Spaces:
Running
Running
File size: 5,338 Bytes
b2d9e47 | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 | # Deploy agentmemory on Coolify
[Coolify](https://coolify.io/self-hosted) is an open-source, self-hosted
Heroku/Render alternative that you run on your own VPS. This template
deploys agentmemory as a Coolify *Application* backed by a Docker
Compose stack β Coolify handles TLS termination, persistent volume
provisioning, log aggregation, and the deploy webhook for you.
## What you get
- A public HTTPS endpoint serving the agentmemory REST API behind
Coolify's built-in Traefik/Caddy proxy. The container port (`3111`)
is exposed to the proxy network only β never bound to the host β so
TLS termination and domain routing stay under proxy control.
- A persistent Docker volume backing `/data` for memories, BM25 index,
and stream backlog. Coolify auto-prefixes the volume name with the
application's UUID so the data survives redeploys.
- An HTTP health-check at `/agentmemory/livez` declared in the
Dockerfile (`HEALTHCHECK` directive). Coolify reuses it for
rolling-deploy decisions.
## One-time setup
1. **Open your Coolify dashboard** and click **+ New β Application**.
2. **Source**: pick *Public Repository*. Paste:
```
https://github.com/rohitg00/agentmemory
```
Branch: `main`.
3. **Build Pack**: select *Docker Compose*.
4. **Base Directory**: `deploy/coolify`
5. **Compose Path**: `docker-compose.yml`
6. Click **Save**, then on the application settings screen set a
**Domain** in the form `https://<your-fqdn>:3111` (the `:3111`
suffix tells Coolify's proxy which container port to forward to;
it still serves over 443/80 publicly).
7. Click **Deploy**.
That's it. Coolify clones the repo, builds the Dockerfile under
`deploy/coolify/`, provisions the `agentmemory-data` named volume on
the host, attaches Traefik (or Caddy) for the public domain, and starts
the service. The container is reachable only through the proxy β there
is no published host port.
## Capture the HMAC secret
Once the deploy logs show the service is up, open the application's
**Logs** tab in Coolify and search for `AGENTMEMORY_SECRET=`. You will
see exactly one line of the form `AGENTMEMORY_SECRET=<64 hex chars>`.
Copy it into your client environment (`~/.bashrc`, Claude Desktop
config, etc.). The secret is never printed again on subsequent boots.
## Verify the deployment
```bash
curl "https://<your-coolify-domain>/agentmemory/livez"
# {"status":"ok"}
```
For an authenticated call, your client must send
`Authorization: Bearer <secret>`.
## Viewer access (port 3113 stays internal)
The viewer port is not exposed by the compose file on purpose β it
holds the unauthenticated admin surface in older releases and the
proxied surface in current ones, neither of which belongs on the open
internet. Two paths to reach it:
**Option A β SSH tunnel from the Coolify host.** Coolify gives you SSH
access to the underlying VPS. From your laptop:
```bash
ssh -L 3113:127.0.0.1:3113 <user>@<coolify-host>
# inside the SSH session, find the container:
docker ps --filter name=agentmemory --format "{{.Names}}"
# tunnel into the container's port from the host:
docker exec -it <container-name> sh -c "curl http://localhost:3113"
```
Cleaner version: bind the container's 3113 to the host's loopback by
adding `- "127.0.0.1:3113:3113"` to the `ports:` block in
`docker-compose.yml`, redeploy, then `ssh -L 3113:127.0.0.1:3113
<user>@<host>` is enough.
**Option B β expose 3113 as a second Coolify domain protected by HTTP
basic auth.** Coolify's per-service routing supports adding a second
public endpoint with basic-auth middleware. Useful if you want to
share the viewer with a teammate without giving them SSH.
## Rotate the HMAC secret
```bash
ssh <user>@<coolify-host>
docker exec -it <container-name> sh -c "rm /data/.hmac"
exit
```
Then click **Redeploy** in the Coolify dashboard. The next boot prints
a fresh secret to the logs.
## Back up `/data`
Coolify exposes the named volume on the host filesystem under
`/var/lib/docker/volumes/<project-id>_agentmemory-data/_data`. Back it
up with your existing host-level snapshot tooling (Restic, Borg,
`rsync`, BTRFS snapshots, etc.) or via Coolify's built-in *Backups*
feature for Docker volumes.
## Cost floor and resources
- **Hardware**: the agentmemory container idles at ~150 MB RSS, climbs
to ~400 MB under steady traffic. The bundled iii engine adds another
~80 MB. A 1 vCPU / 1 GB VPS is comfortably enough for a personal
install.
- **VPS providers commonly paired with Coolify**: Hetzner CX22
(~β¬3.79/month), DigitalOcean Basic Droplet ($6/month), Vultr Cloud
Compute ($6/month). Coolify itself is free.
- **Volume storage**: tied to whatever block storage the VPS provides;
typically pennies per GB-month.
## Known caveats
- The Dockerfile builds on the Coolify host on every deploy. First
deploy takes ~2 minutes; cached layers shrink subsequent rebuilds to
under 30 seconds. Pin `AGENTMEMORY_VERSION` and `III_VERSION` in
`docker-compose.yml`'s `build.args` block to lock a specific release.
- Coolify's *Persistent Storage* tab will show `agentmemory-data` as a
managed volume β do not delete it from the dashboard if you want
your memories to survive a redeploy.
- arm64 hosts work β the iii binary selection in the Dockerfile uses
`uname -m` and downloads the matching tarball.
|