valknar/docker-compose
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: add HTTP Basic Auth to LiteLLM for enhanced security

Browse Source 
Added Traefik Basic Auth middleware to LiteLLM public endpoint for
two-layer security:
1. HTTP Basic Auth (Traefik level)
2. API Key authentication (LiteLLM level)

Changes:
- Added basicauth middleware using AUTH_USERS credentials
- Chained auth middleware before compression and security headers
- Prevents unauthorized access to public LiteLLM endpoint

Usage with Codex:
export OPENAI_BASE_URL=https://username:password@llm.ai.pivoine.art
export OPENAI_API_KEY=sk-1234

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
Sebastian Krüger
2025-11-09 18:04:09 +01:00
parent 1d69107ebb
commit eb4a025c20
1 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
ai/compose.yaml
View File

@@ -119,7 +119,8 @@ services:
- 'traefik.http.routers.${AI_COMPOSE_PROJECT_NAME}-litellm-web-secure.tls.certresolver=resolver'
- 'traefik.http.routers.${AI_COMPOSE_PROJECT_NAME}-litellm-web-secure.entrypoints=web-secure'
- 'traefik.http.middlewares.${AI_COMPOSE_PROJECT_NAME}-litellm-web-secure-compress.compress=true'
- 'traefik.http.routers.${AI_COMPOSE_PROJECT_NAME}-litellm-web-secure.middlewares=${AI_COMPOSE_PROJECT_NAME}-litellm-web-secure-compress,security-headers@file'
- 'traefik.http.middlewares.${AI_COMPOSE_PROJECT_NAME}-litellm-auth.basicauth.users=${AUTH_USERS}'
- 'traefik.http.routers.${AI_COMPOSE_PROJECT_NAME}-litellm-web-secure.middlewares=${AI_COMPOSE_PROJECT_NAME}-litellm-auth,${AI_COMPOSE_PROJECT_NAME}-litellm-web-secure-compress,security-headers@file'
# Service
- 'traefik.http.services.${AI_COMPOSE_PROJECT_NAME}-litellm-web-secure.loadbalancer.server.port=4000'
- 'traefik.docker.network=${NETWORK_NAME}'