Skip to main content

Railway Deployment

Deploy KoreShield to Railway using a Docker image provided by KoreShield. Railway handles build, deploy, and TLS for you.

Use Cases

Fast production deploys with minimal ops
Staging environments for LLM policy changes
Small to mid-scale workloads with managed hosting

Prerequisites

Railway account
A KoreShield Docker image in a registry
Provider API keys available as Railway variables

Deploy from a Docker Image

Build and push a Docker image

docker tag koreshield:latest <registry>/koreshield:latest
docker push <registry>/koreshield:latest

In Railway, create a service from the image

Configure Environment Variables

Set these Railway variables:

OPENAI_API_KEY=your-api-key
KORESHIELD_API_KEY=your-koreshield-api-key

If you need custom settings, use environment variables or managed secrets provided by KoreShield.

Mount Config (Optional)

Use Railway volumes only if your deployment bundle requires it.

Health Check

curl https://<railway-domain>/health

Observability

Enable json_logs: true for structured logging
Scrape /metrics from an internal monitor or a private endpoint
Watch Railway logs for startup and provider errors

Security Notes

Keep provider keys in Railway variables, not in code
Use KORESHIELD_API_KEY to protect access to the proxy
Restrict access with a private domain or gateway if needed

Troubleshooting

401 responses: confirm KORESHIELD_API_KEY on clients
Build failures: verify the Dockerfile path and build context
Provider errors: confirm provider keys are present in variables
Timeouts: increase client timeouts for streaming responses

Next Steps

Add monitoring in ../monitoring/prometheus.mdx

Use Cases
Prerequisites
Deploy from a Docker Image
Configure Environment Variables
Mount Config (Optional)
Health Check
Observability
Security Notes
Troubleshooting
Next Steps