Aspire LLM Gateway
Context
Before this project, every Aspire app held its own LLM/vision/OCR provider credentials directly. The gateway consolidates all of it behind one OpenAI-compatible endpoint at https://llm.aspiredigital.group/v1. See aspire-llm-gateway-only-egress for the rationale.
Architecture
graph LR
KO["knowledge-os"] --> GW
PZ["postiz"] --> GW
AG["28 OpenClaw agents"] --> GW
GW["Aspire LLM Gateway<br/>llm.aspiredigital.group/v1"] --> CL["Claude Max OAuth"]
GW --> CF["cloud-first.ai (Qwen)"]
GW --> GM["Gemini OAuth"]
CF -.->|qwen-3.6-omni<br/>falls back| CL
classDef gw fill:#715EE3,color:#fff,stroke:#291F50;
class GW gw;
Detail
Goal
Single egress for all Aspire AI traffic with central budget, audit trail, and provider-swap-without-code-change capability.
Stack
- Runtime: LiteLLM proxy 1.x on Python 3.12 (Docker image on Coolify)
- DB: Postgres 16 (Coolify-managed, internal hostname
eca3k07h9864ts0qu4chr92b) - Coolify project:
qymdu6qyt4plduwlh5hlsskm(production envab25ahz2qsd0wcy64k8x7z6y) - App:
gqo0jgnxdkdxkmipnqzx6rason port 4000, exposed via Traefik athttps://llm.aspiredigital.group - DNS: Cloudflare A record
llmโ112.121.151.46(DNS-only, for HTTP-01 cert)
Upstreams configured
| Alias | Upstream | Status |
|---|---|---|
claude-haiku-4-5 / claude-sonnet-4-6 / claude-opus-4-7 | Anthropic OAuth (Claude Max subscription) | โ |
qwen-3.6 (chat) | cloud-first.ai LiteLLM passthrough | โ |
qwen-3.6-omni (vision) | cloud-first.ai LiteLLM passthrough | โ broken upstream since 2026-05-09 (needs Proxy Admin on cloud-first.ai to fix) |
gpt-4.1 / gpt-5.2 / gpt-5.5 | codex-shim sidecar (ChatGPT Pro OAuth) | โธ Phase 1b deferred โ Coolify Dockerfile-only mode blocked builds |
gemini-2.5-pro + codex-* aliases | LiteLLM Phase 2/3 OAuth-first fallback chain | โ added 2026-05-14 |
Virtual keys provisioned
| Consumer | Created | Status |
|---|---|---|
postiz | 2026-05-09 | Live |
knowledge-os | 2026-05-17 | Live; smoke-tested via worker-ocr vision path |
Milestones
- [x] Phase 1 MVP โ LIVE 2026-05-09 (claude/qwen aliases working, Postiz integrated)
- [x] Phase 2/3/4 โ LIVE 2026-05-14 (OAuth-first fallback chain + 10-agent fleet migration)
- [x] KO migration โ LIVE 2026-05-17 (worker-ocr now routes via knowledge-os virtual key)
- [ ] Phase 1b codex-shim โ gpt-* aliases via ChatGPT Pro OAuth sidecar (DEFERRED, post-mortem in
_STATUS.md) - [ ] cloud-first.ai qwen-3.6-omni upstream fix โ needs Proxy Admin role bump
Open questions
- When does codex-shim get re-attempted? Currently low-priority because Claude/Qwen aliases cover 90% of need.
- Spend ledger threshold โ when does
MONTHLY_BUDGET_AUDactually start enforcing rejection vs warning?
Provenance
Full operational history: aios-workspace/engineering/projects/aspire-llm-gateway/_STATUS.md (local-only, contains master key).
Related
๐ Relationships
graph LR
aspire_llm_gateway["aspire-llm-gateway"]:::self
aspire_llm_gateway --> aspire_llm_gateway_only_egress["aspire-llm-gateway-only-egress"]
aspire_llm_gateway --> knowledge_os_stage_1["knowledge-os-stage-1"]
classDef self fill:#715EE3,color:#fff,stroke:#291F50;