patches on sxsw ai working api key working container hardened plus many more
This commit is contained in:
@@ -1153,6 +1153,78 @@ RestartSec=5
|
||||
WantedBy=multi-user.target
|
||||
SERVICE
|
||||
|
||||
# Claude API proxy — middleware that injects max_tokens, strips invalid fields
|
||||
# API key must be set after install via setup-aiui-server.sh or manually
|
||||
cat > /mnt/target/opt/archipelago/claude-api-proxy.py <<'CLAUDEPROXY'
|
||||
#!/usr/bin/env python3
|
||||
import http.server, json, ssl, sys, os, urllib.request, urllib.error
|
||||
API_KEY = os.environ.get("ANTHROPIC_API_KEY", "")
|
||||
PORT = 3142
|
||||
class Handler(http.server.BaseHTTPRequestHandler):
|
||||
def do_POST(self):
|
||||
if self.path == "/health":
|
||||
self.send_response(200); self.send_header("Content-Type","application/json"); self.end_headers()
|
||||
self.wfile.write(b'{"status":"ok"}'); return
|
||||
cl = int(self.headers.get("Content-Length", 0))
|
||||
body = self.rfile.read(cl)
|
||||
try: data = json.loads(body)
|
||||
except: data = {}
|
||||
if "max_tokens" not in data: data["max_tokens"] = 8096
|
||||
for f in ["webSearch","web_search"]: data.pop(f, None)
|
||||
body = json.dumps(data).encode()
|
||||
headers = {"Content-Type":"application/json","x-api-key":API_KEY,"anthropic-version":"2023-06-01","anthropic-dangerous-direct-browser-access":"true"}
|
||||
for h in ["anthropic-version","anthropic-beta"]:
|
||||
if self.headers.get(h): headers[h] = self.headers[h]
|
||||
req = urllib.request.Request("https://api.anthropic.com"+self.path, data=body, headers=headers, method="POST")
|
||||
try:
|
||||
ctx = ssl.create_default_context()
|
||||
resp = urllib.request.urlopen(req, context=ctx, timeout=300)
|
||||
self.send_response(resp.status)
|
||||
is_stream = "text/event-stream" in (resp.headers.get("Content-Type","") or "")
|
||||
for k,v in resp.headers.items():
|
||||
if k.lower() not in ("transfer-encoding","connection"): self.send_header(k,v)
|
||||
if is_stream: self.send_header("Transfer-Encoding","chunked")
|
||||
self.end_headers()
|
||||
if is_stream:
|
||||
while True:
|
||||
chunk = resp.read(4096)
|
||||
if not chunk: break
|
||||
self.wfile.write(b"%x\r\n" % len(chunk)); self.wfile.write(chunk); self.wfile.write(b"\r\n"); self.wfile.flush()
|
||||
self.wfile.write(b"0\r\n\r\n"); self.wfile.flush()
|
||||
else: self.wfile.write(resp.read())
|
||||
except urllib.error.HTTPError as e:
|
||||
self.send_response(e.code); self.send_header("Content-Type","application/json"); self.end_headers(); self.wfile.write(e.read())
|
||||
except Exception as e:
|
||||
self.send_response(502); self.send_header("Content-Type","application/json"); self.end_headers(); self.wfile.write(json.dumps({"error":str(e)}).encode())
|
||||
def do_GET(self):
|
||||
if self.path == "/health":
|
||||
self.send_response(200); self.send_header("Content-Type","application/json"); self.end_headers(); self.wfile.write(b'{"status":"ok"}')
|
||||
else: self.send_response(404); self.end_headers()
|
||||
def log_message(self, fmt, *args): pass
|
||||
if not API_KEY: print("ERROR: ANTHROPIC_API_KEY not set — configure via setup-aiui-server.sh"); sys.exit(1)
|
||||
server = http.server.HTTPServer(("127.0.0.1", PORT), Handler)
|
||||
print(f"Claude API proxy on port {PORT}")
|
||||
server.serve_forever()
|
||||
CLAUDEPROXY
|
||||
chmod +x /mnt/target/opt/archipelago/claude-api-proxy.py
|
||||
|
||||
# Claude API proxy systemd service (disabled by default — enabled after API key is configured)
|
||||
cat > /mnt/target/etc/systemd/system/claude-api-proxy.service <<'CLAUDESVC'
|
||||
[Unit]
|
||||
Description=Claude API Proxy
|
||||
After=network.target
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
Environment=ANTHROPIC_API_KEY=
|
||||
ExecStart=/usr/bin/python3 /opt/archipelago/claude-api-proxy.py
|
||||
Restart=always
|
||||
RestartSec=5
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
CLAUDESVC
|
||||
|
||||
# Install GRUB
|
||||
echo " [6/6] Installing bootloader..."
|
||||
mount --bind /dev /mnt/target/dev
|
||||
|
||||
Reference in New Issue
Block a user