From 1574287a4db2435e19f8276ad7cda0defaca3598 Mon Sep 17 00:00:00 2001
From: Haitao Pan <manbuzhe2009@qq.com>
Date: Fri, 12 Jun 2026 09:39:45 +0800
Subject: [PATCH] feat: add litellm_api_caddy_public_access variable to control
 Caddy proxy behavior

---
 roles/vhosts/litellm/defaults/main.yml        |  3 ++
 .../litellm/templates/api.svc.plus.caddy.j2   | 42 ++++++++++++++++++-
 2 files changed, 44 insertions(+), 1 deletion(-)

diff --git a/roles/vhosts/litellm/defaults/main.yml b/roles/vhosts/litellm/defaults/main.yml
index 1a57b88..9330112 100644
--- a/roles/vhosts/litellm/defaults/main.yml
+++ b/roles/vhosts/litellm/defaults/main.yml
@@ -30,6 +30,9 @@ litellm_ui_caddy_fragment_path: "/etc/caddy/conf.d/{{ litellm_ui_domain }}.caddy
 litellm_caddy_config_enabled: true
 litellm_enable_basic_auth: false
 
+# When true, proxies all paths (Open Public Access). When false, strictly whitelists AI API paths only.
+litellm_api_caddy_public_access: true
+
 
 # =============================================================================
 # Database Configuration
diff --git a/roles/vhosts/litellm/templates/api.svc.plus.caddy.j2 b/roles/vhosts/litellm/templates/api.svc.plus.caddy.j2
index 0e09254..afbf21c 100644
--- a/roles/vhosts/litellm/templates/api.svc.plus.caddy.j2
+++ b/roles/vhosts/litellm/templates/api.svc.plus.caddy.j2
@@ -8,8 +8,47 @@
     rewrite /v1/openai/embeddings /v1/embeddings
     rewrite /v1/anthropic/messages /v1/messages
 
+{% if not litellm_api_caddy_public_access %}
     # ------------------------------------------------------------------------
-    # Proxy ALL requests to LiteLLM Backend
+    # Minimal AI API Gateway Mode (STRICT WHITELIST)
+    # ------------------------------------------------------------------------
+    @allowed_api {
+        path /v1/chat/completions
+        path /v1/embeddings
+        path /v1/messages
+        path /v1/models
+    }
+
+    handle @allowed_api {
+        reverse_proxy {{ litellm_listen_host }}:{{ litellm_listen_port }} {
+            flush_interval -1
+            transport http {
+                dial_timeout 30s
+                read_timeout 600s
+                write_timeout 600s
+            }
+        }
+    }
+
+    # Admin UI Backend APIs (allowed via Referer to fix UI loading)
+    @ui_api {
+        header Referer *api.svc.plus/ui*
+    }
+    handle @ui_api {
+        reverse_proxy {{ litellm_listen_host }}:{{ litellm_listen_port }} {
+            flush_interval -1
+        }
+    }
+
+    # Default Catch-all block for unapproved paths
+    handle {
+        respond "{\"error\":{\"message\":\"Invalid path passed or not enabled by Minimal Gateway.\",\"type\":\"api_error\",\"param\":null,\"code\":null}}" 404 {
+            close
+        }
+    }
+{% else %}
+    # ------------------------------------------------------------------------
+    # Proxy ALL requests to LiteLLM Backend (PERMISSIVE)
     # ------------------------------------------------------------------------
     reverse_proxy {{ litellm_listen_host }}:{{ litellm_listen_port }} {
         flush_interval -1
@@ -19,6 +58,7 @@
             write_timeout 600s
         }
     }
+{% endif %}
 
     log {
         output file /var/log/caddy/{{ litellm_api_domain }}.access.log