Add Maslow 4 chat assistant: Flask + OpenAI API with GitHub Pages and Cloudflare Worker support#1
Add Maslow 4 chat assistant: Flask + OpenAI API with GitHub Pages and Cloudflare Worker support#1
Conversation
Co-authored-by: BarbourSmith <9359447+BarbourSmith@users.noreply.github.com>
|
@copilot code review[agent] Can this be hosted on github pages? |
Co-authored-by: BarbourSmith <9359447+BarbourSmith@users.noreply.github.com>
Yes — added in commit To enable GitHub Pages:
How it works: the page fetches The Flask app ( |
|
@copilot Is it possible to keep the API key in the github pages secrets? I don't want users to have to provide their own API key |
…ed API key Co-authored-by: BarbourSmith <9359447+BarbourSmith@users.noreply.github.com>
GitHub Pages secrets aren't available at runtime — anything embedded in a static page is visible in the browser source, so the key can't be hidden that way. The solution is a thin server-side proxy. Added in commit How it worksSetup (one-time, ~5 minutes)1. Deploy the worker: npm install -g wrangler
wrangler login
npx wrangler deploy
npx wrangler secret put OPENAI_API_KEY # paste key when promptedCopy the worker URL printed after deploy (e.g. 2. Configure GitHub Pages to use the worker:
Once live, the API key field is hidden entirely and users can chat straight away: (The screenshot above shows direct mode — in proxy mode the yellow key notice and input field are not shown at all.) If |

Adds a web-based chat interface backed by the OpenAI API, purpose-built to answer technical questions about the Maslow 4 CNC router. The AI is grounded by a curated markdown reference document injected as the system prompt. Supports three deployment options: GitHub Pages + Cloudflare Worker proxy (recommended), GitHub Pages direct, and self-hosted Flask.
Static Frontend (
index.html) — GitHub Pages (dual mode)common_issues.mdat runtime and injects it as the system promptWORKER_URLrepo variable is set, the page calls the Cloudflare Worker — the API key section is hidden entirely and users can chat without providing a keyWORKER_URLis not set, the API key field is shown and the browser calls OpenAI directly; key is stored inlocalStorageCloudflare Worker proxy (
worker.js) — keeps API key off the browserALLOWED_ORIGINvariable restricts requests to the GitHub Pages domainTo deploy:
npx wrangler deploythennpx wrangler secret put OPENAI_API_KEYGitHub Actions workflow (
.github/workflows/deploy-pages.yml)mainWORKER_URLrepository variable and injects it intoindex.htmlat build time viasedTo enable: Settings → Pages → Source: GitHub Actions; add
WORKER_URLunder Settings → Secrets and variables → Actions → Variables.Backend (
app.py) — Self-hosted FlaskGET /(UI) andPOST /chat(LLM proxy)user/assistant, content must be string) before forwarding to OpenAIAPIErrorand emptychoicesresponses; returns structured JSON errors with appropriate HTTP status codescommon_issues.mdis read once and cached; injected into every system promptServer-side Frontend (
templates/index.html)Reference document (
common_issues.md)Eight categories of Maslow 4 issues used as AI context: WiFi/network setup, belt mechanics, calibration, firmware updates, cutting problems, G-code/software, hardware assembly, and community resources.
Config (Flask / self-hosted)
cp .env.example .env # Set OPENAI_API_KEY; optionally override OPENAI_MODEL, OPENAI_MAX_TOKENS, PORT pip install -r requirements.txt python app.pyOriginal prompt
🔒 GitHub Advanced Security automatically protects Copilot coding agent pull requests. You can protect all pull requests by enabling Advanced Security for your repositories. Learn more about Advanced Security.