Local fork: hardening + ops improvements (timeout knob, demotion, /livez, drain)
This commit captures both the prior accumulated work-in-progress
(framework migration web/→svelte/, postgres storage, conversation
viewer, dashboard auth, OpenAPI spec, integration tests) AND today's
operational improvements layered on top. History wasn't checkpointed
incrementally; happy to split it via interactive rebase if a reviewer
wants smaller commits.
Today's changes (in addition to the older WIP):
1. Configurable upstream response-header timeout
- ANTHROPIC_RESPONSE_HEADER_TIMEOUT env (default 300s)
- Replaces hardcoded 300s in provider/anthropic.go that was firing
on opus + 1M-context + extended thinking non-streaming requests
- Files: internal/config/config.go, internal/provider/anthropic.go
2. Structured forward-error diagnostic logging
- When a forward to Anthropic fails, log a single key=value line
with request_id, model, stream, body_bytes, has_thinking,
anthropic_beta, query, elapsed, ctx_err — alongside the existing
human-readable error line for back-compat
- Files: internal/handler/handlers.go (logForwardFailure)
3. Full SSE protocol passthrough + Flusher fix
- handler/handlers.go: forward all SSE lines verbatim (event:, id:,
retry:, : comments, blank-line terminators), not only data:.
Previous code produced malformed SSE for strict parsers.
- middleware/logging.go: explicit Flush() method on responseWriter.
Embedding http.ResponseWriter (interface) does not auto-promote
Flush(), so every w.(http.Flusher) check in the streaming
handler was returning ok=false and SSE writes buffered in net/http
until the body closed.
4. Non-streaming → streaming demotion (feature-flagged)
- ANTHROPIC_DEMOTE_NONSTREAMING env (default false)
- When enabled and the routed provider is anthropic, force stream=true
upstream for clients that asked for stream=false. Receive SSE,
accumulate via accumulateSSEToMessage (handles text, tool_use with
partial_json reassembly, thinking, signature, citations_delta,
usage merge), and synthesize a single non-streaming JSON response.
- Eliminates the ResponseHeaderTimeout class of failure entirely.
- Body rewrite uses json.Decoder + UseNumber() to preserve integer
precision in unknown nested fields (tool inputs from prior turns).
- Files: internal/config/config.go, internal/handler/handlers.go,
cmd/proxy/main.go, cmd/proxy/main_test.go
5. Live operational state: /livez gauge + graceful drain
- New internal/runtime package: atomic in-flight counter + draining flag
- New middleware/inflight.go: increments runtime gauge, applied to
/v1/* subrouter so Messages, ChatCompletions, and ProxyPassthrough
are all counted
- /v1/* moved to a gorilla/mux subrouter so the InFlight middleware
applies surgically; /health, /livez, /openapi.* remain on parent
router (unauthenticated, uncounted)
- Health handler returns 503 draining when runtime.IsDraining() is
true, so Traefik stops routing to a slot before drain begins
- New /livez handler returns {status, in_flight, draining, timestamp}
- SIGTERM handler in main.go: SetDraining(true), poll for in_flight==0
with 32-min ceiling and 1s tick (logs every 10s), then srv.Shutdown
- Auth bypass list extended with /livez
- Files: internal/runtime/runtime.go (new),
internal/middleware/inflight.go (new),
internal/middleware/auth.go,
internal/handler/handlers.go (Health, Livez, runtime import),
cmd/proxy/main.go (subrouter, drain loop)
6. OpenAPI spec updates
- Document Health 503 response and new DrainingResponse schema
- Add /livez path with LivezResponse schema
- Files: internal/handler/openapi.go
Verified: go build ./... clean, go test ./... all pass, go vet clean.
Three rounds of codex peer review across changes 1-5; all feedback
addressed (citations_delta, json.Number precision, drain-loop logging
via lastLog timestamp, PathPrefix tightened to "/v1/").
This commit is contained in:
