Commit Graph
100 Commits
Author SHA1 Message Date
hkfires d16599fa1d feat: prefer util.WritablePath() for logs and local storage 2025-10-19 10:19:55 +08:00
hkfires 9f45806106 feat(logging): centralize sensitive header masking 2025-10-18 17:16:00 +08:00
hkfires 9319602812 UPDATE README 2025-10-16 22:57:44 +08:00
Chén MùandGitHub 8e95c5e0a8 Merge pull request #134 from router-for-me/hg
feat(managementasset): add MANAGEMENT_STATIC_PATH override
2025-10-16 22:25:05 +08:00
hkfires 93f0e65cef docs: document MANAGEMENT_STATIC_PATH for management.html location 2025-10-16 22:15:17 +08:00
hkfires c75e524fe5 feat(managementasset): add MANAGEMENT_STATIC_PATH override 2025-10-16 21:52:59 +08:00
Chén MùandGitHub f58d0faf8c Merge pull request #130 from router-for-me/log
feat(management): add log retrieval and cleanup endpoints
2025-10-16 12:39:06 +08:00
hkfires df3b00621a fix(logs): ignore ENOENT when truncating default log file 2025-10-16 12:35:29 +08:00
hkfires 72cb2689e8 feat(management): add log retrieval and cleanup endpoints 2025-10-16 11:55:58 +08:00
hkfires 84fa497169 fix(server): snapshot config with YAML to handle in-place mutations
- Add oldConfigYaml to store previous config snapshot
- Rebuild oldCfg from YAML in UpdateClients for reliable change detection
- Initialize and refresh snapshot on startup and after updates
- Prevents change detection bugs when Management API mutates cfg in place
- Import gopkg.in/yaml.v3
2025-10-15 18:26:23 +08:00
hkfires 9ef76dcc61 Add Object Storage 2025-10-15 11:47:35 +08:00
hkfires 1cd275f4c1 Merge branch 'dev' 2025-10-14 15:47:39 +08:00
hkfires 4bc1ed6031 feat(config): use block style for YAML maps/lists; keep [] for empty 2025-10-14 15:43:58 +08:00
hkfires 78989d6c0d feat(store)!: Lock AuthDir when use gitstore/pgstore 2025-10-14 15:43:58 +08:00
hkfires d6aa1e5ba0 fix(postgresstore): normalize config line endings for DB/disk writes 2025-10-14 15:43:58 +08:00
hkfires 50c1c50dbd docs: document PostgreSQL-backed config/token store 2025-10-14 15:43:58 +08:00
hkfires 5123cfd47e feat(store): add PostgreSQL-backed config store with env selection 2025-10-14 15:43:58 +08:00
Chén MùandGitHub 9072accc43 Merge pull request #118 from router-for-me/config
feat(config): use block style for YAML maps/lists
2025-10-14 13:44:00 +08:00
hkfires 0d8134aabe feat(config): use block style for YAML maps/lists; keep [] for empty 2025-10-14 13:17:04 +08:00
Chén MùandGitHub 4fdbdf7925 Merge pull request #117 from router-for-me/pg
feat(store): add PostgreSQL-backed config store with env selection
2025-10-14 11:28:19 +08:00
hkfires 50c84485c3 feat(store)!: Lock AuthDir when use gitstore/pgstore 2025-10-14 10:46:45 +08:00
hkfires f335aeeedb fix(postgresstore): normalize config line endings for DB/disk writes 2025-10-14 08:38:15 +08:00
hkfires 61f6a612e3 docs: document PostgreSQL-backed config/token store 2025-10-13 22:31:01 +08:00
hkfires 42087d5387 feat(store): add PostgreSQL-backed config store with env selection 2025-10-13 21:05:43 +08:00
hkfires 39abde2413 refactor(watcher): remove redundant quota-exceeded change logs 2025-10-13 14:02:55 +08:00
hkfires 0aa8706ef7 feat(config): Treat empty BaseURL for Codex keys as deletion 2025-10-13 13:48:27 +08:00
hkfires 5fd4a8b974 feat(config): Remove OpenAI providers with empty BaseURL 2025-10-13 13:48:27 +08:00
hkfires 06e6f0a5f2 refactor(watcher): Extract config change logging to new function 2025-10-13 13:48:27 +08:00
