langfuse_minio_data:
-    driver: local
-  langfuse_redis_data:
-    driver: local
-secrets:
-  openai_compatible_api_key:
-    file: ${OPENAI_COMPATIBLE_API_KEY_SECRET_FILE:-/dev/null}

package/dist/config-tt3vhpk0.yaml

@@ -1,101 +0,0 @@
-model_list: 
-  - model_name: bytedance/seed-oss-36b
-    litellm_params: 
-      model: openai/bytedance/seed-oss-36b
-      api_base: http://host.docker.internal:1234/v1
-      api_key: os.environ/OPENAI_COMPATIBLE_API_KEY
-  - model_name: google/gemma-4-26b-a4b
-    litellm_params: 
-      model: openai/google/gemma-4-26b-a4b
-      api_base: http://host.docker.internal:1234/v1
-      api_key: os.environ/OPENAI_COMPATIBLE_API_KEY
-  - model_name: google/gemma-4-31b
-    litellm_params: 
-      model: openai/google/gemma-4-31b
-      api_base: http://host.docker.internal:1234/v1
-      api_key: os.environ/OPENAI_COMPATIBLE_API_KEY
-  - model_name: google/gemma-4-e2b
-    litellm_params: 
-      model: openai/google/gemma-4-e2b
-      api_base: http://host.docker.internal:1234/v1
-      api_key: os.environ/OPENAI_COMPATIBLE_API_KEY
-  - model_name: google/gemma-4-e4b
-    litellm_params: 
-      model: openai/google/gemma-4-e4b
-      api_base: http://host.docker.internal:1234/v1
-      api_key: os.environ/OPENAI_COMPATIBLE_API_KEY
-  - model_name: ibm/granite-4-h-tiny
-    litellm_params: 
-      model: openai/ibm/granite-4-h-tiny
-      api_base: http://host.docker.internal:1234/v1
-      api_key: os.environ/OPENAI_COMPATIBLE_API_KEY
-  - model_name: liquid/lfm2-24b-a2b
-    litellm_params: 
-      model: openai/liquid/lfm2-24b-a2b
-      api_base: http://host.docker.internal:1234/v1
-      api_key: os.environ/OPENAI_COMPATIBLE_API_KEY
-  - model_name: microsoft/phi-4-reasoning-plus
-    litellm_params: 
-      model: openai/microsoft/phi-4-reasoning-plus
-      api_base: http://host.docker.internal:1234/v1
-      api_key: os.environ/OPENAI_COMPATIBLE_API_KEY
-  - model_name: mistralai/devstral-small-2-2512
-    litellm_params: 
-      model: openai/mistralai/devstral-small-2-2512
-      api_base: http://host.docker.internal:1234/v1
-      api_key: os.environ/OPENAI_COMPATIBLE_API_KEY
-  - model_name: mistralai/devstral-small-2507
-    litellm_params: 
-      model: openai/mistralai/devstral-small-2507
-      api_base: http://host.docker.internal:1234/v1
-      api_key: os.environ/OPENAI_COMPATIBLE_API_KEY
-  - model_name: mistralai/magistral-small-2509
-    litellm_params: 
-      model: openai/mistralai/magistral-small-2509
-      api_base: http://host.docker.internal:1234/v1
-      api_key: os.environ/OPENAI_COMPATIBLE_API_KEY
-  - model_name: mistralai/ministral-3-14b-reasoning
-    litellm_params: 
-      model: openai/mistralai/ministral-3-14b-reasoning
-      api_base: http://host.docker.internal:1234/v1
-      api_key: os.environ/OPENAI_COMPATIBLE_API_KEY
-  - model_name: nvidia/nemotron-3-nano
-    litellm_params: 
-      model: openai/nvidia/nemotron-3-nano
-      api_base: http://host.docker.internal:1234/v1
-      api_key: os.environ/OPENAI_COMPATIBLE_API_KEY
-  - model_name: openai/gpt-oss-20b
-    litellm_params: 
-      model: openai/openai/gpt-oss-20b
-      api_base: http://host.docker.internal:1234/v1
-      api_key: os.environ/OPENAI_COMPATIBLE_API_KEY
-  - model_name: qwen/qwen3-30b-a3b-2507
-    litellm_params: 
-      model: openai/qwen/qwen3-30b-a3b-2507
-      api_base: http://host.docker.internal:1234/v1
-      api_key: os.environ/OPENAI_COMPATIBLE_API_KEY
-  - model_name: qwen/qwen3-4b-2507
-    litellm_params: 
-      model: openai/qwen/qwen3-4b-2507
-      api_base: http://host.docker.internal:1234/v1
-      api_key: os.environ/OPENAI_COMPATIBLE_API_KEY
-  - model_name: qwen/qwen3.5-35b-a3b
-    litellm_params: 
-      model: openai/qwen/qwen3.5-35b-a3b
-      api_base: http://host.docker.internal:1234/v1
-      api_key: os.environ/OPENAI_COMPATIBLE_API_KEY
-  - model_name: text-embedding-nomic-embed-text-v1.5
-    litellm_params: 
-      model: openai/text-embedding-nomic-embed-text-v1.5
-      api_base: http://host.docker.internal:1234/v1
