Lock libretranslate to only users with api keys

nebulon

We have also added listing and removing keys commands in the docs page now at https://docs.cloudron.io/apps/libretranslate/#api

visamp

Rock on! This is perfect and super helpful.

visamp

Do you know if I install a key, do I need to comment out the line below so that it is locked down to only users with api keys?

nebulon

From the README it seems Set maximum number of requests per minute per client (outside of limits set by api keys) so maybe yes. But not really sure. Maybe you can ask upstream about this.

Also below LT_REQUIRE_API_KEY_ORIGIN is set to true, maybe that means the instance is already locked down to only api keys, but also this is not totally clear to me.

visamp

According to folks on their forum, there's another step to lock down:

https://community.libretranslate.com/t/locking-down-api-key-on-self-hosted-through-cloudron/1767/2

We may need to update the docs here on cloudron:

To configure requirement for api key to use, set --req-limit to 0 and add the --api-keys flag. Requests made without a proper api key will be rejected.

mononym

Hello. When I run the su - cloudron -c 'source /app/code/.venv/bin/activate; ltmanage keys --api-keys-db-path /app/data/db/api_keys.db add 120' command from the docs, I get This account is currently not available. Was there an update of the API ?

nebulon

Looks like the correct way to call ltmanage now (probably related to the base image python update), is to first source the pyhton env and then run the command:

source /app/code/venv/bin/activate
ltmanage keys --api-keys-db-path /app/data/db/api_keys.db

andreasdueren

@nebulon Could you please update the docs?

james

Hello @andreasdueren
I will do so.

andreasdueren

@james Thank you!