open-notebook/README.md at 877c303b028d8e738cf57aed8de8983bb055d830

mirror of https://github.com/lfnovo/open-notebook.git synced 2026-04-29 03:50:04 +00:00

feat: credential-based API key management (#477 ) (#540 )

* feat: replace provider config with credential-based system (#477)

Introduce a new credential management system replacing the old
ProviderConfig singleton and standalone Models page. Each credential
stores encrypted API keys and provider-specific configuration with
full CRUD support via a unified settings UI.

Backend:
- Add Credential domain model with encrypted API key storage
- Add credentials API router (CRUD, discovery, registration, testing)
- Add encryption utilities for secure key storage
- Add key_provider for DB-first env-var fallback provisioning
- Add connection tester and model discovery services
- Integrate ModelManager with credential-based config
- Add provider name normalization for Esperanto compatibility
- Add database migrations 11-12 for credential schema

Frontend:
- Rewrite settings/api-keys page with credential management UI
- Add model discovery dialog with search and custom model support
- Add compact default model assignments (primary/advanced layout)
- Add inline model testing and credential connection testing
- Add env-var migration banner
- Update navigation to unified settings page
- Remove standalone models page and old settings components

i18n:
- Update all 7 locale files with credential and model management keys

Closes #477

Co-Authored-By: JFMD <git@jfmd.us>
Co-Authored-By: OraCatQAQ <570768706@qq.com>

* fix: address PR #540 review comments

- Fix docs referencing removed Models page
- Fix error-handler returning raw messages instead of i18n keys
- Fix auth.py misleading docstring and missing no-password guard
- Fix connection_tester using wrong env var for openai_compatible
- Add provision_provider_keys before model discovery/sync
- Update CLAUDE.md to reflect credential-based system
- Fix missing closing brace in api-keys page useEffect

* fix: add logging to credential migration and surface errors in UI

- Add comprehensive logging to migrate-from-env and
  migrate-from-provider-config endpoints (start, per-provider
  progress, success/failure with stack traces, final summary)
- Fix frontend migration hooks ignoring errors array from response
- Show error toast when migration fails instead of "nothing to migrate"
- Invalidate status/envStatus queries after migration so banner updates

* docs: update CLAUDE.md files for credential system

Replace stale ProviderConfig and /api-keys/ references across 8 CLAUDE.md
files to reflect the new Credential-based system from PR #540.

* docs: update user documentation for credential-based system

Replace env var API key instructions with Settings UI credential
workflow across all user-facing documentation. The new flow is:
set OPEN_NOTEBOOK_ENCRYPTION_KEY → start services → add credential
in Settings UI → test → discover models → register.

- Rewrite ai-providers.md, api-configuration.md, environment-reference.md
- Update all quick-start guides and installation docs
- Update ollama.md, openai-compatible.md, local-tts/stt networking sections
- Update reverse-proxy.md, development-setup.md, security.md
- Fix broken links to non-existent docs/deployment/ paths
- Add credentials endpoints to api-reference.md
- Move all API key env vars to deprecated/legacy sections

* chore: bump version to 1.7.0-rc1

Release candidate for credential-based provider management system.

* fix: initialize provider before try block in test_credential

Prevents UnboundLocalError when Credential.get() throws (e.g.,
invalid credential_id) before provider is assigned.

* fix: reorder down migration to drop index before table

Removes duplicate REMOVE FIELD statement and reorders so the index
is dropped before the table, preventing rollback failures.

* refactor: simplify encryption key to always derive via SHA-256

Remove the dual code path in _ensure_fernet_key() that detected native
Fernet keys. Since the credential system is new, always deriving via
SHA-256 removes unnecessary complexity. Also removes the generate_key()
function and Fernet.generate_key() references from docs.

* fix: correct mock patch targets in embedding tests and URL validation

Fix embedding tests patching wrong module path for model_manager
(was targeting open_notebook.utils.embedding.model_manager but it's
imported locally from open_notebook.ai.models). Also fix URL validation
to allow unresolvable hostnames since they may be valid in the
deployment environment (e.g., Azure endpoints, internal DNS).

