Domain Locker

Domain portfolio management, honestly reviewed. No marketing fluff, just what you get when you self-host it.

TL;DR

• What it is: Open-source (MIT) domain portfolio tracker that monitors all your domains — SSL certs, DNS records, WHOIS, expiry dates, uptime — from one dashboard and alerts you before anything breaks [website][2].
• Who it’s for: Founders, freelancers, and agencies managing 5+ domains across multiple registrars who’ve been burned by a lapsed renewal or a silent SSL failure. Non-technical users can use the hosted version; anyone comfortable with Docker can self-host [2].
• Cost savings: Domain Locker’s hosted Pro plan runs $20/mo. Third-party domain monitoring services charge similar or more for less. Self-hosted on a $6 VPS is free beyond hosting cost [pricing page].
• Key strength: Unusually broad coverage — not just expiry alerts, but DNS change tracking, SSL monitoring, uptime checks, WHOIS history, security scoring, and Prometheus metrics in a single MIT-licensed package [README][2].
• Key weakness: No third-party reviews exist at the time of writing (1,220 GitHub stars, relatively niche). Real-world edge cases and failure modes aren’t documented by independent sources — you’re relying on the project’s own materials [merged profile].

---

What is Domain Locker

Domain Locker is a dashboard for people who own more domains than they can keep in their heads. The pitch from the README is plain: “The Central Hub for all your Domain Names” [2]. You add your domains, and it fetches everything — SSL certificate details, DNS records, hosting providers, IP addresses, subdomains, WHOIS data — then continuously monitors all of it and notifies you when something changes or is about to expire.

The thing it’s trying to prevent is real: a domain renewal lapses because it was registered under an old email address, an SSL cert expires because the auto-renew broke silently, a DNS record gets changed and nobody notices for two weeks. These are routine disasters for any founder running more than a handful of domains. Domain Locker’s job is to make sure you see these events before your users do.

Built by Alicia Sykes (GitHub: lissy93), the same developer behind Dashdot and several other well-maintained open-source home-lab tools. The project is MIT-licensed, ships as a Docker container, and has a companion hosted service at domain-locker.com with a free tier. As of this review, it sits at 1,220 GitHub stars with active development [merged profile][2].

The stack under the hood: Angular frontend, Node server, PostgreSQL for storage. The README references Supabase as an optional backend alternative to self-hosted PostgreSQL, which explains some of the architecture choices in the codebase [2]. Deployment options include Docker, Docker Compose, Helm, and one-click installs for Umbrel, Proxmox, EasyPanel, Unraid, and Portainer [2].

---

Why People Choose It

No independent third-party reviews of Domain Locker were available at the time of writing — the tool is too niche to have attracted SEO-driven tech press. What follows is synthesized from the README, official website, and the Codeberg mirror [2].

The core value proposition is cross-registrar visibility. If you’ve been managing domains for more than a few years, you’ve almost certainly got them scattered across Namecheap, Google Domains (now Squarespace), Cloudflare, GoDaddy, and wherever else a one-click purchase landed you. No registrar’s dashboard shows you the full picture. Domain Locker does.

The second draw is change detection. Most domain monitoring tools tell you about expirations. Domain Locker goes further: it alerts you when DNS records change, when SSL certificates are replaced or downgraded, when WHOIS data is modified, when a hosting provider changes [website][README]. For anyone who’s had a domain hijacked or a DNS misconfiguration go unnoticed, this is the feature that justifies the setup time.

Third, the data access story is unusually complete for a 1,200-star project. The feature list includes REST API, GraphQL API, Prometheus metrics, iCal export (subscribe to expiry calendars), and RSS feeds [README]. That’s not boilerplate — someone actually built all of those integrations, and they’re useful for connecting Domain Locker to existing alerting pipelines.

Finally, the MIT license matters. A tool like this deals with your full domain portfolio — names, registrars, renewal dates, DNS configs. You want to be able to read the source code, know exactly what data goes where, and control where the database lives. MIT + self-hosting achieves that.

---

Features: What It Actually Does

Based on the README and website [README][2][website]:

Domain data collection:

• Auto-fetch on domain add: SSL certificate details, DNS records, hosting provider, IP addresses, subdomains, WHOIS data, registrar
• Manual enrichment: tags, notes, purchase prices, renewal costs, linked resources
• Security scoring and recommended actions per domain
• Website uptime, ping times, response codes, and performance tracking

Change monitoring:

• Continuous monitoring across SSL, DNS, WHOIS, host, and IP
• Full audit log of changes per domain over time
• Timeline visualization of when changes occurred

Alerts and notifications:

• Expiry alerts (configurable lead time)
• Change alerts (DNS, SSL, security configuration)
• Notification channels: email, webhook, push notifications, Telegram, Signal, WhatsApp, Slack, SMS [website]

Analytics and visualization:

• Portfolio-level charts: registrar breakdown, SSL provider breakdown, hosting provider distribution
• Timeline of registrations and upcoming expirations
• Valuation tracking: purchase price, renewal costs, profit/loss trends

Data access and portability:

• REST API and GraphQL API
• Prometheus metrics endpoint
• iCal feed (domain expirations as calendar events)
• RSS feed
• Full import/export at any time

Security and auth:

• SSO via GitHub and Google
• Two-factor authentication
• Custom themes, dark/light modes, multi-language support

Deployment:

• Docker, Docker Compose, Helm
• One-click community apps: Umbrel, Proxmox, EasyPanel, Unraid, Portainer
• One-liner install script: curl -fsSL https://install.domain-locker.com | bash [2]
• Supabase as optional hosted PostgreSQL backend (alternative to self-managed Postgres)

The feature list is genuinely comprehensive for a domain monitoring tool. The Prometheus endpoint in particular is worth noting — it means you can feed domain metrics into a Grafana dashboard alongside the rest of your infrastructure.

