rene/llm-gateway
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
llm-gateway/sync/history/2026-05-12-secure-bridge-tracking.md
Rene Fichtmueller 9027484e3d sync: record secure gateway tracking setup
2026-05-12 22:17:33 +02:00

3.2 KiB
Raw Blame History

Session: Secure Bridge Tracking — 2026-05-12

Agent: Codex Status: Complete for Gateway-routed Codex/Claude paths; auth still required for Microsoft/GitHub Copilot

Verified

  • Public Gateway health is OK and DB is connected.
  • Live /v1/chat/completions and /v1/responses are available for OpenAI-compatible clients.
  • MacStudio Codex bridge is running locally on 127.0.0.1:3253.
  • Erik sees Codex only through an authenticated Cloudflare-Access SSH reverse tunnel bound to 127.0.0.1:3353.
  • Gateway process env points Codex providers at http://127.0.0.1:3353.
  • End-to-end Codex smoke through Gateway worked and appeared in dashboard as caller codex-secure-tunnel-smoke with model gpt-5.1-codex-mini.
  • Local Gateway Companion is running on 127.0.0.1:11435 and forwards OpenAI-compatible traffic to https://llm-gateway.context-x.org.
  • Companion now translates Anthropic /v1/messages to Gateway /v1/chat/completions so Claude Code style calls can be tracked.
  • Claude Companion smoke worked with caller claude-code-companion-smoke-46b and model claude-sonnet-4-6.

Local Client Routing

  • ~/.codex/config.toml now defaults new Codex starts to provider llm-gateway, model gpt-5.1-codex-mini, wire_api = "responses", env_key = "LLM_GATEWAY_API_KEY".
  • ~/.zshrc exports Gateway defaults for OpenAI-compatible clients:
    • OPENAI_BASE_URL=https://llm-gateway.context-x.org/v1
    • OPENAI_API_BASE=https://llm-gateway.context-x.org/v1
    • OPENAI_API_KEY=gateway when unset
    • LLM_GATEWAY_API_KEY=gateway
  • ~/.zshrc also points Claude-compatible clients at the local Companion:
    • ANTHROPIC_BASE_URL=http://127.0.0.1:11435
    • ANTHROPIC_API_KEY=gateway when unset
    • ANTHROPIC_DEFAULT_SONNET_MODEL_NAME=claude-sonnet-4-6
  • macOS launchctl GUI environment has the same Gateway variables for newly started GUI apps.

Security Decision

  • Do not expose subscription bridges on LAN or public interfaces.
  • Keep MacStudio bridges loopback-only.
  • Use authenticated Cloudflare Access SSH reverse tunnels to Erik.
  • Bind remote tunnel ports on Erik to 127.0.0.1 only.
  • Gateway may call tunneled bridges from Erik loopback; outside traffic cannot connect to the bridge ports directly.

Important Limits

  • The Gateway can track and compress only requests that enter it before the provider call.
  • Existing native Codex/Claude sessions are not retroactively tracked; restart/new sessions are required.
  • Full Claude Code agent tool-use through an Anthropic adapter is not fully implemented. The Companion supports basic /v1/messages text calls and tracking; deeper tool-call translation remains a follow-up.
  • GitHub Copilot bridge remains auth_required until copilot-api auth is completed.
  • Microsoft 365 Copilot bridge remains auth_required until Graph delegated auth or a Microsoft app/client flow is configured. Do not fake a token.

Next

  • Add first-class /v1/messages to the Gateway itself instead of relying only on the local Companion.
  • Update Gateway provider model aliases from older Claude names to current Claude Code aliases such as claude-sonnet-4-6.
  • Implement tool-call translation if Claude Code itself should run as a full agent through the Gateway.
  • Finish GitHub Copilot and M365 auth interactively.