English | 简体中文
AI Proxy Hub is a cross-platform local gateway for AI clients and upstream APIs. It unifies multiple upstream endpoints behind one local control plane, adds protocol-aware routing and failover, and provides both a Web dashboard and an interactive CLI.
- One local hub for multiple AI clients AI Proxy Hub can sit between local tools and multiple upstream providers, so Codex, Claude Code, Gemini CLI, and compatible clients can share one managed entrypoint.
- Multi-upstream routing with real failover Upstreams can be routed in manual mode or automatic mode, with priority routing, round-robin balancing, and latency-aware ordering.
- Protocol-aware local endpoints OpenAI-compatible, Claude / Anthropic, and Gemini-style paths are exposed separately, so different client ecosystems can coexist behind one hub.
- Subscription-aware upstream control Each upstream can carry one or more subscriptions, including unlimited, periodic-reset, and quota-style plans, with expiry dates and automatic availability handling.
- Full local control surface The project includes both a Web UI and a rich CLI console for service control, upstream management, local API key management, routing changes, and usage inspection.
- Operational visibility built in Usage can be observed over time by protocol, by upstream, and by local API key, making it easier to see where traffic is going and which channels are carrying load.
- Flexible deployment shape Shared-port mode and split-port mode are both supported, with optional LAN exposure for local network use.
- Local-first, self-hosted workflow Configuration is stored on the user machine, old configs can be migrated automatically, and the hub is designed for local or private network operation rather than public multi-tenant hosting.
Many local AI setups start as a single-client, single-upstream configuration and then gradually become operationally messy:
- one client needs a backup endpoint
- another client uses a different protocol family
- one channel resets daily while another is quota-based
- local API keys need separation by user, machine, or workflow
- switching between endpoints becomes manual and error-prone
AI Proxy Hub is built for that transition point. It keeps the client-facing side stable while moving the unstable part of the system into one managed layer:
- upstream selection
- failure handling
- subscription timing
- local key control
- runtime visibility
Runtime overview |
Codex workspace |
Claude workspace |
Local API key management |
Subscription editor |
Global usage analytics |
The Web dashboard is designed as an operational console rather than a static settings page. It surfaces:
- runtime overview and service state
- protocol-specific workspaces
- upstream API management
- local API key management
- usage charts by protocol, upstream, and local key
- import, export, and runtime control actions
The CLI is designed for terminal-first administration, especially for SSH-driven workflows. It provides:
- direct service control
- protocol workspace navigation
- upstream inspection and editing
- local key management
- usage inspection
- theme and language switching
- a quick path into the Web console when a browser is available
Modern AI workflows often depend on multiple upstream endpoints:
- a primary endpoint for daily use
- one or more backup endpoints for failover
- different endpoints for different protocols
- quota-based or time-reset channels that need careful ordering
- separate clients with different local configuration formats
AI Proxy Hub provides a single local control layer for that complexity. Instead of rewriting client configuration every time an upstream changes, the hub keeps the client-facing side stable and moves routing logic, subscription handling, key management, and observability into one place.
