Server Guardian
Linux Agent 1.0.0
Linux monitoring agent

Install Server Guardian on your server

Server Guardian runs inside your Linux server, collects host metrics, keeps recent history in memory and exposes a JSON API for the mobile app.

Start installation View package links

Read only

The agent is designed to collect information from the server. It does not restart services, kill processes or change firewall rules.

Health check is public

The /health endpoint can be used to confirm that the agent is online before connecting the app.

Token protected API

The monitored routes under /v1/ require the private agent token in the request header.

Quick install

Use these commands on the Linux server. The example below uses the 32 bit Linux build because it is the URL informed for this page.

Download the package

Run this inside the server using root or a user with sudo access.

Download and extract
cd /tmp
wget https://projy-ai.nyc3.digitaloceanspaces.com/server-guardian-1.0.0-linux-386.tar.gz
tar -xzf server-guardian-1.0.0-linux-386.tar.gz
cd server-guardian-1.0.0-linux-386

Install the service

The installer creates the systemd service, installs the binary and creates the configuration file.

Install on default port 9091
sudo ./scripts/install.sh --port 9091

Check the service

Confirm that Server Guardian is running before opening the port to external access.

Systemd status
sudo systemctl status server-guardian
sudo journalctl -u server-guardian -f

Download links

Choose the correct package for your CPU architecture. Each package also has a SHA256 file to verify the download.

Find your server architecture

Run uname -m on the server and use the table below.

Architecture command
uname -m
x86_64 = linux-amd64 aarch64 = linux-arm64 armv7l = linux-armv7 i386 or i686 = linux-386
Build Recommended for Package SHA256
linux-amd64 Most VPS, cloud servers and x86_64 Linux servers. server-guardian-1.0.0-linux-amd64.tar.gz
 server-guardian-1.0.0-linux-amd64.tar.gz.sha256
linux-arm64 ARM 64 bit servers, Raspberry Pi 4 or newer, AWS Graviton. server-guardian-1.0.0-linux-arm64.tar.gz
 server-guardian-1.0.0-linux-arm64.tar.gz.sha256
linux-armv7 ARM 32 bit servers and Raspberry Pi 3 class devices. server-guardian-1.0.0-linux-armv7.tar.gz
 server-guardian-1.0.0-linux-armv7.tar.gz.sha256
linux-386 Legacy 32 bit Linux servers. server-guardian-1.0.0-linux-386.tar.gz
 server-guardian-1.0.0-linux-386.tar.gz.sha256
Optional SHA256 verification
sha256sum -c server-guardian-1.0.0-linux-386.tar.gz.sha256

Configuration file

The installer creates the configuration file inside /etc/server-guardian/config.json. The token is private and must not be shown in public pages, screenshots or support tickets.

Important: the real value in the token field is secret. Keep it only on the server and inside the app configuration. Never send the token in the URL query string.

Open config with vi

Use this command to inspect or edit the agent configuration.

Edit config
sudo vi /etc/server-guardian/config.json

Safe example

This is only an example. Do not paste a real token into public documentation.

Example config without real token
{
  "server_name": "My Linux Server",
  "listen_host": "0.0.0.0",
  "listen_port": 9091,
  "token": "YOUR_GENERATED_AGENT_TOKEN",
  "history_minutes": 30,
  "collect_interval_seconds": 10
}
Read the private token locally, only when needed
sudo grep '"token"' /etc/server-guardian/config.json

Test the agent

Start with the local test. After that, test from another machine or from the internet using the public IP or DNS name.

Internal test from the server

This proves that the agent is running locally on port 9091.

Local health check
curl -fsS http://127.0.0.1:9091/health

External test from another device

Replace SERVER_PUBLIC_IP with the server public IP or DNS name.

External health check
curl -fsS http://SERVER_PUBLIC_IP:9091/health
Protected API example using Authorization header
TOKEN="$(sudo grep -o '"token"[[:space:]]*:[[:space:]]*"[^"]*"' /etc/server-guardian/config.json | cut -d'"' -f4)"
curl -fsS -H "Authorization: Bearer $TOKEN" http://127.0.0.1:9091/v1/dashboard
Protected API example using X-Agent-Token header
TOKEN="$(sudo grep -o '"token"[[:space:]]*:[[:space:]]*"[^"]*"' /etc/server-guardian/config.json | cut -d'"' -f4)"
curl -fsS -H "X-Agent-Token: $TOKEN" http://127.0.0.1:9091/v1/status

Open port 9091

If the internal curl works but the external curl fails, the port is probably blocked by Linux firewall or by the cloud firewall.

Check if the port is listening

Listening port
sudo ss -ltnp | grep ':9091'

UFW

Allow TCP 9091
sudo ufw allow 9091/tcp
sudo ufw status

iptables

Allow TCP 9091
sudo iptables -I INPUT -p tcp --dport 9091 -j ACCEPT
sudo iptables -L INPUT -n --line-numbers
Also check your cloud provider firewall, security group or network rules. The server must allow inbound TCP traffic on port 9091 from the IPs that will access the agent.
Copied