Rackula
Drag and drop rack visualizer
What Is This
Plan your rack layout. Drag your devices in, move them around, export it. It runs in your browser. You can close the tab whenever you want.
What It Do
- Drag and drop devices into your rack so you can frown at them
- Real device images so it actually looks like your gear, not sad grey boxes
- Export to PNG, PDF, SVG for your documentation or for printing and staring at
- QR code sharing - your layout lives in a URL, scan it and it just shows up
But Why?
You might ask, why should I make an imaginary rack like some sort of IT cosplay? And to that I would say, "fine then! don't! SCRAM!" but also, consider:
- Plan your layouts before you build them. It's a lot easier to move your mouse than that 4U server full of hard drives. Your shoulder will thank you.
- Document existing layouts so you know what is where.
- Because you can
Get Started
Use it right now: count.racku.la
Selfhost with Docker
Docker Run
docker run -d -p 8080:8080 ghcr.io/rackulalives/rackula:latest
Docker Compose
curl -O https://raw.githubusercontent.com/rackulalives/rackula/main/docker-compose.yml
docker compose up -d
Then open http://localhost:8080 and get after it.
Persistent Storage (Self-Hosted)
For layouts that persist across sessions:
git clone https://github.com/RackulaLives/Rackula.git
cd Rackula
curl -fsSL https://raw.githubusercontent.com/RackulaLives/Rackula/main/deploy/docker-compose.persist.yml -o docker-compose.yml
mkdir -p data
sudo chown 1001:1001 data
docker compose up -d
See Self-Hosting Guide for details.
For production/self-hosted API security:
CORS_ORIGINshould be your real app URL (restricts which browser origins can call the API).RACKULA_API_WRITE_TOKENprotects APIPUT/DELETEroutes (optional, strongly recommended). If unset, write routes remain open.RACKULA_AUTH_MODEcontrols centralized auth gate behavior:none: auth gate disabled (best for local/trusted development only)oidc: use an OpenID Connect provider (requires provider config plusRACKULA_AUTH_SESSION_SECRET)local: local auth mode (requiresRACKULA_AUTH_SESSION_SECRET; tracking: #1117)
RACKULA_AUTH_SESSION_SECRETis required when auth mode is enabled (minimum 32 characters). Use a random secret and rotate it when needed.- Current stable auth hardening: deny-by-default gate, signed session cookies, timeout/rotation policy, CSRF enforcement.
- Current auth flow maturity: OIDC/local login provider wiring is still in progress.
- For HTTPS deployments, set
RACKULA_AUTH_SESSION_COOKIE_SECURE=true(compose templates default to this). Only setfalsefor local HTTP testing. - Session hardening defaults are enabled when auth is on:
HttpOnlycookie,SameSite=Lax,Securein production- bounded absolute + idle session lifetime
- CSRF checks on state-changing cookie-authenticated requests
Generate strong secrets:
openssl rand -hex 32
Set values in a .env file beside docker-compose.yml:
cat > .env <<'EOF'
CORS_ORIGIN=https://rack.example.com
RACKULA_API_WRITE_TOKEN=replace-with-generated-token
RACKULA_AUTH_MODE=none
# To enable auth gate:
# RACKULA_AUTH_MODE=oidc
# RACKULA_AUTH_MODE=local
# RACKULA_AUTH_SESSION_SECRET=replace-with-generated-secret
# RACKULA_AUTH_SESSION_COOKIE_SECURE=true
EOF
docker compose up -d
Or pass them inline:
CORS_ORIGIN=https://rack.example.com \
RACKULA_API_WRITE_TOKEN=replace-with-generated-token \
docker compose up -d
Build from source
git clone https://github.com/RackulaLives/Rackula.git
cd Rackula && npm install && npm run build
Serve the dist/ folder however you like. It's just files.
Documentation
Built With Claude
This project was built using AI-assisted development with Claude. I told it what to build and then said "no, not like that" a lot. The AI did a lot of typing. Commits with substantial AI contributions are marked with Co-authored-by tags because we're not going to pretend otherwise.
Acknowledgements
Built for the r/homelab and r/selfhosted communities. Colours from Dracula Theme. Device data from NetBox devicetype-library.
See ACKNOWLEDGEMENTS.md for full credits.
Star History
Licence
MIT - Copyright (c) 2025 Gareth Evans
