sync: record secure gateway tracking setup

sync/CURRENT.md

@@ -10,7 +10,36 @@
 
 ## Session Status
 
-### Latest Verified State — 2026-05-12
+### Latest Verified State — 2026-05-12 22:15 Europe/Berlin
+
+- Secure bridge architecture is now in place for Gateway-routed subscription access:
+  - MacStudio Codex bridge listens on `127.0.0.1:3253`.
+  - Local M365 bridge listens on `127.0.0.1:3257` but remains auth-required.
+  - Cloudflare-Access SSH reverse tunnel exposes only Erik loopback listeners `127.0.0.1:3353` and `127.0.0.1:3357`.
+  - Gateway live env points `CODEX_BRIDGE_URL` / `OPENAI_CODEX_URL` to `http://127.0.0.1:3353`.
+- End-to-end Codex via Gateway works and is tracked:
+  - Caller `codex-secure-tunnel-smoke`.
+  - Model `gpt-5.1-codex-mini`.
+  - Dashboard request row recorded tokens, latency, cost, and compression metadata.
+- New local Codex starts are configured for Gateway:
+  - `~/.codex/config.toml` default provider `llm-gateway`, `wire_api = "responses"`, `env_key = "LLM_GATEWAY_API_KEY"`.
+  - `~/.zshrc` sets OpenAI-compatible Gateway env vars and aliases `codex` to the Gateway profile.
+- Local Gateway Companion is running on `127.0.0.1:11435` for desktop/CLI clients that need a local endpoint.
+  - It forwards OpenAI-compatible calls to `https://llm-gateway.context-x.org`.
+  - It translates Claude/Anthropic `/v1/messages` text calls to Gateway `/v1/chat/completions`.
+  - Claude Companion smoke with model `claude-sonnet-4-6` returned content and was tracked.
+- Claude model alias warning:
+  - `claude-sonnet-4-1` is stale for current Claude Code bridge behavior and produced empty/failing output.
+  - `claude-sonnet-4-6`, `sonnet`, or default bridge model works.
+- Remaining auth blockers:
+  - GitHub Copilot bridge remains `auth_required`.
+  - M365 Copilot bridge remains `auth_required` until real Microsoft Graph delegated auth/client config exists.
+- Truth boundary:
+  - Gateway can track/compress only requests that enter it before provider execution.
+  - Existing native app sessions must be restarted or explicitly configured to use Gateway/Companion.
+  - Full Claude Code tool-call translation through Anthropic `/v1/messages` is not finished; current Companion support is text-compatible and enough for tracking text calls.
+
+### Previous Verified State — 2026-05-12
 
 - Public gateway is reachable:
   - `/api/dashboard/health` returns `ok`, database `connected`.

sync/history/2026-05-12-secure-bridge-tracking.md

@@ -0,0 +1,53 @@
+# Session: Secure Bridge Tracking — 2026-05-12
+
+**Agent:** Codex
+**Status:** Complete for Gateway-routed Codex/Claude paths; auth still required for Microsoft/GitHub Copilot
+
+## Verified
+
+- Public Gateway health is OK and DB is connected.
+- Live `/v1/chat/completions` and `/v1/responses` are available for OpenAI-compatible clients.
+- MacStudio Codex bridge is running locally on `127.0.0.1:3253`.
+- Erik sees Codex only through an authenticated Cloudflare-Access SSH reverse tunnel bound to `127.0.0.1:3353`.
+- Gateway process env points Codex providers at `http://127.0.0.1:3353`.
+- End-to-end Codex smoke through Gateway worked and appeared in dashboard as caller `codex-secure-tunnel-smoke` with model `gpt-5.1-codex-mini`.
+- Local Gateway Companion is running on `127.0.0.1:11435` and forwards OpenAI-compatible traffic to `https://llm-gateway.context-x.org`.
+- Companion now translates Anthropic `/v1/messages` to Gateway `/v1/chat/completions` so Claude Code style calls can be tracked.
+- Claude Companion smoke worked with caller `claude-code-companion-smoke-46b` and model `claude-sonnet-4-6`.
+
+## Local Client Routing
+
+- `~/.codex/config.toml` now defaults new Codex starts to provider `llm-gateway`, model `gpt-5.1-codex-mini`, `wire_api = "responses"`, `env_key = "LLM_GATEWAY_API_KEY"`.
+- `~/.zshrc` exports Gateway defaults for OpenAI-compatible clients:
+  - `OPENAI_BASE_URL=https://llm-gateway.context-x.org/v1`
+  - `OPENAI_API_BASE=https://llm-gateway.context-x.org/v1`
+  - `OPENAI_API_KEY=gateway` when unset
+  - `LLM_GATEWAY_API_KEY=gateway`
+- `~/.zshrc` also points Claude-compatible clients at the local Companion:
+  - `ANTHROPIC_BASE_URL=http://127.0.0.1:11435`
+  - `ANTHROPIC_API_KEY=gateway` when unset
+  - `ANTHROPIC_DEFAULT_SONNET_MODEL_NAME=claude-sonnet-4-6`
+- macOS `launchctl` GUI environment has the same Gateway variables for newly started GUI apps.
+
+## Security Decision
+
+- Do not expose subscription bridges on LAN or public interfaces.
+- Keep MacStudio bridges loopback-only.
+- Use authenticated Cloudflare Access SSH reverse tunnels to Erik.
+- Bind remote tunnel ports on Erik to `127.0.0.1` only.
+- Gateway may call tunneled bridges from Erik loopback; outside traffic cannot connect to the bridge ports directly.
+
+## Important Limits
+
+- The Gateway can track and compress only requests that enter it before the provider call.
+- Existing native Codex/Claude sessions are not retroactively tracked; restart/new sessions are required.
+- Full Claude Code agent tool-use through an Anthropic adapter is not fully implemented. The Companion supports basic `/v1/messages` text calls and tracking; deeper tool-call translation remains a follow-up.
+- GitHub Copilot bridge remains `auth_required` until `copilot-api` auth is completed.
+- Microsoft 365 Copilot bridge remains `auth_required` until Graph delegated auth or a Microsoft app/client flow is configured. Do not fake a token.
+
+## Next
+
+- Add first-class `/v1/messages` to the Gateway itself instead of relying only on the local Companion.
+- Update Gateway provider model aliases from older Claude names to current Claude Code aliases such as `claude-sonnet-4-6`.
+- Implement tool-call translation if Claude Code itself should run as a full agent through the Gateway.
+- Finish GitHub Copilot and M365 auth interactively.