sid
parent
b9da198e1f
commit
8e550b9785
152 changed files with 19227 additions and 19463 deletions
61
docker-entrypoint.sh
Normal file → Executable file
61
docker-entrypoint.sh
Normal file → Executable file
|
|
@ -1,10 +1,30 @@
|
|||
#!/bin/sh
|
||||
|
||||
# Docker entrypoint script for Claude Code Proxy
|
||||
# Starts both the Go proxy server and Remix frontend
|
||||
# Starts both the Go proxy server and SvelteKit frontend
|
||||
|
||||
set -e
|
||||
|
||||
# Support user-supplied UID/GID via PUID/PGID env vars (default: 1000).
|
||||
PUID=${PUID:-1000}
|
||||
PGID=${PGID:-1000}
|
||||
|
||||
# When running as root, fix data dir ownership and drop to the target user.
|
||||
if [ "$(id -u)" = "0" ]; then
|
||||
# Update the node user/group to match requested UID/GID
|
||||
if [ "$PUID" != "1000" ] || [ "$PGID" != "1000" ]; then
|
||||
deluser node 2>/dev/null || true
|
||||
delgroup node 2>/dev/null || true
|
||||
addgroup -g "$PGID" -S node
|
||||
adduser -S -u "$PUID" -G node -h /home/node -s /bin/sh node
|
||||
fi
|
||||
|
||||
# Fix ownership of data dir and sqlite files (not postgres subdir)
|
||||
chown "$PUID:$PGID" /app/data 2>/dev/null || true
|
||||
chown "$PUID:$PGID" /app/data/requests.db* 2>/dev/null || true
|
||||
exec su-exec node "$0" "$@"
|
||||
fi
|
||||
|
||||
echo "🚀 Starting Claude Code Proxy services..."
|
||||
echo "========================================="
|
||||
|
||||
|
|
@ -12,7 +32,7 @@ echo "========================================="
|
|||
cleanup() {
|
||||
echo ""
|
||||
echo "🛑 Shutting down services..."
|
||||
kill $PROXY_PID $WEB_PID 2>/dev/null || true
|
||||
kill $PROXY_PID $SVELTE_PID 2>/dev/null || true
|
||||
exit 0
|
||||
}
|
||||
|
||||
|
|
@ -21,8 +41,13 @@ trap cleanup SIGTERM SIGINT
|
|||
|
||||
echo "📊 Configuration:"
|
||||
echo " - Proxy Server: http://0.0.0.0:${PORT}"
|
||||
echo " - Web Dashboard: http://0.0.0.0:${WEB_PORT}"
|
||||
echo " - Svelte Dashboard: http://0.0.0.0:${SVELTE_PORT}"
|
||||
echo " - Database type: ${DB_TYPE:-sqlite}"
|
||||
if [ "${DB_TYPE}" = "postgres" ] || [ "${DB_TYPE}" = "postgresql" ]; then
|
||||
echo " - Database: PostgreSQL (via DATABASE_URL)"
|
||||
else
|
||||
echo " - Database: ${DB_PATH}"
|
||||
fi
|
||||
echo " - Anthropic API: ${ANTHROPIC_FORWARD_URL}"
|
||||
echo "========================================="
|
||||
|
||||
|
|
@ -35,24 +60,38 @@ IDLE_TIMEOUT=${IDLE_TIMEOUT}s \
|
|||
ANTHROPIC_FORWARD_URL=${ANTHROPIC_FORWARD_URL} \
|
||||
ANTHROPIC_VERSION=${ANTHROPIC_VERSION} \
|
||||
ANTHROPIC_MAX_RETRIES=${ANTHROPIC_MAX_RETRIES} \
|
||||
DB_TYPE=${DB_TYPE:-sqlite} \
|
||||
DB_PATH=${DB_PATH} \
|
||||
DATABASE_URL=${DATABASE_URL:-} \
|
||||
./bin/proxy &
|
||||
PROXY_PID=$!
|
||||
|
||||
# Wait for proxy to start
|
||||
sleep 3
|
||||
# Wait for proxy to be ready
|
||||
echo "⏳ Waiting for proxy to be ready..."
|
||||
i=0
|
||||
while [ $i -lt 30 ]; do
|
||||
if wget -qO /dev/null "http://localhost:${PORT}/health" 2>/dev/null; then
|
||||
echo "✅ Proxy is ready!"
|
||||
break
|
||||
fi
|
||||
sleep 1
|
||||
i=$((i + 1))
|
||||
done
|
||||
if [ $i -ge 30 ]; then
|
||||
echo "⚠️ Warning: proxy not ready after 30s, starting frontends anyway"
|
||||
fi
|
||||
|
||||
# Start web server
|
||||
echo "🔄 Starting web server..."
|
||||
cd web
|
||||
PORT=${WEB_PORT} HOST=0.0.0.0 NODE_ENV=production npx remix-serve build/server/index.js &
|
||||
WEB_PID=$!
|
||||
# Start SvelteKit server
|
||||
echo "🔄 Starting SvelteKit server..."
|
||||
cd svelte
|
||||
PORT=${SVELTE_PORT} HOST=0.0.0.0 NODE_ENV=production DASHBOARD_PASSWORD="${DASHBOARD_PASSWORD}" node build/index.js &
|
||||
SVELTE_PID=$!
|
||||
cd ..
|
||||
|
||||
echo ""
|
||||
echo "✨ All services started successfully!"
|
||||
echo "========================================="
|
||||
echo "📊 Web Dashboard: http://localhost:${WEB_PORT}"
|
||||
echo "📊 Web Dashboard: http://localhost:${SVELTE_PORT}"
|
||||
echo "🔌 API Proxy: http://localhost:${PORT}"
|
||||
echo "💚 Health Check: http://localhost:${PORT}/health"
|
||||
echo "========================================="
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue