PaloAltoNetworks
diff --git a/‎Cargo.lock‎
Lines changed: 108 additions & 132 deletions b/‎Cargo.lock‎
Lines changed: 108 additions & 132 deletions
diff --git a/‎Cargo.toml‎
Lines changed: 1 addition & 1 deletion b/‎Cargo.toml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎README.md‎
Lines changed: 67 additions & 155 deletions b/‎README.md‎
Lines changed: 67 additions & 155 deletions
diff --git a/‎config-examples/NOPAWN.llama2-uncensored_latest-1747909327080.json‎
Lines changed: 54 additions & 0 deletions b/‎config-examples/NOPAWN.llama2-uncensored_latest-1747909327080.json‎
Lines changed: 54 additions & 0 deletions
diff --git a/‎config-examples/PANW.llama2-uncensored_latest-1747909321539.json‎
Lines changed: 54 additions & 0 deletions b/‎config-examples/PANW.llama2-uncensored_latest-1747909321539.json‎
Lines changed: 54 additions & 0 deletions
diff --git a/‎config-examples/config-1747909231428.json‎
Lines changed: 46 additions & 0 deletions b/‎config-examples/config-1747909231428.json‎
Lines changed: 46 additions & 0 deletions
@@ -1,6 +1,6 @@
 [package]
 name = "panw-api-ollama"
-version = "0.11.0"
+version = "0.12.0"
 edition = "2021"
 
 [dependencies]
 
@@ -30,6 +30,12 @@ The best part? It's completely transparent to your existing setup - [Ollama](htt
 - **Protect adversarial input**: Safeguard AI agents from malicious inputs and outputs while maintaining workflow flexibility.
 - **Prevent sensitive data leakage**: Use API-based threat detection to block sensitive data leaks during AI interactions.
 
+## Docker Setup
+
+For Docker-based deployment, please refer to the instructions in the [Docker Setup README](docker/README.md).
+
+The Docker setup provides a complete stack with Ollama, panw-api-ollama, and OpenWebUI in a pre-configured environment.
+
 ## Quick Start
 
 ### Step 1: Install
@@ -61,174 +67,80 @@ pan_api:
 
 ### Step 4: Update OpenWebUI
 
-Change the Ollama port in OpenWebUI from 11434 to 11435 by updating your environment settings:
-[OpenWebUI Environment Configuration](https://docs.openwebui.com/getting-started/env-configuration#ollama_base_urls)
-
-### Step 5: Run
-
-```
-./target/release/panw-api-ollama
-```
-
-You're all set! You can now use OpenWebUI as normal, but with enterprise security scanning all interactions.
-
-## Docker Setup
-
-You can easily run this entire stack (Ollama, panw-api-ollama, and OpenWebUI) using Docker Compose:
-
-### Step 1: Configure your environment variables
-
-Create a `.env` file in the root directory with your configuration:
-
-```bash
-# Required for security
-SECURITY_API_KEY=your_panw_api_key_here
-SECURITY_PROFILE_NAME=your_profile_name
-
-# Optional configuration (defaults shown)
-SERVER_HOST=0.0.0.0
-SERVER_PORT=11435
-SERVER_DEBUG_LEVEL=INFO
-OLLAMA_BASE_URL=http://ollama:11434
-SECURITY_BASE_URL=https://service.api.aisecurity.paloaltonetworks.com
-SECURITY_APP_NAME=panw-api-ollama
-SECURITY_APP_USER=docker
-RUST_LOG=info
-
-# OpenWebUI and Ollama settings
-OPEN_WEBUI_PORT=3000
-OLLAMA_DOCKER_TAG=latest
-WEBUI_DOCKER_TAG=main
-```
-
-### Step 2: Start the Docker stack
+For non-Docker installations, you need to change the Ollama port in OpenWebUI from 11434 to 11435:
 
-```bash
-docker-compose up -d
-```
-
-This will start three containers:
-- **ollama**: The Ollama service on port 11434 (internal only, not exposed to host)
-- **panw-api-ollama**: The security broker service on port 11435 (internal only, not exposed to host)
-- **open-webui**: The UI running on port 3000, connected to your security broker and exposed to the host system
-
-### Platform-Specific Docker Configurations
+1. Go to Settings > Server Management in the OpenWebUI interface
+2. Add a new Ollama server with URL: `http://localhost:11435` 
+3. Save your configuration
 