hkfires b5ad978d44 feat(managementasset): Authenticate GitHub API requests 2025-10-12 21:21:51 +08:00
hkfires 4c033b3af7 feat(config): disable logging and usage stats by default 2025-10-11 22:11:08 +08:00
hkfires 843a81f68d fix(server): Handle empty/invalid config in cloud deploy mode 2025-10-11 22:07:08 +08:00
hkfires fc6aa8ef77 feat(config): Gracefully handle empty or invalid optional config 2025-10-11 20:49:15 +08:00
hkfires c3f88126e6 refactor(provider): remove Gemini Web cookie-based support 2025-10-11 12:56:07 +08:00
hkfires b895018ff5 refactor(provider): remove Gemini Web cookie-based provider 2025-10-11 12:53:03 +08:00
hkfires 78738ca3f0 fix(config): treat directory as absent for optional config in cloud deploy mode 2025-10-10 19:40:02 +08:00
hkfires ac01c74c02 feat(server): Add cloud deploy mode 2025-10-10 18:52:43 +08:00
hkfires 01be94a0de feat(translator): Map OpenAI modalities to Gemini responseModalities 2025-10-09 19:38:07 +08:00
hkfires d1933075c3 Revert "feat(translator): Pass through imageConfig" 2025-10-09 16:35:08 +08:00
hkfires a602ae859b feat(translator): Add support for openrouter image_config 2025-10-09 15:47:06 +08:00
hkfires c5d7137d66 feat(translator): Pass through imageConfig 2025-10-09 13:50:43 +08:00
hkfires 514f5a8ad4 feat(cliproxy): Rebind auth executors on config change 2025-10-07 21:23:21 +08:00
hkfires 75d7763c5c refactor(gemini-web): Rename flash image preview model ID 2025-10-07 20:35:53 +08:00
hkfires 9bb7df7af7 feat(gemini-web): Enable config hot-reload and fix Gem selection 2025-10-07 20:23:33 +08:00
hkfires 43665cb649 feat(gemini-web): Replace code-mode with flexible gem-mode 2025-10-07 19:36:22 +08:00
hkfires 31659c790d feat(translator/gemini-cli): support inline image data in responses 2025-10-06 17:06:04 +08:00
hkfires c62ecc2442 fix(gemini): Disable thinking config for incompatible models 2025-10-06 16:32:03 +08:00
hkfires 8ca041cfcf feat(auth): Use user info for iFlow auth identifier 2025-10-05 20:11:30 +08:00
hkfires eac8b1a27f fix(auth): Correct iFlow OAuth callback port to 11451 2025-10-05 18:53:22 +08:00
hkfires c8029b7166 feat(iflow): Add User-Agent header to API requests 2025-10-05 18:50:35 +08:00
hkfires 64f4c18fea fix(auth): Return error if iFlow API key fetch fails 2025-10-05 16:34:27 +08:00
hkfires 9abcaf177f feat(registry): Add display names and descriptions for iFlow models 2025-10-05 16:11:40 +08:00
hkfires b839e351c4 feat: Add support for iFlow provider 2025-10-05 15:51:09 +08:00
hkfires 4657c98821 feat: Add option to disable management control panel 2025-10-04 19:55:07 +08:00
hkfires dd1e0da155 fix(cliproxy): Use model name as fallback for ID if alias is empty 2025-10-04 19:42:11 +08:00
hkfires cf9a748159 fix(watcher): Prevent infinite reload loop on rapid config changes 2025-10-04 13:58:15 +08:00
hkfires 2e328dd462 feat(management): Improve logging for management route status 2025-10-04 13:48:34 +08:00
hkfires edd4b4d97f refactor(api): Lazily register management routes 2025-10-04 13:41:49 +08:00
hkfires 608d745159 fix(api): Enable management routes based on secret key presence 2025-10-04 13:32:54 +08:00
hkfires fd795caf76 refactor(api): Use middleware to control management route availability
Previously, management API routes were conditionally registered at server startup based on the presence of the `remote-management-key`. This static approach meant a server restart was required to enable or disable these endpoints.

