Get started

Three commands. Ten minutes. No signup.

The whole point of RackWatch is that it installs in the time it takes to make coffee. So that's what this page is — exactly the commands you'll run.

✓ Free for 5 servers No credit card No email required Self-hosted

Run the platform on one server.

Pick any Linux server you control with at least 1 GB RAM and a public or LAN IP your other hosts can reach. This is the box that stores telemetry and serves the dashboard.

$docker run -d --name rackwatch \ -p 5000:5000 \ -v rackwatch-data:/app/data \ -e DatabaseProvider=Sqlite \ -e ConnectionStrings__Default="Data Source=/app/data/rackwatch.db" \ -e Jwt__Key="$(openssl rand -base64 48)" \ -e AGENT_API_KEY="$(openssl rand -hex 32)" \ rackwatch/platform:latest

Multi-arch image — pulls the right binary for linux/amd64 (most servers, AWS / GCP / Azure, on-prem Intel/AMD) or linux/arm64 (Apple Silicon, AWS Graviton, Ampere, Raspberry Pi 4+) automatically. Stores telemetry in a Docker volume; SQLite by default. Dashboard is at http://YOUR_HOST:5000/. Save the AGENT_API_KEY you generated — you'll need it in step 2. Paid tiers are live: 5 servers free, $2/server above via the pricing page. License keys are offline-verified ed25519 tokens — no phone-home, works air-gapped. Annual billing or volume pricing — email us. The agent is open source so you can audit exactly what runs on your hosts.

Prerequisites: Docker (any recent version) and openssl. Most distros ship openssl, but minimal Alpine or Debian-slim hosts may need it: apk add openssl or apt install openssl.

Install the agent on every server you want to watch.

Run this on each host. The agent posts telemetry to your platform every 60 seconds. Swap platform.example.internal below for the IP or hostname of the box you set up in step 1.

$curl -fsSL https://platform.example.internal/install.sh | sudo bash

Works on Ubuntu 20.04+, Debian 11+, RHEL 8+, CentOS Stream, Rocky, Alma. Installs as a systemd unit at /opt/rackwatch-agent/. The agent ID is auto-generated; the AGENT_API_KEY is baked into the script your platform serves.

PS>iwr https://platform.example.internal/install.ps1 -UseB | iex

Run as Administrator. Installs as a Windows Service named RackWatchAgent. Tested on Server 2019, 2022, and Windows 11.

Just want to try it? Skip running your own platform. Use https://rackwatch.io/install.sh in the command above — your hosts will report into the public homelab tenant on rackwatch.io. Free for ≤5 servers.

Open the dashboard.

Within 60 seconds of installing your first agent, the host appears on the dashboard. Default port is :5000, default admin credentials are printed by the platform installer. Change them on first login.

https://platform.example.internal:5000/

On first login: change the admin password, set up Slack/Teams webhooks if you want alerts, and adjust the risk-score bands if your fleet has unusual characteristics.

Want to look around first?

The public demo dashboard is live with our own home-lab fleet (8 servers, 24/7). Same code, real data.

Live demo dashboard →

The actual platform UI with real fleet data. Read-only public access.

Tour the features →

Annotated walkthrough — what each tab does, what the score means, how alerts fire.

Audit the agent source →

Open source on GitHub. See exactly what runs on your servers before installing.

How the risk score works →

The formula, the weights, and how to tune it for your environment.

Don't run curl-pipe-bash blind.

The audience for self-hosted infra software is exactly the cohort that distrusts curl … | sudo bash. Fair. Every part of the install path is inspectable before you give it root, and you should:

$ curl -fsSL https://rackwatch.io/install.sh -o install.sh
$ less install.sh   # read it. ~40 lines. Should be obvious.
$ sudo bash install.sh

The script does four things: creates /opt/rackwatch-agent, downloads one binary into it, writes a config file, and installs a systemd unit. No hidden network calls, no shell-escapes, no obfuscation. The agent source itself is Apache 2.0 at github.com/rackwatch/rackwatch-agent — audit it before running, build from source if you'd rather.

On the roadmap: SHA256 checksums and a GPG-signed release manifest, plus signed .deb / .rpm / .msi packages. Those land alongside the build pipeline work in the 90-day roadmap. Until then, the inspection path above is the supported way to verify intent.

What about bigger fleets?

Free up to 5 servers, forever — no signup, no card, no expiry. Above that, $2/server/month via the pricing page. Subscribing emails an offline ed25519 license key within seconds; drop it into the platform's LICENSE_KEY env var and the dashboard flips to your tier. Annual billing or volume pricing for 100+ servers — email us.

Air-gapped or compliance-bound? Enterprise tier (offline patch-database mirrors, signed binaries, procurement paperwork) ships alongside paid plans. Email us if you need this on your timeline.