-      api_key: os.environ/OPENAI_COMPATIBLE_API_KEY
-  - model_name: zai-org/glm-4.7-flash
-    litellm_params: 
-      model: openai/zai-org/glm-4.7-flash
-      api_base: http://host.docker.internal:1234/v1
-      api_key: os.environ/OPENAI_COMPATIBLE_API_KEY
-litellm_settings: 
-  database_url: os.environ/DATABASE_URL
-  callbacks: 
-    - request_session_metadata_callback.proxy_handler_instance
-    - langfuse_otel

package/dist/server-d2v9t7c1.ts

@@ -1,257 +0,0 @@
-const upstreamOrigin = requiredEnv("LANGFUSE_UPSTREAM_ORIGIN");
-const publicOrigin = requiredEnv("LANGFUSE_PUBLIC_ORIGIN");
-const adminEmail = requiredEnv("LANGFUSE_INIT_USER_EMAIL");
-const adminPassword = requiredEnv("LANGFUSE_INIT_USER_PASSWORD");
-const autoLoginEnabled = envFlag("LANGFUSE_PROXY_AUTOLOGIN", true);
-const port = Number(Bun.env.PORT ?? "3000");
-const retryDelayMs = Number(Bun.env.LANGFUSE_PROXY_RETRY_DELAY_MS ?? "500");
-const maxRetries = Number(Bun.env.LANGFUSE_PROXY_MAX_RETRIES ?? "20");
-
-const sessionCookieNames = [
-  "__Secure-authjs.session-token",
-  "authjs.session-token",
-  "__Secure-next-auth.session-token",
-  "next-auth.session-token",
-];
-
-function requiredEnv(name: string): string {
-  const value = Bun.env[name];
-  if (!value) {
-    throw new Error(`Missing required environment variable: ${name}`);
-  }
-  return value;
-}
-
-function envFlag(name: string, fallback: boolean): boolean {
-  const value = Bun.env[name];
-  if (value == null || value === "") {
-    return fallback;
-  }
-  return !["0", "false", "no", "off"].includes(value.toLowerCase());
-}
-
-function getSetCookies(headers: Headers): string[] {
-  const bunHeaders = headers as Headers & { getSetCookie?: () => string[] };
-  if (typeof bunHeaders.getSetCookie === "function") {
-    return bunHeaders.getSetCookie();
-  }
-
-  const singleValue = headers.get("set-cookie");
-  return singleValue ? [singleValue] : [];
-}
-
-function serializeCookieHeader(setCookies: string[]): string {
-  return setCookies
-    .map((cookie) => cookie.split(";", 1)[0]?.trim())
-    .filter((cookie): cookie is string => Boolean(cookie))
-    .join("; ");
-}
-
-function hasSessionCookie(request: Request): boolean {
-  const cookieHeader = request.headers.get("cookie");
-  if (!cookieHeader) {
-    return false;
-  }
-
-  return sessionCookieNames.some((name) => cookieHeader.includes(`${name}=`));
-}
-
-function appendSetCookies(headers: Headers, cookies: string[]): void {
-  for (const cookie of cookies) {
-    headers.append("set-cookie", cookie);
-  }
-}
-
-function sleep(ms: number): Promise<void> {
-  return new Promise((resolve) => setTimeout(resolve, ms));
-}
-
-async function fetchWithRetry(url: URL, init: RequestInit): Promise<Response> {
-  let lastError: unknown;
-
-  for (let attempt = 1; attempt <= maxRetries; attempt += 1) {
-    try {
-      return await fetch(url, init);
-    } catch (error) {
-      lastError = error;
-      if (attempt === maxRetries) {
-        break;
-      }
-      await sleep(retryDelayMs);
-    }
-  }
-
-  throw lastError;
-}
-
-function copyRequestHeaders(request: Request): Headers {
-  const headers = new Headers(request.headers);
-  headers.delete("host");
-  headers.delete("connection");
-  headers.delete("content-length");
-  return headers;
-}
-
-async function loginToLangfuse(): Promise<string[]> {
-  const csrfResponse = await fetchWithRetry(
-    new URL("/api/auth/csrf", upstreamOrigin),
-    {
-      redirect: "manual",
-    },
-  );
-
-  if (!csrfResponse.ok) {
-    throw new Error(`Langfuse CSRF request failed with ${csrfResponse.status}`);
-  }
-
-  const csrfPayload = (await csrfResponse.json()) as { csrfToken?: string };
-  if (!csrfPayload.csrfToken) {
-    throw new Error("Langfuse CSRF response did not include csrfToken");
-  }
-
-  const csrfCookies = getSetCookies(csrfResponse.headers);
-  const callbackBody = new URLSearchParams({
-    email: adminEmail,
-    password: adminPassword,
-    csrfToken: csrfPayload.csrfToken,
-    callbackUrl: publicOrigin,
-    json: "true",
-  });
-
-  const callbackResponse = await fetchWithRetry(
