Skip to main content
The server interface is in private early access. Contact bryan@qlty.sh if you’re interested in trying it.
Railway can host the Fabro server by pulling the pre-built image published to GHCR. A single deploy button spins up a container, and a Railway Volume keeps your runs, checkpoints, and sessions across redeploys.

One-click deploy

Deploy on Railway The button launches Railway’s new-project flow pointed at this repo. railway.toml instructs Railway to build Dockerfile.deploy, which is a thin wrapper that pulls ghcr.io/fabro-sh/fabro:nightly — no Rust compilation on Railway’s builder, so deploys complete in seconds.

First-deploy checklist

The template covers the build; a few pieces still need to be wired up after the first deploy.

1. Attach a Volume for /storage

Fabro writes all persistent state — run history, checkpoints, sessions, the default token, and JWT keys — under /storage. Railway containers have ephemeral filesystems, so without a Volume that directory is wiped on every redeploy. In the Railway dashboard: Service → Settings → Volumes → New Volume, mount path /storage. 10 GB is a reasonable starting size; grow as needed.

2. Confirm the target port

Railway sets $PORT automatically and expects the container to bind to it. The Fabro image honors $PORT and falls back to 32276, and it exposes 32276, so Railway’s default HTTP routing works without any manual port configuration. If you override the port in Service → Settings → Networking → Target Port, match the value to $PORT.

3. Set required environment variables

Add variables in Service → Variables as needed. The Server Configuration reference has the full list; the minimum useful set:
VariablePurpose
ANTHROPIC_API_KEY / OPENAI_API_KEY / GEMINI_API_KEY / …At least one LLM provider key for the models you’ll run
FABRO_DEV_TOKENOptional — pre-set the dev token instead of reading the one written to /storage on first boot
SESSION_SECRET64-character hex string; required when the web UI is enabled
GITHUB_APP_CLIENT_SECRET, GITHUB_APP_WEBHOOK_SECRET, GITHUB_APP_PRIVATE_KEYOnly if you enable GitHub OAuth or the GitHub App integration
No .env file is auto-loaded inside the container; everything comes from Railway’s environment.

Accessing your Fabro server

Once the deploy is healthy, Railway exposes a *.up.railway.app URL (or your custom domain). Two things to grab:
  1. The dev token — on first boot, Fabro writes one to /var/fabro/dev-token and logs it. Find it in the Railway deploy logs or run railway run cat /var/fabro/dev-token from the Railway CLI.
  2. Point your local CLI at the server — add the Railway URL to ~/.fabro/settings.toml:
    ~/.fabro/settings.toml
    [cli.target]
type = "http"
url = "https://<your-service>.up.railway.app/api/v1"
    Then commands like fabro model list --server <url> will hit your Railway instance.
See Running the Fabro Server for the full auth and CLI-pointing story.

Redeploys and updates

Railway re-pulls the GHCR image on every deploy. Dockerfile.deploy references the :nightly tag by default, so redeploying picks up the latest nightly automatically. To pin a specific version, edit Dockerfile.deploy to reference ghcr.io/fabro-sh/fabro:<version> and redeploy. The /storage Volume survives redeploys, so runs and checkpoints persist.

Caveats

  • Volume is load-bearing. Without a Volume mounted at /storage, a redeploy silently wipes all state — including the dev token and JWT signing keys. Attach it before submitting any real runs.
  • Single replica. Fabro’s server currently assumes one process owns /storage. Don’t scale the service to multiple replicas.
  • Architecture. Railway runs x86_64 (amd64) containers by default. The :nightly tag is multi-arch, but the arm64 variant is not currently usable — stay on amd64, which is Railway’s default.

Next steps

Running the Fabro Server

Auth, dev tokens, submitting runs, and pointing the CLI at your deployment.

Server Configuration

Full settings.toml reference — reverse-proxy TLS, auth methods, concurrency, and more.