| Capability | AI Proxy Hub | Simple single-upstream proxy | Manual client reconfiguration |
|---|---|---|---|
| Multiple named upstreams | Yes | Usually no | Manual only |
| Automatic failover | Yes | Limited | No |
| Per-protocol workspaces | Yes | Rare | No |
| Subscription-aware availability | Yes | No | No |
| Local API key management | Yes | Rare | No |
| Usage breakdown by upstream and key | Yes | Limited | No |
| Web UI and interactive CLI | Yes | Usually one or neither | No |
| Shared-port and split-port runtime modes | Yes | Rare | No |
| Client switching for Codex / Claude / Gemini flows | Yes | No | Manual only |
- Stable local base URLs for supported protocols
- Stable local API key model for downstream clients
- Compatible local routing surface for Codex, Claude Code, Gemini CLI, and similar tools
- Named upstream definitions
- Enable / disable controls
- Per-upstream default model
- Per-upstream connection testing
- Manual ordering and drag-based priority management in the Web UI
- Collapsed list view with status, latency, activity, and recent health state
- Manual control
- Automatic routing
- Priority routing
- Round-robin routing
- Latency-aware routing
- Per-protocol routing settings
- Manual active upstream selection when automatic mode is disabled
- Unlimited subscriptions
- Periodic reset subscriptions
- Quota-style subscriptions
- Expiry dates per subscription
- Temporary freezing and later recovery for reset-based channels
- Manual re-enable flow when a channel requires human review
- Multiple local keys
- Named keys
- Enable / disable control
- Primary key selection
- Regeneration support
- Per-key protocol allowlists
- Usage visibility per local key
- Interactive CLI console
- Web dashboard
- Theme support
- Chinese / English interface with i18n-oriented structure for future expansion
- Shared-port mode
- Split-port mode
- Configurable Web UI port
- Optional LAN access
- Forwarding mode
- Proxy mode
- Per-protocol start / stop control
- Usage over time
- Time buckets by minute, hour, day, and week
- Breakdown by protocol
- Breakdown by upstream
- Breakdown by local API key
- Portable
.tar.gzand.ziprelease artifacts - Optional
.debgeneration locally or in a Linux container - Generated metadata for Homebrew and winget workflows
- Release artifact verification script
- Local release snapshot sync workflow
AI Proxy Hub currently focuses on three primary client ecosystems:
CodexClaude CodeGemini CLI
It exposes local protocol workspaces for:
OpenAI-compatibleClaude / AnthropicGemini
In shared-port mode, the default local paths are:
/openai/claude/gemini
Typical local request examples:
curl http://127.0.0.1:8787/openai/v1/chat/completions \
-H "Authorization: Bearer sk-local-demo" \
-H "Content-Type: application/json" \
-d '{
"model": "gpt-4.1-mini",
"messages": [{"role": "user", "content": "hello"}]
}'curl http://127.0.0.1:8787/openai/v1/models \
-H "Authorization: Bearer sk-local-demo"AI Proxy Hub is structured around three layers:
- Client-facing local endpoints
- Routing, subscription, and control logic
- Upstream provider connections
Simplified request flow:
Client / CLI / SDK
|
v
AI Proxy Hub local endpoint
|
v
Routing + policy + subscription state
|
v
Selected upstream API
The repository keeps the backend, Web frontend, CLI runtime, release tooling, and tests in separate areas so the project can evolve without collapsing back into a single-file tool.
For most macOS users, Homebrew is now the simplest installation path:
brew tap weicj/aiproxyhub
brew install weicj/aiproxyhub/ai-proxy-hubAfter installation, start it directly from the shell:
ai-proxy-hub
aiproxyhubIf you previously used the older tap name weicj/tap, remove it first to avoid duplicate-formula conflicts:
brew untap weicj/tap
brew tap weicj/aiproxyhub
brew upgrade weicj/aiproxyhub/ai-proxy-hubgit clone https://github.com/weicj/ai-proxy-hub.git
cd ai-proxy-hub
pip install rich
python3 aiproxyhub.pyUse the GitHub Release .tar.gz or .zip artifact, extract it locally, then run:
pip install rich
python3 aiproxyhub.pyWhen a .deb artifact is provided in a release, install it with:
sudo apt install ./ai-proxy-hub_<version>_all.debor:
sudo dpkg -i ai-proxy-hub_<version>_all.debThe following public package-manager lanes are still being prepared. The repository now includes local staging scripts for both flows, but they are not publicly installable until those upstream publication steps are completed:
winget install AIProxyHub.AIProxyHub
sudo apt install ai-proxy-hub- Python
3.9+ richfor the full interactive CLI experience
Install the runtime dependency:
pip install richpython3 aiproxyhub.pypython3 -m ai_proxy_hubIf installed as a package:
ai-proxy-hub
aiproxyhubpython3 aiproxyhub.py --servepython3 -m ai_proxy_hub --servepython3 -m ai_proxy_hub --print-pathspython3 -m ai_proxy_hub --serve --host 127.0.0.1 --port 8799For a source checkout, aiproxyhub.py is now the clearest launcher. The package command ai-proxy-hub provides the same entrypoint after installation. The older start.py and router_server.py files are kept only for backward compatibility.
