fix: make LiteLLM health probe auth-aware
Deploy Dashboard (Dev) / deploy-dev (push) Successful in 3m4s
Deploy Dashboard (Dev) / deploy-dev (push) Successful in 3m4s
Allow the dashboard health check to include optional LiteLLM auth headers and treat unauthenticated 401 responses as an auth-required healthy state. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
@@ -46,6 +46,7 @@ CHAT_SUMMARY_DB = os.environ.get("CHAT_SUMMARY_DB", "/app/data/chat-summarizer/c
|
|||||||
|
|
||||||
# LiteLLM
|
# LiteLLM
|
||||||
LITELLM_URL = os.environ.get("LITELLM_URL", "http://127.0.0.1:4005")
|
LITELLM_URL = os.environ.get("LITELLM_URL", "http://127.0.0.1:4005")
|
||||||
|
LITELLM_HEALTH_API_KEY = os.environ.get("LITELLM_HEALTH_API_KEY", "")
|
||||||
|
|
||||||
# OpenClaw
|
# OpenClaw
|
||||||
OPENCLAW_GATEWAY_TOKEN = os.environ.get("OPENCLAW_GATEWAY_TOKEN", "")
|
OPENCLAW_GATEWAY_TOKEN = os.environ.get("OPENCLAW_GATEWAY_TOKEN", "")
|
||||||
|
|||||||
@@ -1,7 +1,7 @@
|
|||||||
import time
|
import time
|
||||||
import httpx
|
import httpx
|
||||||
from fastapi import APIRouter
|
from fastapi import APIRouter
|
||||||
from config import LITELLM_URL
|
from config import LITELLM_URL, LITELLM_HEALTH_API_KEY
|
||||||
|
|
||||||
router = APIRouter()
|
router = APIRouter()
|
||||||
|
|
||||||
@@ -11,14 +11,23 @@ async def litellm_health():
|
|||||||
timeout = httpx.Timeout(2.0)
|
timeout = httpx.Timeout(2.0)
|
||||||
checks = ("/health", "/v1/models")
|
checks = ("/health", "/v1/models")
|
||||||
|
|
||||||
|
api_key = (LITELLM_HEALTH_API_KEY or "").strip()
|
||||||
|
headers = {}
|
||||||
|
if api_key:
|
||||||
|
headers = {
|
||||||
|
"Authorization": f"Bearer {api_key}",
|
||||||
|
"X-API-Key": api_key,
|
||||||
|
}
|
||||||
|
|
||||||
last_error = None
|
last_error = None
|
||||||
async with httpx.AsyncClient(timeout=timeout) as client:
|
async with httpx.AsyncClient(timeout=timeout) as client:
|
||||||
for path in checks:
|
for path in checks:
|
||||||
url = f"{LITELLM_URL.rstrip('/')}{path}"
|
url = f"{LITELLM_URL.rstrip('/')}{path}"
|
||||||
started = time.perf_counter()
|
started = time.perf_counter()
|
||||||
try:
|
try:
|
||||||
response = await client.get(url)
|
response = await client.get(url, headers=headers)
|
||||||
latency_ms = round((time.perf_counter() - started) * 1000, 1)
|
latency_ms = round((time.perf_counter() - started) * 1000, 1)
|
||||||
|
|
||||||
if response.is_success:
|
if response.is_success:
|
||||||
return {
|
return {
|
||||||
"ok": True,
|
"ok": True,
|
||||||
@@ -27,6 +36,19 @@ async def litellm_health():
|
|||||||
"endpoint": path,
|
"endpoint": path,
|
||||||
"http_status": response.status_code,
|
"http_status": response.status_code,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if response.status_code == 401 and not api_key:
|
||||||
|
return {
|
||||||
|
"ok": True,
|
||||||
|
"status": "auth_required",
|
||||||
|
"latency_ms": latency_ms,
|
||||||
|
"endpoint": path,
|
||||||
|
"http_status": response.status_code,
|
||||||
|
}
|
||||||
|
|
||||||
|
if response.status_code == 401 and api_key:
|
||||||
|
last_error = f"{path} returned 401 with configured health auth"
|
||||||
|
else:
|
||||||
last_error = f"{path} returned {response.status_code}"
|
last_error = f"{path} returned {response.status_code}"
|
||||||
except Exception as exc:
|
except Exception as exc:
|
||||||
last_error = str(exc)
|
last_error = str(exc)
|
||||||
|
|||||||
@@ -22,6 +22,7 @@ services:
|
|||||||
- TELEGRAM_PROXY=${TELEGRAM_PROXY:-}
|
- TELEGRAM_PROXY=${TELEGRAM_PROXY:-}
|
||||||
- CORS_ORIGINS=https://dev.nas.jimmygan.com,https://dev.nas.jimmygan.com:8443
|
- CORS_ORIGINS=https://dev.nas.jimmygan.com,https://dev.nas.jimmygan.com:8443
|
||||||
- LITELLM_URL=http://litellm:4005
|
- LITELLM_URL=http://litellm:4005
|
||||||
|
- LITELLM_HEALTH_API_KEY=${LITELLM_HEALTH_API_KEY:-}
|
||||||
volumes:
|
volumes:
|
||||||
- /volume1:/volume1
|
- /volume1:/volume1
|
||||||
- /volume1/docker/nas-dashboard/ssh/dashboard_terminal:/app/ssh/id_ed25519:ro
|
- /volume1/docker/nas-dashboard/ssh/dashboard_terminal:/app/ssh/id_ed25519:ro
|
||||||
|
|||||||
@@ -43,6 +43,7 @@ services:
|
|||||||
- TELEGRAM_CHAT_ID=${TELEGRAM_CHAT_ID:-}
|
- TELEGRAM_CHAT_ID=${TELEGRAM_CHAT_ID:-}
|
||||||
- TELEGRAM_PROXY=${TELEGRAM_PROXY:-}
|
- TELEGRAM_PROXY=${TELEGRAM_PROXY:-}
|
||||||
- CORS_ORIGINS=https://nas.jimmygan.com
|
- CORS_ORIGINS=https://nas.jimmygan.com
|
||||||
|
- LITELLM_HEALTH_API_KEY=${LITELLM_HEALTH_API_KEY:-}
|
||||||
volumes:
|
volumes:
|
||||||
- /volume1:/volume1
|
- /volume1:/volume1
|
||||||
- /volume1/docker/nas-dashboard/ssh/dashboard_terminal:/app/ssh/id_ed25519:ro
|
- /volume1/docker/nas-dashboard/ssh/dashboard_terminal:/app/ssh/id_ed25519:ro
|
||||||
|
|||||||
Reference in New Issue
Block a user