From 87654f5ae88bfeddd70d0381609eecb88789e790 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sebastian=20Kr=C3=BCger?= <valknar@pivoine.art>
Date: Sun, 9 Nov 2025 18:25:57 +0100
Subject: [PATCH] feat: enable LiteLLM API key authentication
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Re-enabled LITELLM_MASTER_KEY for proper API key authentication.
LiteLLM supports master key without database for simple auth scenarios.

- LiteLLM validates Bearer token against master key
- Open WebUI uses same key for internal communication
- External access requires both HTTP Basic Auth + API key

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
---
 ai/compose.yaml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/ai/compose.yaml b/ai/compose.yaml
index 79416e3..7b56e55 100644
--- a/ai/compose.yaml
+++ b/ai/compose.yaml
@@ -35,7 +35,7 @@ services:
 
       # OpenAI API configuration (pointing to LiteLLM proxy)
       OPENAI_API_BASE_URLS: http://litellm:4000
-      OPENAI_API_KEYS: sk-internal
+      OPENAI_API_KEYS: ${AI_LITELLM_API_KEY}
 
       # WebUI configuration
       WEBUI_NAME: ${AI_WEBUI_NAME:-Pivoine AI}
@@ -95,6 +95,7 @@ services:
     environment:
       TZ: ${TIMEZONE:-Europe/Berlin}
       ANTHROPIC_API_KEY: ${ANTHROPIC_API_KEY}
+      LITELLM_MASTER_KEY: ${AI_LITELLM_API_KEY}
       DATABASE_URL: null
     volumes:
       - ./litellm-config.yaml:/app/litellm-config.yaml:ro