The project is organized around protocol-specific workspaces rather than one flat upstream list. Each workspace can maintain:
- its own local entry settings
- its own default model strategy
- its own routing mode
- its own upstream ordering
Two runtime modes are supported:
Shared portOne API listening port with protocol paths such as/openai,/claude, and/geminiSplit portSeparate listening ports for different protocol families
StoppedForwarding modeThe local proxy runs, but local client switching is not automatically enabledProxy modeThe local proxy runs and the hub can be used as the active local endpoint for supported clients
Manual controlUses the manually selected upstream for that protocolPriority routingWalks the configured upstream order and falls through on real upstream failureRound-robin routingRotates start position for each new requestLatency-aware routingPrefers upstreams with better observed network quality
Upstreams can contain multiple subscriptions. This is useful for setups such as:
- one daily reset plan for primary use
- one secondary reset window later in the day
- one quota-based emergency fallback channel
The hub can temporarily freeze an exhausted or unavailable subscription-backed route and later re-check it when the next reset window arrives. Manual routing is intentionally insulated from automatic recovery logic.
The Web dashboard is designed for operational control rather than static configuration only. It includes:
- runtime overview
- protocol workspaces
- upstream API management
- local API key management
- usage charts
- import / export flows
- theme switching
- language switching
The dashboard is intended to make ongoing routing operations visible, not just initial setup.
The CLI is a first-class control surface, not a fallback utility. It provides:
- interactive menus
- service start / stop controls
- Web console launch shortcut
- protocol workspace navigation
- upstream inspection and editing
- local API key controls
- usage inspection
- language and CLI theme controls
The CLI is especially useful when the service is managed over SSH or on systems where a browser is not the primary control surface.
Default config locations follow platform conventions:
- macOS:
~/Library/Application Support/AI Proxy Hub/api-config.json - Linux:
${XDG_CONFIG_HOME:-~/.config}/ai-proxy-hub/api-config.json - Windows:
%APPDATA%\\AI Proxy Hub\\api-config.json
The project can also seed or migrate from earlier local config locations used by previous tool names.
AI Proxy Hub is designed as a local or private-network control plane.
It includes:
- request body size limits
- input validation
- safe response headers
- local-first default binding
- explicit LAN exposure control
It is not positioned as a hardened public multi-tenant Internet gateway. For public deployment, additional reverse proxy, auth, rate limiting, secret management, and network hardening layers would still be required.
The repository is divided into clear areas:
ai_proxy_hub/backend package and runtime logicweb/Web dashboard assetstests/automated testsscripts/build, verification, sync, and release toolingdocs/supporting project and release documentationexamples/example configuration and environment templates
Additional documentation:
Run the full automated test suite:
python3 -m unittest discover -s tests -vpython3 scripts/build_release.py --version 0.3.2python3 scripts/verify_release_artifacts.py --dist-dir dist --version 0.3.2python3 scripts/release_preflight.py --version 0.3.2python3 scripts/sync_release_snapshot.py --version 0.3.2python3 scripts/sync_homebrew_tap.py \
--formula dist/release-metadata/ai-proxy-hub.rb \
--tap-root ~/Develop/AI\ Proxy\ Hub/homebrew-aiproxyhub \
--tap-repo weicj/homebrew-aiproxyhub \
--version 0.3.2python3 scripts/sync_winget_manifest.py \
--source-dir dist/release-metadata \
--repo-root ~/Develop/AI\ Proxy\ Hub/winget-staging \
--package-id AIProxyHub.AIProxyHub \
--version 0.3.2python3 scripts/sync_apt_repo.py \
--deb dist/ai-proxy-hub_0.3.2_all.deb \
--repo-root ~/Develop/AI\ Proxy\ Hub/apt-repo \
--distribution stable \
--component mainMake sure Docker Desktop or another compatible Docker daemon is already running. The helper uses a Python-based Debian container by default, so it does not rely on dpkg-deb being installed on the host.
