This is a simple Raycast AI API proxy. It allows you to use the Raycast AI application without subscribing. The proxy converts requests from Raycast into a format to send to AI model providers (e.g., OpenAI), and then converts the responses back into Raycast’s format.
This project uses a man-in-the-middle approach to intercept and forward Raycast requests to various AI APIs, then returns the responses after reformatting them for Raycast. It primarily maps:
GET /api/v1/me: Modifies the flag indicating user support for AI.POST /api/v1/translations: Translation interface.POST /api/v1/ai/chat_completions: Common AI interface.GET /api/v1/ai/models: AI model list interface.
- Modify DNS or
/etc/hoststo pointbackend.raycast.comto this proxy instead of the official server. - The proxy receives the HTTPS requests from Raycast.
- A self-signed certificate is used to decrypt and forward these requests to the configured AI endpoints (e.g., OpenAI, Anthropic).
- The responses are re-encrypted and returned to Raycast.
Because Raycast and its API communicate via HTTPS, you need to trust the self-signed certificate for this interception to work. More details on man-in-the-middle proxies can be found at mitmproxy documentation.
Environment variables are becoming deprecated. Now you can define multiple models in config.yml, allowing providers to coexist:
models:
- provider_name: "openai"
api_type: "openai"
params:
api_key: "sk-xxxx"
allow_model_patterns:
- "gpt-\\d+"
- provider_name: "azure openai"
api_type: "openai"
params:
api_key: "xxxxxx"
base_url: "https://your-resource.openai.azure.com"
# ...
- provider_name: "google"
api_type: "gemini"
params:
api_key: "xxxxxx"
- provider_name: "anthropic"
api_type: "anthropic"
params:
api_key: "sk-ant-xxx"
- provider_name: "deepseek"
api_type: "openai" # openai-compatible
params:
api_key: "sk-deepseek-xxx"
default_model: "gpt-4"Each provider entry specifies the provider name, API type, and parameters.
provider_name: The provider name. used for identification.api_type: The API type. For example,openai,gemini, oranthropic.params:base_url,api_key, and other parameters required by the provider.
Supported providers: you can combine multiple models, Common options include:
| Provider | Model | Test Status | Image Generation | Web Search |
|---|---|---|---|---|
openai |
from api | Tested | Supported | Not supported |
azure openai |
Same as above | Tested | Supported | Same as above |
google |
from api | Tested | Not supported | from api |
anthropic |
claude-3-sonnet, claude-3-opus, claude-3-5-opus | Tested | Not supported | Not supported |
deepseek |
from api | Tested | Not supported | Not supported |
ollama |
from api | Tested | Not Supported | Not supported |
Refer to the config.yml.example file for more details.
Only OpenAI API supports image generation.
pip3 install mitmproxy
python -c "$(curl -fsSL https://raw.githubusercontent.com/yufeikang/raycast_api_proxy/main/scripts/cert_gen.py)" --domain backend.raycast.com --out ./certOr
Clone this repository and run:
pdm run cert_genOpen the CA certificate in the cert folder and add it to the system keychain and trust it.
This is mandatory, as the Raycast AI proxy uses a self-signed certificate, and it must be trusted to work correctly.
Note:
When using on macOS with Apple Silicon, if you encounter application hanging issues when manually adding the CA certificate to the "Keychain Access", you can use the following command in the terminal as an alternative:
sudo security add-trusted-cert -d -p ssl -p basic -k /Library/Keychains/System.keychain ~/.mitmproxy/mitmproxy-ca-cert.pem127.0.0.1 backend.raycast.com
::1 backend.raycast.com
The purpose of this modification is to redirect backend.raycast.com to the local machine, rather than the real backend.raycast.com. You can also add this record in your DNS server.
