feat: add litellm_api_caddy_public_access variable to control Caddy proxy behavior

2026-06-12 09:39:45 +08:00 · 2026-06-12 09:39:45 +08:00 · 1574287a4d
commit 1574287a4d
parent e9dec70225
2 changed files with 44 additions and 1 deletions
--- a/roles/vhosts/litellm/defaults/main.yml
+++ b/roles/vhosts/litellm/defaults/main.yml
@ -30,6 +30,9 @@ litellm_ui_caddy_fragment_path: "/etc/caddy/conf.d/{{ litellm_ui_domain }}.caddy
 litellm_caddy_config_enabled: true
 litellm_enable_basic_auth: false

+# When true, proxies all paths (Open Public Access). When false, strictly whitelists AI API paths only.
+litellm_api_caddy_public_access: true
+

 # =============================================================================
 # Database Configuration
--- a/roles/vhosts/litellm/templates/api.svc.plus.caddy.j2
+++ b/roles/vhosts/litellm/templates/api.svc.plus.caddy.j2
@ -8,8 +8,47 @@
    rewrite /v1/openai/embeddings /v1/embeddings
    rewrite /v1/anthropic/messages /v1/messages

+{% if not litellm_api_caddy_public_access %}
    # ------------------------------------------------------------------------
-    # Proxy ALL requests to LiteLLM Backend
+    # Minimal AI API Gateway Mode (STRICT WHITELIST)
+    # ------------------------------------------------------------------------
+    @allowed_api {
+        path /v1/chat/completions
+        path /v1/embeddings
+        path /v1/messages
+        path /v1/models
+    }
+
+    handle @allowed_api {
+        reverse_proxy {{ litellm_listen_host }}:{{ litellm_listen_port }} {
+            flush_interval -1
+            transport http {
+                dial_timeout 30s
+                read_timeout 600s
+                write_timeout 600s
+            }
+        }
+    }
+
+    # Admin UI Backend APIs (allowed via Referer to fix UI loading)
+    @ui_api {
+        header Referer *api.svc.plus/ui*
+    }
+    handle @ui_api {
+        reverse_proxy {{ litellm_listen_host }}:{{ litellm_listen_port }} {
+            flush_interval -1
+        }
+    }
+
+    # Default Catch-all block for unapproved paths
+    handle {
+        respond "{\"error\":{\"message\":\"Invalid path passed or not enabled by Minimal Gateway.\",\"type\":\"api_error\",\"param\":null,\"code\":null}}" 404 {
+            close
+        }
+    }
+{% else %}
+    # ------------------------------------------------------------------------
+    # Proxy ALL requests to LiteLLM Backend (PERMISSIVE)
    # ------------------------------------------------------------------------
    reverse_proxy {{ litellm_listen_host }}:{{ litellm_listen_port }} {
        flush_interval -1
@ -19,6 +58,7 @@
            write_timeout 600s
        }
    }
+{% endif %}

    log {
        output file /var/log/caddy/{{ litellm_api_domain }}.access.log