1. Go to railway.com/new/image → enter ghcr.io/lakr233/assppweb:latest
2. In service Settings, set Healthcheck Path to /api/settings and deploy
3. Right-click the service → Attach volume → mount path: /data
4. In Variables, set DATA_DIR = /data and deploy
5. In Settings → Networking, generate a public domain or add a custom domain

Notes

• The free trial works but has limitations (volume expiry, network restrictions). Hobby plan ($5/month) or above is recommended for reliable use.
• Enable Serverless in service settings to scale down to zero during idle periods
• Railway auto-updates :latest images from GHCR — new releases will be deployed automatically within a few hours

⚠️ Custom domain with Cloudflare: Railway’s Cloudflare integration creates DNS records with Proxy enabled (orange cloud) by default. After authorizing, go to Cloudflare DNS settings and switch the CNAME record to DNS only (gray cloud) — Railway handles TLS automatically. If you keep Cloudflare Proxy on, you must set SSL/TLS mode to Full (not Flexible or Full Strict), otherwise you’ll get an infinite redirect loop. See Railway docs.

Setup Docker Compose

curl -O https://raw.githubusercontent.com/Lakr233/AssppWeb/main/compose.yml
docker compose up -d

Environment Variables

Reverse Proxy (Required for Install Apps on iOS)

iOS requires HTTPS for itms-services:// install links. You must put AssppWeb behind a reverse proxy with a valid TLS certificate.

⚠️ Redirect loop (ERR_TOO_MANY_REDIRECTS)? Some reverse proxies (e.g. NAS built-in proxies) always send X-Forwarded-Proto: http even when the client connected via HTTPS, causing an infinite redirect loop. If you cannot configure your proxy to send the correct header, set UNSAFE_DANGEROUSLY_DISABLE_HTTPS_REDIRECT=true as a last resort. This disables the HTTP→HTTPS redirect — you must ensure your proxy enforces HTTPS externally.

The following is an example Caddyfile configuration:

asspp.example.com { reverse_proxy 127.0.0.1:8080 }

⚠️ Make Sure WebSocket Works

AssppWeb relies on the Wisp protocol over WebSocket (/wisp/) for its zero-trust architecture. Ensure your reverse proxy or CDN (e.g., Nginx, Cloudflare) is configured to allow WebSocket connections, otherwise the app will fail to communicate with Apple servers.