New Feature: Add optional LiteLLM Docker Compose setup for local LLM gateway

[marazik]

Summary:
This adds an optional LiteLLM Docker Compose setup for local LLM routing.
PR1 - Docker compose (current PR)
PR2 - Integration code (will follow)
PR3 - Documentation

Details:
This PR introduces an optional Docker Compose setup for LiteLLM, enabling a local LLM gateway that can be used alongside the existing DeepWiki-Open stack.

It is fully opt-in and does not modify the default application runtime or existing Docker configuration.

Changes

• Added docker-compose-litellm.yml for standalone DeepWiki-Open + LiteLLM stack
• Added docker-compose-litellm.env for environment configuration
• Added Dockerfile-litellm for service containerization
• Added litellm-config.yml for runtime configuration

Note: Currently Dockerfile-litellm mirrors the existing Dockerfile to keep the setup consistent. It serves as an extension point for future modifications (e.g., optional removal of Ollama dependency).

---

Key Properties

• Fully isolated from existing DeepWiki-Open setup
• No changes to core application logic
• Can be enabled independently of main stack
• Supports local-first LLM routing via LiteLLM

---

Usage

ollama serve
docker compose -f docker-compose-litellm.yml up -d

---

Impact

• No impact on default system behavior
• Adds optional LLM abstraction layer for local development and testing
• Enables future integration of provider-agnostic LLM routing

---

Future Work

• Integration with DeepWiki-Open LLM client layer (PR2)
• Extended documentation and usage examples (PR3)

[gemini-code-assist]

Code Review

This pull request introduces a new Docker-based deployment configuration for DeepWiki using LiteLLM and Ollama, including a multi-stage Dockerfile, a Docker Compose setup, and LiteLLM configuration files. The review identifies several security risks involving hardcoded API keys and database passwords that should be moved to environment variables. Additionally, there are networking issues in the LiteLLM configuration regarding the Ollama API base, and the Dockerfile is missing several optimizations and dependencies found in the original version, such as build caching, memory limits, and CA certificates. Feedback also suggests avoiding pulling large LLM models during the build process to improve image portability and build reliability.

[gemini-code-assist]

Hardcoding an API key in a committed environment file is a security risk. Use a placeholder or reference an environment variable that can be set locally in a git-ignored .env file.

LITELLM_API_KEY=${LITELLM_API_KEY:-sk-placeholder}

[gemini-code-assist]

Hardcoded database password in the compose file. It is recommended to use environment variables for sensitive credentials to avoid exposing them in version control.

      POSTGRES_PASSWORD: ${LITELLM_DB_PASSWORD:-litellm_password}

[gemini-code-assist]

Hardcoded LiteLLM Master Key. This should be managed via environment variables to prevent unauthorized access and secret exposure.

      - LITELLM_MASTER_KEY=${LITELLM_MASTER_KEY:-sk-1234}

[gemini-code-assist]

Using host.docker.internal points to the host machine. However, Dockerfile-litellm starts Ollama inside the deepwiki container. To allow the litellm container to reach the containerized Ollama, use the service name deepwiki instead. This also applies to line 17.

      api_base: http://deepwiki:11434

[gemini-code-assist]

As noted for the generation model, this should point to the deepwiki service name to reach the containerized Ollama instance.

      api_base: http://deepwiki:11434

[gemini-code-assist]

The build stage is missing several optimizations and configurations present in the original Dockerfile.

1. Cache Invalidation: Using COPY . . (even with excludes) causes the build to re-run whenever any file in the repository changes. It is better to copy only the necessary files for the build (e.g., package.json, next.config.ts, etc.).
2. Memory Limits: The original Dockerfile included ENV NODE_OPTIONS="--max-old-space-size=4096", which is often necessary for Next.js builds to avoid OOM errors.
3. Telemetry: NEXT_TELEMETRY_DISABLED=1 is missing.

[gemini-code-assist]

Hardcoding a default value for TARGETARCH can lead to incorrect binary downloads when building on different architectures (e.g., amd64) if the build argument is not explicitly passed. It is recommended to let the Docker build environment provide this value automatically via Buildx.

ARG TARGETARCH

[gemini-code-assist]

Pulling large LLM models during the Docker build process significantly increases the final image size and makes the build fragile as it depends on external registry availability. Consider using a persistent volume for models or pulling them at runtime via a startup script to keep the image lightweight.

[gemini-code-assist]

This block is missing ca-certificates, which was present in the original Dockerfile. Furthermore, the custom certificate installation logic (lines 57-66 in the original Dockerfile) has been omitted. This will cause issues in environments that require custom CA bundles for network requests.

RUN apt-get update && apt-get install -y \
    curl \
    gnupg \
    git \
    ca-certificates \