Production-oriented unified runtime for FastAPI + Streamlit
Project description
FluxLit
FastAPI and Streamlit on one public port. FluxLit gives you one FluxLit app object, a Uvicorn-powered ASGI gateway, and a managed Streamlit sidecar so your API and UI deploy together without hand-rolling a reverse proxy.
- UI: served from the app root on the URL Uvicorn prints, typically
http://127.0.0.1:8000. - API: mounted under
/apiby default, with OpenAPI at/api/docs. - Routing:
/api/*goes to FastAPI; everything else, including Streamlit WebSockets, is proxied to Streamlit.
Docs: fluxlit.readthedocs.io · Security: SECURITY.md · Roadmap: ROADMAP.md
Install
Python 3.10+.
pip install fluxlit
Optional JWT / OIDC / BFF helpers: pip install "fluxlit[auth]" — see Auth recipes.
For local development on FluxLit itself, clone the repository and run pip install -e ".[dev]".
Quick Start
fluxlit new my-app && cd my-app # optional
app.py:
from fluxlit import FluxLit
app = FluxLit(title="Admin Portal")
@app.api.get("/users")
def users():
return [{"name": "Ada"}]
@app.page("/")
def home(st, client):
st.title("Dashboard")
st.write(client.get("/users").json())
fluxlit dev # default target app:app; or fluxlit dev your.module:app
Open the URL Uvicorn prints. The default gateway is http://127.0.0.1:8000; try GET /api/users or visit /api/docs.
In Streamlit, use paths like client.get("/users"), not "/api/users". Secured routes need a client with credentials — Auth recipes.
What Ships
- One app object:
FluxLitexposes.apifor FastAPI and@app.page(...)for Streamlit pages. - Gateway runtime:
fluxlit devandfluxlit runstart Uvicorn plus a managed Streamlit subprocess. - Operational defaults: health/readiness probes, request IDs, optional JSON logs, configurable gateway timeouts, body limits, concurrency, and graceful shutdown.
- Quality gate: package tests enforce 100% coverage for
src/fluxlitwithout coverage pragmas. - Deployment paths:
fluxlit build, Docker Compose, Kubernetes manifests, proxy smoke tests, and production TLS/proxy guidance. - Optional auth: JWT validation, OIDC/BFF helpers, Streamlit-safe API clients, and security docs via
fluxlit[auth].
Start with the Quick start, then see Architecture, CLI, Configuration, and Deployment.
Configuration
Precedence: CLI → environment (FLUXLIT_*, .env) → fluxlit.toml / [tool.fluxlit] → defaults.
# fluxlit.toml (optional)
target = "app:app"
gateway_host = "127.0.0.1"
gateway_port = 8000
Variable reference: Configuration.
Gateway → Streamlit (optional env): tune upstream HTTP timeouts, max proxied request body (returns 413 when exceeded), concurrent upstream HTTP cap, httpx connection limits, WebSocket open/ping/close timeouts, and optional frame size — see the Gateway proxy rows in Configuration. FLUXLIT_UVICORN_GRACEFUL_SHUTDOWN_TIMEOUT_S maps to Uvicorn’s graceful drain window when set (fluxlit dev / fluxlit run).
Logs: enable structured gateway lines with FLUXLIT_ENABLE_GATEWAY_ACCESS_LOG=1; for one JSON object per line in log aggregators, use fluxlit.logging.JsonLogFormatter (examples in Observability). Avoid logging secrets—see Secrets.
TLS / edge: behind a real proxy, tighten FLUXLIT_FORWARDED_ALLOW_IPS, validate X-Forwarded-Proto, and read Production TLS before enabling strict HSTS or CSP elsewhere.
Production References
- Deployment: containers, probes, scaling, and Kubernetes graceful shutdown.
- Observability: request correlation, JSON logs, Prometheus metrics, SLO notes, and runbooks.
- Security architecture, Production TLS, and Secrets: auth boundaries, proxy trust, key rotation, and log hygiene.
examples/kubernetes/,examples/docker_compose/, andexamples/fullstack_demo/: reference deployment and application patterns.
Project Layout
my_app/
├── app.py
├── fluxlit.toml
├── .env # not committed
└── pkg/pages/ # optional: discover_pages(...)
Contributors
pip install -e ".[dev]"
python -m ruff format && python -m ruff check
python -m mypy src/fluxlit
ty check
python -m pytest -n auto --cov=fluxlit --cov-report=term-missing --cov-fail-under=100
Status
FluxLit is in the 0.x line and actively hardening toward production use. Current releases include the unified gateway, page discovery, typed ApiClient, health/readiness probes, auth helpers, URL session utilities, gateway limits, structured logging helpers, Prometheus metrics, CI security audit/SBOM generation, Docker/Kubernetes examples, deployment runbooks, and a 100% package coverage gate for src/fluxlit.
See the changelog, support matrix, and roadmap for release status and remaining work.
MIT — see LICENSE.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file fluxlit-0.6.0.tar.gz.
File metadata
- Download URL: fluxlit-0.6.0.tar.gz
- Upload date:
- Size: 149.2 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
ba3c6132fbd56a7021b76ae5dab596ec7c57af51f0b03178ed1bdac3753f5da3
|
|
| MD5 |
c56730f6a58425851cf5d72a3fafb77e
|
|
| BLAKE2b-256 |
7c41973df4bfd4145768384ced6f80f3ae305f8f696da5efd3b7f8dfa573ff9f
|
File details
Details for the file fluxlit-0.6.0-py3-none-any.whl.
File metadata
- Download URL: fluxlit-0.6.0-py3-none-any.whl
- Upload date:
- Size: 89.6 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
21072a43201c459d4509e04ed9e4d1c59986654b0ab5d96647bf0dde832ea4c4
|
|
| MD5 |
b8537c69b12a681ad90533fcf434d201
|
|
| BLAKE2b-256 |
1c39ad37200fde904e0a25e5bd2c9acc37dba29441f29d359cfc2ec77c4119a3
|
