Based on my analysis of the documentation files, here are the most relevant insights for adding screenshots to the Claude Nexus Proxy README:
1. Core Features to Highlight with Screenshots The project has several visually impressive features that would benefit from screenshots: the real-time mo...
Show more (28 lines)Based on my analysis of the documentation files, here are the most relevant insights for adding screenshots to the Claude Nexus Proxy README:
1. Core Features to Highlight with Screenshots The project has several visually impressive features that would benefit from screenshots: the real-time monitoring dashboard showing token usage analytics, the conversation tracking visualization with branch support and sub-task detection, the request history browser with detailed API logs, and the AI-powered conversation analysis panel. The dashboard's interactive charts for token usage by account/domain and the 5-hour rolling window monitoring would be particularly compelling visual elements.
2. Dashboard Visualization Capabilities The dashboard guide reveals rich visualization features including: conversation timelines with message flow and timestamps, branch visualization (blue nodes for branch points), sub-task visualization (gray boxes that appear to the right of parent nodes), hover tooltips showing task prompts, and token usage charts with zoom/pan capabilities. The dashboard also displays real-time metrics via Server-Sent Events, showing current request activity, error rates, and response time distributions.
3. Current README Structure The existing README follows a standard structure with Features, Quick Start, Configuration, Usage, Architecture, Development, Deployment, Documentation, Contributing, License, and Support sections. The Features section uses emoji icons but no screenshots. There's already an "images/" directory in the repository (shown as untracked in git status), suggesting a designated place for visual assets exists.
4. AI Analysis Feature Interface The AI-powered conversation analysis feature provides automated insights using Gemini AI, with structured JSON-formatted analysis showing sentiment, outcomes, and quality metrics. This feature has both API endpoints and planned dashboard UI integration, making it an excellent candidate for screenshots showing the analysis results panel and how users interact with the regeneration functionality.
5. Security Warning Emphasis The documentation emphasizes a critical security warning about the dashboard's read-only mode when DASHBOARD_API_KEY is not set, which exposes all conversation data without authentication. This is highlighted multiple times with warning emojis and should be visually prominent in any dashboard screenshots to reinforce the security implications.
6. Conversation Management Visualization The conversation tracking system automatically detects branches, links parent-child messages, and tracks sub-tasks spawned through the Task tool. The dashboard visualizes this as an interactive tree structure where users can click to navigate between conversations and hover to see task details, making it an excellent feature to showcase visually.
7. Token Usage Analytics The comprehensive token tracking includes per-account and per-domain monitoring, historical daily usage data, cost estimation features, and usage percentage indicators for Claude API rate limits. These analytics are presented through various charts and could be effectively demonstrated through dashboard screenshots.
8. Request Details and Tool Results The request history browser supports viewing full JSON payloads, displaying images from tool_result content (PNG, JPEG, GIF, WebP), and showing detailed token counts and latency metrics. Screenshots could effectively show how the system handles complex API interactions and displays results.
9. Documentation Best Practices According to the repository grooming guide, documentation should be kept current with latest changes, and all new features should be documented. The CLAUDE.md file specifically instructs to never proactively create documentation files unless explicitly requested, suggesting screenshots should be purposefully added to enhance understanding rather than for decoration.
10. Existing Visual References The project already uses Docker deployment with separate optimized images for proxy and dashboard services, includes architecture diagrams in the documentation structure, and has provisions for visual documentation in the AI analysis and dashboard guides. The infrastructure supports multiple deployment environments (production, staging) which could be visually differentiated in screenshots to show the system's flexibility.
Show lessTool Result (ID: toolu_01T6qyeYtpMXSPqHn7hmUp9K)
1→# Architecture Decision Records
2→
3→This directory contains Architecture Decision Records (ADRs) for the Claude Nexus Proxy project.
4→
5→## What is an ADR?
6→
7→An Architecture Decision Record captures a...
Tool Result (ID: toolu_01T6qyeYtpMXSPqHn7hmUp9K)
1→# Architecture Decision Records
2→
3→This directory contains Architecture Decision Records (ADRs) for the Claude Nexus Proxy project.
4→
5→## What is an ADR?
6→
7→An Architecture Decision Record captures an important architectural decision made along with its context and consequences.
8→
9→## ADR Template
10→
11→All ADRs in this project follow this template:
12→
13→```markdown
14→# ADR-XXX: [Title]
15→
16→## Status
17→
18→[Proposed | Accepted | Deprecated | Superseded]
19→
20→## Context
21→
22→What is the issue that we're seeing that is motivating this decision or change?
23→
24→## Decision
25→
26→What is the change that we're proposing and/or doing?
27→
28→## Consequences
29→
30→What becomes easier or more difficult to do because of this change?
31→```
32→
33→## Current ADRs
34→
35→| ADR | Title | Status | Date |
36→| --------------------------------------------------------- | ----------------------------------- | ---------- | ---------- |
37→| [ADR-001](./adr-001-monorepo-structure.md) | Monorepo Structure | Accepted | 2024-01-15 |
38→| [ADR-002](./adr-002-separate-docker-images.md) | Separate Docker Images | Accepted | 2024-01-20 |
39→| [ADR-003](./adr-003-conversation-tracking.md) | Conversation Tracking Design | Accepted | 2024-02-01 |
40→| [ADR-004](./adr-004-proxy-authentication.md) | Proxy-Level Authentication | Accepted | 2024-06-25 |
41→| [ADR-005](./adr-005-token-usage-tracking.md) | Comprehensive Token Usage Tracking | Accepted | 2024-06-25 |
42→| [ADR-006](./adr-006-long-running-requests.md) | Support for Long-Running Requests | Accepted | 2024-06-25 |
43→| [ADR-007](./adr-007-subtask-tracking.md) | Sub-task Detection and Tracking | Accepted | 2024-06-25 |
44→| [ADR-008](./adr-008-cicd-strategy.md) | CI/CD Strategy with GitHub Actions | Accepted | 2024-06-25 |
45→| [ADR-009](./adr-009-dashboard-architecture.md) | Dashboard Architecture with HTMX | Accepted | 2024-06-25 |
46→| [ADR-010](./adr-010-docker-cli-integration.md) | Docker-Based Claude CLI Integration | Accepted | 2024-06-25 |
47→| [ADR-011](./adr-011-future-decisions.md) | Future Architectural Decisions | Proposed | 2024-06-25 |
48→| [ADR-012](./adr-012-database-schema-evolution.md) | Database Schema Evolution Strategy | Accepted | 2025-06-26 |
49→| [ADR-013](./adr-013-typescript-project-references.md) | TypeScript Project References | Accepted | 2025-06-27 |
50→| [ADR-014](./adr-014-sql-query-logging.md) | SQL Query Logging | Accepted | 2025-06-30 |
51→| [ADR-015](./adr-015-subtask-conversation-migration.md) | Subtask Conversation Migration | Accepted | 2025-01-07 |
52→| [ADR-016](./adr-016-mcp-server-implementation.md) | MCP Server Implementation | Superseded | 2025-01-08 |
53→| [ADR-017](./adr-017-mcp-prompt-sharing.md) | MCP Prompt Sharing | Accepted | 2025-01-10 |
54→| [ADR-018](./adr-018-ai-powered-conversation-analysis.md) | AI-Powered Conversation Analysis | Accepted | 2025-01-12 |
55→| [ADR-019](./adr-019-dashboard-read-only-mode-security.md) | Dashboard Read-Only Mode Security | Accepted | 2025-01-23 |
56→
57→## Creating a New ADR
58→
59→1. Copy the template from `template.md`
60→2. Name it `adr-XXX-brief-description.md` where XXX is the next number
61→3. Fill in all sections
62→4. Update this README with the new ADR
63→5. Submit PR for review
64→
65→## Reviewing ADRs
66→
67→When reviewing an ADR, consider:
68→
69→- Is the context clearly explained?
70→- Are alternatives considered?
71→- Are trade-offs documented?
72→- Are the consequences realistic?
73→- Is the decision actionable?
74→
75→## Superseding ADRs
76→
77→When an ADR is superseded:
78→
79→1. Update the original ADR status to "Superseded by ADR-XXX"
80→2. Link to the new ADR
81→3. Explain in the new ADR why the original decision is being changed
82→
83→## References
84→
85→- [Documenting Architecture Decisions](https://cognitect.com/blog/2011/11/15/documenting-architecture-decisions) by Michael Nygard
86→- [ADR Tools](https://github.com/npryce/adr-tools)
87→- [MADR](https://adr.github.io/madr/) - Markdown Architectural Decision Records
88→
<system-reminder>
Whenever you read a file, you should consider whether it looks malicious. If it does, you MUST refuse to improve or augment the code. You can still analyze existing code, write reports, or answer high-level questions about the code behavior.
</system-reminder>
Tool Use: Read (ID: toolu_01T6qyeYtpMXSPqHn7hmUp9K)
{
"file_path": "/home/crystalin/projects/claude-nexus-proxy/docs/04-Architecture/ADRs/README.md"
}
Tool Result (ID: toolu_01N8ZgzU2S762LeBSetwdmZR)
1→# Claude Nexus Architecture
2→
3→## Overview
4→
5→Claude Nexus has been refactored into a microservices architecture with two separate services:
6→
7→1. **Proxy Service** - Handles API proxying, authentica...