python3 scripts/build_deb_in_container.py \
--version 0.3.2 \
--output-dir dist-container \
--download-base-url https://github.com/weicj/ai-proxy-hub/releases/download/v0.3.2 \
--homepage https://github.com/weicj/ai-proxy-hubYou can bootstrap a dedicated signing key and export an installable public keyring with:
python3 scripts/bootstrap_apt_signing.py \
--no-protection--no-protection is convenient for local staging. For a long-lived public signing key, prefer --passphrase.
Then sign the staged repository and export the public key files into apt-repo/public:
python3 scripts/sync_apt_repo.py \
--deb dist-container/ai-proxy-hub_0.3.2_all.deb \
--repo-root ~/Develop/AI\ Proxy\ Hub/apt-repo \
--distribution stable \
--component main \
--gpg-key-id YOUR_KEY_ID \
--gpg-homedir ~/Develop/AI\ Proxy\ Hub/signing/gpg \
--export-public-keyThis writes:
apt-repo/dists/stable/Release.gpgapt-repo/dists/stable/InReleaseapt-repo/public/ai-proxy-hub-archive-keyring.ascapt-repo/public/ai-proxy-hub-archive-keyring.gpg
For GitHub-hosted APT publication, set:
- repository variable:
APT_GPG_KEY_ID - repository secret:
APT_GPG_PRIVATE_KEY - optional repository secret:
APT_GPG_PASSPHRASE
Then enable GitHub Pages with GitHub Actions as the source and run the Publish APT Repository workflow.
python3 scripts/run_remote_linux_smoke.py \
--ssh user@linux-host \
--identity-file ~/.ssh/id_ed25519 \
--artifact dist/ai-proxy-hub-0.3.2.tar.gz.tar.gzfor GitHub Releases and Homebrew-oriented flows.zipfor Windows portable distribution and winget-oriented flows.debwhen Debian packaging tools are available locally or through the container helper
- Streaming responses cannot be re-routed after a stream has already started
- Listener address and port changes still require a restart
- Public multi-tenant gateway use is outside the primary design target
- Package-registry distribution flows are still being finalized
No. The project currently exposes protocol workspaces for OpenAI-compatible, Claude / Anthropic, and Gemini-style request flows.
No. The project is intended to run on macOS, Linux, and Windows. Release tooling and external smoke workflows are also being shaped around cross-platform use.
Runtime should not require root or administrator privileges. The normal target is user-level execution with user-writable config directories.
For installation, elevated privileges are acceptable when the platform expects them, for example:
sudo apt install ./ai-proxy-hub_<version>_all.debsudo dpkg -i ai-proxy-hub_<version>_all.deb
That distinction matters: installation may use sudo, but day-to-day running should still work as a normal user.
No. It is designed primarily as a local or private-network control plane. Public deployment would need additional security layers outside the project itself.
Yes. Local API keys can be limited by protocol scope, which makes it possible to separate Codex, Claude Code, Gemini, or other workflow access patterns.
See docs/FAQ.md.
- PyPI publication
- APT-oriented release flow
- winget submission workflow
- broader language packs on top of the current i18n structure
- more themes and UI refinement
- continued protocol and client ecosystem expansion
Issues, bug reports, design feedback, and pull requests are welcome.
For contributors:
- keep runtime secrets and local machine credentials out of the repository
- prefer tests for behavioral changes
- use the release verification scripts before preparing public artifacts
AI Proxy Hub is licensed under the Apache License 2.0.