GitHub - contactwajeeh/ollamagoweb-v2: Go Based Ollama Web App for Local & Remote api - OpenWeb UI lightweight alternative

12 min read Original article โ†—

A comprehensive LLM chat client built with Go, featuring a modern web interface and support for multiple AI providers.


๐ŸŽจ User Interface

Modern Chat Experience

  • Clean, responsive design with light and dark theme support
  • Real-time streaming responses with typewriter animation effect
  • Markdown rendering with syntax highlighting for code blocks
  • Mobile-friendly sidebar that collapses on smaller screens
  • Loading skeletons - Animated placeholder UI while loading

Accessibility

  • ARIA labels - Full screen reader support
  • Skip link - Quick navigation to main content
  • Focus indicators - Visible focus states for keyboard navigation
  • Screen reader announcements - Live region for status updates

Theme Support

  • Light mode - Clean, bright interface for daytime use
  • Dark mode - Eye-friendly dark interface for low-light environments
  • Persistent preference - Theme choice is saved and synced across sessions

๐Ÿ’ฌ Chat Features

Conversation Management

  • Automatic chat saving - All conversations are automatically saved to database
  • Chat history sidebar - Browse and search through previous conversations
  • Rename chats - Click to edit icon to rename any conversation inline
  • Delete chats - Remove conversations with 5-second undo option
  • Pinned chats - Pin important conversations to top of list
  • Floating New Chat - "New Chat" button (FAB) available on mobile

Message Features

  • Copy-to-clipboard - One-click copy for code blocks and messages
  • Edit user messages - Click to pencil icon to modify sent messages inline
  • Regenerate responses - Request a new AI response for any message
  • Undo deletion - 5-second window to undo chat deletion with toast notification

Export

  • Export to HTML - Save conversations as formatted HTML documents
  • Export to JSON - Export chat data in JSON format
  • Preserves formatting - Code blocks, markdown, and styling are maintained

Keyboard Shortcuts

Shortcut Action
Ctrl+N New chat
Ctrl+S Export chat
Arrow Keys Navigate chat history
Delete Delete selected chat
Shift+? Show keyboard shortcuts

๐Ÿค– Telegram Bot Integration

Bot Setup

  • Create bot via @BotFather - Get bot token from Telegram's official bot
  • Configure with environment variables - Set TELEGRAM_BOT_TOKEN in .env
  • User allowlisting - Restrict bot to specific Telegram user IDs for security

Available Commands

Command Description
/start Start a new session
/help Show all available commands
/memories View your saved memories
/clear Clear current conversation history
/settings Show your current settings
/link_session <id> <token> Link Telegram to web session
/unlink_session Unlink from web session
/session_info Show session status (linked/unlinked)

Session Linking

  • Secure token-based linking - 256-bit entropy cryptographically secure tokens
  • 15-minute token expiration - Tokens expire automatically for security
  • One-time use tokens - Each token can only be used once
  • Shared memories and context - Unified experience across web and Telegram

Linking to Web Session

  1. Open your web app at http://localhost:1102
  2. Open browser console (F12) and run:
    fetch('/api/session/link-token').then(r=>r.json()).then(console.log)
  3. Copy session_id and link_token from response
  4. In Telegram, send: /link_session <session_id> <link_token>

Telegram Features

  • Typing indicators - Shows "typing..." while bot generates responses
  • Full LLM response support - Complete AI responses in Telegram
  • Memory sharing - Memories sync between web and Telegram when linked
  • Chat summary support - Uses rolling summaries for efficient context
  • System prompt support - Respects chat-specific system instructions
  • Automatic conversation saving - All Telegram chats saved to database

Configuration

See .env.example for Telegram bot configuration variables:

  • TELEGRAM_BOT_TOKEN - Bot token from @BotFather
  • TELEGRAM_ALLOWED_USERS - Comma-separated list of allowed Telegram user IDs

๐Ÿง  Memory System

Automatic Extraction

  • LLM-based extraction - Uses AI to extract important information from messages
  • Pattern-based extraction - Recognizes common phrases (e.g., "my name is...")
  • Background processing - Memory extraction runs asynchronously

Memory Categories

Category Description Examples
reminder Appointments, meetings, tasks, deadlines "Meeting with Ram at 5 PM EST"
fact Personal information, important details "My name is John"
preference User preferences, communication style "Prefer concise responses"
entity People, organizations, locations "Works at Acme Corp"

Confidence Scoring

  • 70-100 confidence range - Higher scores for more reliable extractions
  • Automatic categorization - Memories are auto-categorized by AI
  • Quality tracking - Confidence scores help prioritize important information