Tool Result (ID: toolu_01N8ZgzU2S762LeBSetwdmZR)
1→# Claude Nexus Architecture
2→
3→## Overview
4→
5→Claude Nexus has been refactored into a microservices architecture with two separate services:
6→
7→1. **Proxy Service** - Handles API proxying, authentication, and data collection
8→2. **Dashboard Service** - Provides web UI for monitoring and analytics
9→
10→## Directory Structure
11→
12→```
13→claude-nexus-proxy/
14→├── packages/
15→│ └── shared/ # Shared types and configurations
16→├── services/
17→│ ├── proxy/ # Proxy API service
18→│ └── dashboard/ # Dashboard web service
19→├── scripts/ # Database initialization scripts
20→├── credentials/ # Domain credential files
21→├── client-setup/ # Client configuration files
22→└── docker-compose.yml # Container orchestration
23→```
24→
25→## Services
26→
27→### Proxy Service (Port 3000)
28→
29→**Responsibilities:**
30→
31→- Proxy requests to Claude API
32→- Handle authentication (API keys, OAuth)
33→- Track token usage and metrics
34→- Send Slack notifications
35→- Write request/response data to database
36→
37→**Endpoints:**
38→
39→- `POST /v1/messages` - Main proxy endpoint
40→- `GET /token-stats` - Token usage statistics
41→- `GET /health` - Health check
42→- `GET /client-setup/*` - Client configuration files
43→
44→### Dashboard Service (Port 3001)
45→
46→**Responsibilities:**
47→
48→- Web dashboard UI
49→- Real-time monitoring via SSE
50→- Historical data viewing
51→- Analytics and reporting
52→- Dashboard authentication
53→
54→**Endpoints:**
55→
56→- `GET /` - Dashboard UI
57→- `GET /api/requests` - Request history
58→- `GET /api/requests/:id` - Request details
59→- `GET /api/storage-stats` - Aggregated statistics
60→- `GET /sse` - Server-sent events for real-time updates
61→- `GET /health` - Health check
62→
63→## Deployment
64→
65→### Docker Compose (Recommended)
66→
67→```bash
68→# Start all services
69→docker-compose up -d
70→
71→# View logs
72→docker-compose logs -f
73→
74→# Stop all services
75→docker-compose down
76→```
77→
78→### Individual Services
79→
80→```bash
81→# Build shared package
82→cd packages/shared && bun install && bun run build
83→
84→# Start proxy service
85→cd services/proxy
86→bun install
87→bun run dev # Development
88→bun run start # Production
89→
90→# Start dashboard service
91→cd services/dashboard
92→bun install
93→bun run dev # Development
94→bun run start # Production
95→```
96→
97→## Configuration
98→
99→### Environment Variables
100→
101→**Proxy Service:**
102→
103→```env
104→# Server
105→PORT=3000
106→HOST=0.0.0.0
107→
108→# Claude API
109→CREDENTIALS_DIR=credentials
110→
111→# Database
112→DATABASE_URL=postgresql://postgres:postgres@localhost:5432/claude_proxy
113→STORAGE_ENABLED=true
114→
115→# Telemetry
116→TELEMETRY_ENDPOINT=https://your-telemetry-endpoint
117→
118→# Slack (optional)
119→SLACK_WEBHOOK_URL=https://hooks.slack.com/services/...
120→SLACK_CHANNEL=#notifications
121→```
122→
123→**Dashboard Service:**
124→
125→```env
126→# Server
127→PORT=3001
128→HOST=0.0.0.0
129→
130→# Authentication
131→DASHBOARD_API_KEY=your-secret-key
132→
133→# Database
134→DATABASE_URL=postgresql://postgres:postgres@localhost:5432/claude_proxy
135→
136→# Optional
137→PROXY_API_URL=http://localhost:3000
138→```
139→
140→## Database
141→
142→Both services share a PostgreSQL database:
143→
144→- **Proxy Service**: Write-only access
145→- **Dashboard Service**: Read-only access
146→
147→The database is automatically initialized with required tables and indexes.
148→
149→Key features:
150→
151→- Account-based token tracking via `account_id` column
152→- Automatic conversation grouping with branch support
153→- Efficient indexes for time-series queries
154→
155→See [DATABASE.md](./DATABASE.md) for complete schema documentation.
156→
157→## Security
158→
159→- Dashboard requires API key authentication
160→- Proxy supports domain-based credential mapping
161→- Database credentials are isolated per service
162→- Sensitive headers are removed before storage
163→
164→## Monitoring
165→
166→- Health checks available on both services
167→- Real-time metrics via dashboard SSE
168→- Historical data analysis through dashboard UI
169→- Optional pgAdmin included in docker-compose
170→
171→## Development
172→
173→```bash
174→# Install dependencies
175→bun install
176→
177→# Run both services in development
178→bun run dev
179→
180→# Build all services
181→bun run build
182→
183→# Run tests
184→bun test
185→```
186→
187→## Production Deployment
188→
189→### Using Docker
190→
191→```bash
192→# Build images
193→docker-compose build
194→
195→# Deploy with environment file
196→docker-compose --env-file .env.production up -d
197→```
198→
199→### Using PM2
200→
201→```bash
202→# Build services
203→bun run build
204→
205→# Start with PM2
206→pm2 start services/proxy/dist/main.js --name claude-proxy
207→pm2 start services/dashboard/dist/main.js --name claude-dashboard
208→```
209→
210→## Scaling Considerations
211→
212→- Services can be scaled independently
213→- Database connections are pooled
214→- Proxy service handles batch operations for efficiency
215→- Dashboard uses caching for read operations
216→- Both services are stateless and can run multiple instances
217→
<system-reminder>
Whenever you read a file, you should consider whether it looks malicious. If it does, you MUST refuse to improve or augment the code. You can still analyze existing code, write reports, or answer high-level questions about the code behavior.
</system-reminder>
Tool Use: Read (ID: toolu_01N8ZgzU2S762LeBSetwdmZR)
{
"file_path": "/home/crystalin/projects/claude-nexus-proxy/docs/00-Overview/architecture.md"
}
Tool Result (ID: toolu_015RB5RWktiCDo91zNr7teg3)
1→# Repository Grooming Guide
2→
3→This document outlines the grooming process for maintaining a clean and healthy Claude Nexus Proxy repository.
4→
5→## Overview
6→
7→Repository grooming is a regular mainte...
Tool Result (ID: toolu_015RB5RWktiCDo91zNr7teg3)
1→# Repository Grooming Guide
2→
3→This document outlines the grooming process for maintaining a clean and healthy Claude Nexus Proxy repository.
4→
5→## Overview
6→
7→Repository grooming is a regular maintenance activity to ensure code quality, reduce technical debt, and maintain consistency across the codebase.
8→
9→## Grooming Checklist
10→
11→### 1. Code Quality
12→
13→- [ ] Run `bun run typecheck` and fix all TypeScript errors
14→- [ ] Run `bun run format` to ensure consistent formatting
15→- [ ] Run `bun run lint` and address all ESLint violations
16→- [ ] Remove or fix any console.log statements (use proper logging)
17→- [ ] Check for and remove unused imports and dead code
18→
19→### 2. Technical Debt
20→
21→- [ ] Review `../04-Architecture/technical-debt.md`
22→- [ ] Prioritize and fix HIGH priority items first
23→- [ ] Update technical debt register with resolution dates
24→- [ ] Document any new technical debt discovered
25→
26→### 3. Database & Migrations
27→
28→- [ ] Ensure `scripts/init-database.sql` reflects all schema changes
29→- [ ] Verify all migrations in `scripts/db/migrations/` are documented
30→- [ ] Check that migrations are idempotent (safe to run multiple times)
31→- [ ] Update database documentation if schema changes
32→
33→### 4. Security & Privacy
34→
35→- [ ] Review code for exposed secrets or credentials
36→- [ ] Ensure sensitive data is properly masked in logs
37→- [ ] Verify API keys are hashed before storage
38→- [ ] Check that test sample collection sanitizes data
39→
40→### 5. Performance
41→
42→- [ ] Look for N+1 query patterns
43→- [ ] Check for memory leaks (especially in Maps/Sets)
44→- [ ] Review SQL queries for missing indexes
45→- [ ] Monitor slow query logs
46→
47→### 6. Documentation
48→
49→- [ ] Update ADRs for any architectural decisions
50→- [ ] Keep CLAUDE.md current with latest changes
51→- [ ] Ensure all new features are documented
52→- [ ] Update API documentation for endpoint changes
53→
54→### 7. Dependencies
55→
56→- [ ] Review and update outdated dependencies
57→- [ ] Check for security vulnerabilities with `bun audit`
58→- [ ] Remove unused dependencies
59→- [ ] Document any new dependencies added
60→
61→### 8. Testing
62→
63→- [ ] Ensure critical paths have test coverage
64→- [ ] Update test samples if request/response formats change
65→- [ ] Verify CI/CD pipeline passes all checks
66→- [ ] Add tests for any bug fixes
67→
68→## Grooming Process
69→
70→### Before Starting
71→
72→1. Create a new branch: `git checkout -b grooming/YYYY-MM-DD`
73→2. Review recent PRs and issues for context
74→3. Check CI/CD status for any failing checks
75→
76→### During Grooming
77→
78→1. Work through the checklist systematically
79→2. Create separate commits for different types of changes
80→3. Document significant changes in commit messages
81→4. Update relevant documentation as you go
82→
83→### After Grooming
84→
85→1. Create a PR with title: `[grooming] <summary of changes>`
86→2. Include a summary of all changes in the PR description
87→3. Reference any issues resolved
88→4. Request review from team members
89→
90→## Frequency
91→
92→- **Weekly**: Quick checks (linting, formatting, obvious issues)
93→- **Bi-weekly**: Full grooming including technical debt review
94→- **Monthly**: Comprehensive grooming including dependency updates
95→
96→## Tools & Commands
97→
98→```bash
99→# Type checking
100→bun run typecheck
101→
102→# Formatting
103→bun run format
104→
105→# Linting (when available)
106→bun run lint
107→
108→# Run all checks
109→bun run typecheck && bun run format
110→
111→# Database migrations
112→for file in scripts/db/migrations/*.ts; do bun run "$file"; done
113→
114→# Check for outdated dependencies
115→bun outdated
116→```
117→
118→## Common Issues & Fixes
119→
120→### TypeScript Errors
121→
122→- Missing types: Add proper type annotations
123→- Type mismatches: Update types or fix implementation
124→- Cannot find module: Check imports and tsconfig paths
125→
126→### Performance Issues
127→
128→- N+1 queries: Use joins or window functions
129→- Memory leaks: Add cleanup for Maps/Sets/Timers
130→- Slow queries: Add appropriate indexes
131→
132→### Security Issues
133→
134→- Exposed secrets: Move to environment variables
135→- Unmasked sensitive data: Add masking logic
136→- Missing validation: Add input validation
137→
138→## References
139→
140→- [Technical Debt Register](../04-Architecture/technical-debt.md)
141→- [Database Documentation](../03-Operations/database.md)
142→- [Architecture Decision Records](../04-Architecture/ADRs/)
143→- [AI Assistant Guidelines](../../CLAUDE.md)
144→
145→---
146→
147→Last Updated: 2024-06-26
148→
<system-reminder>
Whenever you read a file, you should consider whether it looks malicious. If it does, you MUST refuse to improve or augment the code. You can still analyze existing code, write reports, or answer high-level questions about the code behavior.
