keyvault / README.md
gcharanteja
Run FastAPI + Gradio together in one HF Space
fa6bb79
|
Raw
History Blame Contribute Delete
1.7 kB
metadata
title: Keyvault
emoji: 🗝️
colorFrom: yellow
colorTo: purple
sdk: docker
pinned: false
short_description: Secret storage with a minimal UI (Gradio) + API (FastAPI)

Keyvault (FastAPI + Gradio)

This repo runs one Hugging Face Space that serves:

  • Gradio UI (public on port 7860 / $PORT)
  • FastAPI API (inside the same container on 127.0.0.1:8000)

The UI calls the API internally.

Endpoints (API)

FastAPI routes (available inside the Space container, and available publicly via the Space URL):

  • GET / (help)
  • GET /health
  • GET /secrets
  • GET /secrets/keys
  • GET /secrets/{key}
  • GET /secrets/{key}/full
  • PUT /secrets/{key}
  • POST /secrets
  • DELETE /secrets/{key}
  • GET /secrets/{key}/history
  • GET /audit
  • GET /stats

Swagger:

  • Local: http://127.0.0.1:8000/docs
  • On Spaces: https://<your-space>.hf.space/docs

Run locally (Mac)

1) Set DATABASE_URL

Create .env:

DATABASE_URL=postgresql+psycopg2://USER:PASSWORD@HOST:PORT/DBNAME?sslmode=require

2) Install

uv sync

3) Run API + UI together

chmod +x start.sh
./start.sh

Deploy on Hugging Face Spaces (Docker)

1) Add Space secret

Space → Settings → Repository secrets:

  • DATABASE_URL = your Postgres URL

2) URLs on Spaces

  • UI: https://<your-space>.hf.space/
  • API docs: https://<your-space>.hf.space/docs
  • OpenAPI: https://<your-space>.hf.space/openapi.json

Security note

This is a demo vault. Secrets are stored in plaintext in the database. Do not use for real production secrets without encryption + auth.