first commit

Author: foxy1402

.dockerignore

@@ -0,0 +1,11 @@
+node_modules
+.env
+.env.*
+!.env.example
+*.log
+.git
+.github
+test-*.py
+test-*.ps1
+README.md
+LICENSE

.env

@@ -0,0 +1,16 @@
+# Server Configuration
+PORT=3000
+
+# API Key for authentication (optional)
+# If set, clients must include: Authorization: Bearer <your-key>
+PROXY_API_KEY=test-api-key
+
+# Qoder Configuration
+QODER_API_KEY=pt-6MCYc3Byvf6kHhowqb1z2WxO_019d4e83-a465-77a3-bd91-459b57dc1b5d
+QODER_PERSONAL_ACCESS_TOKEN=pt-6MCYc3Byvf6kHhowqb1z2WxO_019d4e83-a465-77a3-bd91-459b57dc1b5d
+
+# Dashboard
+DASHBOARD_ENABLED=true
+DASHBOARD_PASSWORD=admin
+DASHBOARD_SECRET=local-dev-secret-change-in-production
+

.env.example

@@ -0,0 +1,36 @@
+# ─── Server ─────────────────────────────────────────────────────────────────
+PORT=3000
+
+# ─── Proxy auth ──────────────────────────────────────────────────────────────
+# Required: clients must send  Authorization: Bearer <PROXY_API_KEY>
+# If not set, the proxy accepts all requests without auth (NOT recommended).
+PROXY_API_KEY=your-secret-proxy-key
+
+# ─── Qoder credentials ───────────────────────────────────────────────────────
+# Personal Access Token — generate at https://qoder.com/account/integrations
+QODER_PERSONAL_ACCESS_TOKEN=your-qoder-pat-here
+# QODER_API_KEY=                 ← legacy alias, still accepted
+
+# ─── Dashboard ───────────────────────────────────────────────────────────────
+DASHBOARD_ENABLED=true
+# Password to log in to /dashboard/  (required if DASHBOARD_ENABLED=true)
+DASHBOARD_PASSWORD=your-dashboard-password
+# HMAC secret for signing session cookies. Auto-generated if not set,
+# but set it explicitly so sessions survive container restarts.
+DASHBOARD_SECRET=change-this-to-a-random-secret
+
+# ─── Public URL ───────────────────────────────────────────────────────────────
+# Set this to your deployed URL so the Endpoints page shows the correct base URL.
+# If not set, falls back to the incoming request's Host header.
+# PUBLIC_BASE_URL=https://your-domain.com
+
+# ─── CORS ─────────────────────────────────────────────────────────────────────
+CORS_ORIGIN=*
+
+# ─── Туning ───────────────────────────────────────────────────────────────────
+# Max ms before killing a hung qodercli process and returning 504
+QODER_TIMEOUT_MS=120000
+# Max in-memory log entries (request log + system log each)
+LOG_MAX_ENTRIES=500
+# Max bytes to capture per request/response payload
+LOG_BODY_MAX_BYTES=8192

.github/workflows/docker-publish.yml

@@ -0,0 +1,46 @@
+name: Build & Push to GHCR
+
+on:
+  push:
+    branches: [main]
+  workflow_dispatch:
+
+env:
+  REGISTRY: ghcr.io
+  IMAGE:    ghcr.io/foxy1402/qoder-proxy
+
+jobs:
+  build-push:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Set up QEMU (multi-arch)
+        uses: docker/setup-qemu-action@v3
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Login to GHCR
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Build & push
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          platforms: linux/amd64,linux/arm64
+          push: true
+          tags: |
+            ${{ env.IMAGE }}:latest
+            ${{ env.IMAGE }}:${{ github.sha }}
+          cache-from: type=gha
+          cache-to:   type=gha,mode=max

.gitignore

@@ -0,0 +1,8 @@
+# Node.js
+node_modules/
+npm-debug.log
+yarn-error.log
+
+# System
+.DS_Store
+Thumbs.db

Dockerfile

@@ -0,0 +1,22 @@
+FROM node:20-alpine
+
+# Install qodercli globally — uses QODER_PERSONAL_ACCESS_TOKEN env var at runtime for auth
+RUN npm install -g @qoder-ai/qodercli
+
+WORKDIR /app
+
+# Install production deps first (layer caching)
+COPY package*.json ./
+RUN npm ci --omit=dev
+
+# Copy source
+COPY src/ ./src/
+
+EXPOSE 3000
+
+ENV NODE_ENV=production
+
+HEALTHCHECK --interval=30s --timeout=10s --start-period=15s --retries=3 \
+  CMD wget -qO- http://localhost:3000/health || exit 1
+
+CMD ["node", "src/server.js"]

LICENSE

@@ -0,0 +1,22 @@
+MIT License
+
+Copyright (c) 2025 Qoder AI
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
+