This commit refactors the route handling by:
1.  Introducing an `atomic.Bool` flag, `managementRoutesEnabled`, to track the state.
2.  Always registering the management routes at startup.
3.  Adding a new `managementAvailabilityMiddleware` to the management route group.

This middleware checks the `managementRoutesEnabled` flag for each request, rejecting it if management is disabled. This change provides the same initial behavior but creates a more flexible architecture that will allow for dynamically enabling or disabling management routes at runtime in the future.
2025-10-04 13:08:08 +08:00
hkfires f2201dabfa feat(gemini-web): Index and look up conversations by suffix 2025-09-30 12:21:51 +08:00
hkfires 108dcb7f70 fix(gemini-web): Correct history on conversation reuse 2025-09-30 12:21:51 +08:00
hkfires 8858e07d8b feat(gemini-web): Add support for custom auth labels 2025-09-30 12:21:51 +08:00
hkfires d33a89b89f fix(gemini-web): Ignore tool messages to fix sticky selection 2025-09-30 12:21:51 +08:00
hkfires 1d70336a91 fix(gemini-web): Correct ambiguity check in conversation lookup 2025-09-30 12:21:51 +08:00
hkfires 6080527e9e feat(gemini-web): Namespace conversation index by account label 2025-09-30 12:21:51 +08:00
hkfires 82187bffba feat(gemini-web): Add conversation affinity selector 2025-09-30 12:21:51 +08:00
hkfires f4977e5ef6 Ignore GEMINI.md file 2025-09-30 12:21:51 +08:00
hkfires ad4d045101 feat: Restore API key config in config file 2025-09-28 09:11:58 +08:00
hkfires 5888e04654 refactor(cliproxy): remove unused access provider refresh logic 2025-09-28 08:59:17 +08:00
hkfires 19b10cb894 feat(sdk/auth): extend Gemini Web refresh lead to 1 hour 2025-09-28 08:40:32 +08:00
hkfires aa25820698 chore(log): Refine debug messages for config reloads 2025-09-28 08:40:25 +08:00
hkfires da72ac1f6d fix(config): Inline SDKConfig for proper YAML parsing 2025-09-27 12:23:20 +08:00
hkfires f9a170a3c4 chore(watcher): Clarify API key client reload log message 2025-09-27 11:25:40 +08:00
hkfires 88f06fc305 feat(watcher): Log detailed diff for openai-compatibility on reload 2025-09-27 11:15:30 +08:00
hkfires 562a49a194 feat(provider/gemini-web): Prioritize explicit label for account identification 2025-09-27 10:56:15 +08:00
hkfires 6136a77eb3 refactor(util): Centralize auth directory path resolution
Introduces a new utility function, `util.ResolveAuthDir`, to handle the normalization and resolution of the authentication directory path.

Previously, the logic for expanding the tilde (~) to the user's home directory was implemented inline in `main.go`. This refactoring extracts that logic into a reusable function within the `util` package.

The new `ResolveAuthDir` function is now used consistently across the application:
- During initial server startup in `main.go`.
- When counting authentication files in `util.CountAuthFiles`.
- When the configuration is reloaded by the watcher.

This change eliminates code duplication, improves consistency, and makes the path resolution logic more robust and maintainable.
2025-09-27 09:06:51 +08:00
hkfires afff9216ea perf(watcher): Avoid unnecessary auth dir scan on config reload 2025-09-27 08:43:06 +08:00
hkfires b56edd4db0 refactor(access): Introduce ApplyAccessProviders helper function
The logic for reconciling access providers, updating the manager, and logging the changes was previously handled directly in the service layer.

