open-webui
diff --git a/‎backend/open_webui/config.py‎
Lines changed: 14 additions & 0 deletions b/‎backend/open_webui/config.py‎
Lines changed: 14 additions & 0 deletions
diff --git a/‎backend/open_webui/main.py‎
Lines changed: 19 additions & 2 deletions b/‎backend/open_webui/main.py‎
Lines changed: 19 additions & 2 deletions
diff --git a/‎backend/open_webui/routers/configs.py‎
Lines changed: 40 additions & 0 deletions b/‎backend/open_webui/routers/configs.py‎
Lines changed: 40 additions & 0 deletions
diff --git a/‎backend/open_webui/routers/terminals.py‎
Lines changed: 137 additions & 0 deletions b/‎backend/open_webui/routers/terminals.py‎
Lines changed: 137 additions & 0 deletions
diff --git a/‎backend/open_webui/utils/access_control.py‎
Lines changed: 28 additions & 0 deletions b/‎backend/open_webui/utils/access_control.py‎
Lines changed: 28 additions & 0 deletions
diff --git a/‎backend/open_webui/utils/middleware.py‎
Lines changed: 16 additions & 2 deletions b/‎backend/open_webui/utils/middleware.py‎
Lines changed: 16 additions & 2 deletions
@@ -1183,6 +1183,20 @@ def reachable(host: str, port: int) -> bool:
     tool_server_connections,
 )
 
+####################################
+# TERMINAL_SERVER
+####################################
+
+terminal_server_connections = json.loads(
+    os.environ.get("TERMINAL_SERVER_CONNECTIONS", "[]")
+)
+
+TERMINAL_SERVER_CONNECTIONS = PersistentConfig(
+    "TERMINAL_SERVER_CONNECTIONS",
+    "terminal_server.connections",
+    terminal_server_connections,
+)
+
 ####################################
 # WEBUI
 ####################################
 
@@ -96,6 +96,7 @@
     users,
     utils,
     scim,
+    terminals,
 )
 
 from open_webui.routers.retrieval import (
@@ -132,6 +133,8 @@
     THREAD_POOL_SIZE,
     # Tool Server Configs
     TOOL_SERVER_CONNECTIONS,
+    # Terminal Server
+    TERMINAL_SERVER_CONNECTIONS,
     # Code Execution
     ENABLE_CODE_EXECUTION,
     CODE_EXECUTION_ENGINE,
@@ -524,7 +527,7 @@
     process_chat_payload,
     process_chat_response,
 )
-from open_webui.utils.tools import set_tool_servers
+from open_webui.utils.tools import set_tool_servers, set_terminal_servers
 
 from open_webui.utils.auth import (
     get_license_data,
@@ -690,8 +693,11 @@ async def lifespan(app: FastAPI):
             )
             await set_tool_servers(mock_request)
             log.info(f"Initialized {len(app.state.TOOL_SERVERS)} tool server(s)")
+
+            await set_terminal_servers(mock_request)
+            log.info(f"Initialized {len(app.state.TERMINAL_SERVERS)} terminal server(s)")
         except Exception as e:
-            log.warning(f"Failed to initialize tool servers at startup: {e}")
+            log.warning(f"Failed to initialize tool/terminal servers at startup: {e}")
 
     yield
 
@@ -775,6 +781,15 @@ async def lifespan(app: FastAPI):
 app.state.config.TOOL_SERVER_CONNECTIONS = TOOL_SERVER_CONNECTIONS
 app.state.TOOL_SERVERS = []
 
+########################################
+#
+# TERMINAL SERVER
+#
+########################################
+
+app.state.config.TERMINAL_SERVER_CONNECTIONS = TERMINAL_SERVER_CONNECTIONS
+app.state.TERMINAL_SERVERS = []
+
 ########################################
 #
 # DIRECT CONNECTIONS
@@ -1540,6 +1555,7 @@ async def inspect_websocket(request: Request, call_next):
 if ENABLE_ADMIN_ANALYTICS:
     app.include_router(analytics.router, prefix="/api/v1/analytics", tags=["analytics"])
 app.include_router(utils.router, prefix="/api/v1/utils", tags=["utils"])
+app.include_router(terminals.router, prefix="/api/v1/terminals", tags=["terminals"])
 
 # SCIM 2.0 API for identity management
 if ENABLE_SCIM:
@@ -2204,6 +2220,7 @@ async def get_app_config(request: Request):
                     "pending_user_overlay_content": app.state.config.PENDING_USER_OVERLAY_CONTENT,
                     "response_watermark": app.state.config.RESPONSE_WATERMARK,
                 },
+
                 "license_metadata": app.state.LICENSE_METADATA,
                 **(
                     {
 
@@ -15,6 +15,7 @@
     get_tool_server_data,
     get_tool_server_url,
     set_tool_servers,
+    set_terminal_servers,
 )
 from open_webui.utils.mcp.client import MCPClient
 from open_webui.models.oauth_sessions import OAuthSessions
@@ -214,6 +215,45 @@ async def set_tool_servers_config(
     }
 
