Self-hosted AI answering engine with cited web search, bundled SearXNG, and SQLite on a persistent disk.
Deploy Vane on Render as one Docker web service. The template builds from source in this repo: Next.js, Playwright, and SearXNG run in the same container. Search history, uploads, and provider settings persist on a Render disk at /home/vane/data. You configure LLM API keys in Vane's setup screen after the first deploy, not in the Blueprint Apply step.
- Why deploy Vane on Render
- Use cases
- What gets deployed
- Quickstart
- Configuration
- Cost breakdown
- Customization
- Operations
- Upgrading
- Troubleshooting
- FAQ
- Security
- Caveats and limitations
- Credits and license
- Bundled SearXNG in one service — Vane talks to SearXNG on
localhost:8080inside the container; you do not provision a separate search engine. - Persistent disk for SQLite — Chat history, uploads, and setup-screen configuration survive redeploys at
/home/vane/data. - Standard plan by default — Playwright and SearXNG exceed Starter RAM; the Blueprint uses the Standard web plan (2 GB).
- HTTPS on
*.onrender.com— Render terminates TLS; you add a custom domain in the Dashboard when you are ready.
- Private research assistant with cited answers and file Q&A for a team or lab.
- Self-hosted alternative to hosted AI search without running Docker Compose on a laptop.
- Multi-provider LLM testing (OpenAI, Anthropic, Groq, Gemini, OpenAI-compatible endpoints) from one UI.
- Domain-restricted search for documentation sites, papers, or known-good sources.
- Time-boxed demo on a Render URL before you commit to long-term self-hosting.
flowchart LR
user["Browser"] --> web["vane web service"]
subgraph container["Docker container"]
web --> next["Next.js :3000"]
next --> searx["SearXNG :8080"]
next --> disk[/"vane-data disk\n/home/vane/data"/]
end
next --> llm["LLM providers\n(configured in UI)"]
| Resource | Type | Plan | Purpose |
|---|---|---|---|
vane |
Web (Docker) | Standard | Builds from ./Dockerfile; runs Vane + SearXNG + Playwright |
vane-data |
Persistent disk (1 GB) | Disk storage | SQLite database, uploads, local config |
Region defaults to Oregon in render.yaml. Change the region field before deploy if you want another region.
- Click Deploy to Render and choose the GitHub account that receives the template fork.
- Review the Blueprint (
vaneweb service +vane-datadisk) and click Apply. No secrets are required at Apply time. - Wait for the first Docker build (~15–25 minutes). SearXNG is cloned and Playwright browsers are installed during the image build.
- Open the
*.onrender.comURL when the service status is Live and the health check on/returns 200. - Complete Vane's setup screen: add at least one chat model provider and save. Bundled SearXNG is already wired to
http://localhost:8080inside the container. - Run a test search. Confirm sources appear in the answer panel before you share the URL.
None. Provider API keys are entered in Vane's setup UI after deploy and stored in SQLite on the persistent disk.
| Env var | What it's for | How to get it |
|---|---|---|
| None | No Blueprint secrets at Apply time | Configure providers in the Vane setup screen after deploy |
None. This Blueprint does not use generateValue: true env vars.
| Env var | Purpose |
|---|---|
| None | No auto-generated application secrets |
None. This is a single-service template with no fromDatabase or fromService references.
| Env var | Source |
|---|---|
| None | Single web service + attached disk only |
Defaults are set in render.yaml and the Dockerfile. Override in the Render Dashboard or in your fork's Blueprint.
| Env var | Default | What it does |
|---|---|---|
NODE_ENV |
production |
Runs Next.js in production mode |
DATA_DIR |
/home/vane/data |
SQLite and upload root; must match the disk mountPath |
PORT |
3000 |
Port Vane binds inside the container; must match Render's health check target |
SEARXNG_API_URL |
http://localhost:8080 (Dockerfile) |
Internal SearXNG URL for the bundled search engine |
Upstream configuration reference: Vane installation docs and .env.example.
| Resource | Plan | Monthly cost |
|---|---|---|
vane |
Web service Standard | $25 |
vane-data |
1 GB disk ($0.25/GB) | $0.25 |
| Total | $25.25 |
See Render pricing for current plan and disk rates. LLM provider usage is billed separately by each vendor.
Cheaper: Downgrading to Starter ($7) is not recommended; Playwright and SearXNG often OOM during startup on 512 MB instances.
Scale up: Increase the web service plan to Pro for more CPU/RAM, or raise disk.sizeGB in render.yaml if SQLite and uploads outgrow 1 GB. Horizontal scaling is not available with an attached disk.
This template builds from source on every deploy. To pin a release, check out a tag in your fork and push:
git checkout v1.12.2 # example; use a tag that exists upstream
git push origin mainTo skip source builds, change the web service in render.yaml to runtime: image:
runtime: image
image:
url: docker.io/itzcrazykns1337/vane:latestRemove dockerfilePath and dockerContext. First deploy is faster; you lose the ability to patch app code in the fork without changing the image tag.
In the Render Dashboard, open vane → Settings → Custom Domains → Add. Render provisions TLS after DNS is configured. See Custom domains.
# render.yaml
disk:
name: vane-data
mountPath: /home/vane/data
sizeGB: 5Disks can grow but not shrink. Pick the smallest size that fits expected uploads and search history.
Build from Dockerfile.slim, deploy SearXNG as a private service, and set:
envVars:
- key: SEARXNG_API_URL
value: http://<your-searxng-host>:<port>The external instance must enable JSON responses. Upstream docs recommend enabling the Wolfram Alpha engine.