README.md

@@ -0,0 +1,126 @@
+# Qoder OpenAI Proxy
+
+An OpenAI-compatible API wrapper for `qodercli` with built-in dashboard, metrics, and Docker support. 
+Use Qoder through any tool or library designed for OpenAI's API.
+
+## Features
+
+- **🔌 OpenAI-Compatible**: Drop-in API replacement for apps like Cursor, Cline, LangChain, and Open WebUI
+- **💬 Full Chat Support**: Support for `/v1/chat/completions` (system messages, multi-turn history)
+- **⚡ Streaming**: Real-time SSE streaming responses without lag
+- **🔄 Intelligent Tier Mapping**: Seamless translation between OpenAI aliases (gpt-4, claude-3.5) and Qoder tiers (auto, ultimate, lite)
+- **📊 Admin Dashboard**: Built-in dark-themed web dashboard for testing, viewing live logs, and monitoring proxy health
+- **🐳 Docker Native**: Zero-persistence RAM-only architecture designed for easy deployment to cloud services via our public GHCR image
+
+---
+
+## 🚀 Quick Start (Docker / Cloud Deployment)
+
+The proxy is containerized and available on the GitHub Container Registry. It runs completely statelessly—no volumes or persistent storage needed. All configuration is done via environment variables.
+
+### Deploying via Docker Run
+
+We expose port `3000` via TCP. Configure your personal tokens securely using environment variables:
+
+```bash
+docker run -d \
+  --name qoder-proxy \
+  -p 3000:3000 \
+  -e QODER_PERSONAL_ACCESS_TOKEN="your-qoder-pat" \
+  -e PROXY_API_KEY="your-secret-custom-key" \
+  -e DASHBOARD_PASSWORD="secure-dashboard-password" \
+  ghcr.io/foxy1402/qoder-proxy:latest
+```
+
+### Environment Variables
+
+| Variable | Description | Required | Profile/Type |
+|---|---|---|---|
+| `QODER_PERSONAL_ACCESS_TOKEN` | Your Personal Access Token from [Qoder Integrations](https://qoder.com/account/integrations) | **Yes** | Secret |
+| `PROXY_API_KEY` | The secret key *you* choose to protect the `/v1` API from outside internet requests | **Yes*** | Secret (Bearer Token) |
+| `DASHBOARD_PASSWORD` | Password to access the web UI at `/dashboard/` | **Yes*** | Secret |
+| `PORT` | Container internal TCP port | No | Defaults to `3000` |
+| `DASHBOARD_ENABLED`| Set to `false` to disable the web UI | No | Defaults to `true` |
+| `CORS_ORIGIN` | Allowed domains for web clients calling the API | No | Defaults to `*` |
+| `QODER_TIMEOUT_MS`| Maximum request timeout | No | Defaults to `120000` (2 min) |
+
+*\* Highly recommended when running on the public internet.*
+
+---
+
+## 🌐 The Admin Dashboard
+
+The built-in web dashboard provides full observability into what your proxy is doing. Access it at `http://your-server-ip:3000/dashboard/`.
+
+1. **Endpoints**: Get quick copy-paste snippets for integrating tools.
+2. **Playground**: Test the API live in your browser and swap between available models. 
+3. **Request Logs**: Inspect live incoming requests, view request payloads, duration, HTTP status, and assembled response text.
+4. **System Logs**: View background system errors from `qodercli`.
+
+*Note: All logs are stored securely in RAM and are completely erased whenever the Docker container restarts.*
+
+---
+
+## 🤖 Model Intelligence & Mapping
+
+The proxy dynamically understands standard OpenAI names and routes them intelligently to your permitted Qoder tiers.
+
+| OpenAI / Anthropic Alias | Routes To Qoder Tier |
+|---|---|
+| `gpt-4`, `gpt-4o`, `claude-3.5-sonnet` | `auto` |
+| `o1`, `claude-3-opus` | `ultimate` |
+| `o1-mini`, `o3-mini`, `claude-3-sonnet`| `performance` |
+| `claude-3.5-haiku`, `gemini-flash` | `efficient` |
+| `gpt-3.5-turbo`, `gpt-4o-mini`, `claude-3-haiku` | `lite` |
+| *(New frontier models)* `qwen`, `kimi`, `glm`| Respective custom identifier (`qmodel`, `kmodel`, etc.) |
+
+---
+
+## 🛠 Usage Examples
+
+Once deployed, copy your host URL (e.g. `http://localhost:3000/v1` or `https://my-proxy.com/v1`) into any app that takes OpenAI-style endpoints, and set the API Key to whatever you defined as `PROXY_API_KEY`.
+
+### Python (OpenAI SDK)
+
+```python
+from openai import OpenAI
+
+client = OpenAI(
+    base_url="http://localhost:3000/v1",
+    api_key="your-secret-custom-key" 
+)
+
+stream = client.chat.completions.create(
+    model="gpt-4o",  # The proxy will map this to the 'auto' tier
+    messages=[{"role": "user", "content": "Hello!"}],
+    stream=True
+)
+
+for chunk in stream:
+    if chunk.choices[0].delta.content:
+        print(chunk.choices[0].delta.content, end="", flush=True)
+```
+
+### Direct HTTP (cURL)
+
+```bash
+curl http://localhost:3000/v1/chat/completions \
+  -H "Content-Type: application/json" \
+  -H "Authorization: Bearer your-secret-custom-key" \
+  -d '{
+    "model": "claude-3.5-sonnet",
+    "messages": [
+      {"role": "system", "content": "You are a helpful assistant."},
+      {"role": "user", "content": "Hello!"}
+    ],
+    "stream": false
+  }'
+```
+
+## ⚠️ Limitations
+- **Embeddings**: Qoder does not support embeddings. Calling `/v1/embeddings` securely returns a `501 Not Implemented`.
+- **Token usage limits**: Request token tracking / `usage` payload properties return `null`.
+- **Function calling**: Not implemented by the Qoder CLI wrapper yet.
+
+## License
+MIT