In Batak Toba culture, the harbangan is the gate of the traditional house — but it is far more than a physical structure. It is a threshold between worlds: the ordered, protected space of family and community on one side, and the open, unpredictable world on the other. In Batak cosmology, to cross a threshold is to navigate between states of being.
This gateway embodies the same philosophy:
- Cosmic boundary — The harbangan separates the three realms of Batak cosmology. This gateway sits at the boundary between your client code and multiple provider backends (Kiro, Anthropic, OpenAI Codex, Copilot, Custom), translating between OpenAI and Anthropic formats on either side.
- Guardian of social order — The Batak gate enforces Dalihan Na Tolu, the three-pillar kinship system that governs who may enter and how. Harbangan enforces multi-user RBAC: Google SSO, per-user API keys, admin/user roles, and domain allowlisting decide what passes through.
- Ritual transition — Crossing a harbangan signals a shift in status. Requests crossing this gateway undergo their own transformation: format conversion, content guardrails (CEL rules + AWS Bedrock), and provider routing before reaching the other side.
- Openness as moral virtue — In Batak ethics, a gate that is always open signals generosity and communal spirit. This one is open source, and in proxy-only mode, a single container is all you need to open the gate.
Further reading on Batak Toba philosophy: Form and Meaning of Batak Toba House · Dalihan Na Tolu: Vision of Integrity · Batak Cultural Values
Model availability depends on your deployment mode.
All Claude models via AWS CodeWhisperer. Default provider — available in both modes.
| Model | ID | Description |
|---|---|---|
| Claude Opus 4.6 | claude-opus-4.6 |
Latest flagship. Complex reasoning |
| Claude Sonnet 4.6 | claude-sonnet-4.6 |
Balanced. Coding, general-purpose |
| Claude Haiku 4.5 | claude-haiku-4.5 |
Fast. Quick responses, simple tasks |
| Claude Sonnet 4 | claude-sonnet-4 |
Previous generation balanced |
| Claude 3.7 Sonnet | claude-3.7-sonnet |
Legacy |
| Claude 3.5 Sonnet v2 | claude-3-5-sonnet-20241022 |
Legacy |
| Claude 3.5 Sonnet v1 | claude-3-5-sonnet-20240620 |
Legacy |
| Claude 3.5 Haiku | claude-3-5-haiku-20241022 |
Legacy |
| Claude 3 Opus | claude-3-opus-20240229 |
Legacy |
| Claude 3 Sonnet | claude-3-sonnet-20240229 |
Legacy |
| Claude 3 Haiku | claude-3-haiku-20240307 |
Legacy |
Smart Model Resolution: Use any name format —
claude-sonnet-4-6,claude-sonnet-4.6, or versioned likeclaude-sonnet-4-20250514. The gateway normalizes automatically.
Requires per-user OAuth tokens configured in the Web UI. Use the provider/model prefix format.
| Provider | Prefix | Example Models |
|---|---|---|
| Anthropic | anthropic/ |
Claude family (direct API, bypasses Kiro) |
| OpenAI Codex | openai_codex/ |
gpt-4, o1-*, o3-*, o4-*, chatgpt-* |
| GitHub Copilot | copilot/ |
Copilot models |
| Custom | custom/ |
Any OpenAI-compatible endpoint |
Direct providers bypass Kiro entirely and require full deployment with PostgreSQL. See Client Setup for configuration details.
- OpenAI + Anthropic compatible APIs
- Real-time SSE streaming
- Extended thinking / reasoning
- Multi-user with Google SSO + per-user API keys
- Content Guardrails (AWS Bedrock)
- Web dashboard with usage tracking
- Proxy-Only Mode (single container, all providers, no DB or Web UI)
- Optional Datadog APM
Full mode (multi-user, Web UI, Google SSO + PostgreSQL):
git clone https://github.com/if414013/harbangan.git && cd harbangan
cp .env.example .env # edit with your PostgreSQL password
docker compose up -d # start all servicesOpen https://your-domain/_ui/ to complete setup.
Proxy-only mode (single container, Kiro-only, no DB or Web UI):
cp .env.proxy.example .env.proxy # set PROXY_API_KEY (min 16 chars)
docker compose -f docker-compose.gateway.yml --env-file .env.proxy up -dOn first start, the container prints an AWS device code URL — open it in a browser to authenticate with Kiro. Credentials are cached to a Docker volume so subsequent restarts are automatic.
Full setup walkthrough: Getting Started guide
- Getting Started — Setup walkthrough for both deployment modes
- Quickstart — Running in under 5 minutes
- Configuration — Environment variables and runtime settings
- API Reference — Endpoint documentation with examples
- Architecture — System design and component overview
- Client Setup — Claude Code, Zed, OpenCode, and SDK configs
- Deployment — Production deployment guide
- Troubleshooting — Common issues and solutions
This project is licensed under the GNU Affero General Public License v3.0 (AGPL-3.0).
- You can use, modify, and distribute this software
- Network use is distribution — if you run a modified version on a server, you must make the source code available
- Modifications must be released under the same license
See the LICENSE file for the full license text.
By submitting a contribution, you agree to the terms of our Contributor License Agreement (CLA).
This project is not affiliated with, endorsed by, or sponsored by Amazon Web Services (AWS), Anthropic, or Kiro IDE. Use at your own risk and in compliance with the terms of service of the underlying APIs.