-The project includes optimized Docker Compose configurations for different platforms:
-
-#### Standard Configuration (All Platforms)
-```bash
-docker-compose up -d
-```
-
-#### Windows with NVIDIA GPU
-For Windows users with NVIDIA GPUs:
-```bash
-docker-compose -f docker-compose.win.yaml up -d
-```
-
-### Apple Silicon Native Installation
-
-For optimal performance on Apple Silicon Macs (M1/M2/M3/M4), using native Ollama installation is recommended:
-
-#### Step 1: Install Ollama natively
-Download and install Ollama from [ollama.com/download](https://ollama.com/download)
-
-#### Step 2: Start native Ollama
-Launch the Ollama app on your Mac or start it from terminal:
-```bash
-ollama serve
-```
-
-#### Step 3: Run Docker components with native Ollama
-Use the special Docker Compose file that connects to your native Ollama instance:
-```bash
-docker-compose -f docker-compose.apple.yaml up -d
-```
-
-This configuration:
-- Uses your natively installed Ollama with full Apple Silicon hardware acceleration
-- Runs panw-api-ollama and OpenWebUI in containers
-- Connects the containerized components to your native Ollama instance
-
-### Step 3: Access OpenWebUI
-
-Open your browser and navigate to:
-```
-http://localhost:3000
-```
-
-OpenWebUI will automatically connect to your panw-api-ollama broker, which then securely connects to Ollama.
-
-### Environment Variables
-
-You can customize your Docker deployment using these environment variables:
-
-#### Required Environment Variables:
-- `SECURITY_API_KEY`: Your Palo Alto Networks API key
-- `SECURITY_PROFILE_NAME`: Your security profile name
-
-#### Optional Environment Variables:
-- **Server Configuration**:
-  - `SERVER_HOST`: Host to bind the server to (default: 0.0.0.0)
-  - `SERVER_PORT`: Port to listen on (default: 11435)
-  - `SERVER_DEBUG_LEVEL`: Logging level: INFO, DEBUG, ERROR (default: INFO)
-  
-- **Ollama Configuration**:
-  - `OLLAMA_BASE_URL`: URL to connect to Ollama (default: http://ollama:11434)
-  
-- **Security Configuration**:
-  - `SECURITY_BASE_URL`: Base URL for the security API (default: https://service.api.aisecurity.paloaltonetworks.com)
-  - `SECURITY_APP_NAME`: Application name (default: panw-api-ollama)
-  - `SECURITY_APP_USER`: Application user identifier (default: docker)
-  
-- **Docker Image Tags**:
-  - `OLLAMA_DOCKER_TAG`: Specify the Ollama image version (default: latest)
-  - `WEBUI_DOCKER_TAG`: Specify the OpenWebUI image version (default: main)
-  
-- **Port Mappings**:
-  - `OPEN_WEBUI_PORT`: Change the port for OpenWebUI (default: 3000)
-  - `PANW_API_PORT`: Change the port for panw-api-ollama (default: 11435)
-  
-- **Logging**:
-  - `RUST_LOG`: Set the logging level for panw-api-ollama (default: info)
-
-Example with custom settings:
-```bash
-OPEN_WEBUI_PORT=8080 RUST_LOG=debug SECURITY_APP_USER=custom-user docker-compose up -d
-```
-
-## GitHub Container Registry
-
-This project publishes Docker images to the GitHub Container Registry (ghcr.io), making it easy to deploy without building the image yourself.
+Alternatively, update your OpenWebUI environment settings:
+[OpenWebUI Environment Configuration](https://docs.openwebui.com/getting-started/env-configuration#ollama_base_urls)
 
-### Using the Pre-built Image
+### Step 5: Download a model
 
-You can use the pre-built Docker image from GitHub Container Registry in your docker-compose.yaml:
+Before using the service, make sure you have a model available:
 
 ```bash
-# Pull and run using the latest image
-docker-compose up -d
+ollama pull llama2-uncensored:latest
 ```
 
-By default, docker-compose will use the latest image from `ghcr.io/paloaltonetworks/panw-api-ollama`. You can specify a different version tag using the `PANW_API_IMAGE` environment variable:
+### Step 6: Run
 
 ```bash
-# Use a specific version
-PANW_API_IMAGE=ghcr.io/paloaltonetworks/panw-api-ollama:v0.9.0 docker-compose up -d
-
-# Or build from local source instead of using the registry
-PANW_API_IMAGE='' docker-compose up -d
+./target/release/panw-api-ollama
 ```
 
-### Container Image Release Tags
-
-The following tags are available for the Docker image:
+You're all set! You can now use OpenWebUI as normal, but with enterprise security scanning all interactions.
 