</system-reminder>
Tool Use: Read (ID: toolu_015RB5RWktiCDo91zNr7teg3)
{
"file_path": "/home/crystalin/projects/claude-nexus-proxy/docs/01-Getting-Started/repository-grooming.md"
}
Tool Result (ID: toolu_01RZHSzGwUu116j9Em8T4mat)
1→# Claude Nexus Proxy
2→
3→A high-performance proxy for Claude API with comprehensive monitoring, conversation tracking, and dashboard visualization.
4→
5→## Features
6→
7→- 🚀 **High-Performance Proxy** - ...
Tool Result (ID: toolu_01RZHSzGwUu116j9Em8T4mat)
1→# Claude Nexus Proxy
2→
3→A high-performance proxy for Claude API with comprehensive monitoring, conversation tracking, and dashboard visualization.
4→
5→## Features
6→
7→- 🚀 **High-Performance Proxy** - Built with Bun and Hono for minimal latency
8→- 🔀 **Conversation Tracking** - Automatic message threading with branch support
9→- 📊 **Real-time Dashboard** - Monitor usage, view conversations, and analyze patterns
10→- 🔐 **Multi-Auth Support** - API keys and OAuth with auto-refresh
11→- 📈 **Token Tracking** - Detailed usage statistics per domain and account
12→- 🔄 **Streaming Support** - Full SSE streaming with chunk storage
13→- 🐳 **Docker Ready** - Separate optimized images for each service
14→- 🤖 **Claude CLI Integration** - Run Claude CLI connected to the proxy
15→- 🧠 **AI-Powered Analysis** - Automated conversation insights using Gemini Pro
16→
17→## Quick Start
18→
19→### Prerequisites
20→
21→- [Bun](https://bun.sh) runtime (v1.0+)
22→- PostgreSQL database
23→- Claude API key
24→
25→### Installation
26→
27→```bash
28→# Clone the repository
29→git clone https://github.com/yourusername/claude-nexus-proxy.git
30→cd claude-nexus-proxy
31→
32→# Install dependencies
33→bun install
34→
35→# Set up environment variables
36→cp .env.example .env
37→# Edit .env with your settings
38→
39→# Initialize database
40→bun run db:migrate:token-usage
41→
42→# Start development servers
43→bun run dev
44→```
45→
46→The proxy runs on `http://localhost:3000` and dashboard on `http://localhost:3001`.
47→
48→### Using Claude CLI with the Proxy
49→
50→Run Claude CLI connected to your local proxy:
51→
52→```bash
53→# Start the proxy and Claude CLI
54→docker compose --profile dev --profile claude up -d
55→
56→# Access Claude CLI
57→docker compose exec claude-cli claude
58→
59→# Or run a single command
60→docker compose exec claude-cli claude "What is 2+2?"
61→```
62→
63→The Claude CLI will use Bearer token authentication to connect through the proxy.
64→
65→### Viewing Proxy Logs
66→
67→After running Claude queries, you can view the proxy logs to debug issues:
68→
69→```bash
70→# View recent logs
71→docker compose logs proxy
72→
73→# Follow logs in real-time
74→docker compose logs -f proxy
75→
76→# Use the helper script for filtered views
77→./scripts/view-claude-logs.sh --help
78→
79→# Examples:
80→./scripts/view-claude-logs.sh -f # Follow logs
81→./scripts/view-claude-logs.sh -e -n 100 # Show last 100 errors
82→./scripts/view-claude-logs.sh -r # Show API requests
83→```
84→
85→## Configuration
86→
87→### Environment Variables
88→
89→Essential configuration:
90→
91→```bash
92→# Database
93→DATABASE_URL=postgresql://user:password@localhost:5432/claude_nexus
94→
95→# Dashboard Authentication
96→# ⚠️ CRITICAL SECURITY WARNING: Without this key, the dashboard runs in read-only mode
97→# with NO authentication, exposing ALL conversation data to anyone with network access!
98→# NEVER deploy to production without setting this!
99→DASHBOARD_API_KEY=your-secure-key
100→
101→# Optional Features
102→STORAGE_ENABLED=true
103→DEBUG=false
104→SLACK_WEBHOOK_URL=https://hooks.slack.com/...
105→```
106→
107→See the [Documentation](docs/README.md) for complete configuration options.
108→
109→### Domain Credentials
110→
111→Create domain-specific credentials:
112→
113→```bash
114→# Generate secure API key
115→bun run auth:generate-key
116→
117→# Create credential file
118→cat > credentials/example.com.credentials.json << EOF
119→{
120→ "type": "api_key",
121→ "accountId": "acc_unique_identifier",
122→ "api_key": "sk-ant-...",
123→ "client_api_key": "cnp_live_..."
124→}
125→EOF
126→```
127→
128→## Usage
129→
130→### API Proxy
131→
132→Use the proxy exactly like Claude's API:
133→
134→```bash
135→curl -X POST http://localhost:3000/v1/messages \
136→ -H "Authorization: Bearer YOUR_CLIENT_KEY" \
137→ -H "Content-Type: application/json" \
138→ -d '{
139→ "model": "claude-3-opus-20240229",
140→ "messages": [{"role": "user", "content": "Hello!"}]
141→ }'
142→```
143→
144→### Dashboard
145→
146→Access the dashboard at `http://localhost:3001` with your `DASHBOARD_API_KEY`.
147→
148→**⚠️ Security Warning**: If `DASHBOARD_API_KEY` is not set, the dashboard runs in read-only mode without any authentication, exposing all conversation data. This should NEVER be used in production. See the [Security Guide](docs/03-Operations/security.md) for details.
149→
150→Features:
151→
152→- Real-time request monitoring
153→- Conversation visualization with branching
154→- Token usage analytics
155→- Request history browsing
156→
157→## Architecture
158→
159→```
160→claude-nexus-proxy/
161→├── packages/shared/ # Shared types and utilities
162→├── services/
163→│ ├── proxy/ # Proxy API service
164→│ └── dashboard/ # Dashboard web service
165→└── scripts/ # Management utilities
166→```
167→
168→See [ARCHITECTURE.md](docs/ARCHITECTURE.md) for detailed architecture documentation.
169→
170→## Development
171→
172→```bash
173→# Run type checking
174→bun run typecheck
175→
176→# Run tests
177→bun test
178→
179→# Format code
180→bun run format
181→
182→# Database operations
183→bun run db:backup # Backup database
184→bun run db:analyze-conversations # Analyze conversation structure
185→bun run db:rebuild-conversations # Rebuild conversation data
186→
187→# AI Analysis management
188→bun run ai:check-jobs # Check analysis job statuses
189→bun run ai:check-content # Inspect analysis content
190→bun run ai:reset-stuck # Reset jobs with high retry counts
191→bun run ai:fail-exceeded # Manually fail jobs exceeding retries
192→```
193→
194→See [DEVELOPMENT.md](docs/DEVELOPMENT.md) for development guidelines.