This commit introduces a new `ApplyAccessProviders` helper function in the `internal/access` package to encapsulate this entire process. The service layer is updated to use this new helper, which simplifies its implementation and reduces code duplication.

This refactoring centralizes the provider update logic and improves overall code maintainability. Additionally, the `sdk/access` package import is now aliased to `sdkaccess` for clarity.
2025-09-27 08:23:24 +08:00
hkfires b0f2ad7cfe fix(cliproxy): Clear stale compatibility model registrations
Previously, if an OpenAI compatibility configuration was removed from the
config file or its model list was emptied, the associated models for
that auth entry were not unregistered from the global model registry.
This resulted in stale registrations persisting.

This change ensures that when an auth entry is identified as being for
a compatibility provider, its models are explicitly unregistered if:
- The corresponding configuration is found but has an empty model list.
- The corresponding configuration is no longer found in the config file.
2025-09-26 22:04:32 +08:00
hkfires cd0b1be46c fix(log): Reduce noise on metadata updates and provider sync 2025-09-26 21:42:42 +08:00
hkfires 08856a97fb fix(access): Exclude inline provider from reconciliation changes
The `ReconcileProviders` function was incorrectly including the default
inline provider (`access.teleport.dev`) in the lists of added, updated,
and removed providers.

The inline provider is a special case managed directly by the access
controller and does not correspond to a separate, reloadable resource.
Including it in the change lists could lead to errors when attempting
to perform lifecycle operations on it.

This commit modifies the reconciliation logic to explicitly ignore the
inline provider when calculating changes. This ensures that only
external, reloadable providers are reported as changed, preventing
incorrect lifecycle management.
2025-09-26 20:48:20 +08:00
hkfires b6d5ce2d4d fix(access): Force rebuild of aliased provider configurations
The provider reconciliation logic did not correctly handle aliased provider configurations (e.g., using YAML anchors). When a provider config was aliased, the check for configuration equality would pass, causing the system to reuse the existing provider instance without rebuilding it, even if the underlying configuration had changed.

This change introduces a check to detect if the old and new provider configurations point to the same object in memory. If they are aliased, the provider is now always rebuilt to ensure it reflects the latest configuration. The optimization to reuse an existing provider based on deep equality is now only applied to non-aliased providers.
2025-09-26 20:05:43 +08:00
hkfires 0f55e550cf refactor(registry): Preserve duplicate models in client registration
The `RegisterClient` function previously deduplicated the list of models provided by a client. This could lead to an inaccurate representation of the client's state if it intentionally registered the same model ID multiple times.

This change refactors the registration logic to store the raw, unfiltered list of models, preserving their original order and count.

A new `rawModelIDs` slice tracks the complete list for storage in `clientModels`, while the logic for processing changes continues to use a unique set of model IDs for efficiency. This ensures the registry's state accurately reflects what the client provides.
2025-09-26 19:38:44 +08:00
hkfires e1de04230f fix(registry): Reset client status on model re-registration
When a client re-registers with the model registry, its previous status for a given model (e.g., quota exceeded or suspended) was not being cleared. This could lead to a situation where a client is permanently unable to use a model even after re-registering.

This change ensures that when a client re-registers an existing model, its ID is removed from the model's `QuotaExceededClients` and `SuspendedClients` lists. This effectively resets the client's status for that model, allowing for a fresh start upon reconnection.
2025-09-26 19:19:24 +08:00
hkfires a887a337a5 fix(registry): Handle duplicate model IDs in client registration
The previous model registration logic used a set-like map to track the models associated with a client. This caused issues when a client registered multiple instances of the same model ID, as they were all treated as a single registration.

This commit refactors the registration logic to use count maps for both the old and new model lists. This allows the system to accurately track the number of instances for each model ID provided by a client.