 
+class TerminalServerConnection(BaseModel):
+    id: str
+    url: str
+    key: Optional[str] = ""
+    name: Optional[str] = ""
+    auth_type: Optional[str] = "bearer"
+    config: Optional[dict] = None  # holds access_grants, etc.
+
+    model_config = ConfigDict(extra="allow")
+
+
+class TerminalServersConfigForm(BaseModel):
+    TERMINAL_SERVER_CONNECTIONS: list[TerminalServerConnection]
+
+
+@router.get("/terminal_servers")
+async def get_terminal_servers_config(request: Request, user=Depends(get_admin_user)):
+    return {
+        "TERMINAL_SERVER_CONNECTIONS": request.app.state.config.TERMINAL_SERVER_CONNECTIONS,
+    }
+
+
+@router.post("/terminal_servers")
+async def set_terminal_servers_config(
+    request: Request,
+    form_data: TerminalServersConfigForm,
+    user=Depends(get_admin_user),
+):
+    request.app.state.config.TERMINAL_SERVER_CONNECTIONS = [
+        connection.model_dump() for connection in form_data.TERMINAL_SERVER_CONNECTIONS
+    ]
+
+    await set_terminal_servers(request)
+
+    return {
+        "TERMINAL_SERVER_CONNECTIONS": request.app.state.config.TERMINAL_SERVER_CONNECTIONS,
+    }
+
+
 @router.post("/tool_servers/verify")
 async def verify_tool_servers_config(
     request: Request, form_data: ToolServerConnection, user=Depends(get_admin_user)
 
@@ -0,0 +1,137 @@
+"""Reverse proxy for admin-configured terminal servers.
+
+Routes:
+  GET  /                         — list terminals the user has access to
+  *    /{server_id}/{path:path}  — proxy request to terminal server
+"""
+
+import logging
+
+import aiohttp
+from fastapi import APIRouter, Depends, Request, Response
+from fastapi.responses import JSONResponse, StreamingResponse
+from starlette.background import BackgroundTask
+
+from open_webui.utils.auth import get_verified_user
+from open_webui.utils.access_control import has_connection_access
+from open_webui.models.groups import Groups
+
+log = logging.getLogger(__name__)
+
+router = APIRouter()
+
+STREAMING_CONTENT_TYPES = ("application/octet-stream", "image/", "application/pdf")
+STRIPPED_RESPONSE_HEADERS = frozenset(
+    ("transfer-encoding", "connection", "content-encoding", "content-length")
+)
+
+
+@router.get("/")
+async def list_terminal_servers(request: Request, user=Depends(get_verified_user)):
+    """Return terminal servers the authenticated user has access to."""
+    connections = request.app.state.config.TERMINAL_SERVER_CONNECTIONS or []
+    user_group_ids = {group.id for group in Groups.get_groups_by_member_id(user.id)}
+
+    return [
+        {"id": connection.get("id", ""), "url": connection.get("url", ""), "name": connection.get("name", "")}
+        for connection in connections
+        if has_connection_access(user, connection, user_group_ids)
+    ]
+
+
+PROXY_METHODS = ["GET", "POST", "PUT", "PATCH", "DELETE", "HEAD", "OPTIONS"]
+
+
+@router.api_route("/{server_id}/{path:path}", methods=PROXY_METHODS)
+async def proxy_terminal(
+    server_id: str,
+    path: str,
+    request: Request,
+    user=Depends(get_verified_user),
+):
+    """Proxy a request to the admin terminal server identified by *server_id*."""
+    connections = request.app.state.config.TERMINAL_SERVER_CONNECTIONS or []
+    connection = next((c for c in connections if c.get("id") == server_id), None)
+
+    if connection is None:
+        return JSONResponse({"error": f"Terminal server '{server_id}' not found"}, status_code=404)
+
+    user_group_ids = {group.id for group in Groups.get_groups_by_member_id(user.id)}
+    if not has_connection_access(user, connection, user_group_ids):
+        return JSONResponse({"error": "Access denied"}, status_code=403)
+
+    base_url = (connection.get("url") or "").rstrip("/")
+    if not base_url:
+        return JSONResponse({"error": "Terminal server URL not configured"}, status_code=503)
+
+    target_url = f"{base_url}/{path}"
+    if request.query_params:
+        target_url += f"?{request.query_params}"
+
+    headers = {"X-User-Id": user.id}
+    cookies = {}
+    auth_type = connection.get("auth_type", "bearer")
+
+    if auth_type == "bearer":
+        headers["Authorization"] = f"Bearer {connection.get('key', '')}"
+    elif auth_type == "session":
+        cookies = request.cookies
+        headers["Authorization"] = f"Bearer {request.state.token.credentials}"
+    elif auth_type == "system_oauth":
+        cookies = request.cookies
+        oauth_token = request.headers.get("x-oauth-access-token", "")
+        if oauth_token:
+            headers["Authorization"] = f"Bearer {oauth_token}"
+    # auth_type == "none": no Authorization header
+
+    content_type = request.headers.get("content-type")
+    if content_type:
+        headers["Content-Type"] = content_type
+
+    body = await request.body()
+    session = aiohttp.ClientSession(
+        timeout=aiohttp.ClientTimeout(total=300, connect=10),
+        trust_env=True,
+    )
+
+    try:
+        upstream_response = await session.request(
+            method=request.method,
+            url=target_url,
+            headers=headers,
+            cookies=cookies,
+            data=body or None,
+        )
+
+        upstream_content_type = upstream_response.headers.get("content-type", "")
+        filtered_headers = {
+            key: value
+            for key, value in upstream_response.headers.items()
+            if key.lower() not in STRIPPED_RESPONSE_HEADERS
+        }
+
+        # Stream binary responses directly
+        if any(t in upstream_content_type for t in STREAMING_CONTENT_TYPES):
+            async def cleanup():
+                await upstream_response.release()
+                await session.close()
+
+            return StreamingResponse(
+                content=upstream_response.content.iter_any(),
+                status_code=upstream_response.status,
+                headers=filtered_headers,
+                background=BackgroundTask(cleanup),
+            )
+
+        # Buffer text/JSON responses
+        response_body = await upstream_response.read()
+        status_code = upstream_response.status
+        await upstream_response.release()
+        await session.close()
+
+        return Response(content=response_body, status_code=status_code, headers=filtered_headers)
+
+    except Exception as error:
+        await session.close()
+        log.exception("Terminal proxy error: %s", error)
+        return JSONResponse({"error": f"Terminal proxy error: {error}"}, status_code=502)
@@ -153,6 +153,34 @@ def has_access(
     return False
 