Memory Management

  • Add memories - Automatically extracted from conversations
  • Update memories - Modify existing memories with new information
  • Delete memories - Remove outdated or incorrect memories
  • Search memories - Find memories by category or keyword
  • Automatic injection - Memories are automatically included in AI context

๐Ÿ”„ Rolling Summary System

Automatic Summarization

  • Triggers after 10+ unsummarized messages - Automatically summarizes old messages
  • Batch processing - Processes oldest 10 messages per batch
  • Background processing - Summarization runs without blocking user interaction

Context Window Management

  • Combines summary + recent messages - Maintains conversation continuity
  • Token-efficient - Reduces token usage for long conversations
  • Intelligent history - Smart context window management

Summary Evolution

  • Incremental updates - Summaries are updated with each batch
  • Preserves key information - Maintains important facts, decisions, context
  • Narrative format - Summaries are readable conversation summaries

๐Ÿ“œ System Prompts

Chat-Specific Prompts

  • Custom system instructions - Set unique AI behavior per chat
  • Override default behavior - Customize how AI responds in specific conversations
  • Persistent across sessions - System prompts saved with chat

Prompt Management

Method Endpoint Description
GET /api/chats/{id}/system-prompt Get system prompt for chat
PUT /api/chats/{id}/system-prompt Update system prompt for chat

Usage

System prompts are automatically applied to all LLM generations within that chat, allowing for:

  • Different personas for different conversation types
  • Specialized instructions for technical vs casual chats
  • Custom behavior for specific use cases

๐Ÿ”Œ Provider Support

Multiple Provider Types

  • Ollama (Local) - Connect to local Ollama installations
  • OpenAI-compatible APIs - Support for:
    • Groq
    • DeepInfra
    • OpenRouter
    • Any OpenAI-compatible endpoint

Provider Management

  • Add multiple providers - Configure as many providers as needed
  • Switch between providers - Easily activate different providers
  • Auto-detect models - Fetch available models from provider APIs
  • Manual model entry - Add models manually if needed
  • Default model selection - Set a preferred model for each provider

Security

  • Encrypted API keys - All API keys encrypted with AES-GCM
  • Encryption enforcement - Application fails if ENCRYPTION_KEY not set
  • Secure key migration - Existing keys are automatically encrypted

๐Ÿ” Brave Search Integration

Search API Configuration

  • API key setup - Set brave_api_key in settings
  • Encrypted storage - API keys stored securely in database
  • Optional feature - Works fine without search integration

Search Features

  • /search <query> command - Initiate web search from chat
  • Automatic enrichment - Search results automatically added to context
  • Real-time results - Live search results from Brave Search API

Result Integration

  • Merges search results - Combines web search with user query
  • Enhanced AI responses - AI provides answers with current information
  • Seamless experience - Search integration is transparent to user

๐Ÿ”Œ MCP Integration

Model Context Protocol

  • Connect to MCP servers - Integrate with external tools and services
  • Tool discovery - Automatically discover available tools from servers
  • HTTP and stdio support - Connect to both HTTP and stdio-based servers

Server Management

Method Endpoint Description
GET /api/mcp/servers List all configured MCP servers
POST /api/mcp/servers Create new MCP server
PUT /api/mcp/servers/{id} Update MCP server configuration
DELETE /api/mcp/servers/{id} Delete MCP server
GET /api/mcp/servers/tools Fetch available tools from servers

Tool Integration

  • Automatic tool discovery - Fetches tools from connected servers
  • Tool-based AI capabilities - AI can use external tools for enhanced responses
  • Server management - Enable/disable servers as needed

Configuration

  • Add MCP servers via web interface
  • Configure endpoints and commands
  • Manage server connections
  • View available tools

๐Ÿ” Authentication

Session-Based Authentication

  • Optional authentication - Enable via environment variables
  • Secure session cookies - HttpOnly, Secure, SameSite
  • AES-GCM encryption - Secure credential storage
  • Session expiration - 24-hour session TTL with auto-cleanup

Endpoints

Method Endpoint Description
POST /api/auth/login Authenticate user
POST /api/auth/logout End session
GET /api/auth/session Check session status
GET /admin Admin login page

Protected Routes

When authentication is enabled, these endpoints require a valid session:

  • All /api/chats/* endpoints
  • All /api/messages/* endpoints

Configuration

See .env.example for authentication configuration variables:

  • AUTH_USER - Admin username
  • AUTH_PASSWORD - Admin password

Without AUTH_USER and AUTH_PASSWORD, the application runs in public mode (no authentication required).