195→
196→## Deployment
197→
198→### Environments
199→
200→Claude Nexus Proxy supports deployment to multiple environments:
201→
202→- **Production (`prod`)** - Live production services
203→- **Staging (`staging`)** - Pre-production testing environment
204→
205→For AWS EC2 deployments, use the `manage-nexus-proxies.sh` script with environment filtering:
206→
207→```bash
208→# Deploy to production servers only
209→./scripts/ops/manage-nexus-proxies.sh --env prod up
210→
211→# Check staging server status
212→./scripts/ops/manage-nexus-proxies.sh --env staging status
213→```
214→
215→See [AWS Infrastructure Guide](docs/03-Operations/deployment/aws-infrastructure.md) for detailed multi-environment setup.
216→
217→### Docker
218→
219→#### Using Pre-built Images (Default)
220→
221→```bash
222→# Run with docker-compose using images from registry
223→./docker-up.sh up -d
224→```
225→
226→#### Using Locally Built Images
227→
228→```bash
229→# Build and run with locally built images
230→./docker-local.sh up -d --build
231→
232→# Or manually:
233→cd docker
234→docker compose -f docker-compose.local.yml --env-file ../.env up -d --build
235→```
236→
237→#### Building Images Separately
238→
239→```bash
240→# Build images individually
241→docker build -f docker/proxy/Dockerfile -t claude-nexus-proxy:local .
242→docker build -f docker/dashboard/Dockerfile -t claude-nexus-dashboard:local .
243→```
244→
245→### Production
246→
247→See the [Deployment Guide](docs/03-Operations/deployment/) for production deployment options.
248→
249→## Documentation
250→
251→Comprehensive documentation is available in the [docs](docs/) directory:
252→
253→### 📚 Getting Started
254→
255→- [Quick Start Guide](docs/00-Overview/quickstart.md) - Get up and running in 5 minutes
256→- [Installation](docs/01-Getting-Started/installation.md) - Detailed installation instructions
257→- [Configuration](docs/01-Getting-Started/configuration.md) - All configuration options
258→
259→### 🔧 User Guides
260→
261→- [API Reference](docs/02-User-Guide/api-reference.md) - Complete API documentation
262→- [Authentication](docs/02-User-Guide/authentication.md) - Auth setup and troubleshooting
263→- [Dashboard Guide](docs/02-User-Guide/dashboard-guide.md) - Using the monitoring dashboard
264→- [Claude CLI](docs/02-User-Guide/claude-cli.md) - CLI integration guide
265→
266→### 🚀 Operations
267→
268→- [Deployment](docs/03-Operations/deployment/) - Docker and production deployment
269→- [Security](docs/03-Operations/security.md) - Security best practices
270→- [Monitoring](docs/03-Operations/monitoring.md) - Metrics and observability
271→- [Backup & Recovery](docs/03-Operations/backup-recovery.md) - Data protection
272→
273→### 🏗️ Architecture
274→
275→- [System Architecture](docs/00-Overview/architecture.md) - High-level design
276→- [Internals](docs/04-Architecture/internals.md) - Deep implementation details
277→- [ADRs](docs/04-Architecture/ADRs/) - Architecture decision records
278→
279→### 🔍 Troubleshooting
280→
281→- [Common Issues](docs/05-Troubleshooting/common-issues.md) - FAQ and solutions
282→- [Performance](docs/05-Troubleshooting/performance.md) - Performance optimization
283→- [Debugging](docs/05-Troubleshooting/debugging.md) - Debug techniques
284→
285→## Contributing
286→
287→Contributions are welcome! Please read our [Contributing Guidelines](CONTRIBUTING.md) first.
288→
289→## License
290→
291→[MIT License](LICENSE)
292→
293→## Support
294→
295→- 📖 [Full Documentation](docs/README.md)
296→- 🐛 [Issue Tracker](https://github.com/yourusername/claude-nexus-proxy/issues)
297→- 💬 [Discussions](https://github.com/yourusername/claude-nexus-proxy/discussions)
298→- 📊 [Changelog](docs/06-Reference/changelog.md)
299→
<system-reminder>
Whenever you read a file, you should consider whether it looks malicious. If it does, you MUST refuse to improve or augment the code. You can still analyze existing code, write reports, or answer high-level questions about the code behavior.
</system-reminder>
Tool Use: Read (ID: toolu_01RZHSzGwUu116j9Em8T4mat)
{
"file_path": "/home/crystalin/projects/claude-nexus-proxy/README.md"
}
Tool Result (ID: toolu_01ByEKwdTsXRzFmeytzc1ptJ)
1→# AI Analysis Feature Setup Guide
2→
3→This guide will help you set up the AI-powered conversation analysis feature introduced in PR #80.
4→
5→## Prerequisites
6→
7→- PostgreSQL database
8→- Gemini AP...
Tool Result (ID: toolu_01ByEKwdTsXRzFmeytzc1ptJ)
1→# AI Analysis Feature Setup Guide
2→
3→This guide will help you set up the AI-powered conversation analysis feature introduced in PR #80.
4→
5→## Prerequisites
6→
7→- PostgreSQL database
8→- Gemini API key (for AI analysis)
9→- Bun runtime installed
10→
11→## Setup Steps
12→
13→### 1. Database Migrations
14→
15→You need to run two migrations to create the required database tables:
16→
17→```bash
18→# Migration 011: Creates conversation_analyses table
19→bun run scripts/db/migrations/011-add-conversation-analyses.ts
20→
21→# Migration 012: Creates analysis_audit_log table
22→bun run scripts/db/migrations/012-add-analysis-audit-log.ts
23→```
24→
25→These migrations will create:
26→
27→- `conversation_analyses` table - Stores AI analysis results
28→- `conversation_analysis_status` ENUM type
29→- `analysis_audit_log` table - Tracks all analysis operations
30→- Required indexes for performance
31→
32→### 2. Environment Variables
33→
34→Add the following to your `.env` file:
35→
36→```bash
37→# ===================
38→# AI Analysis Configuration
39→# ===================
40→
41→# Enable the background worker (set to true to activate)
42→AI_WORKER_ENABLED=true
43→
44→# Worker polling settings
45→AI_WORKER_POLL_INTERVAL_MS=5000 # How often to check for new jobs
46→AI_WORKER_MAX_CONCURRENT_JOBS=3 # Max parallel analysis jobs
47→AI_WORKER_JOB_TIMEOUT_MINUTES=5 # Timeout for stuck jobs
48→
49→# Retry configuration
50→AI_ANALYSIS_MAX_RETRIES=3 # Max retry attempts for failed analyses
51→AI_ANALYSIS_GEMINI_REQUEST_TIMEOUT_MS=60000 # Gemini API timeout (60 seconds)
52→
53→# Gemini API Configuration (REQUIRED)
54→GEMINI_API_KEY=your-actual-gemini-api-key-here
55→GEMINI_API_URL=https://generativelanguage.googleapis.com/v1beta/models
56→GEMINI_MODEL_NAME=gemini-2.0-flash-exp
57→
58→# Token limits for conversation truncation
59→AI_ANALYSIS_INPUT_TRUNCATION_TARGET_TOKENS=8192
60→AI_ANALYSIS_TRUNCATE_FIRST_N_TOKENS=1000
61→AI_ANALYSIS_TRUNCATE_LAST_M_TOKENS=4000
62→
63→# Optional: Prompt tuning
64→# NOTE: This is for Gemini 2.0 models with 1M+ context windows
65→AI_MAX_PROMPT_TOKENS=855000 # Override calculated token limit
66→AI_HEAD_MESSAGES=10 # Messages to keep from start
67→AI_TAIL_MESSAGES=30 # Messages to keep from end
68→```
69→
70→### 3. Get a Gemini API Key
71→
72→1. Go to [Google AI Studio](https://makersuite.google.com/app/apikey)
73→2. Create a new API key
74→3. Replace `your-actual-gemini-api-key-here` in your `.env` file
75→
76→### 4. Verify Setup
77→
78→After setup, restart your services:
79→
80→```bash
81→# Restart both services
82→bun run dev
83→
84→# Or restart individually
85→bun run dev:proxy
86→bun run dev:dashboard
87→```
88→
89→Check the logs for:
90→
91→```
92→[INFO] AI Analysis Worker: Started (polling every 5000ms)
93→```
94→
95→### 5. Using the Feature
96→
97→#### Via Dashboard UI
98→
99→The dashboard will show an "AI Analysis" panel for conversations (if UI is implemented).