The changes ensure that:
- When a client updates its model list, the exact number of added or removed instances for each model ID is correctly calculated.
- Provider counts are accurately incremented or decremented based on the number of model instances being added, removed, or having their provider changed.
- The registry correctly handles scenarios where a client reduces the number of duplicate model registrations (e.g., from `[A, A]` to `[A]`), properly deregistering the surplus instance.
2025-09-26 18:52:58 +08:00
hkfires 2717ba3e50 fix(registry): Avoid provider update when new provider is empty
When a client re-registered and changed its provider from a non-empty value to an empty string, the logic would still trigger a provider update for the client's models. An empty provider string should not cause an update.

This commit fixes this behavior by adding a check to ensure the new provider is a non-empty string before updating the model's provider information.

Additionally, the logic for detecting a provider change has been simplified by removing an unnecessary variable.
2025-09-26 18:32:47 +08:00
hkfires 63af4c551d fix(registry): Fix provider change logic for new models
When a client changed its provider and registered a new model in the same `RegisterClient` call, the logic would incorrectly attempt to decrement the provider count for the new model from the old provider. This was because the loop iterated over all new model IDs without checking if they were part of the client's previous registration.

This commit adds a check to ensure that a model existed in the client's old model set before attempting to decrement the old provider's usage count. This prevents incorrect state updates in the registry during provider transitions that also introduce new models.
2025-09-26 18:32:47 +08:00
hkfires c675cf5e72 refactor(config): Implement reconciliation for providers and clients
This commit introduces a reconciliation mechanism for handling configuration updates, significantly improving efficiency and resource management.

Previously, reloading the configuration would tear down and recreate all access providers from scratch, regardless of whether their individual configurations had changed. This was inefficient and could disrupt services.

The new `sdkaccess.ReconcileProviders` function now compares the old and new configurations to intelligently manage the provider lifecycle:
- Unchanged providers are kept.
- New providers are created.
- Providers removed from the config are closed and discarded.
- Providers with updated configurations are gracefully closed and recreated.

To support this, a `Close()` method has been added to the `Provider` interface.

A similar reconciliation logic has been applied to the client registration state in `state.RegisterClient`. This ensures that model registrations are accurately tracked when a client's configuration is updated, correctly handling added, removed, and unchanged models. Enhanced logging provides visibility into these operations.
2025-09-26 18:32:47 +08:00
hkfires 3ca01b60a5 refactor(logging): Improve client loading and registration logs 2025-09-26 14:01:41 +08:00
hkfires 9b80820b17 refactor(auth): Move candidate sorting to RoundRobinSelector 2025-09-26 10:50:15 +08:00
hkfires e836b4ac10 fix(auth): Make round-robin auth selection deterministic 2025-09-26 09:49:53 +08:00
hkfires f228a4dcca feat(auth): Enhance Gemini web auth with flexible input and UI 2025-09-26 09:43:26 +08:00
hkfires 96cebd2a35 feat(auth): add interactive prompts to Gemini web auth flow 2025-09-25 20:39:15 +08:00
hkfires a45d2109f3 feat(auth): Improve Gemini web auth with email label detection 2025-09-25 20:17:47 +08:00
hkfires 7a30e65175 refactor(gemini-web): Remove file-based PSIDTS cookie caching 2025-09-25 18:52:31 +08:00
hkfires c63dc7fe2f fix(auth): Scope unavailability checks to specific models 2025-09-25 18:51:50 +08:00
hkfires 2a274d4a08 Merge branch 'main' into gemini-web 2025-09-25 11:05:43 +08:00
hkfires 2175a10932 feat(gemini-web): Introduce stable account label for identification 2025-09-25 10:59:20 +08:00
hkfires 20f3e62529 feat(auth): Add stable label to Gemini Web tokens for logging 2025-09-25 10:34:46 +08:00
hkfires 7f2e2fee56 refactor(gemini-web): Consolidate conversation data into single BoltDB file 2025-09-25 10:34:46 +08:00