This template sets previews.generation: off because gallery deploys are one-shot forks. To test PRs on Render:
previews:
generation: manualPreview services with disks follow the same single-instance constraints as production.
Render creates automatic disk snapshots for vane-data (daily retention per your workspace plan). Restore from the service Disks page. Snapshots are full-disk restores: you cannot restore individual files through the Dashboard.
SQLite lives at /home/vane/data/data/db.sqlite when DATA_DIR=/home/vane/data.
Use the service Metrics and Events pages. The Blueprint sets healthCheckPath: /. A 200 from / means nginx/Next.js is responding; it does not prove SearXNG or a specific LLM provider is configured.
The attached disk limits the service to one instance. Autoscaling and zero-downtime deploys are not available. Scale vertically by changing the instance plan.
Dashboard → vane → Logs, or with the Render CLI:
render logs --resources <service-id> --tailLook for Starting SearXNG..., SearXNG started successfully, and Starting Vane... during startup. Build logs show Docker stages for SearXNG pip install and Playwright browser download.
- Check Vane releases and release notes.
- Merge or cherry-pick upstream into your fork (this repo tracks upstream on the default branch).
- Push to GitHub. Render auto-deploys if enabled on your fork.
- Watch deploy logs. Database migrations run on boot via Next.js instrumentation.
- Re-open the setup screen if upstream adds new required configuration.
Maintain a short log in your fork when you bump major versions:
- v1.12.2 (template baseline): Full image bundles SearXNG; local state under
/home/vane/data. Provider keys live in SQLite, not Render env vars. - Future releases: Read upstream release notes before merging. Confirm
DATA_DIR, SearXNG ports, and setup-screen flows still match this Blueprint.
The Dockerfile clones SearXNG, installs Python dependencies, and downloads Playwright Chromium. First builds often take 15–25 minutes. If the build times out, retry the deploy or temporarily raise the service plan during the first build. Check build logs for npm, pip, or git clone failures.
Common causes: OOM on Starter, Vane not listening on PORT=3000, or SearXNG still starting. Confirm plan: standard in render.yaml. Check runtime logs for process exits before the health probe succeeds. Wait up to 60 seconds after deploy for SearXNG's startup loop in entrypoint.sh.
Open the setup screen and add at least one provider. For OpenAI-compatible servers, the endpoint must be reachable from Render, not from your laptop. http://localhost:11434 inside the Vane UI points at the container, not your local Ollama process.
Confirm logs show SearXNG listening on port 8080. The default SEARXNG_API_URL is http://localhost:8080. If you switched to Dockerfile.slim, verify your external SearXNG URL is reachable from the private network and returns JSON.
Only files under /home/vane/data persist. Confirm the disk is attached and DATA_DIR=/home/vane/data. Anything written elsewhere on the container filesystem is ephemeral.
Symptoms include heap OOM errors, repeated restarts, or Render reporting no listening port. Stay on Standard or upgrade to Pro. Do not downgrade to Starter unless you have verified memory usage in your own fork.
- Service logs: Dashboard → vane → Logs
- Deploy events: Dashboard → vane → Events
- Template issues: render-examples/vane issues
- Application bugs: ItzCrazyKns/Vane issues
No. This template requires a persistent disk and a Standard (or larger) web instance for reliable startup. Free web services also cannot attach disks.
In Vane's setup screen after deploy. Keys are stored in SQLite on the disk, not in Render environment variables.
Not by default. The Render container cannot reach localhost on your machine. Expose Ollama on a reachable HTTPS endpoint or use a cloud LLM provider.
You lose persisted SQLite data, uploads, and setup configuration for that service. Restore from a disk snapshot if one exists.
Yes, manually. Use Render shell/SSH (if enabled on your plan) or an app-level export to copy files from /home/vane/data. There is no one-click export in this template.
No. Render disks attach to a single instance. Scale vertically by changing the instance plan.
Same bundled layout (Vane + SearXNG in one container), but Render adds managed HTTPS, deploy hooks from Git, and a persistent disk mounted at /home/vane/data. This template builds from source in your fork instead of pulling a prebuilt tag on every deploy.
- Encryption in transit: Render terminates TLS for public
*.onrender.comURLs and custom domains. - Encryption at rest: Render encrypts persistent disks at the platform level.
- Network exposure: The Vane UI is public on the web service URL. SearXNG on port 8080 is not exposed through Render's public proxy; only the Vane port is routed.
- Secrets: LLM provider keys live in SQLite on the disk. Restrict Render Dashboard access to teammates who should read service logs or env vars.
- Authentication: Vane does not ship end-user auth in this template. Treat the URL as sensitive or place an identity-aware proxy in front if you need access control.
- Vulnerability reports: Template packaging issues → render-examples/vane. Application vulnerabilities → upstream Vane.
- Single instance only because of the attached disk; no autoscaling or zero-downtime deploys.
- Long first build (~15–25 minutes) when building from source; subsequent deploys reuse cached Docker layers when possible.
- Source build on every deploy unless you switch to
runtime: imagein your fork. - No upstream auth gate in this template (unlike Basic Auth wrappers). Anyone with the URL can reach the setup screen until upstream adds authentication.
- Ephemeral container filesystem outside
/home/vane/data; only the disk mount persists. - Regional pinning: the default region is Oregon; cross-region private networking does not apply to this single-service template.
- Upstream: ItzCrazyKns/Vane — MIT License
- Render template: render-examples/vane — MIT (see LICENSE)
- Template maintainer: render-examples
If Vane is useful to you, star the upstream repository.
