Skip to content

Get Community Edition (On-Premises)

The Community Edition is the permanent free tier of the on-premises product. Run SentriKat entirely inside your own perimeter — your inventory data never leaves your network. No credit card, no time limit, no contact form.

This page is the landing target for the Get Community Edition CTA on sentrikat.com/#pricing. If you need a more general or exhaustive walkthrough (updates, custom certificates, storage, troubleshooting), continue from Docker Deployment afterwards.

What you get

Limit Community Edition
Agents 10
Users 3
Organizations 1
Products 100
KEV daily sync included
EPSS scoring included
Container scanning included
Multi-tenant / SSO / SIEM integration / NIS2-DORA reports not included — Professional tier

The numbers above are the canonical values served by https://api.sentrikat.com/api/v1/public/config/plans (the same source that powers the landing page) — they will never silently drift from what you see on the marketing site.

Quick install (Docker Compose)

The fastest path: 5 minutes from a clean Linux host with Docker installed.

First, get the release bundle: log into the Customer Portal (free account, email one-time code — no credit card), open Downloads, and download the latest sentrikat-<version>.tar.gz. Then:

# 1. Extract the bundle and load the bundled Docker image
tar -xzf sentrikat-*.tar.gz -C /opt/
mv /opt/sentrikat-* /opt/sentrikat
cd /opt/sentrikat
docker load -i sentrikat-image-*.tar.gz

# 2. First-boot configuration
cp .env.example .env
${EDITOR:-vi} .env
# minimum (each one is documented in .env.example):
#   SECRET_KEY=$(openssl rand -hex 32)
#   ENCRYPTION_KEY=<Fernet key — generation command in .env.example>
#   DB_PASSWORD=<32+ random chars>

# 3. Start the stack
docker compose up -d

# 4. Wait for health
docker compose ps
# expect every service in "Up (healthy)" within ~60 seconds

Database migrations run automatically when the application boots — there is no manual migration step.

First run

Open http://<your-host> (or whichever hostname you point at the host). On first run SentriKat greets you with the setup wizard: create your admin account, name your organization, seed the product catalog, and the first CISA KEV sync starts automatically.

After the wizard, activate your license: Community Edition keys are issued automatically — open Administration → License and click Get Community Edition key. The license-server (running on api.sentrikat.com) issues a free key bound to your installation ID and SentriKat starts ingesting CVE intelligence on the next scheduler tick.

Next steps

When you're ready for more

Community Edition is permanent — you never have to upgrade. But if you outgrow the limits (more than 3 users, more than one organization, SIEM/Jira/GitLab integrations, NIS2-DORA reports, multi-tenant or white-label, LDAP/SAML SSO, Trivy container scanning behind air-gap, support SLA), the Professional edition lights all of that up. Contact [email protected] — there is no in-product upgrade button on Community Edition by design (we want you to talk to a human first so we get the licensing right).

Troubleshooting

docker compose up exits complaining about a missing SECRET_KEY, ENCRYPTION_KEY, or DB_PASSWORD

Production-mode safety check fired — you didn't change the defaults in .env. Re-edit .env to set the required variables. See Configuration.

Agents can't reach the API

Default deploy serves HTTP. The 2026 agent installer refuses plain HTTP unless -AllowHttp is passed. Either pass that flag for lab use, or front the stack with TLS following the TLS Setup runbook (Let's Encrypt, internal CA, or self-signed paths covered).

License key not accepted

Check that the host can reach https://api.sentrikat.com — the license-server validates and signs the activation. Air-gapped installs need the offline activation flow documented in Licensing & Activation.

Reference