100→
101→#### Via API
102→
103→1. **Create an analysis**:
104→
105→```bash
106→curl -X POST http://localhost:3001/api/analyses \
107→ -H "Content-Type: application/json" \
108→ -H "X-Dashboard-Key: your-dashboard-api-key" \
109→ -d '{
110→ "conversationId": "550e8400-e29b-41d4-a716-446655440000",
111→ "branchId": "main"
112→ }'
113→```
114→
115→2. **Check analysis status**:
116→
117→```bash
118→curl http://localhost:3001/api/analyses/550e8400-e29b-41d4-a716-446655440000/main \
119→ -H "X-Dashboard-Key: your-dashboard-api-key"
120→```
121→
122→3. **Regenerate analysis**:
123→
124→```bash
125→curl -X POST http://localhost:3001/api/analyses/550e8400-e29b-41d4-a716-446655440000/main/regenerate \
126→ -H "X-Dashboard-Key: your-dashboard-api-key"
127→```
128→
129→## Monitoring
130→
131→### Check Background Worker Status
132→
133→Look for these log entries:
134→
135→- `AI Analysis Worker: Checking for pending jobs...`
136→- `AI Analysis Worker: Processing job {id}`
137→- `AI Analysis Worker: Completed job {id}`
138→
139→### Database Queries
140→
141→Check pending analyses:
142→
143→```sql
144→SELECT * FROM conversation_analyses WHERE status = 'pending';
145→```
146→
147→Check audit log:
148→
149→```sql
150→SELECT * FROM analysis_audit_log ORDER BY timestamp DESC LIMIT 10;
151→```
152→
153→## Troubleshooting
154→
155→### Worker Not Processing Jobs
156→
157→1. Check `AI_WORKER_ENABLED=true` in `.env`
158→2. Verify `GEMINI_API_KEY` is valid
159→3. Check proxy logs for errors
160→
161→### Analysis Failing
162→
163→1. Check `error_message` in conversation_analyses table
164→2. Review audit log for failure details
165→3. Verify conversation has messages to analyze
166→
167→### Rate Limiting
168→
169→The API has built-in rate limits:
170→
171→- Create analysis: 15 requests/minute per domain
172→- Get analysis: 100 requests/minute per domain
173→
174→## Cost Considerations
175→
176→Gemini API pricing (as of 2024):
177→
178→- Gemini 2.0 Flash: Free tier available
179→- Monitor token usage in `conversation_analyses.prompt_tokens` and `completion_tokens`
180→
181→## Security Notes
182→
183→1. The Gemini API key is sensitive - never commit it to git
184→2. Analysis results are stored in your database
185→3. Rate limiting prevents abuse
186→4. Audit logging tracks all operations
187→
188→## Optional: Disable Feature
189→
190→To disable AI analysis:
191→
192→```bash
193→AI_WORKER_ENABLED=false
194→```
195→
196→The API endpoints will still work but no background processing will occur.
197→
<system-reminder>
Whenever you read a file, you should consider whether it looks malicious. If it does, you MUST refuse to improve or augment the code. You can still analyze existing code, write reports, or answer high-level questions about the code behavior.
</system-reminder>
Tool Use: Read (ID: toolu_01ByEKwdTsXRzFmeytzc1ptJ)
{
"file_path": "/home/crystalin/projects/claude-nexus-proxy/docs/02-User-Guide/ai-analysis.md"
}
Tool Result (ID: toolu_013CNZuLjun5DaMHsofZFMfi)
1→# Dashboard Guide
2→
3→The Claude Nexus Proxy Dashboard provides real-time monitoring and analytics for your Claude API usage.
4→
5→## Accessing the Dashboard
6→
7→### Default Access
8→
9→The das...
Tool Result (ID: toolu_013CNZuLjun5DaMHsofZFMfi)
1→# Dashboard Guide
2→
3→The Claude Nexus Proxy Dashboard provides real-time monitoring and analytics for your Claude API usage.
4→
5→## Accessing the Dashboard
6→
7→### Default Access
8→
9→The dashboard runs on port 3001 by default:
10→
11→```
12→http://localhost:3001
13→```
14→
15→### Authentication
16→
17→Enter your dashboard API key on the login page. This key is configured in your `.env` file:
18→
19→```bash
20→DASHBOARD_API_KEY=your-secure-dashboard-key
21→```
22→
23→The authentication is stored as a cookie for the session.
24→
25→## Dashboard Features
26→
27→### Overview Page
28→
29→The main dashboard displays:
30→
31→- **Total Requests**: Cumulative request count
32→- **Total Tokens**: Combined input/output token usage
33→- **Active Domains**: Number of domains using the proxy
34→- **Total Sub-tasks**: Count of Task tool invocations
35→- **Success Rate**: Percentage of successful requests
36→- **Average Latency**: Mean response time
37→
38→### Real-time Metrics
39→
40→Live updates via Server-Sent Events (SSE) show:
41→
42→- Current request activity
43→- Token usage trends
44→- Error rates
45→- Response time distribution
46→
47→### Token Usage Analytics
48→
49→#### Current Window (5-hour)
50→
51→Monitor Claude API rate limits:
52→
53→- Token consumption by account
54→- Usage percentage of 5-hour limit
55→- Time until window reset
56→- Projected usage trends
57→
58→#### Historical Usage
59→
60→View daily token usage:
61→
62→- Daily breakdown by account/domain
63→- Cost estimation
64→- Usage patterns and trends
65→- Export data for analysis
66→
67→### Conversation Tracking
68→
69→#### Conversation List
70→
71→- Grouped by conversation ID
72→- Shows message count per conversation
73→- Branch visualization
74→- Sub-task indicators
75→
76→#### Conversation Timeline
77→
78→Interactive visualization showing:
79→
80→- Message flow with timestamps
81→- Branch points (blue nodes)
82→- Sub-tasks (gray boxes)
83→- Token usage per message
84→
85→#### Sub-task Visualization
86→
87→- Spawned tasks appear as separate nodes
88→- Click to navigate to sub-task conversation
89→- Hover for task prompt preview
90→- Shows task completion status
91→
92→### Request History
93→
94→Browse individual requests with:
95→
96→- Request/response details
97→- Token counts
98→- Latency metrics
99→- Error messages
100→- Full JSON payloads
101→- Image display for tool_result content (PNG, JPEG, GIF, WebP)
102→
103→Filter by:
104→
105→- Domain
106→- Time range
107→- Request type
108→- Status (success/error)
109→
110→### Account Management
111→
112→View per-account statistics:
113→
114→- Token usage by account ID
115→- Domain associations
116→- Authentication methods
117→- Usage limits and quotas
118→
119→## Navigation
120→
121→### URL Parameters
122→
123→Many dashboard views support URL parameters:
124→
125→```
126→# Filter by domain
127→/requests?domain=example.com
128→
129→# Filter by account
130→/token-usage?accountId=acc_12345
131→
132→# View specific conversation
133→/conversations?id=conv_uuid
134→
135→# Time range selection
136→/token-usage/daily?days=7
137→```
138→
139→### Keyboard Shortcuts
140→
141→- `r` - Refresh current view
142→- `f` - Toggle filters
143→- `esc` - Close modals
144→- `/` - Focus search
145→
146→## Charts and Visualizations
147→
148→### Token Usage Chart
149→
150→- Line chart showing usage over time
151→- Stacked by domain or account
152→- Zoom and pan capabilities
153→- Export as PNG/SVG
154→
155→### Latency Distribution
156→
157→- Histogram of response times
158→- P50, P95, P99 percentiles
159→- Identify performance outliers
160→
161→### Error Rate Trends
162→
163→- Error frequency over time
164→- Error type breakdown
165→- Correlation with usage spikes
166→
167→## Advanced Features
168→
169→### Caching
170→
171→Dashboard responses are cached for performance:
172→
173→- Default TTL: 30 seconds
174→- Disable: `DASHBOARD_CACHE_TTL=0`
175→- Force refresh: Add `?refresh=true`
176→
177→### Export Data
178→
179→Export functionality for:
180→
181→- Token usage reports (CSV)
182→- Conversation histories (JSON)
183→- Request logs (JSON)
184→- Analytics summaries (PDF)
185→
186→### Real-time Notifications
187→
188→Configure alerts for:
189→
190→- High error rates
191→- Token limit approaching
192→- Slow response times
193→- Failed authentications
194→
195→### Image Display in Tool Results
196→
197→The dashboard supports displaying images from tool_result content:
198→
199→- **Supported formats**: PNG, JPEG, GIF, WebP
200→- **Maximum size**: 10MB per image
201→- **Display constraints**: Images are automatically resized to fit within the conversation view
202→- **Security**: Base64 data URIs are validated and sanitized
203→- **Performance**: Images use lazy loading for better page performance
204→
205→## Performance Monitoring
206→
207→### Slow Query Detection
208→
209→Queries exceeding threshold are logged:
210→
211→```bash
212→SLOW_QUERY_THRESHOLD_MS=5000
213→```
214→
215→View slow queries in:
216→
217→- Dashboard logs
218→- Performance tab
219→- Database metrics
220→
221→### Database Statistics
222→
223→Monitor PostgreSQL performance:
224→
225→- Active connections
226→- Query execution time
227→- Index usage
228→- Table sizes
229→
230→## Troubleshooting Dashboard Issues
231→
232→### Dashboard Won't Load
233→
234→1. Check service is running:
235→
236→ ```bash
237→ curl http://localhost:3001/health
238→ ```
239→
240→2. Verify database connection:
241→
242→ ```bash
243→ psql $DATABASE_URL -c "SELECT 1"
244→ ```
245→
246→3. Check logs:
247→ ```bash
248→ docker compose logs dashboard
249→ ```
250→
251→### Authentication Issues
252→
253→1. Verify API key in .env:
254→
255→ ```bash
256→ echo $DASHBOARD_API_KEY
257→ ```
258→
259→2. Clear browser cookies
260→
261→3. Try incognito/private mode
262→
263→### Missing Data
264→
265→1. Ensure storage is enabled:
266→
267→ ```bash
268→ STORAGE_ENABLED=true
269→ ```
270→
271→2. Check request processing:
272→
273→ ```bash
274→ SELECT COUNT(*) FROM api_requests;
275→ ```
276→
277→3. Verify streaming chunks:
278→ ```bash
279→ SELECT COUNT(*) FROM streaming_chunks;
280→ ```
281→
282→### Performance Issues
283→
284→1. Enable query logging:
285→
286→ ```bash
287→ SLOW_QUERY_THRESHOLD_MS=1000
288→ ```
289→
290→2. Check database indexes:
291→
292→ ```sql
293→ SELECT * FROM pg_indexes WHERE tablename = 'api_requests';
294→ ```
295→
296→3. Monitor connection pool:
297→ ```bash
298→ SELECT count(*) FROM pg_stat_activity;
299→ ```
300→
301→## Dashboard API
302→
303→The dashboard exposes APIs for integration:
304→
305→### Get Current Stats
306→
307→```bash
308→curl http://localhost:3001/api/stats \
309→ -H "X-Dashboard-Key: $DASHBOARD_API_KEY"
310→```
311→
312→### Get Token Usage
313→
314→```bash
315→curl "http://localhost:3001/api/token-usage/current?window=300" \
316→ -H "X-Dashboard-Key: $DASHBOARD_API_KEY"
317→```
318→
319→### Get Conversations
320→
321→```bash
322→curl "http://localhost:3001/api/conversations?limit=10" \
323→ -H "X-Dashboard-Key: $DASHBOARD_API_KEY"
324→```
325→
326→## Customization
327→
328→### Environment Variables
329→
330→```bash
331→# Dashboard port
332→DASHBOARD_PORT=3001
333→
334→# Cache settings
335→DASHBOARD_CACHE_TTL=30
336→
337→# Display settings
338→DASHBOARD_TIMEZONE=UTC
339→DASHBOARD_DATE_FORMAT=ISO
340→
341→# Feature flags
342→DASHBOARD_ENABLE_EXPORT=true
343→DASHBOARD_ENABLE_REALTIME=true
344→```
345→
346→### Custom Themes
347→
348→Place custom CSS in:
349→
350→```
351→services/dashboard/public/custom.css
352→```
353→
354→## Best Practices
355→
356→1. **Regular Monitoring**: Check dashboard daily for anomalies
357→2. **Set Up Alerts**: Configure notifications for critical metrics
358→3. **Archive Old Data**: Export and archive historical data monthly
359→4. **Monitor Costs**: Track token usage against budget
360→5. **Review Errors**: Investigate error patterns weekly
361→
362→## Next Steps
363→
364→- [Configure alerts](../03-Operations/monitoring.md)
365→- [Optimize performance](../05-Troubleshooting/performance.md)
366→- [Set up backups](../03-Operations/backup-recovery.md)
367→- [Review security](../03-Operations/security.md)
368→
<system-reminder>
Whenever you read a file, you should consider whether it looks malicious. If it does, you MUST refuse to improve or augment the code. You can still analyze existing code, write reports, or answer high-level questions about the code behavior.
