Skip to content

Manual Collector Manager Installation

Collector Appliance users

If you are using the Collector Appliance, the Collector Manager is included and pre-configured. Skip this guide and refer to the Collector Appliance Installation Instructions for details.

Before you begin

Docker Engine 20.10 or later must be installed and running on the host. The host requires outbound HTTPS access to api.us.fortifydata.com (or the relevant regional endpoint) for license validation.

Prerequisites

  • Docker Engine 20.10 or later
  • Minimum 2 vCPU and 4 GB RAM on the host
  • Port 8080 available (or choose a different host port when running the container)
  • The /etc/fortify-data directory must be persistent across container restarts — mount it as a volume so the database and activation keys survive upgrades

Quick Start

Run the following command to start the Collector Manager:

docker run -d \
  --name collector-manager \
  --restart unless-stopped \
  -p 8080:8080 \
  -v /var/run/docker.sock:/var/run/docker.sock \
  -v /etc/fortify-data:/etc/fortify-data \
  fortifydata/collector-manager

Docker socket access

Mounting /var/run/docker.sock grants the container full control over the Docker daemon on the host. Only deploy the Collector Manager on trusted, dedicated infrastructure.

Deploying with Docker Compose

Save the following as docker-compose.yml and run docker compose up -d:

services:
  manager:
    image: fortifydata/collector-manager
    restart: unless-stopped
    ports:
      - "8080:8080"
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - /etc/fortify-data:/etc/fortify-data

Volume Mounts

Host Path Container Path Purpose
/var/run/docker.sock /var/run/docker.sock Allows the manager to create and control collector containers on the host
/etc/fortify-data /etc/fortify-data Persists the SQLite database, activation keys, and application settings across restarts

Do not delete /etc/fortify-data

This directory holds the database that tracks all registered activations. Deleting it while activations are registered will orphan the collector containers and require manual deregistration via the FortifyData portal.

Ports

Port Protocol Purpose
8080 HTTP Blazor web UI and REST API

The application does not terminate TLS. Place a reverse proxy (Caddy, nginx, Traefik) in front of it for HTTPS. See Configuration for details.

First Boot

On startup the application:

  1. Applies any pending SQLite database migrations automatically
  2. Seeds the default user accounts (groot and admin) if they do not already exist
  3. Connects to the Docker bridge network (fortify-data-net), creating it if needed
  4. Registers Hangfire recurring jobs for any activations already in the database

The dashboard is available at http://<host>:8080 as soon as the container is running.

Default Credentials

Change these passwords immediately

The default passwords below are well-known. Change them via the Account Manage page (/account/manage) or using the --reset-password CLI command before exposing the dashboard on a network.

Username Default Password Roles
admin Chang3_me! Admin

Verifying the Installation

Check that the application is healthy:

curl -s http://localhost:8080/healthz

A healthy response returns HTTP 200 with a JSON body listing three checks (Collector Admin Service Container Check, Collector Admin Service Memory Check, and Collector Admin Service Environment Check) all with a status of Healthy.