Alternatively, you can add this record to your DNS server. The ultimate goal is to make backend.raycast.com point to the address where this project is deployed. The 127.0.0.1 can be
replaced with your deployment address. If you deploy this project in the cloud or in your local network, you can point this address to your deployment address.
docker run --name raycast \
-e OPENAI_API_KEY=$OPENAI_API_KEY \
-p 443:443 \
--dns 1.1.1.1 \
-v $PWD/cert/:/data/cert \
-e CERT_FILE=/data/cert/backend.raycast.com.cert.pem \
-e CERT_KEY=/data/cert/backend.raycast.com.key.pem \
-e LOG_LEVEL=INFO \
-d \
ghcr.io/yufeikang/raycast_api_proxy:mainYou can also deploy this service in the cloud or your local network, as long as your Raycast can access this address.
Then, restart Raycast, and you should be able to use it.
Refer to How to switch between OpenAI and Azure OpenAI endpoints with Python.
Simply modify the corresponding environment variables.
docker run --name raycast \
-e OPENAI_API_KEY=$OPENAI_API_KEY \
-e OPENAI_BASE_URL=https://your-resource.openai.azure.com \
-e OPENAI_API_VERSION=2023-05-15 \
-e OPENAI_API_TYPE=azure \
-e AZURE_DEPLOYMENT_ID=your-deployment-id \
-p 443:443 \
--dns 1.1.1.1 \
-v $PWD/cert/:/data/cert \
-e CERT_FILE=/data/cert/backend.raycast.com.cert.pem \
-e CERT_KEY=/data/cert/backend.raycast.com.key.pem \
-e LOG_LEVEL=INFO \
-d \
ghcr.io/yufeikang/raycast_api_proxy:mainCan be used together with the OpenAI API by setting the corresponding environment variables.
Obtain your Google API Key and export it as GOOGLE_API_KEY.
# git clone this repo and cd to it
docker build -t raycast .
docker run --name raycast \
-e GOOGLE_API_KEY=$GOOGLE_API_KEY \
-p 443:443 \
--dns 1.1.1.1 \
-v $PWD/cert/:/data/cert \
-e CERT_FILE=/data/cert/backend.raycast.com.cert.pem \
-e CERT_KEY=/data/cert/backend.raycast.com.key.pem \
-e LOG_LEVEL=INFO \
-d \
raycast:latest- Clone this repository
- Install dependencies using
pdm install - Create environment variables
export OPENAI_API_KEY=<your openai api key>
- Generate self-signed certificate using
./scripts/cert_gen.py --domain backend.raycast.com --out ./cert - Start the service using
python ./app/main.py
Since you might have modified the local DNS, developing locally might lead to DNS loops. To avoid this, use Docker during local development and start the development environment by specifying the DNS.
Reference:
sh ./local_docker.shYou can refer to the custom_mapping.yml.example file in the project directory to customize the modifications to some interface responses.
"api/v1/me/trial_status":
get:
response:
body:
# json path replace
"$.trial_limits.commands_limit": 30For example, the above configuration will replace $.trial_limits.commands_limit in the response body of the GET api/v1/me/trial_status interface with 30. The
$.trial_limits.commands_limit is a JSON path.
Currently, only response body replacements are supported.
If you want to allow multiple users to share this service or you deploy the service on the public internet, you need to restrict which users can access the service. You can use the
ALLOWED_USERS environment variable to restrict which users can access the service.
ALLOWED_USERS="xx@example.com,yy@example.com"The email addresses are the Raycast user email addresses, separated by commas.
-
DNS Designation Due to the presence of GFW (Great Firewall of China), if you use this in mainland China, you might need to designate a domestic DNS server. Otherwise, domain names might not resolve correctly. For instance:
--dns 223.5.5.5. -
DNS Not Taking Effect Sometimes on macOS, modifying the
/etc/hostsfile does not take effect immediately. There’s no known solution to this yet. Sometimes restarting Raycast helps, or modifying the/etc/hostsfile again might work.
- Support web search
- Support more AI models
- Improve project structure