๐Ÿ“Š Analytics & Metrics

Response Metadata

  • Model display - Shows which model generated each response
  • Token usage - Displays tokens used for each response
  • Generation speed - Shows tokens per second performance

Application Metrics

  • Endpoint: GET /api/metrics
    • Chat count
    • Message count
    • Provider count
    • Model count
    • Uptime
    • Version

๐Ÿ”’ Security Features

Encryption

API keys and sensitive configuration are encrypted using AES-GCM.

Required for production:

# Generate a secure key (Linux/Mac)
openssl rand -hex 32

# Set environment variable
export ENCRYPTION_KEY=your-generated-key-here

The application will fail to start if ENCRYPTION_KEY is not set in production.

Rate Limiting

  • 10 requests per second per IP address
  • Burst capacity of 50 requests
  • Configurable via middleware.go

CSRF Protection

  • State-changing API requests require a valid CSRF token
  • Obtain token from: GET /api/csrf

SQL Injection Prevention

  • All user inputs are sanitized before database queries
  • sanitizeSearchQuery() function handles search input

Content Security Policy

  • Strict CSP headers configured
  • Self-referencing directives for scripts and styles

๐Ÿงช Testing

Unit Tests

Test Coverage:

  • TestSanitizeSearchQuery - Input sanitization validation
  • TestWriteError - Error response formatting
  • TestWriteJSON - JSON response helper
  • TestRateLimitMiddleware - Rate limiting logic
  • TestGenerateCSRFToken - CSRF token generation

End-to-End Tests

npm install
npm run test:e2e

E2E Tests (Playwright):

  • Homepage rendering
  • Settings page functionality
  • Keyboard shortcuts validation

โšก Performance

Backend Optimizations

  • Connection pooling - 25 max connections, 5 idle, 5-minute lifetime
  • Message pagination - Load 50 messages at a time for large chats
  • Lazy loading - Chat history loaded on demand
  • Debounced search - 300ms debounce for chat search

Frontend Optimizations

  • Error boundaries - Graceful error handling with toast notifications

๐Ÿ“ก API Reference

Core Endpoints

Method Endpoint Description
GET /api/chats List all chats
GET /api/chats/{id} Get specific chat
POST /api/chats Create new chat
DELETE /api/chats/{id} Delete chat
PUT /api/chats/{id}/rename Rename chat
PUT /api/chats/{id}/pin Toggle pin
POST /api/chats/{id}/messages Add message
GET /api/chats/search Search chats

System Prompt Endpoints

Method Endpoint Description
GET /api/chats/{id}/system-prompt Get system prompt
PUT /api/chats/{id}/system-prompt Update system prompt

Message Endpoints

Method Endpoint Description
PUT /api/messages/{id} Update message
DELETE /api/messages/{id} Delete message

Provider Endpoints

Method Endpoint Description
GET /api/providers List providers
POST /api/providers Create provider
PUT /api/providers/{id} Update provider
DELETE /api/providers/{id} Delete provider
POST /api/providers/{id}/activate Activate provider
POST /api/providers/{id}/fetch-models Fetch models

Model Endpoints

Method Endpoint Description
GET /api/models/{providerId} Get models
POST /api/models Add model
DELETE /api/models/{id} Delete model
POST /api/models/{id}/set-default Set default

Memory Endpoints

Method Endpoint Description
GET /api/memories Get memories for current session
POST /api/memories Set a memory
DELETE /api/memories Delete a memory
GET /api/memories/search Search memories
POST /api/memories/extract Test memory extraction

MCP Server Endpoints

Method Endpoint Description
GET /api/mcp/servers List MCP servers
POST /api/mcp/servers Create MCP server
PUT /api/mcp/servers/{id} Update MCP server
DELETE /api/mcp/servers/{id} Delete MCP server
GET /api/mcp/servers/tools Fetch server tools

Session Linking Endpoints

Method Endpoint Description
GET /api/session/link-token Generate secure link token

Authentication Endpoints

Method Endpoint Description
POST /api/auth/login User login
POST /api/auth/logout User logout
GET /api/auth/session Session status
GET /admin Admin login page

Utility Endpoints

Method Endpoint Description
GET /api/csrf Get CSRF token
GET /api/metrics Get app metrics
GET /api/settings/{key} Get setting
PUT /api/settings/{key} Update setting
GET /api/active-provider Get active provider

๐Ÿš€ Getting Started

Prerequisites

  • Go 1.21 or later
  • Node.js (for E2E tests)
  • Ollama (for local models) or API key for cloud providers

Quick Start

# Clone repository
git clone <repo-url>
cd ollamagoweb

# Copy environment template
cp .env.example .env

# Edit .env with your configuration
nano .env

Required Configuration:

# Set server port (default: 1102)
PORT=1102

# Set encryption key (required for production)
# Generate with: openssl rand -hex 32
ENCRYPTION_KEY=your-encryption-key-here