* feat: add global setup banner for encryption and migration status

Show a persistent banner in AppShell when encryption key is missing
(red) or env var API keys can be migrated (amber), so users see
these prompts on every page instead of only on Settings > API Keys.

Includes a docs link for the encryption banner and i18n support
across all 7 locales.

* docs: several improvements to docker-compose e env examples

* Update README.md

Co-authored-by: cubic-dev-ai[bot] <191113872+cubic-dev-ai[bot]@users.noreply.github.com>

* docs: fix env var format in README and update model setup instructions

Align the encryption key snippet in README Step 2 with the list
format used in the compose file. Replace deprecated "Settings →
Models" instructions with credential-based Discover Models flow.

* fix: address credential system review issues

- Fix SSRF bypass via IPv4-mapped IPv6 addresses (::ffff:169.254.x.x)
- Fix TTS connection test missing config parameter
- Add Azure-specific model discovery using api-key auth header
- Add Vertex static model list for credential-based discovery
- Fix PROVIDER_DISCOVERY_FUNCTIONS incorrect azure/vertex mapping
- Extract business logic to api/credentials_service.py (service layer)
- Move credential Pydantic schemas to api/models.py
- Update tests to use new service imports and ValueError assertions

* fix: sanitize error responses and migrate key_provider to Credential

- Replace raw exception messages in all credential router 500 responses
  with generic error strings (internal details logged server-side only)
- Refactor key_provider.py to use Credential.get_by_provider() instead
  of deprecated ProviderConfig.get_instance()
- Remove unused functions (get_provider_configs, get_default_api_key,
  get_provider_config) that were dead code

---------

Co-authored-by: JFMD <git@jfmd.us>
Co-authored-by: OraCatQAQ <570768706@qq.com>

2026-02-10 08:30:22 -03:00

18 KiB

Raw Blame History

Open Notebook

An open source, privacy-focused alternative to Google's Notebook LM!
Join our Discord server for help, to share workflow ideas, and suggest features!
Checkout our website »

📚 Get Started · 📖 User Guide · ✨ Features · 🚀 Deploy

A private, multi-model, 100% local, full-featured alternative to Notebook LM

In a world dominated by Artificial Intelligence, having the ability to think 🧠 and acquire new knowledge 💡, is a skill that should not be a privilege for a few, nor restricted to a single provider.

Open Notebook empowers you to:

🔒 Control your data - Keep your research private and secure
🤖 Choose your AI models - Support for 16+ providers including OpenAI, Anthropic, Ollama, LM Studio, and more
📚 Organize multi-modal content - PDFs, videos, audio, web pages, and more
🎙️ Generate professional podcasts - Advanced multi-speaker podcast generation
🔍 Search intelligently - Full-text and vector search across all your content
💬 Chat with context - AI conversations powered by your research
🌐 Multi-language UI - English, Portuguese, Chinese (Simplified & Traditional), Japanese, and Russian support

Learn more about our project at https://www.open-notebook.ai

🆚 Open Notebook vs Google Notebook LM

Feature	Open Notebook	Google Notebook LM	Advantage
Privacy & Control	Self-hosted, your data	Google cloud only	Complete data sovereignty
AI Provider Choice	16+ providers (OpenAI, Anthropic, Ollama, LM Studio, etc.)	Google models only	Flexibility and cost optimization
Podcast Speakers	1-4 speakers with custom profiles	2 speakers only	Extreme flexibility
Content Transformations	Custom and built-in	Limited options	Unlimited processing power
API Access	Full REST API	No API	Complete automation
Deployment	Docker, cloud, or local	Google hosted only	Deploy anywhere
Citations	Basic references (will improve)	Comprehensive with sources	Research integrity
Customization	Open source, fully customizable	Closed system	Unlimited extensibility
Cost	Pay only for AI usage	Free tier + Monthly subscription	Transparent and controllable

Why Choose Open Notebook?