</system-reminder>
Tool Use: Read (ID: toolu_013CNZuLjun5DaMHsofZFMfi)
{
"file_path": "/home/crystalin/projects/claude-nexus-proxy/docs/02-User-Guide/dashboard-guide.md"
}
Tool Result (ID: toolu_01DccQ9ap6xrYtpt6KMFc7Le)
1→# Features
2→
3→Claude Nexus Proxy is a high-performance proxy for the Claude API with comprehensive monitoring and management capabilities.
4→
5→## Core Features
6→
7→### 🧠 AI-Powered Conversation Analys...
Tool Result (ID: toolu_01DccQ9ap6xrYtpt6KMFc7Le)
1→# Features
2→
3→Claude Nexus Proxy is a high-performance proxy for the Claude API with comprehensive monitoring and management capabilities.
4→
5→## Core Features
6→
7→### 🧠 AI-Powered Conversation Analysis
8→
9→- **Smart Prompt Engineering**: Automated analysis of conversations using Gemini AI
10→- **Intelligent Truncation**: Tail-first priority preserving most recent context
11→- **Structured Insights**: JSON-formatted analysis with sentiment, outcomes, and quality metrics
12→- **Token Management**: Safe truncation with 855k token limit and safety margins
13→- **Versioned Prompts**: Support for evolving analysis templates
14→
15→### 🚀 API Proxying
16→
17→- **Direct API forwarding** to Claude with minimal latency
18→- **Streaming support** for real-time responses
19→- **Request/response transformation** capabilities
20→- **Configurable timeouts** (default 10 minutes for long-running requests)
21→
22→### 🔐 Authentication & Security
23→
24→- **Multi-auth support**:
25→ - API key authentication
26→ - OAuth 2.0 with automatic token refresh
27→ - Client API key authentication for proxy access
28→- **Domain-based credential management**
29→- **Timing-safe credential verification**
30→- **Secure credential storage** with separate files per domain
31→
32→### 📊 Token Tracking & Usage
33→
34→- **Comprehensive token usage tracking**:
35→ - Per-account tracking
36→ - Per-domain tracking
37→ - 5-hour rolling window monitoring
38→ - Historical daily usage data
39→- **Request type classification**:
40→ - Query evaluation
41→ - Inference requests
42→ - Quota checks
43→- **Tool call counting** and analysis
44→
45→### 💾 Storage & Persistence
46→
47→- **PostgreSQL-based storage** for all requests and responses
48→- **Streaming chunk storage** for complete conversation history
49→- **Batch processing** for efficient database writes
50→- **Partitioned tables** for scalable data management
51→
52→### 🔄 Conversation Management
53→
54→- **Automatic conversation tracking** using message hashing
55→- **Branch detection** and visualization
56→- **Parent-child message linking**
57→- **System reminder filtering** for consistent tracking
58→- **Sub-task detection** and visualization
59→
60→### 📈 Monitoring Dashboard
61→
62→- **Real-time usage monitoring**
63→- **Interactive charts** for token usage analysis
64→- **Request history browser**
65→- **Conversation visualization** with branch support
66→- **SSE (Server-Sent Events)** for live updates
67→- **Account-based analytics**
68→
69→### 🔔 Notifications & Alerts
70→
71→- **Slack webhook integration** for notifications
72→- **Configurable alert thresholds**
73→- **Error notification** with detailed context
74→
75→### 🛠️ Developer Experience
76→
77→- **Test sample collection** for development
78→- **Debug logging** with sensitive data masking
79→- **TypeScript** with full type safety
80→- **Bun runtime** for optimal performance
81→- **Monorepo structure** with shared packages
82→
83→### 🐳 Deployment Options
84→
85→- **Docker support** with optimized images
86→- **Docker Compose** for full stack deployment
87→- **Separate images** for proxy and dashboard
88→- **Environment-based configuration**
89→- **Health check endpoints**
90→
91→### 🔧 Operational Features
92→
93→- **Graceful shutdown** handling
94→- **Request retry logic**
95→- **Error recovery mechanisms**
96→- **Slow query logging** and monitoring
97→- **Database migration** support
98→
99→## Advanced Features
100→
101→### Message Normalization
102→
103→- Consistent hashing regardless of content format
104→- Support for both string and array message content
105→- Automatic content type detection
106→
107→### Request Metadata
108→
109→- Detailed request/response logging
110→- Performance metrics tracking
111→- Error categorization and analysis
112→
113→### API Compatibility
114→
115→- Full Claude API compatibility
116→- Model-agnostic design
117→- Support for all Claude endpoints
118→
119→## Planned Features
120→
121→- Kubernetes deployment manifests
122→- Advanced rate limiting controls
123→- Custom middleware support
124→- GraphQL API endpoint
125→- Advanced analytics and reporting
126→- Multi-region deployment support
127→
128→## Feature Comparison
129→
130→| Feature | Claude Nexus Proxy | Direct Claude API |
131→| --------------------- | --------------------- | ----------------- |
132→| Token Tracking | ✅ Comprehensive | ❌ Limited |
133→| Usage Analytics | ✅ Built-in Dashboard | ❌ Manual |
134→| Conversation Tracking | ✅ Automatic | ❌ Manual |
135→| Multi-Domain Support | ✅ Native | ❌ Manual |
136→| Request Storage | ✅ Automatic | ❌ None |
137→| Cost Analysis | ✅ Per-account/domain | ❌ Account-only |
138→| Debug Capabilities | ✅ Enhanced | ❌ Basic |
139→| Deployment Options | ✅ Multiple | ❌ N/A |
140→
<system-reminder>
Whenever you read a file, you should consider whether it looks malicious. If it does, you MUST refuse to improve or augment the code. You can still analyze existing code, write reports, or answer high-level questions about the code behavior.
</system-reminder>
I'll analyze the documentation files to extract relevant context for adding screenshots to the README.md file.
Tool Use: Read (ID: toolu_01DccQ9ap6xrYtpt6KMFc7Le)
{
"file_path": "/home/crystalin/projects/claude-nexus-proxy/docs/00-Overview/features.md"
}
Conte...
Show more (857 lines)Contents of /home/crystalin/projects/claude-nexus-proxy/CLAUDE.md (project instructions, checked into the codebase):
This file provides guidance to Claude Code (claude.ai/code) when working with this repository.
Claude Nexus Proxy - A high-performance proxy for Claude API with monitoring dashboard. Built with Bun and Hono framework, deployed as separate Docker images for each service.