# Configure LLM provider
llm=ollama  # or your preferred model

Optional Configuration:

# Enable authentication
AUTH_USER=admin
AUTH_PASSWORD=your-secure-password

# Configure Telegram bot
TELEGRAM_BOT_TOKEN=your-bot-token-from-botfather
TELEGRAM_ALLOWED_USERS=123456789,987654321

# Configure Brave Search
brave_api_key=your-brave-api-key
# Run application
go run .

Build

# Build binary
go build -o ollamagoweb.exe .

# Run tests
go test -v .

# Run E2E tests
npm install
npm run test:e2e

Environment Variables

See .env.example for all available configuration variables:

Variable Description Default Required
PORT Server port 1102 No
DB_PATH SQLite database path ./ollamagoweb.db No
OLLAMA_HOST Ollama server URL http://localhost:11434 No
ENCRYPTION_KEY Required - Encryption key for API keys - Yes (production)
AUTH_USER Admin username (optional) - No
AUTH_PASSWORD Admin password (optional) - No
TELEGRAM_BOT_TOKEN Telegram bot token from @BotFather - No
TELEGRAM_ALLOWED_USERS Allowed Telegram user IDs - No
brave_api_key Brave Search API key - No

๐Ÿ“ Project Structure

ollamagoweb/
โ”œโ”€โ”€ main.go              # Application entry point and routes
โ”œโ”€โ”€ handlers.go          # HTTP request handlers
โ”œโ”€โ”€ handlers_chat.go     # Chat management endpoints
โ”œโ”€โ”€ handlers_memory.go   # Memory management endpoints
โ”œโ”€โ”€ handlers_mcp.go      # MCP server endpoints
โ”œโ”€โ”€ middleware.go        # Rate limiting, CSRF
โ”œโ”€โ”€ utils.go             # Helper functions
โ”œโ”€โ”€ database.go          # Database, migrations, pooling
โ”œโ”€โ”€ crypto.go            # Encryption (AES-GCM)
โ”œโ”€โ”€ auth.go              # Authentication system
โ”œโ”€โ”€ provider.go          # Provider implementations
โ”œโ”€โ”€ memory.go            # Memory extraction and management
โ”œโ”€โ”€ summarizer.go        # Context summarization
โ”œโ”€โ”€ telegram.go          # Telegram bot integration
โ”œโ”€โ”€ search.go            # Brave Search integration
โ”‚
โ”œโ”€โ”€ static/
โ”‚   โ”œโ”€โ”€ index.html       # Main chat interface
โ”‚   โ”œโ”€โ”€ css/
โ”‚   โ”‚   โ””โ”€โ”€ styles.css  # Styles, accessibility, animations
โ”‚   โ””โ”€โ”€ js/
โ”‚       โ”œโ”€โ”€ app.js      # Main application logic
โ”‚       โ”œโ”€โ”€ settings.js # Settings page logic
โ”‚       โ”œโ”€โ”€ state.js    # State management
โ”‚       โ””โ”€โ”€ ...
โ”‚
โ”œโ”€โ”€ mcp/                 # MCP-related files
โ”œโ”€โ”€ e2e/
โ”‚   โ”œโ”€โ”€ tests.spec.js   # Playwright E2E tests
โ”‚   โ””โ”€โ”€ playwright.config.js
โ”‚
โ”œโ”€โ”€ .env.example         # Environment template
โ”œโ”€โ”€ package.json        # E2E test scripts
โ”œโ”€โ”€ README.md
โ””โ”€โ”€ go.mod

๐ŸŽฏ Key Highlights

Feature Description
Multi-provider Ollama, Groq, DeepInfra, OpenRouter, more
Telegram Bot Full-featured bot with session linking and typing indicators
Memory System LLM-based extraction with categories and confidence scoring
Rolling Summary Token-efficient long conversations
System Prompts Chat-specific AI instructions
Brave Search /search <query> for real-time results
Auto-save Conversations saved automatically
Message editing Edit and track message history
Encrypted secrets AES-GCM encryption
Responsive UI Desktop and mobile support
Theme support Light and dark modes
Keyboard shortcuts Efficient keyboard navigation
Export formats HTML and JSON export
Rate limiting Abuse prevention
CSRF protection Request validation
Authentication Optional session-based auth
MCP Integration Model Context Protocol tool integration
Unit tests Core tests passing
E2E tests Playwright integration tests

๐Ÿค Contributing

  1. Fork the repository
  2. Create a feature branch
  3. Make your changes
  4. Run tests: go test -v .
  5. Submit a pull request

๐Ÿ“„ License

Apache 2.0 License - See LICENSE file for details