🔒 Privacy First: Your sensitive research stays completely private
💰 Cost Control: Choose cheaper AI providers or run locally with Ollama
🎙️ Better Podcasts: Full script control and multi-speaker flexibility vs limited 2-speaker deep-dive format
🔧 Unlimited Customization: Modify, extend, and integrate as needed
🌐 No Vendor Lock-in: Switch providers, deploy anywhere, own your data

Built With

🚀 Quick Start (2 Minutes)

Prerequisites

Docker Desktop installed
That's it! (API keys configured later in the UI)

Step 1: Get docker-compose.yml

Option A: Download directly

curl -o docker-compose.yml https://raw.githubusercontent.com/lfnovo/open-notebook/main/docker-compose.yml

Option B: Create the file manually Copy this into a new file called docker-compose.yml:

services:
  surrealdb:
    image: surrealdb/surrealdb:v2
    command: start --log info --user root --pass root rocksdb:/mydata/mydatabase.db
    user: root
    ports:
      - "8000:8000"
    volumes:
      - ./surreal_data:/mydata
    restart: always

  open_notebook:
    image: lfnovo/open_notebook:v1-latest
    ports:
      - "8502:8502"
      - "5055:5055"
    environment:
      - OPEN_NOTEBOOK_ENCRYPTION_KEY=change-me-to-a-secret-string
      - SURREAL_URL=ws://surrealdb:8000/rpc
      - SURREAL_USER=root
      - SURREAL_PASSWORD=root
    volumes:
      - ./notebook_data:/app/data
    depends_on:
      - surrealdb
    restart: always

Step 2: Set Your Encryption Key

Edit docker-compose.yml and change this line:

- OPEN_NOTEBOOK_ENCRYPTION_KEY=change-me-to-a-secret-string

to any secret value (e.g., my-super-secret-key-123)

Step 3: Start Services

docker compose up -d

Wait 15-20 seconds, then open: http://localhost:8502

Step 4: Configure AI Provider

Go to Settings → API Keys
Click Add Credential
Choose your provider (OpenAI, Anthropic, Google, etc.)
Paste your API key and click Save
Click Test Connection → Discover Models → Register Models

Done! You're ready to create your first notebook.

Need an API key? Get one from: OpenAI · Anthropic · Google · Groq (free tier)

Want free local AI? See examples/docker-compose-ollama.yml for Ollama setup

📚 More Installation Options

With Ollama (Free Local AI) - Run models locally without API costs
From Source (Developers) - For development and contributions
Complete Installation Guide - All deployment scenarios

📖 Need Help?

🤖 AI Installation Assistant: CustomGPT to help you install
🆘 Troubleshooting: 5-minute troubleshooting guide
💬 Community Support: Discord Server
🐛 Report Issues: GitHub Issues

Star History

Provider Support Matrix

Thanks to the Esperanto library, we support this providers out of the box!

Provider	LLM Support	Embedding Support	Speech-to-Text	Text-to-Speech
OpenAI	✅	✅	✅	✅
Anthropic	✅	❌	❌	❌
Groq	✅	❌	✅	❌
Google (GenAI)	✅	✅	❌	✅
Vertex AI	✅	✅	❌	✅
Ollama	✅	✅	❌	❌
Perplexity	✅	❌	❌	❌
ElevenLabs	❌	❌	✅	✅
Azure OpenAI	✅	✅	❌	❌
Mistral	✅	✅	❌	❌
DeepSeek	✅	❌	❌	❌
Voyage	❌	✅	❌	❌
xAI	✅	❌	❌	❌
OpenRouter	✅	❌	❌	❌
OpenAI Compatible*	✅	❌	❌	❌

*Supports LM Studio and any OpenAI-compatible endpoint

✨ Key Features

Core Capabilities

🔒 Privacy-First: Your data stays under your control - no cloud dependencies
🎯 Multi-Notebook Organization: Manage multiple research projects seamlessly
📚 Universal Content Support: PDFs, videos, audio, web pages, Office docs, and more
🤖 Multi-Model AI Support: 16+ providers including OpenAI, Anthropic, Ollama, Google, LM Studio, and more
🎙️ Professional Podcast Generation: Advanced multi-speaker podcasts with Episode Profiles
🔍 Intelligent Search: Full-text and vector search across all your content
💬 Context-Aware Chat: AI conversations powered by your research materials
📝 AI-Assisted Notes: Generate insights or write notes manually