-    new URL("/api/auth/callback/credentials?json=true", upstreamOrigin),
-    {
-      method: "POST",
-      redirect: "manual",
-      headers: {
-        "content-type": "application/x-www-form-urlencoded",
-        cookie: serializeCookieHeader(csrfCookies),
-      },
-      body: callbackBody.toString(),
-    },
-  );
-
-  if (callbackResponse.status >= 400) {
-    throw new Error(
-      `Langfuse credentials callback failed with ${callbackResponse.status}`,
-    );
-  }
-
-  const mergedCookies = [
-    ...csrfCookies,
-    ...getSetCookies(callbackResponse.headers),
-  ];
-  if (!serializeCookieHeader(mergedCookies)) {
-    throw new Error("Langfuse login callback did not return any cookies");
-  }
-
-  return mergedCookies;
-}
-
-async function checkLangfuseReadiness(): Promise<void> {
-  const loginCookies = autoLoginEnabled ? await loginToLangfuse() : [];
-  const headers = new Headers();
-  const cookieHeader = serializeCookieHeader(loginCookies);
-  if (cookieHeader) {
-    headers.set("cookie", cookieHeader);
-  }
-
-  const response = await fetchWithRetry(new URL("/", upstreamOrigin), {
-    headers,
-    redirect: "manual",
-  });
-
-  const contentType = response.headers.get("content-type") ?? "";
-  if (response.status >= 400 || !contentType.includes("text/html")) {
-    throw new Error(`Langfuse readiness failed with ${response.status}`);
-  }
-}
-
-async function proxyRequest(
-  request: Request,
-  extraCookies: string[] = [],
-): Promise<Response> {
-  const upstreamUrl = new URL(request.url);
-  upstreamUrl.protocol = new URL(upstreamOrigin).protocol;
-  upstreamUrl.host = new URL(upstreamOrigin).host;
-
-  const headers = copyRequestHeaders(request);
-  if (extraCookies.length > 0) {
-    const existingCookies = request.headers.get("cookie");
-    const loginCookies = serializeCookieHeader(extraCookies);
-    const combinedCookies = [existingCookies, loginCookies]
-      .filter(Boolean)
-      .join("; ");
-    if (combinedCookies) {
-      headers.set("cookie", combinedCookies);
-    }
-  }
-
-  const response = await fetchWithRetry(upstreamUrl, {
-    method: request.method,
-    headers,
-    body:
-      request.method === "GET" || request.method === "HEAD"
-        ? undefined
-        : request.body,
-    redirect: "manual",
-  });
-
-  const responseHeaders = new Headers(response.headers);
-  responseHeaders.delete("content-encoding");
-  responseHeaders.delete("content-length");
-
-  return new Response(response.body, {
-    status: response.status,
-    statusText: response.statusText,
-    headers: responseHeaders,
-  });
-}
-
-const server = Bun.serve({
-  port,
-  async fetch(request: Request): Promise<Response> {
-    const url = new URL(request.url);
-
-    if (url.pathname === "/healthz") {
-      return new Response("ok");
-    }
-
-    if (url.pathname === "/readyz") {
-      try {
-        await checkLangfuseReadiness();
-        return new Response("ok");
-      } catch (error) {
-        console.error("[langfuse-proxy] readiness check failed", error);
-        return new Response("not ready", { status: 503 });
-      }
-    }
-
-    if (!autoLoginEnabled || url.pathname.startsWith("/api/auth/")) {
-      return proxyRequest(request);
-    }
-
-    if (hasSessionCookie(request)) {
-      return proxyRequest(request);
-    }
-
-    try {
-      const loginCookies = await loginToLangfuse();
-      const response = await proxyRequest(request, loginCookies);
-      const headers = new Headers(response.headers);
-      appendSetCookies(headers, loginCookies);
-      headers.set("cache-control", "no-store");
-
-      return new Response(response.body, {
-        status: response.status,
-        statusText: response.statusText,
-        headers,
-      });
-    } catch (error) {
-      console.error("[langfuse-proxy] auto-login failed", error);
-      return new Response("Langfuse auto-login failed", { status: 502 });
-    }
-  },
-});
-
-console.log(`[langfuse-proxy] listening on :${server.port}`);

package/dist/server-k3xr84w3.ts

@@ -1,259 +0,0 @@
-const upstreamOrigin = requiredEnv("LITELLM_UPSTREAM_ORIGIN");