-- `latest`: Points to the most recent release
-- `vX.Y.Z`: Specific version (e.g., `v0.9.0`)
-- `vX.Y`: Minor version release (e.g., `v0.9`)
-- `vX`: Major version release (e.g., `v0`)
+## Configuration Examples
+
+The project includes example configuration files in the `config-examples` directory that demonstrate different setup options:
+
+### OpenWebUI Global Configuration
+
+The `config-1747909231428.json` file shows how to set up OpenWebUI with both secured and unsecured Ollama connections:
+
+```json
+{
+    "ollama": {
+        "enable": true,
+        "base_urls": [
+            "http://panw-api-ollama:11435",  // Secure connection through panw-api-ollama
+            "http://host.docker.internal:11434"  // Direct connection to Ollama
+        ],
+        "api_configs": {
+            "0": {
+                "enable": true,
+                "tags": [],
+                "prefix_id": "PANW",  // Models with this prefix use the security proxy
+                "model_ids": [
+                    "llama2-uncensored:latest"
+                ],
+                "key": ""
+            },
+            "1": {
+                "enable": true,
+                "tags": [],
+                "prefix_id": "NOPAWN",  // Models with this prefix bypass the security proxy
+                "model_ids": [
+                    "nomic-embed-text:latest",
+                    "llama2-uncensored:latest"
+                ],
+                "key": ""
+            }
+        }
+    }
+}
+```
+
+### Model Configurations
+
+Two example model configurations are included to demonstrate before/after comparisons:
+
+1. `PANW.llama2-uncensored_latest-1747909321539.json` - A model using the security proxy
+2. `NOPAWN.llama2-uncensored_latest-1747909327080.json` - The same model bypassing the security proxy
+
+These configurations allow you to perform side-by-side comparisons and demonstrations of how the Palo Alto Networks AI Runtime Security affects the model responses.
 
 ## Resources
 
 
@@ -0,0 +1,54 @@
+[
+    {
+        "id": "NOPAWN.llama2-uncensored:latest",
+        "name": "NOPAWN llama2-uncensored",
+        "object": "model",
+        "created": 1747909318,
+        "owned_by": "ollama",
+        "ollama": {
+            "name": "llama2-uncensored:latest",
+            "model": "NOPAWN.llama2-uncensored:latest",
+            "modified_at": "2025-04-05T17:58:58.898718533+02:00",
+            "size": 3825819449,
+            "digest": "44040b9222331f7eacd27ec9254e42de585af28d2c5d1211cdaeb3ffa361fe3f",
+            "details": {
+                "parent_model": "",
+                "format": "gguf",
+                "family": "llama",
+                "families": null,
+                "parameter_size": "7B",
+                "quantization_level": "Q4_0"
+            },
+            "urls": [
+                1
+            ]
+        },
+        "tags": [],
+        "user_id": "6ee7d451-39ea-4255-b027-f445b5863604",
+        "base_model_id": null,
+        "params": {},
+        "meta": {
+            "profile_image_url": "/static/favicon.png",
+            "description": null,
+            "capabilities": {
+                "vision": true,
+                "citations": true
+            },
+            "suggestion_prompts": null,
+            "tags": []
+        },
+        "access_control": {
+            "read": {
+                "group_ids": [],
+                "user_ids": []
+            },
+            "write": {
+                "group_ids": [],
+                "user_ids": []
+            }
+        },
+        "is_active": true,
+        "updated_at": 1747909093,
+        "created_at": 1747909093
+    }
+]
@@ -0,0 +1,46 @@
+{
+    "version": 0,
+    "ui": {
+        "enable_signup": false
+    },
+    "openai": {
+        "enable": false,
+        "api_base_urls": [
+            "https://api.openai.com/v1"
+        ],
+        "api_keys": [
+            ""
+        ],
+        "api_configs": {
+            "0": {}
+        }
+    },
+    "ollama": {
+        "enable": true,
+        "base_urls": [
+            "http://panw-api-ollama:11435",
+            "http://host.docker.internal:11434"
+        ],
+        "api_configs": {
+            "0": {
+                "enable": true,
+                "tags": [],
+                "prefix_id": "PANW",
+                "model_ids": [
+                    "llama2-uncensored:latest"
+                ],
+                "key": ""
+            },
+            "1": {
+                "enable": true,
+                "tags": [],
+                "prefix_id": "NOPAWN",
+                "model_ids": [
+                    "nomic-embed-text:latest",
+                    "llama2-uncensored:latest"
+                ],
+                "key": ""
+            }
+        }
+    }
+}