alice.mosphere.at / assistant
this repo has no description
0
fork

Configure Feed

Select the types of activity you want to include in your feed.

fix(infra): remove external port exposure for internal services

anthropic-proxy, auth-adapter, and litellm no longer expose ports
externally. They communicate only via Docker internal network.

This prevents unauthorized external access (e.g., the mysterious
"What's 1 + 1?" requests hitting anthropic-proxy in prod).

OAuth setup now requires SSH tunnel:
ssh -L 4001:localhost:4001 root@SERVER

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

alice f897ee04 8109082d

+14 -15
+7 -6
docker-compose.yml
··· 4 4 5 5 services: 6 6 # anthropic-proxy: OAuth proxy for Anthropic API 7 + # Internal only - accessed by auth-adapter via Docker network 8 + # For OAuth setup, use SSH tunnel: ssh -L 4001:localhost:4001 root@SERVER 7 9 anthropic-proxy: 8 10 build: 9 11 context: . 10 12 dockerfile: Dockerfile.anthropic-proxy 11 - ports: 12 - - '4001:4001' 13 + # No external port exposure - internal Docker network only 13 14 environment: 14 15 - PORT=4001 15 16 - SESSION_SECRET=${ANTHROPIC_PROXY_SESSION_SECRET} ··· 32 33 33 34 # Auth adapter: translates Bearer tokens to x-api-key headers 34 35 # LiteLLM's os.environ/ substitution doesn't work in extra_headers 36 + # Internal only - accessed by LiteLLM via Docker network 35 37 auth-adapter: 36 38 image: oven/bun:latest 37 39 working_dir: /app 38 40 command: ['bun', 'run', 'src/auth-adapter.ts'] 39 - ports: 40 - - '4002:4002' 41 + # No external port exposure - internal Docker network only 41 42 environment: 42 43 - ANTHROPIC_PROXY_INTERNAL_URL=http://anthropic-proxy:4001 43 44 - AUTH_ADAPTER_PORT=4002 ··· 58 59 retries: 3 59 60 60 61 # LiteLLM: OpenAI-compatible API that proxies to auth-adapter -> anthropic-proxy 62 + # Internal only - accessed by Letta and app via Docker network 61 63 litellm: 62 64 # Using specific version that includes fix for tools=None bug 63 65 # https://github.com/BerriAI/litellm/commit/7c2e2111c0cc3372ca0ce911d0b6d45c22794d7f 64 66 image: ghcr.io/berriai/litellm:litellm_embedding_header_forwarding-v1.80.9.dev6 65 - ports: 66 - - '4000:4000' 67 + # No external port exposure - internal Docker network only 67 68 env_file: .env 68 69 volumes: 69 70 - ./litellm-config.yaml:/app/config.yaml:ro
+7 -9
infra/deploy.sh
··· 442 442 # Netdata and Letta are accessed via Tailscale only 443 443 # http://TAILSCALE_IP:19999 - Netdata 444 444 # http://TAILSCALE_IP:8283 - Letta 445 - # http://TAILSCALE_IP:4001 - Anthropic Proxy (for OAuth setup) 445 + # Anthropic Proxy: internal only, use SSH tunnel for OAuth setup 446 446 EOF 447 447 448 448 log_info "Uploading Caddyfile..." ··· 602 602 if [[ -n "${TAILSCALE_IP:-}" ]]; then 603 603 echo " Letta (Tailscale): http://${TAILSCALE_IP}:8283" 604 604 echo " Netdata (Tailscale): http://${TAILSCALE_IP}:19999" 605 - echo " OAuth setup (Tailscale): http://${TAILSCALE_IP}:4001/auth/device" 606 605 fi 606 + echo " OAuth setup (SSH tunnel): ssh -L 4001:localhost:4001 root@$SERVER_IP" 607 607 echo 608 608 echo -e "${YELLOW}NEXT STEP: Complete Anthropic OAuth${NC}" 609 - echo " Open this URL from any device on your Tailscale network:" 610 - if [[ -n "${TAILSCALE_IP:-}" ]]; then 611 - echo " http://${TAILSCALE_IP}:4001/auth/device" 612 - else 613 - echo " http://<TAILSCALE_IP>:4001/auth/device" 614 - fi 609 + echo " The OAuth endpoint is internal-only. Use SSH tunnel to access it:" 610 + echo 611 + echo " ssh -L 4001:localhost:4001 root@$SERVER_IP" 612 + echo " # Then open in browser: http://localhost:4001/auth/device" 615 613 echo 616 - echo " After completing OAuth, copy the session ID and run:" 614 + echo " After completing OAuth, copy the session ID and update .env:" 617 615 echo " ssh root@$SERVER_IP" 618 616 echo " nano /opt/assistant/.env" 619 617 echo " # Set ANTHROPIC_PROXY_SESSION_ID=your_session_id"