# Railway Hosting Primary public hosting option for Cohesivity tenants. Cohesivity creates and owns the Railway project/service/environment/domain, and tenant agents deploy by uploading source files directly to Cohesivity. No GitHub repo, Railway CLI install, or tenant Railway credentials are required. ## Prerequisites Edge calls require this resource to be provisioned first; unprovisioned calls return an error. ### Provision curl -s -X POST https://cohesivity.ai/api/resources/railway-hosting \ -H "Authorization: Bearer " ### Delete curl -s -X DELETE https://cohesivity.ai/api/resources/railway-hosting \ -H "Authorization: Bearer " Provisioning happens once, before the application runs; the running application does not provision its own resources. ## What Happens on Provision - Creates a Railway project `coh-` under Cohesivity-owned Railway credentials - Creates an empty `web` service and `production` environment - Requests a Railway-provided service domain and returns `canonical_url` / `railway_url` when Railway has one available - Applies Cohesivity tier compute caps to the Railway service instance and stores the applied cap/status metadata in Cohesivity - Stores Railway project, service, environment, domain, compute cap, and last deployment metadata in Cohesivity ## Compute Caps Railway CPU/RAM/replica/sleep limits are Cohesivity-managed and not tenant-callable in v1. Re-provisioning `railway-hosting` idempotently reapplies the active tier cap; tenants cannot request replicas or scaling overrides in the provisioning body. - Ephemeral: 0.5 vCPU, 1 GB RAM, 1 replica, sleep enabled - Claimed Free: 0.5 vCPU, 1 GB RAM, 1 replica, sleep enabled - Plus: 1 vCPU, 2 GB RAM, 1 replica, sleep disabled - Pro: 2 vCPU, 4 GB RAM, 1 replica, sleep disabled ## How to Deploy POST `multipart/form-data` to `/api/railway/deploy`: each project file is a `files` part. The endpoint validates paths/count/size, creates the gzip tarball Railway expects, and uploads it to Railway server-side with Cohesivity-owned auth. Append `?wait=ready` to block until Railway reports a terminal deployment state or the wait window times out. The response includes `deployment_id`, `state`, `status`, `canonical_url`, `railway_url`, `logs_url`, and `file_count`. ### curl ``` curl -F "files=@package.json" \ -F "files=@src/index.js" \ -H "Authorization: Bearer " \ https://cohesivity.ai/api/railway/deploy?wait=ready ``` ### JSON shape ``` POST https://cohesivity.ai/api/railway/deploy?wait=ready Authorization: Bearer Content-Type: application/json { "files": [ { "file": "package.json", "data": "{...}" }, { "file": "src/index.js", "data": "console.log(process.env.PORT)" }, { "file": "public/logo.png", "data": "", "encoding": "base64" } ] } ``` ## Deployment Management All endpoints require `Authorization: Bearer `. - **List deployments:** `GET https://cohesivity.ai/api/railway/deployments` - **Deployment details:** `GET https://cohesivity.ai/api/railway/deployments/:id` - **Deployment logs:** `GET https://cohesivity.ai/api/railway/deployments/:id/logs?type=build|runtime|http` - **Domain/status detail:** `GET https://cohesivity.ai/api/railway/domain` or `GET https://cohesivity.ai/api/railway/status` ## Environment Variables Set env vars before deploying when your build reads them. Railway does not return decrypted values on list, so list responses include names/metadata only. - **List env vars:** `GET https://cohesivity.ai/api/railway/env` - **Upsert env var:** `POST https://cohesivity.ai/api/railway/env` with `{ "key": "MY_SECRET", "value": "abc123" }` - **Delete env var:** `DELETE https://cohesivity.ai/api/railway/env/:key` ## Security Tenant agents never send Railway tokens. The only auth they use is Cohesivity `coh_management_key`; Cohesivity injects Railway auth server-side and records only ownership/metadata needed for lifecycle, status, and teardown. ## Rate Limits Ephemeral tenants pause as a whole if any authoritative hard cap below is exceeded. Claimed tiers use account-scoped buckets shared across every project owned by the Cohesivity user; OpenAI, AI Gateway, Deepgram, and Exa are fluid-only after tier, rate, and concurrency checks; AI Gateway and Deepgram have no fixed monthly usage bucket for claimed tiers. **Ephemeral** - projects: 1 max total - deploys: 20 per ephemeral tenant lifetime before claim or expiry - uploaded bytes: 250 MB per ephemeral tenant lifetime before claim or expiry - deploys: 3 per minute **Claimed Free** - projects: 10 max total - deploys: 3 per minute - deploys: 60 per month - uploaded bytes: 2 GB per month **Claimed Plus** - projects: 30 max total - deploys: 10 per minute - deploys: 200 per month - uploaded bytes: 10 GB per month **Claimed Pro** - projects: 100 max total - deploys: 10 per minute - deploys: 600 per month - uploaded bytes: 50 GB per month ### Notes - Railway deploys and upload bytes are Cohesivity-side hard counters. Runtime Railway traffic/cost pass-through is intentionally not published as a tenant hard bucket until a Railway observability poller exists.