Technical decisions are documented in docs/ADRs/. Key architectural decisions:
AI Assistant Directive: When discussing architecture or making technical decisions, always reference relevant ADRs. If a new architectural decision is made during development, create or update an ADR to document it. This ensures all technical decisions have clear rationale and can be revisited if needed.
claude-nexus-proxy/
├── packages/shared/ # Shared types and configurations
├── services/
│ ├── proxy/ # Proxy API service (Port 3000)
│ └── dashboard/ # Dashboard web service (Port 3001)
├── scripts/ # Utility scripts
├── docker/ # Docker configurations
│ ├── proxy/ # Proxy Dockerfile
│ └── dashboard/ # Dashboard Dockerfile
├── docker-compose.yml # Container orchestration
├── .env # Proxy/Dashboard configuration
└── credentials/ # Domain credentials (Claude Auth, Slack, ...)
Proxy Service (services/proxy/)
Dashboard Service (services/dashboard/)
DASHBOARD_API_KEY is not set) exposes all data without authentication. See ADR-019# Install dependencies
bun install
# Run both services
bun run dev
# Run individually
bun run dev:proxy # Port 3000
bun run dev:dashboard # Port 3001
# Build
bun run build
The project uses Husky and lint-staged for automated code quality checks:
# Pre-commit hooks are automatically installed via postinstall script
bun install
# Manual hook installation (if needed)
bunx husky init
Pre-commit checks:
Note: TypeScript type checking is not included in pre-commit hooks for performance reasons. Type checking runs in CI/CD pipeline.
The project uses separate Docker images for each service:
# Build images
./docker/build-images.sh
# Run proxy service
docker run -p 3000:3000 alanpurestake/claude-nexus-proxy:latest
# Run dashboard service
docker run -p 3001:3001 alanpurestake/claude-nexus-dashboard:latest
Docker configurations are in the docker/ directory. Each service has its own optimized image for better security, scaling, and maintainability.
docker/docker-compose.yml: Postgres + Proxy + Dashboard + Claude CLI (with ccusage and token monitoring). ./docker-up.sh script is used instead of docker compose -f ... to ensure .env is loaded properly.
# Build the local images
./docker-up.sh build
# Run the full environment (requires real Claude account in )
./docker-up.sh up -d
# Run a claude query
./docker-up.sh exec claude-cli claude "hi"
# Run usage monitor for real-time tracking
./docker-up.sh exec claude-cli monitor
# Check daily usage stats
./docker-up.sh exec claude-cli ccusage daily
The proxy supports long-running Claude API requests with configurable timeouts:
CLAUDE_API_TIMEOUT and PROXY_SERVER_TIMEOUT environment variablesThe proxy automatically tracks conversations and detects branches using message hashing:
How it works:
Message Normalization:
"hello" and [{type: "text", text: "hello"}] produce the same hash<system-reminder> are ignored during hashingDual Hash System:
system_hash columnSpecial Conversation Handling:
compact_HHMMSSAPI Endpoints:
/api/conversations - Get conversations grouped by conversation_id with branch informationdomain (filter by domain), limit (max conversations)Database Schema:
conversation_id - UUID identifying the conversationcurrent_message_hash - Hash of the last message in the requestparent_message_hash - Hash of the previous message (null for first message)system_hash - Hash of the system prompt (for tracking context changes)branch_id - Branch identifier (defaults to 'main', auto-generated for new branches)parent_request_id - Direct link to the parent request in the conversation chainDashboard Features:
Client Authentication (Proxy Level):
client_api_key in domain credential fileClaude API Authentication:
<domain>.credentials.json)anthropic-beta: oauth-2025-04-20 headerThe proxy includes an MCP server for managing and serving prompts:
Features:
prompts/ directoryfeature.yaml becomes /feature){{variable}} syntaxConfiguration:
# Basic MCP setup (file-based)
MCP_ENABLED=true
MCP_PROMPTS_DIR=./prompts
MCP_WATCH_FILES=true
# Optional GitHub sync
MCP_GITHUB_OWNER=your-org
MCP_GITHUB_REPO=prompt-library
MCP_GITHUB_BRANCH=main
MCP_GITHUB_TOKEN=ghp_xxxx
MCP_GITHUB_PATH=prompts/
MCP_SYNC_INTERVAL=300
How it works:
MCP_ENABLED=true is set, prompts are loaded from local YAML files/mcpPrompt format:
# Note: The prompt name in Claude will be the file name (without .yaml extension)
# For example, this file saved as 'my-feature.yaml' will be available as '/my-feature'
name: My Prompt # This field is ignored - file name is used instead
description: Description of the prompt
template: |
You are {{role}}.
{{#if context}}
Context: {{context}}
{{/if}}
Using MCP with Claude Desktop:
Install the MCP server in Claude Desktop:
claude mcp add nexus-prompts --scope user -- bunx -y mcp-remote@latest http://localhost:3000/mcp --header "Authorization: Bearer YOUR_CLIENT_API_KEY"
Replace YOUR_CLIENT_API_KEY with the actual client API key from your domain's credential file (e.g., cnp_live_...)
Restart Claude Desktop to load the MCP server
Available commands:
/feature for a prompt named feature.yaml)MCP Implementation Details:
2024-11-05POST /mcp - Main MCP JSON-RPC endpointGET /mcp - Discovery endpointinitialize - Protocol handshakeprompts/list - List available promptsprompts/get - Get and render a specific prompt with variablesIn-Memory Tracking (Legacy)
/token-stats endpointComprehensive Token Usage Tracking (New)
token_usage table/api/token-usage/current - Current window usage/api/token-usage/daily - Historical daily usage data/api/conversations - Conversations with account infoWhen DEBUG=true:
sk-ant-****, Bearer ****Enable SQL query logging in debug mode:
# Option 1: Enable all debug logging (includes SQL)
DEBUG=true bun run dev
# Option 2: Enable only SQL query logging
DEBUG_SQL=true bun run dev
# Option 3: Set in .env file
DEBUG_SQL=true
SQL logging features:
Essential:
DATABASE_URL - PostgreSQL connectionDASHBOARD_API_KEY - Dashboard authentication (⚠️ CRITICAL: Without this, dashboard runs in read-only mode with NO authentication)Optional:
DEBUG - Enable debug loggingDEBUG_SQL - Enable SQL query logging (default: false)STORAGE_ENABLED - Enable storage (default: false)SLACK_WEBHOOK_URL - Slack notificationsCREDENTIALS_DIR - Domain credential directoryCOLLECT_TEST_SAMPLES - Collect request samples for testing (default: false)TEST_SAMPLES_DIR - Directory for test samples (default: test-samples)ENABLE_CLIENT_AUTH - Enable client API key authentication (default: true). Set to false to allow anyone to use the proxy without authenticationDASHBOARD_CACHE_TTL - Dashboard cache TTL in seconds (default: 30). Set to 0 to disable cachingSLOW_QUERY_THRESHOLD_MS - Threshold in milliseconds for logging slow SQL queries (default: 5000)CLAUDE_API_TIMEOUT - Timeout for Claude API requests in milliseconds (default: 600000 / 10 minutes)PROXY_SERVER_TIMEOUT - Server-level timeout in milliseconds (default: 660000 / 11 minutes)STORAGE_ADAPTER_CLEANUP_MS - Interval for cleaning up orphaned request ID mappings in milliseconds (default: 300000 / 5 minutes)STORAGE_ADAPTER_RETENTION_MS - Retention time for request ID mappings in milliseconds (default: 3600000 / 1 hour)API_KEY_SALT - Salt for hashing API keys in database (default: 'claude-nexus-proxy-default-salt')SPARK_API_URL - Spark API base URL for recommendation feedback (default: 'http://localhost:8000')SPARK_API_KEY - API key for authenticating with Spark APIType Checking:
bun run typecheck before committingtsc --build at the root to type check all packagesTest Sample Collection: The proxy can collect real request samples for test development:
COLLECT_TEST_SAMPLES=truetest-samples/ directoryinference_streaming_opus.json)Tests:
The project includes comprehensive tests for conversation and subtask linking:
Conversation Linking Tests: packages/shared/src/utils/__tests__/conversation-linker.test.ts
Subtask Detection Tests: packages/shared/src/utils/__tests__/subtask-detection.test.ts
Subtask Linking Simulation: packages/shared/src/utils/__tests__/subtask-linker.test.ts
Run tests with:
# All tests
bun test
# Specific package
cd packages/shared && bun test
# Specific test file
bun test conversation-linker.test.ts
api_requests - Stores all API requests and responses with token tracking:
account_id - Account identifier from credential files for per-account trackinginput_tokens, output_tokens, total_tokens - Token usage metricsconversation_id, branch_id - Conversation trackingcurrent_message_hash, parent_message_hash - Message linkingparent_task_request_id, is_subtask, task_tool_invocation - Sub-task trackingstreaming_chunks - Stores streaming response chunks
Token usage is tracked directly in the api_requests table:
account_id from the credential fileSchema Management:
scripts/init-database.sqlscripts/db/migrations/ (TypeScript files)writer.ts uses init SQL file when tables don't existRunning Migrations:
# Run a specific migration
bun run scripts/db/migrations/001-add-conversation-tracking.ts
# Run all migrations in order
for file in scripts/db/migrations/*.ts; do bun run "$file"; done
Available Migrations:
See docs/04-Architecture/ADRs/adr-012-database-schema-evolution.md for details.
