docs: add Railway third-party installation guide

[morganhowson]

Added a comprehensive guide for deploying Seerr on Railway, including setup instructions, configuration, and troubleshooting tips.

Description

Adds a community installation guide for deploying Seerr on Railway (railway.app),
a cloud platform-as-a-service.

Railway mounts persistent volumes as root, but Seerr runs as the node user
(UID 1000), causing an EACCES permission error on startup. This guide documents
the problem and provides a minimal Dockerfile wrapper as the solution, along with
full setup, configuration, updating, and troubleshooting instructions.

The companion wrapper repository is available at:
https://github.com/morganhowson/seerr-railway

Note: This guide was drafted with AI assistance (Claude) and reviewed/verified
against a working Railway deployment.

How Has This Been Tested?

Tested against a live Railway deployment. The wrapper Dockerfile and all
configuration steps were verified on a working Railway project with a persistent
volume attached at /app/config. Seerr started successfully, persisted configuration
across redeployments, and the setup wizard was accessible via the Railway-generated
public URL.

Environment:

• Railway (Hobby plan)
• Seerr v3.2.0 (ghcr.io/seerr-team/seerr:latest)
• SQLite (default)
• Volume mounted at /app/config

Checklist:

• I have read and followed the contribution guidelines.
• Disclosed any use of AI (see our policy)
• I have updated the documentation accordingly.
• All new and existing tests passed.
• Successful build pnpm build
• Translation keys pnpm i18n:extract
• Database migration (if required)

Summary by CodeRabbit

• Documentation
  • Added comprehensive Railway deployment guide with step-by-step setup instructions, persistent volume configuration for data preservation, environment variable setup, public URL generation, setup wizard guidance, and optional PostgreSQL integration options.
  • Included update workflows for base image upgrades, troubleshooting sections for common configuration issues, and uninstallation procedures with important data loss warnings.

[coderabbitai]

📝 Walkthrough

Walkthrough

A Railway-specific deployment guide documentation file is added, covering setup, configuration, permissions handling, troubleshooting, and uninstallation for hosting Seerr on Railway.

Changes

Railway Deployment Documentation

Layer / File(s)	Summary
Introduction & Prerequisites docs/getting-started/third-parties/railway.mdx	Documentation introduces community-maintained third-party installation methods, notes Railway as the deployment target, and outlines the root/node user permissions issue.
Deployment & Configuration docs/getting-started/third-parties/railway.mdx	Step-by-step Railway setup with Dockerfile wrapper (FROM .../seerr:latest + USER root), persistent volume mounting at /app/config, environment variable configuration (TZ, LOG_LEVEL, PORT), public URL generation, and optional PostgreSQL support.
Troubleshooting & Maintenance docs/getting-started/third-parties/railway.mdx	Update flow for redeploying with base image changes, troubleshooting sections for missing USER root and lost settings, uninstallation instructions with data-loss caution for volume deletion.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~10 minutes

Suggested reviewers

• M0NsTeRRR
• fallenbagel
• gauthier-th

Poem

🐰 A Railway awaits, with docs shining bright,
From permissions to volumes, we've got the guide right!
Through deployment and troubleshooting, every step clear,
Seerr on Rails—oh, what a cheer! 🚂✨

🚥 Pre-merge checks | ✅ 4

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'docs: add Railway third-party installation guide' is fully related to the changeset, clearly summarizing that a Railway installation guide was added to the documentation.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

Tip

💬 Introducing Slack Agent: The best way for teams to turn conversations into code.

Slack Agent is built on CodeRabbit's deep understanding of your code, so your team can collaborate across the entire SDLC without losing context.

• Generate code and open pull requests
• Plan features and break down work
• Investigate incidents and troubleshoot customer tickets together
• Automate recurring tasks and respond to alerts with triggers
• Summarize progress and report instantly

Built for teams:

• Shared memory across your entire org—no repeating context
• Per-thread sandboxes to safely plan and execute work
• Governance built-in—scoped access, auditability, and budget controls

One agent for your entire SDLC. Right inside Slack.

👉 Get started

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Review rate limit: 7/8 reviews remaining, refill in 7 minutes and 30 seconds.}

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@docs/getting-started/third-parties/railway.mdx`:
- Around line 17-18: The Dockerfile workaround that sets "USER root" to allow
writes to the Railway-mounted volume weakens container security and must be
documented: update the railway.mdx Seerr guide to add a clear warning adjacent
to the Dockerfile snippet that sets USER root, explicitly call out the security
tradeoff, recommend running this container only in trusted/private environments,
and advise preferring least-privilege alternatives (e.g., changing volume
ownership or dropping privileges after startup) when feasible; also audit and
similarly annotate any other occurrences of "USER root" elsewhere in the
document so readers are warned consistently.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 958d74cb-d629-4ec8-87e6-c5b3969fa15e

📥 Commits

Reviewing files that changed from the base of the PR and between 550c3bc and 9cedc63.

📒 Files selected for processing (1)

• docs/getting-started/third-parties/railway.mdx

[coderabbitai]

⚠️ Potential issue | 🟠 Major | ⚡ Quick win

Document the security tradeoff of USER root and prefer least privilege where possible.

The guide currently normalizes running Seerr as root without a caution. That weakens container security defaults and can become a copy-paste production baseline. Please add a clear warning and a recommendation to run in trusted/private environments only (or drop privileges after volume ownership fix if/when a supported pattern exists).

Suggested doc tweak

 The workaround is a minimal Dockerfile wrapper that sets `USER root`, allowing the
 container to write to the Railway-mounted volume.
+
+:::caution
+Running the Seerr process as `root` is a security tradeoff. Use this only in trusted
+environments, and prefer least-privilege runtime configurations when possible.
+:::

Also applies to: 32-35

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@docs/getting-started/third-parties/railway.mdx` around lines 17 - 18, The
Dockerfile workaround that sets "USER root" to allow writes to the
Railway-mounted volume weakens container security and must be documented: update
the railway.mdx Seerr guide to add a clear warning adjacent to the Dockerfile
snippet that sets USER root, explicitly call out the security tradeoff,
recommend running this container only in trusted/private environments, and
advise preferring least-privilege alternatives (e.g., changing volume ownership
or dropping privileges after startup) when feasible; also audit and similarly
annotate any other occurrences of "USER root" elsewhere in the document so
readers are warned consistently.

[M0NsTeRRR]

Are you sure it can't be run with UID 1000? In the Railway documentation, I see the RAILWAY_RUN_UID variable mentioned here.

[M0NsTeRRR]

Suggested change

	# Railway
	# Railway (Advanced)