 
+def has_connection_access(
+    user: UserModel,
+    connection: dict,
+    user_group_ids: Optional[Set[str]] = None,
+) -> bool:
+    """
+    Check if a user can access a server connection (tool server, terminal, etc.)
+    based on ``config.access_grants`` within the connection dict.
+
+    - Admin with BYPASS_ADMIN_ACCESS_CONTROL → always allowed
+    - Empty / missing access_grants → allowed for all users
+    - Otherwise → delegates to ``has_access``
+    """
+    from open_webui.config import BYPASS_ADMIN_ACCESS_CONTROL
+
+    if user.role == "admin" and BYPASS_ADMIN_ACCESS_CONTROL:
+        return True
+
+    if user_group_ids is None:
+        user_group_ids = {group.id for group in Groups.get_groups_by_member_id(user.id)}
+
+    access_grants = (connection.get("config") or {}).get("access_grants", [])
+    if not access_grants:
+        return True
+
+    return has_access(user.id, "read", access_grants, user_group_ids)
+
+
 def migrate_access_control(
     data: dict, ac_key: str = "access_control", grants_key: str = "access_grants"
 ) -> None:
 
@@ -99,8 +99,9 @@
 from open_webui.utils.tools import (
     get_tools,
     get_updated_tool_function,
-    has_tool_server_access,
+    get_terminal_tools,
 )
+from open_webui.utils.access_control import has_connection_access
 from open_webui.utils.plugin import load_function_module_by_id
 from open_webui.utils.filter import (
     get_sorted_filter_ids,
@@ -2225,6 +2226,7 @@ async def process_chat_payload(request, form_data, user, metadata, model):
                 )
 
     tool_ids = form_data.pop("tool_ids", None)
+    terminal_id = form_data.pop("terminal_id", None)
     files = form_data.pop("files", None)
 
     # Caller-provided OpenAI-style tools take precedence over server-side
@@ -2298,6 +2300,7 @@ async def process_chat_payload(request, form_data, user, metadata, model):
     metadata = {
         **metadata,
         "tool_ids": tool_ids,
+        "terminal_id": terminal_id,
         "files": files,
     }
     form_data["metadata"] = metadata
@@ -2342,7 +2345,7 @@ async def process_chat_payload(request, form_data, user, metadata, model):
                             continue
 
                         # Check access control for MCP server
-                        if not has_tool_server_access(user, mcp_server_connection):
+                        if not has_connection_access(user, mcp_server_connection):
                             log.warning(
                                 f"Access denied to MCP server {server_id} for user {user.id}"
                             )
@@ -2479,6 +2482,17 @@ async def tool_function(**kwargs):
             if mcp_tools_dict:
                 tools_dict = {**tools_dict, **mcp_tools_dict}
 
+            # Resolve terminal tools if terminal_id is set
+            if terminal_id:
+                terminal_tools = await get_terminal_tools(
+                    request,
+                    terminal_id,
+                    user,
+                    extra_params,
+                )
+                if terminal_tools:
+                    tools_dict = {**tools_dict, **terminal_tools}
+
         if direct_tool_servers:
             for tool_server in direct_tool_servers:
                 tool_specs = tool_server.pop("specs", [])