Open app

Supported platforms

The agent is a single static binary for Linux and macOS, on amd64 and arm64. It runs anywhere those do — but running and collecting everything are different questions, so here is the honest breakdown.

The short version

PlatformStatus
Debian, Ubuntu (and derivatives)Fully supported — every collector works.
Other systemd Linux (RHEL, Rocky, AlmaLinux, Fedora, CentOS Stream, openSUSE, Arch)Core monitoring works. Package updates, vulnerabilities and vhost discovery do not — see below.
Alpine / non-systemd LinuxCore monitoring works. No service inventory (no systemd), no packages.
macOSDevelopment and testing only. Metrics and host facts; no services, packages, domains or certificates.

Feature matrix

FeatureDebian / UbuntuOther systemd LinuxAlpine / non-systemdmacOS
Host facts (OS, kernel, arch, reboots)
CPU / memory / disk / load metrics
IPv4 / IPv6 addresses (incl. failover IPs)
Health score & alertingpartial
Service inventory (running / failed units)
Installed package inventorycount only
Pending & security updates
Vulnerability scanning (CVEs)
Domain / vhost discovery
TLS certificate expiry

Why the gaps

These are not arbitrary — each one maps to a concrete source the agent reads:

  • Metrics and host facts come from /proc and standard system calls, so they work on any Linux, whatever the distribution or init system.
  • Service inventory asks systemd for its units. Hosts without systemd (Alpine’s OpenRC, older SysV systems) report no services.
  • Packages, updates and vulnerabilities are read with dpkg and apt. On RPM hosts the agent can count installed packages (rpm -qa) but not list them with versions — and without a version list there is nothing to match CVEs against, so vulnerability scanning is unavailable there.
  • Domain discovery parses Apache and Nginx vhosts from the Debian/Ubuntu layout (/etc/apache2/sites-enabled, /etc/nginx/sites-enabled). RHEL-family hosts keep them in conf.d, which the agent does not read yet.
  • TLS certificate expiry works everywhere, because Demerzel checks it from the server side — it connects to your domains and reads the certificate they present, rather than relying on the agent reading files it has no privilege to open.
Nothing silently half-works. A collector that cannot run on a host simply reports nothing, and the corresponding panel stays empty — it never guesses or reports a misleading zero. The Health Score accounts for this: an unmeasurable factor lowers coverage, it does not invent a bad score.

Roadmap

RPM package inventory (rpm -qa --queryformat) and dnf/yum update detection are the next platform work — that single addition brings full package and vulnerability coverage to the RHEL family. RHEL-layout vhost discovery follows.

If a platform matters to you, tell us — real demand decides the order.