Advanced Features

⚡ Reasoning Model Support: Full support for thinking models like DeepSeek-R1 and Qwen3
🔧 Content Transformations: Powerful customizable actions to summarize and extract insights
🌐 Comprehensive REST API: Full programmatic access for custom integrations
🔐 Optional Password Protection: Secure public deployments with authentication
📊 Fine-Grained Context Control: Choose exactly what to share with AI models
📎 Citations: Get answers with proper source citations

Podcast Feature

📚 Documentation

Getting Started

📖 Introduction - Learn what Open Notebook offers
⚡ Quick Start - Get up and running in 5 minutes
🔧 Installation - Comprehensive setup guide
🎯 Your First Notebook - Step-by-step tutorial

User Guide

📱 Interface Overview - Understanding the layout
📚 Notebooks - Organizing your research
📄 Sources - Managing content types
📝 Notes - Creating and managing notes
💬 Chat - AI conversations
🔍 Search - Finding information

Advanced Topics

🎙️ Podcast Generation - Create professional podcasts
🔧 Content Transformations - Customize content processing
🤖 AI Models - AI model configuration
🔌 MCP Integration - Connect with Claude Desktop, VS Code and other MCP clients
🔧 REST API Reference - Complete API documentation
🔐 Security - Password protection and privacy
🚀 Deployment - Complete deployment guides for all scenarios

(back to top)

🗺️ Roadmap

Upcoming Features

Live Front-End Updates: Real-time UI updates for smoother experience
Async Processing: Faster UI through asynchronous content processing
Cross-Notebook Sources: Reuse research materials across projects
Bookmark Integration: Connect with your favorite bookmarking apps

Recently Completed ✅

Next.js Frontend: Modern React-based frontend with improved performance
Comprehensive REST API: Full programmatic access to all functionality
Multi-Model Support: 16+ AI providers including OpenAI, Anthropic, Ollama, LM Studio
Advanced Podcast Generator: Professional multi-speaker podcasts with Episode Profiles
Content Transformations: Powerful customizable actions for content processing
Enhanced Citations: Improved layout and finer control for source citations
Multiple Chat Sessions: Manage different conversations within notebooks

See the open issues for a full list of proposed features and known issues.

(back to top)

📖 Need Help?

🤖 AI Installation Assistant: We have a CustomGPT built to help you install Open Notebook - it will guide you through each step!
New to Open Notebook? Start with our Getting Started Guide
Need installation help? Check our Installation Guide
Want to see it in action? Try our Quick Start Tutorial

🤝 Community & Contributing

Join the Community

💬 Discord Server - Get help, share ideas, and connect with other users
🐛 GitHub Issues - Report bugs and request features
⭐ Star this repo - Show your support and help others discover Open Notebook

Contributing

We welcome contributions! We're especially looking for help with:

Frontend Development: Help improve our modern Next.js/React UI
Testing & Bug Fixes: Make Open Notebook more robust
Feature Development: Build the coolest research tool together
Documentation: Improve guides and tutorials

Current Tech Stack: Python, FastAPI, Next.js, React, SurrealDB Future Roadmap: Real-time updates, enhanced async processing

18 KiB Raw Blame History

Open Notebook

A private, multi-model, 100% local, full-featured alternative to Notebook LM

🆚 Open Notebook vs Google Notebook LM

Built With

🚀 Quick Start (2 Minutes)

Prerequisites

Step 1: Get docker-compose.yml

Step 2: Set Your Encryption Key

Step 3: Start Services

Step 4: Configure AI Provider

📚 More Installation Options

📖 Need Help?

Star History

Provider Support Matrix

✨ Key Features

Core Capabilities

Advanced Features

Podcast Feature

📚 Documentation

Getting Started

User Guide

Advanced Topics

🗺️ Roadmap

Upcoming Features

Recently Completed ✅

📖 Need Help?

🤝 Community & Contributing

Join the Community

Contributing

📄 License

18 KiB

Raw Blame History