Deploy and Host CrabTrap on Railway

CrabTrap is an LLM-as-a-judge forward proxy built by Brex to secure AI agents in production. It intercepts every outbound request your agents make, evaluates them against deterministic rules and a natural-language LLM policy, and either forwards or blocks them.

Check Implementation Details on how to deploy this template.

About Hosting CrabTrap on Railway

Hosting CrabTrap requires running a persistent Go-based proxy service alongside a PostgreSQL database. The proxy listens on two ports: the forward proxy itself (default 8080) and an admin API with an embedded React web UI (default 8081). On startup, CrabTrap reads a YAML configuration file that wires it to a PostgreSQL instance (via DATABASE_URL), configures your TLS certificate authority, sets your LLM judge provider and model (check the docs for more configs).

Agents in your stack simply need their HTTP_PROXY and HTTPS_PROXY environment variables pointed at the CrabTrap service.

Common Use Cases

• Securing AI agents with write access to external APIs - prevent hallucinated or prompt-injected requests from reaching Slack, Gmail, GitHub, or any other production API before they leave your infrastructure.
• Compliance and audit logging - every request, decision, headers, and body is persisted to PostgreSQL and browsable in the built-in dashboard, giving security teams full visibility into agent behavior.
• Policy development and evaluation - replay historical traffic against draft policies before going live, and use the agentic policy builder to auto-draft policies from real observed traffic.
• Agent traffic observability - discover which tools agents call most, identify wasteful requests, and tighten agent tooling to reduce token spend and unnecessary network calls.

Dependencies for CrabTrap Hosting

• PostgreSQL - CrabTrap's only persistent datastore. All users, LLM policies, audit log entries, eval runs, LLM judge call metadata, and ground-truth labels are stored in PostgreSQL.
• An LLM provider - CrabTrap uses an LLM to evaluate requests that don't match static rules. The default provider is Open AI. You will need valid credentials and a configured model ID in the llm_judge section of GATEWAY_CONFIG env var. Without a configured LLM provider, CrabTrap falls back to either deny-all or passthrough mode (configurable).

Deployment Dependencies

• CrabTrap GitHub Repository — source code, README, quickstart, and configuration reference
• CrabTrap Official Landing Page — interactive demo and setup instructions
• Brex Engineering Blog Post: Building CrabTrap — deep-dive into the architecture, LLM judge design, and production learnings from Brex
• CrabTrap Docker Image — official multi-arch Docker image (linux/amd64, linux/arm64) published to quay.io/brexhq/crabtrap

Implementation Details

CrabTrap requires a one-time setup step on first deploy. Once your CrabTrap service is first deployed:

1. Right-click the CrabTrap service in your Railway project dashboard and select Copy SSH Command (requires the Railway CLI).

2. Paste and run that command in your terminal to SSH into the running container.

3. Inside the container, run the following command to generate an admin user, this will print a web_token you'll use to log in to the admin UI:

   ./gateway create-admin-user your-username
   

You can later check the webtoken through the UI after logged in.

4. Copy the generated CA certificate from /certs/ca.crt - you'll need to trust this cert in every agent service that routes traffic through CrabTrap (see the repo README for per-runtime instructions).

Without completing this step, the admin UI will be inaccessible and agents will fail TLS verification.

For full configuration reference and CA cert setup instructions, see the CrabTrap README.

Why Deploy CrabTrap on Railway?

Railway is a singular platform to deploy your infrastructure stack. Railway will host your infrastructure so you don't have to deal with configuration, while allowing you to vertically and horizontally scale it.

By deploying CrabTrap on Railway, you are one step closer to supporting a complete full-stack application with minimal burden. Host your servers, databases, AI agents, and more on Railway.