From 12e4d8d8b892afd5557e533b86aba1d84c8291cc Mon Sep 17 00:00:00 2001
From: Adil Hafeez <adil.hafeez@gmail.com>
Date: Fri, 24 Jan 2025 12:40:45 -0800
Subject: [PATCH] add support for custom llm with ssl support

Add support for using custom llm that are served through https protocol.
---
 arch/arch_config_schema.yaml                    |  5 +++++
 arch/envoy.template.yaml                        | 12 ++++++++++++
 demos/currency_exchange_ollama/arch_config.yaml |  7 +++++++
 3 files changed, 24 insertions(+)

diff --git a/arch/arch_config_schema.yaml b/arch/arch_config_schema.yaml
index e8c7e348..b532117c 100644
--- a/arch/arch_config_schema.yaml
+++ b/arch/arch_config_schema.yaml
@@ -61,6 +61,11 @@ properties:
           type: boolean
         endpoint:
           type: string
+        protocol:
+          type: string
+          enum:
+            - http
+            - https
       additionalProperties: false
       required:
         - name
diff --git a/arch/envoy.template.yaml b/arch/envoy.template.yaml
index 17147cc7..588c6f66 100644
--- a/arch/envoy.template.yaml
+++ b/arch/envoy.template.yaml
@@ -567,6 +567,18 @@ static_resources:
                       address: {{ local_llm_provider.endpoint }}
                       port_value: {{ local_llm_provider.port }}
                   hostname: {{ local_llm_provider.endpoint }}
+      {% if local_llm_provider.protocol == "https" %}
+      transport_socket:
+        name: envoy.transport_sockets.tls
+        typed_config:
+          "@type": type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.UpstreamTlsContext
+          sni: {{ local_llm_provider.endpoint }}
+          common_tls_context:
+            tls_params:
+              tls_minimum_protocol_version: TLSv1_2
+              tls_maximum_protocol_version: TLSv1_3
+      {% endif %}
+
 {% endfor %}
     - name: arch_internal
       connect_timeout: 5s
diff --git a/demos/currency_exchange_ollama/arch_config.yaml b/demos/currency_exchange_ollama/arch_config.yaml
index 5936ff17..bbfbaf1e 100644
--- a/demos/currency_exchange_ollama/arch_config.yaml
+++ b/demos/currency_exchange_ollama/arch_config.yaml
@@ -7,12 +7,19 @@ listener:
   connect_timeout: 0.005s
 
 llm_providers:
+
   - name: local-llama
     provider_interface: openai
     model: llama3.2
     endpoint: host.docker.internal:11434
     default: true
 
+  - name: arch-fc-cloud
+    provider_interface: openai
+    model: Arch-Function
+    endpoint: api.fc.archgw.com:443
+    protocol: https
+
 system_prompt: |
   You are a helpful assistant.