-const masterKey = requiredEnv("LITELLM_MASTER_KEY");
-const uiUsername = Bun.env.LITELLM_UI_USERNAME ?? "admin";
-const port = Number(Bun.env.PORT ?? "4000");
-const retryDelayMs = Number(Bun.env.LITELLM_UI_PROXY_RETRY_DELAY_MS ?? "500");
-const maxRetries = Number(Bun.env.LITELLM_UI_PROXY_MAX_RETRIES ?? "20");
-const uiDefaultFlags = [
-  "disableShowNewBadge",
-  "disableShowPrompts",
-  "disableUsageIndicator",
-  "disableBlogPosts",
-  "disableBouncingIcon",
-] as const;
-
-function requiredEnv(name: string): string {
-  const value = Bun.env[name];
-  if (!value) {
-    throw new Error(`Missing required environment variable: ${name}`);
-  }
-  return value;
-}
-
-function sleep(ms: number): Promise<void> {
-  return new Promise((resolve) => setTimeout(resolve, ms));
-}
-
-async function fetchWithRetry(url: URL, init: RequestInit): Promise<Response> {
-  let lastError: unknown;
-
-  for (let attempt = 1; attempt <= maxRetries; attempt += 1) {
-    try {
-      return await fetch(url, init);
-    } catch (error) {
-      lastError = error;
-      if (attempt === maxRetries) {
-        break;
-      }
-      await sleep(retryDelayMs);
-    }
-  }
-
-  throw lastError;
-}
-
-function copyRequestHeaders(request: Request): Headers {
-  const headers = new Headers(request.headers);
-  headers.delete("host");
-  headers.delete("connection");
-  headers.delete("content-length");
-  headers.set("authorization", `Bearer ${masterKey}`);
-
-  const existingCookies = request.headers.get("cookie");
-  const mergedCookies = [existingCookies, `token=${masterKey}`]
-    .filter(Boolean)
-    .join("; ");
-  headers.set("cookie", mergedCookies);
-  return headers;
-}
-
-function extractTokenCookie(cookieHeader: string | null): string | null {
-  if (!cookieHeader) {
-    return null;
-  }
-
-  const match = cookieHeader.match(/(?:^|;\s*)token=([^;]+)/);
-  return match?.[1] ?? null;
-}
-
-function mergeCookieHeader(
-  existingCookieHeader: string | null,
-  token: string,
-): string {
-  const cookies = [existingCookieHeader, `token=${token}`].filter(Boolean);
-  return cookies.join("; ");
-}
-
-async function loginForUi(request: Request): Promise<string> {
-  const requestUrl = new URL(request.url);
-  const redirectTarget = `${requestUrl.origin}/ui/`;
-  const body = new URLSearchParams({
-    username: uiUsername,
-    password: masterKey,
-    redirect_to: redirectTarget,
-  });
-
-  const loginResponse = await fetchWithRetry(
-    new URL("/login", upstreamOrigin),
-    {
-      method: "POST",
-      headers: {
-        "content-type": "application/x-www-form-urlencoded",
-        authorization: `Bearer ${masterKey}`,
-      },
-      body,
-      redirect: "manual",
-    },
-  );
-
-  const token = extractTokenCookie(loginResponse.headers.get("set-cookie"));
-  if (!token) {
-    throw new Error("LiteLLM UI login did not return a token cookie");
-  }
-
-  return token;
-}
-
-async function checkUiReadiness(): Promise<void> {
-  const token = await loginForUi(new Request("http://localhost/ui/"));
-  const response = await fetchWithRetry(new URL("/ui/", upstreamOrigin), {
-    headers: {
-      authorization: `Bearer ${masterKey}`,
-      cookie: `token=${token}`,
-    },
-    redirect: "manual",
-  });
-
-  const contentType = response.headers.get("content-type") ?? "";
-  if (!response.ok || !contentType.includes("text/html")) {
-    throw new Error(`LiteLLM UI readiness failed with ${response.status}`);
-  }
-}
-
-function rewriteLocationHeader(
-  request: Request,
-  responseHeaders: Headers,
-): void {
-  const location = responseHeaders.get("location");
-  if (!location) {
-    return;
-  }
-
-  const requestOrigin = new URL(request.url).origin;
-  const upstream = new URL(upstreamOrigin);
-
-  try {
-    const resolved = new URL(location, upstreamOrigin);
-    if (resolved.origin === upstream.origin) {
-      responseHeaders.set(
-        "location",
-        `${requestOrigin}${resolved.pathname}${resolved.search}${resolved.hash}`,
-      );
-    }
-  } catch {
-    // Leave malformed or non-URL locations untouched.
