LLM Orchestrator automation open-source platform
azurebotbot-platformbot-serverbotbuilderbotsgeneral-botsgpthelpwantedllmmessengermessenger-botsmsvirtual-assistantwhatsappwhatsapp-api
Rodrigo Rodriguez (Pragmatismo)
c67aaa677a
SECURITY MODULES ADDED: - security/auth.rs: Full RBAC with roles (Anonymous, User, Moderator, Admin, SuperAdmin, Service, Bot, BotOwner, BotOperator, BotViewer) and permissions - security/cors.rs: Hardened CORS (no wildcard in production, env-based config) - security/panic_handler.rs: Panic catching middleware with safe 500 responses - security/path_guard.rs: Path traversal protection, null byte prevention - security/request_id.rs: UUID request tracking with correlation IDs - security/error_sanitizer.rs: Sensitive data redaction from responses - security/zitadel_auth.rs: Zitadel token introspection and role mapping - security/sql_guard.rs: SQL injection prevention with table whitelist - security/command_guard.rs: Command injection prevention - security/secrets.rs: Zeroizing secret management - security/validation.rs: Input validation utilities - security/rate_limiter.rs: Rate limiting with governor crate - security/headers.rs: Security headers (CSP, HSTS, X-Frame-Options) MAIN.RS UPDATES: - Replaced tower_http::cors::Any with hardened create_cors_layer() - Added panic handler middleware - Added request ID tracking middleware - Set global panic hook SECURITY STATUS: - 0 unwrap() in production code - 0 panic! in production code - 0 unsafe blocks - cargo audit: PASS (no vulnerabilities) - Estimated completion: ~98% Remaining: Wire auth middleware to handlers, audit logs for sensitive data |
||
|---|---|---|
| .forgejo/workflows | ||
| .vscode | ||
| .zed | ||
| config | ||
| deploy/kubernetes | ||
| gen/schemas | ||
| migrations | ||
| scripts | ||
| src | ||
| .env.embedded | ||
| .env.example | ||
| .gitignore | ||
| 3rdparty.toml | ||
| add-req.sh | ||
| askama.toml | ||
| Cargo.lock | ||
| Cargo.toml | ||
| diesel.toml | ||
| fix-errors.sh | ||
| LICENSE | ||
| logo.png | ||
| PROMPT.md | ||
| README.md | ||
| SECURITY_TASKS.md | ||
General Bots - Enterprise-Grade LLM Orchestrator
A strongly-typed LLM conversational platform focused on convention over configuration and code-less approaches.
Quick Links
- Getting Started - Installation and first bot
- API Reference - REST and WebSocket endpoints
- BASIC Language - Dialog scripting reference
What is General Bots?
General Bots is a self-hosted AI automation platform that provides:
- Multi-Vendor LLM API - Unified interface for OpenAI, Groq, Claude, Anthropic
- MCP + LLM Tools Generation - Instant tool creation from code/functions
- Semantic Caching - Intelligent response caching (70% cost reduction)
- Web Automation Engine - Browser automation + AI intelligence
- Enterprise Data Connectors - CRM, ERP, database native integrations
- Git-like Version Control - Full history with rollback capabilities
Quick Start
Prerequisites
- Rust (1.75+) - Install from rustup.rs
- Git - Download from git-scm.com
Installation
git clone https://github.com/GeneralBots/botserver
cd botserver
cargo run
On first run, botserver automatically sets up PostgreSQL, S3 storage, Redis cache, and downloads AI models.
The server will be available at http://localhost:8080.
Documentation
docs/
├── api/ # API documentation
│ ├── README.md # API overview
│ ├── rest-endpoints.md # HTTP endpoints
│ └── websocket.md # Real-time communication
├── guides/ # How-to guides
│ ├── getting-started.md # Quick start
│ ├── deployment.md # Production setup
│ └── templates.md # Using templates
└── reference/ # Technical reference
├── basic-language.md # BASIC keywords
├── configuration.md # Config options
└── architecture.md # System design
Key Features
4 Essential Keywords
USE KB "kb-name" ' Load knowledge base into vector database
CLEAR KB "kb-name" ' Remove KB from session
USE TOOL "tool-name" ' Make tool available to LLM
CLEAR TOOLS ' Remove all tools from session
Example Bot
' customer-support.bas
USE KB "support-docs"
USE TOOL "create-ticket"
USE TOOL "check-order"
SET CONTEXT "support" AS "You are a helpful customer support agent."
TALK "Welcome! How can I help you today?"
Command-Line Options
cargo run # Default: console UI + web server
cargo run -- --noconsole # Background service mode
cargo run -- --desktop # Desktop application (Tauri)
cargo run -- --tenant <name> # Specify tenant
cargo run -- --container # LXC container mode
Environment Variables
Only directory service variables are required:
| Variable | Purpose |
|---|---|
DIRECTORY_URL |
Zitadel instance URL |
DIRECTORY_CLIENT_ID |
OAuth client ID |
DIRECTORY_CLIENT_SECRET |
OAuth client secret |
All service credentials are managed automatically. See Configuration for details.
Current Status
Version: 6.0.8
Build Status: SUCCESS
Production Ready: YES
Deployment
See Deployment Guide for:
- Single server setup
- Docker Compose
- LXC containers
- Kubernetes
- Reverse proxy configuration
Contributing
We welcome contributions! Please read our contributing guidelines before submitting PRs.
Security
Security issues should be reported to: security@pragmatismo.com.br
License
General Bot Copyright (c) pragmatismo.com.br. All rights reserved.
Licensed under the AGPL-3.0.
According to our dual licensing model, this program can be used either under the terms of the GNU Affero General Public License, version 3, or under a proprietary license.
Support
- GitHub Issues: github.com/GeneralBots/botserver/issues
- Stack Overflow: Tag questions with
generalbots - Video Tutorial: 7 AI General Bots LLM Templates
Contributors
General Bots Code Name: Guaribas
"No one should have to do work that can be done by a machine." - Roberto Mangabeira Unger