ferryllm 0.1.0

Universal LLM protocol middleware for OpenAI, Anthropic, Claude Code, and OpenAI-compatible backends.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224

# Deployment Guide

This document describes the recommended deployment model for ferryllm as a standalone LLM middleware server.

The current repository provides example servers. A production release should expose a dedicated binary such as:

```bash
ferryllm serve --config /etc/ferryllm/config.toml
```

## Local Development

For local testing with the current example server:

```bash
export CODX_API_KEY="your-api-key"
RUST_LOG=info cargo run --example codexapis_server --features http
```

Health check:

```bash
curl http://127.0.0.1:3000/health
```

Claude Code through ferryllm:

```bash
ANTHROPIC_API_KEY=dummy \
ANTHROPIC_BASE_URL=http://127.0.0.1:3000 \
claude --bare --print --model claude-opus-4-6 \
  "Reply with exactly one short word: pong"
```

## Environment Variables

Use environment variables for secrets.

Example:

```bash
export CODX_API_KEY="..."
export RUST_LOG=info
```

Do not store provider keys directly in committed config files.

## Logging

Recommended local logging:

```bash
RUST_LOG=info ferryllm serve --config ferryllm.toml
```

Recommended debugging:

```bash
RUST_LOG=debug ferryllm serve --config ferryllm.toml
```

Recommended deep protocol troubleshooting:

```bash
RUST_LOG=trace ferryllm serve --config ferryllm.toml
```

For local Claude Code against codexapis with full trace logs:

```bash
export CODX_API_KEY="..."
RUST_LOG=ferryllm=trace,tower_http=debug,reqwest=debug \
  cargo run --features http --bin ferryllm -- serve --config examples/config/codexapis.toml
```

Then in another shell:

```bash
export ANTHROPIC_BASE_URL=http://127.0.0.1:3000
export ANTHROPIC_API_KEY=local-test-token
claude --model cc-gpt55
```

Production deployments should prefer JSON logs:

```toml
[logging]
level = "info"
format = "json"
```

## Docker

Build the image locally:

```bash
docker build -t ferryllm:local .
```

Run with the example Codex APIs config:

```bash
docker run --rm \
  -p 3000:3000 \
  -e CODX_API_KEY="..." \
  ferryllm:local
```

Run with a custom config:

```bash
docker run --rm \
  -p 3000:3000 \
  -e CODX_API_KEY="..." \
  -v ./ferryllm.toml:/etc/ferryllm/config.toml:ro \
  ferryllm:local \
  serve --config /etc/ferryllm/config.toml
```

Recommended container behavior:

- Run as a non-root user.
- Expose only the configured listen port.
- Emit logs to stdout/stderr.
- Support graceful shutdown on `SIGTERM`.
- Avoid writing secrets to disk.

## systemd Plan

Example service:

```ini
[Unit]
Description=ferryllm LLM protocol middleware
After=network-online.target
Wants=network-online.target

[Service]
User=ferryllm
Group=ferryllm
Environment=RUST_LOG=info
EnvironmentFile=/etc/ferryllm/secrets.env
ExecStart=/usr/local/bin/ferryllm serve --config /etc/ferryllm/config.toml
Restart=always
RestartSec=3
NoNewPrivileges=true

[Install]
WantedBy=multi-user.target
```

## Kubernetes Plan

Recommended Kubernetes endpoints:

- Liveness probe: `/healthz`
- Readiness probe: `/readyz`
- Metrics endpoint: `/metrics` once implemented

Example probe shape:

```yaml
livenessProbe:
  httpGet:
    path: /healthz
    port: 3000
  initialDelaySeconds: 5
  periodSeconds: 10

readinessProbe:
  httpGet:
    path: /readyz
    port: 3000
  initialDelaySeconds: 5
  periodSeconds: 10
```

Secrets should be injected through Kubernetes Secrets and referenced by environment variables.

## Operational Checklist

Before exposing ferryllm to users:

- Confirm provider keys are supplied through environment variables.
- Confirm model routes are explicit and reviewed.
- Confirm logs show incoming model and backend model.
- Confirm request body logging is disabled or redacted.
- Confirm health and readiness probes work.
- Confirm `/metrics` works when metrics are enabled.
- Confirm timeouts are configured.
- Confirm max body size is configured.
- Confirm API authentication is enabled for public deployments.
- Confirm rate limits are configured if serving untrusted clients.

## Public Relay Authentication

Enable API key authentication for public deployments:

```toml
[auth]
enabled = true
api_keys_env = "FERRYLLM_API_KEYS"
```

Then set keys at runtime:

```bash
export FERRYLLM_API_KEYS="key-one,key-two"
```

Clients should send one of:

```text
Authorization: Bearer key-one
x-api-key: key-one
```

## Security Notes

- Never log `Authorization`, `x-api-key`, or provider API keys.
- Do not log full prompts by default.
- Redact request bodies unless explicitly debugging in a safe environment.
- Use TLS at the ingress layer for production deployments.
- Restrict access to local-only deployments with firewall rules or `127.0.0.1` binding.