-  }
-}
-
-function injectUiDefaults(html: string): string {
-  const script = [
-    "<script>",
-    "try {",
-    ...uiDefaultFlags.map(
-      (flag) =>
-        `if (window.localStorage.getItem(${JSON.stringify(flag)}) === null) window.localStorage.setItem(${JSON.stringify(flag)}, "true");`,
-    ),
-    "} catch {}",
-    "</script>",
-  ].join("");
-
-  if (html.includes("</head>")) {
-    return html.replace("</head>", `${script}</head>`);
-  }
-
-  return `${script}${html}`;
-}
-
-async function proxyRequest(request: Request): Promise<Response> {
-  const upstreamUrl = new URL(request.url);
-  upstreamUrl.protocol = new URL(upstreamOrigin).protocol;
-  upstreamUrl.host = new URL(upstreamOrigin).host;
-  const requestPath = new URL(request.url).pathname;
-
-  let token = extractTokenCookie(request.headers.get("cookie"));
-  if (requestPath.startsWith("/ui")) {
-    token ??= await loginForUi(request);
-
-    if (requestPath === "/ui/login" || requestPath === "/ui/login/") {
-      upstreamUrl.pathname = "/ui/";
-      upstreamUrl.search = "";
-    }
-  }
-
-  const response = await fetchWithRetry(upstreamUrl, {
-    method: request.method,
-    headers: (() => {
-      const headers = copyRequestHeaders(request);
-      if (token) {
-        headers.set(
-          "cookie",
-          mergeCookieHeader(request.headers.get("cookie"), token),
-        );
-      }
-      return headers;
-    })(),
-    body:
-      request.method === "GET" || request.method === "HEAD"
-        ? undefined
-        : request.body,
-    redirect: "manual",
-  });
-
-  const responseHeaders = new Headers(response.headers);
-  responseHeaders.delete("content-encoding");
-  responseHeaders.delete("content-length");
-  rewriteLocationHeader(request, responseHeaders);
-  if (token) {
-    responseHeaders.append(
-      "set-cookie",
-      `token=${token}; Path=/; SameSite=Lax`,
-    );
-  }
-
-  const contentType = responseHeaders.get("content-type") ?? "";
-  if (requestPath.startsWith("/ui") && contentType.includes("text/html")) {
-    const html = await response.text();
-    return new Response(injectUiDefaults(html), {
-      status: response.status,
-      statusText: response.statusText,
-      headers: responseHeaders,
-    });
-  }
-
-  return new Response(response.body, {
-    status: response.status,
-    statusText: response.statusText,
-    headers: responseHeaders,
-  });
-}
-
-const server = Bun.serve({
-  port,
-  async fetch(request: Request): Promise<Response> {
-    const pathname = new URL(request.url).pathname;
-    if (pathname === "/healthz") {
-      return new Response("ok");
-    }
-
-    if (pathname === "/readyz") {
-      try {
-        await checkUiReadiness();
-        return new Response("ok");
-      } catch (error) {
-        console.error("[litellm-ui-proxy] readiness check failed", error);
-        return new Response("not ready", { status: 503 });
-      }
-    }
-
-    try {
-      return await proxyRequest(request);
-    } catch (error) {
-      console.error("[litellm-ui-proxy] upstream request failed", error);
-      return new Response("LiteLLM UI proxy upstream request failed", {
-        status: 502,
-      });
-    }
-  },
-});
-
-console.log(`[litellm-ui-proxy] listening on :${server.port}`);

package/dist/traicebox-7pysd22b.yaml

@@ -1,2 +0,0 @@
-host: 127.0.0.1
-port: 8080