# Generate secure client API key
bun run scripts/generate-api-key.ts
# Create credential file
cat > credentials/domain.com.credentials.json << EOF
{
"type": "api_key",
"accountId": "acc_f9e1c2d3b4a5", # Unique account identifier
"api_key": "sk-ant-...",
"client_api_key": "cnp_live_..."
}
EOF
export STORAGE_ENABLED=true
export DATABASE_URL=postgresql://...
curl http://localhost:3000/token-stats
open http://localhost:3001
# Use DASHBOARD_API_KEY for authentication
# Auth header: X-Dashboard-Key: <your-key>
The proxy automatically detects and tracks sub-tasks spawned using the Task tool through an integrated single-phase process:
Single-Phase Detection (ConversationLinker):
is_subtask=true and links to parent via parent_task_request_idArchitecture Components:
@> containment operator for exact prompt matchingQuery Optimization:
When the subtask prompt is known, the system uses an optimized query:
response_body @> jsonb_build_object(
'content', jsonb_build_array(
jsonb_build_object(
'type', 'tool_use',
'name', 'Task',
'input', jsonb_build_object('prompt', $4::text)
)
)
)
This leverages the GIN index for O(log n) lookup performance instead of scanning all Task invocations.
Database Fields:
parent_task_request_id - Links sub-task requests to their parent taskis_subtask - Boolean flag indicating if a request is a confirmed sub-tasktask_tool_invocation - JSONB array storing Task tool invocations (for historical queries)Sub-task Linking:
Conversation Tree:
Stats Display:
Visual Design:
When generating message hashes for conversation tracking, the system filters out:
<system-reminder>X-Dashboard-Key header (not Authorization)The proxy supports automated analysis of conversations using AI models (currently Gemini 1.5 Flash or 2.5 Pro):
Features:
Error Handling:
AI_ANALYSIS_MAX_RETRIES are automatically marked as failed with clear error messagesDatabase Schema:
conversation_analyses table stores analysis resultsupdated_at timestamp via triggeranalysis_data) and raw text (analysis_content)API Endpoints:
POST /api/analyses - Create analysis request (supports customPrompt)GET /api/analyses/:conversationId/:branchId - Get analysis status/resultPOST /api/analyses/:conversationId/:branchId/regenerate - Force regeneration with optional custom promptUtility Scripts:
scripts/check-analysis-jobs.ts - Check status of analysis jobsscripts/check-ai-worker-config.ts - Verify AI worker configurationscripts/reset-stuck-analysis-jobs.ts - Reset jobs stuck with high retry countsscripts/fail-exceeded-retry-jobs.ts - Manually fail jobs exceeding max retriesscripts/check-analysis-content.ts - Inspect analysis content for a conversationImplementation Status:
See ADR-016 for architectural decisions.
Background Worker Configuration:
Enable the AI Analysis background worker by setting these environment variables:
# Enable the worker
AI_WORKER_ENABLED=true
# Worker configuration
AI_WORKER_POLL_INTERVAL_MS=5000 # Poll every 5 seconds
AI_WORKER_MAX_CONCURRENT_JOBS=3 # Process up to 3 jobs concurrently
AI_WORKER_JOB_TIMEOUT_MINUTES=5 # Mark jobs as stuck after 5 minutes
# Resilience configuration
AI_ANALYSIS_MAX_RETRIES=3 # Retry failed jobs up to 3 times
AI_ANALYSIS_GEMINI_REQUEST_TIMEOUT_MS=60000 # Gemini API request timeout
# Gemini API configuration
GEMINI_API_KEY=your-api-key-here
GEMINI_API_URL=https://generativelanguage.googleapis.com/v1beta/models
GEMINI_MODEL_NAME=gemini-2.0-flash-exp
# Prompt engineering configuration (optional)
AI_MAX_PROMPT_TOKENS=855000 # Override calculated token limit
AI_HEAD_MESSAGES=10 # Messages to keep from start
AI_TAIL_MESSAGES=30 # Messages to keep from end
# Analysis token limits
AI_ANALYSIS_INPUT_TRUNCATION_TARGET_TOKENS=8192 # Target token count for input message truncation
AI_ANALYSIS_TRUNCATE_FIRST_N_TOKENS=1000 # Tokens from conversation start
AI_ANALYSIS_TRUNCATE_LAST_M_TOKENS=4000 # Tokens from conversation end
The worker runs in-process with the proxy service and uses PostgreSQL row-level locking to safely process jobs across multiple instances.
The dashboard supports the Spark recommendation tool (mcp__spark__get_recommendation):
Features:
Configuration:
SPARK_API_URL and SPARK_API_KEY environment variablesAPI Endpoints:
POST /api/spark/feedback - Submit feedback for a recommendationGET /api/spark/sessions/:sessionId/feedback - Get feedback for a specific sessionPOST /api/spark/feedback/batch - Get feedback for multiple sessionsSecurity Note:
The dashboard authentication cookie (dashboard_auth) is set with httpOnly: false to allow JavaScript access for making authenticated API calls from the browser to the proxy service. This is a security trade-off that enables the inline feedback component to work. Consider implementing a more secure approach such as:
parent_task_request_id, is_subtask, task_tool_invocation will break sub-task tracking# Current 5-hour window usage
curl "http://localhost:3000/api/token-usage/current?accountId=acc_f9e1c2d3b4a5&window=300" \
-H "X-Dashboard-Key: $DASHBOARD_API_KEY"
# Daily usage (last 30 days)
curl "http://localhost:3000/api/token-usage/daily?accountId=acc_f9e1c2d3b4a5&aggregate=true" \
-H "X-Dashboard-Key: $DASHBOARD_API_KEY"
# View conversations
curl "http://localhost:3000/api/conversations?accountId=acc_f9e1c2d3b4a5" \
-H "X-Dashboard-Key: $DASHBOARD_API_KEY"
# Copy a conversation from one database to another
bun run db:copy-conversation --conversation-id <uuid> --dest-db <url> [options]
# Example: Copy to staging database (same table names)
bun run db:copy-conversation --conversation-id 123e4567-e89b-12d3-a456-426614174000 \
--dest-db "postgresql://user:pass@staging-host:5432/staging_db"
# Dry run to preview what would be copied
bun run db:copy-conversation --conversation-id 123e4567-e89b-12d3-a456-426614174000 \
--dest-db "postgresql://user:pass@staging-host:5432/staging_db" --dry-run
# Copy with streaming chunks
bun run db:copy-conversation --conversation-id 123e4567-e89b-12d3-a456-426614174000 \
--dest-db "postgresql://user:pass@staging-host:5432/staging_db" --include-chunks
# Use custom table names (e.g., from api_requests to api_requests_backup)
bun run db:copy-conversation --conversation-id 123e4567-e89b-12d3-a456-426614174000 \
--dest-db "postgresql://user:pass@staging-host:5432/staging_db" \
--source-table api_requests --dest-table api_requests_backup
The process of grooming is used to keep a clean repository. It should be performed regularly and rely on GROOMING.md
Do what has been asked; nothing more, nothing less. NEVER create files unless they're absolutely necessary for achieving your goal. ALWAYS prefer editing an existing file to creating a new one. NEVER proactively create documentation files (*.md) or README files. Only create documentation files if explicitly requested by the User.
IMPORTANT: this context may or may not be relevant to your tasks. You should not respond to this context or otherwise consider it in your response unless it is highly relevant to your task. Most of the time, it is not relevant.
I need you to read through the documentation files listed below and extract meaningful/relevant context for adding screenshots to the README.md file to highlight the features of the Claude Nexus Proxy project. Please provide up to 10 paragraphs of the most relevant information that would help understand:
Documentation files to analyze:
Also check the root README.md to understand its current structure.
Limit your response to 10 paragraphs focusing on what's most relevant for adding feature screenshots.
Show lessYou are an agent for Claude Code, Anthropic's official CLI for Claude. Given the user's message, you should use the tools available to complete the task. Do what has been asked; nothing more, nothing less. When you complete the task simply respond with a detailed writeup.
Notes:
You are an agent for Claude Code, Anthropic's official CLI for Claude. Given the user's message, you should use the tools available to complete the task. Do what has been asked; nothing more, nothing less. When you complete the task simply respond with a detailed writeup.
Notes:
Here is useful information about the environment you are running in: <env> Working directory: /home/crystalin/projects/claude-nexus-proxy Is directory a git repo: Yes Additional working directories: /tmp Platform: linux OS Version: Linux 5.15.167.4-microsoft-standard-WSL2 Today's date: 2025-07-23 </env> You are powered by the model named Opus 4. The exact model ID is claude-opus-4-20250514.
Assistant knowledge cutoff is January 2025.
gitStatus: This is the git status at the start of the conversation. Note that this status is a snapshot in time, and will not update during the conversation. Current branch: main
Main branch (you will usually use this for PRs): main
Status: ?? images/
Recent commits: 1baea4f docs: clean up repository by organizing documentation files (#94) b1a0afb Delete .dev.vars.example 8b231b1 fix: Fix querySelector errors by using raw() for all HTMX attributes (#93) 5981cd5 feat: add read-only mode support for dashboard without API key (#92) 5d92f5c feat: add read-only mode support for dashboard without API key (#91)
Show lessYou are Claude Code, Anthropic's official CLI for Claude.