CV Evaluator sends a CV to an LLM for review. A CodeYourFuture project.
-
Create a virtual environment:
python -m venv cveval-venv
-
Activate the virtual environment:
- Windows:
cveval-venv\Scripts\activate - macOS/Linux:
source cveval-venv/bin/activate
- Windows:
-
Install dependencies:
pip install -r requirements.txt
-
Create a
.envfile in the project root with the following content:OPENROUTER_API_KEY=your_openrouter_api_key_here # GitHub OAuth (see "GitHub App Setup" section below) GITHUB_APP_CLIENT_ID=your_github_app_client_id GITHUB_APP_CLIENT_SECRET=your_github_app_client_secret # Session security - generate a random key SESSION_SECRET_KEY=your_random_secret_key_here # Organization restriction (users must be members of this org) ALLOWED_ORG=CodeYourFuture # Application URL (for OAuth callback) APP_URL=http://localhost:8000 # Environment (use 'development' for local, 'production' for deployed) ENVIRONMENT=development -
Update
app/llm_evaluator.ymlwith your desired LLM configuration (model, reasoning level, etc.).
From the project root directory:
uvicorn app.main:app --reload --host 0.0.0.0 --port 8000- Static site: http://localhost:8000
- API documentation: http://localhost:8000/api/docs
app/
├── main.py # Main FastAPI application with API and static file serving
├── llm_evaluator.py # LLM evaluator module
└── static/ # Static files served at root path
└── index.html # Main HTML page for the CV Evaluation application
The application creates two FastAPI instances:
app: Main application that serves static files and mounts the APIapi_app: API-specific application mounted under/apiwith CORS enabled
slowapiis used for rate limiting, since there's LLM cost involved with each evaluation. The default limit is set to 5 requests per minute per IP address.markitdownis used to convert uploaded CV files (PDF, DOCX) into markdown format for easier processing by the LLM.
This application uses GitHub OAuth for authentication. Only members of the configured GitHub organization can access the CV evaluation feature.
-
Go to your GitHub organization settings: https://github.com/organizations/CodeYourFuture/settings/apps
-
Click "New GitHub App"
-
Fill in the required fields:
- GitHub App name:
CV Evaluator(or similar) - Homepage URL:
https://example.com - Callback URL:
https://example.com/api/auth/callback- For local development, add:
http://localhost:8000/api/auth/callback
- For local development, add:
- Webhook: Uncheck "Active" (not needed)
- GitHub App name:
-
Under "Permissions", set:
- Account permissions:
Email addresses: Read-only
- Organization permissions:
Members: Read-only Note: changing these permissions may require approval from your GitHub organization admins, and the UI may not reflect whether the changes are actually in effect.
- Account permissions:
-
Under "Where can this GitHub App be installed?", select:
- "Only on this account" (recommended for org-only access)
-
Click "Create GitHub App"
-
After creation, note the Client ID shown on the app page
-
Click "Generate a new client secret" and save it securely
| Variable | Description | Example |
|---|---|---|
GITHUB_APP_CLIENT_ID |
Client ID from GitHub App settings | Iv1.abc123... |
GITHUB_APP_CLIENT_SECRET |
Client secret (keep secure!) | abc123... |
SESSION_SECRET_KEY |
Random string for signing cookies | Generate with: python -c "import secrets; print(secrets.token_urlsafe(32))" |
ALLOWED_ORG |
GitHub org name users must belong to | CodeYourFuture |
APP_URL |
Public URL of the application | https://example.com |
ENVIRONMENT |
development or production |
production |
- User clicks "Sign in with GitHub"
- User is redirected to GitHub to authorize
- GitHub redirects back to
/api/auth/callback - App verifies user is a member of the allowed organization
- Session cookie is set (valid for 24 hours by default)
- User can now access the CV evaluation feature
- Session tokens are signed JWTs stored in HTTP-only cookies
- In production (
ENVIRONMENT=production), cookies are set withSecureflag (HTTPS only) - CORS is restricted to
APP_URLin production - Organization membership is verified during login
https://docs.docker.com/engine/install/ubuntu/#install-using-the-repository
From the root of the project, where the Dockerfile is located:
$ sudo docker build -t cyf-cv-evaluator .
Run the local image, passing in environment variables:
sudo docker run -ti --rm \
-e OPENROUTER_API_KEY=your_openrouter_api_key_here \
-e GITHUB_APP_CLIENT_ID=your_client_id \
-e GITHUB_APP_CLIENT_SECRET=your_client_secret \
-e SESSION_SECRET_KEY=your_session_secret \
-e ALLOWED_ORG=CodeYourFuture \
-e APP_URL=http://localhost:8000 \
-e ENVIRONMENT=development \
--name cyf-cv-evaluator -p 8000:8000 cyf-cv-evaluatorsudo docker save -o ~/cyf-cv-evaluator.tar cyf-cv-evaluator:latest
sudo chmod 777 ~/cyf-cv-evaluator.tarscp ~/cyf-cv-evaluator.tar user@server:/home/usersudo docker stop cyf-cv-evaluator
sudo docker rm cyf-cv-evaluator
sudo docker rmi cyf-cv-evaluatorLoad the image into docker:
sudo docker load -i ./cyf-cv-evaluator.tar
sudo docker imagesCopy docker-compose.yaml to the server, update the environment variables (see "Environment Variables" section above), and run:
sudo docker compose up -d- Create a new application in Coolify.
- Add
New Resource, selectPublic Repository, and point to this GitHub repository. - Select
Dockerfileas the build pack. - Set domain to the Coolify server (e.g.
my-server.example.com) - Under Network, set Ports Exposes to
8000. - Under Environment Variables, add the following variables with appropriate values:
OPENROUTER_API_KEYGITHUB_APP_CLIENT_IDGITHUB_APP_CLIENT_SECRETSESSION_SECRET_KEYALLOWED_ORG(e.g.CodeYourFuture)APP_URL(set to your Coolify domain, e.g.https://my-server.example.comwith No trailing slash)ENVIRONMENT(set toproductionfor secure cookies and CORS)
- Deploy the application.