---

Pricing: SaaS vs Self-Hosted Math

Domain Locker Cloud (hosted at domain-locker.com):

• Free: $0/mo — 5 domains, basic domain info, expiry emails only [pricing page]
• Hobby: $5/mo (billed annually) — 20 domains, detailed info, expiry + change notifications, change history, statistics, alerts [pricing page]
• Pro: $20/mo (billed annually) — 100 domains, everything in Hobby plus advanced alerts and domain monitoring [pricing page]
• Enterprise/charity/non-profit: custom pricing, contact sales [pricing page]

Self-hosted:

• Software: $0 (MIT license) [README]
• Infrastructure: $5–10/mo for a VPS (Hetzner, Contabo, or DigitalOcean), or run it on existing home-lab hardware for effectively zero marginal cost
• No domain limits when self-hosted

What competitors charge for comparable functionality:

There’s no direct open-source competitor with the same scope — DomainMOD covers portfolio tracking but not active monitoring; UptimeRobot covers uptime but not domain-specific data. Commercial alternatives like StatusCake’s domain monitoring, ManageWP’s domain manager (WordPress-specific), or specialist WHOIS monitoring services run $10–50/mo for similar alert volumes. Data points on specific competitor pricing are not available for an exact comparison.

The self-host math:

If you’re managing 20+ domains and want change notifications, expiry alerts, and a real monitoring dashboard, the Hobby plan at $5/mo (or Pro at $20/mo) is the SaaS path. Self-hosting on a $6 Hetzner VPS eliminates that entirely with no domain cap. Over two years: Hobby plan ≈ $120, Pro ≈ $480, self-hosted ≈ $144 in VPS costs (if dedicated) or close to $0 if it shares a box with other services.

The free tier’s 5-domain limit is genuinely restrictive — it covers a personal setup, not a founder with multiple projects across environments.

---

Deployment Reality Check

The self-hosting story is cleaner than most tools in this category. There’s a one-liner install script, a docker-compose.yml in the repository, and Helm charts for Kubernetes [2][README]. The community app integrations (Umbrel, Proxmox, Portainer) mean home-lab users can get it running without touching a command line.

What you actually need:

• A Linux VPS or home server (512MB RAM is likely sufficient; 1GB recommended)
• Docker and Docker Compose
• PostgreSQL (bundled in the default Docker Compose setup)
• A domain and reverse proxy (Caddy is simplest) if you want HTTPS access from outside your network
• SMTP credentials for email notifications

The project also supports Supabase as the backend, which means you can use Supabase’s free tier as your database instead of running PostgreSQL yourself — a useful option for anyone who wants Domain Locker’s monitoring without managing a database [2].

Where things could go sideways:

• The project is maintained by a solo developer (Alicia Sykes). Active development is evident from commit history [2], but there’s no company behind it. If the maintainer goes quiet, you’re running MIT-licensed code you can fork — but there’s no paid support tier or SLA.
• No independent community forums or dedicated subreddit at the time of writing. GitHub Issues is your support channel.
• The Supabase backend integration and the self-hosted PostgreSQL path exist in parallel, and edge cases in switching between them aren’t documented in detail.
• Notification channel setup (Telegram, Signal, WhatsApp) requires configuring credentials for each service separately. The README covers webhooks well; the messaging app integrations require more legwork.

Realistic time estimate for a technical user: 15–30 minutes using the one-liner or Docker Compose on a VPS you already own. For a non-technical founder starting from a fresh server: 1–3 hours including DNS setup, HTTPS, and first domain import. The Umbrel one-click path (if you run Umbrel) is faster.

---

Pros and Cons

Pros

• MIT licensed with no feature gating. Self-hosting gives you all features with no domain cap. There’s no commercial license tier with features locked behind it [README][2].
• Unusually broad monitoring scope. Most domain tools do expiry alerts. Domain Locker does SSL, DNS, WHOIS, uptime, security scoring, and change history — all in one install [README][website].
• Multiple notification channels. Email, webhook, push, Telegram, Signal, WhatsApp, Slack — you can route alerts to wherever you actually look [website]. This is not standard even in paid tools.
• Full data portability. Export at any time, REST API, GraphQL, iCal, RSS, Prometheus. Your data doesn’t get trapped [README].
• One-liner install + community app support. Umbrel, Proxmox, Portainer, EasyPanel, Unraid integrations lower the bar significantly for home-lab users [2][README].
• Built by a credible open-source developer. Alicia Sykes has a track record of maintained, well-documented projects [2].
• Supabase backend option. Lets you avoid self-managing PostgreSQL by using Supabase’s free tier as the database [2].

Cons

• No independent reviews. Zero third-party coverage means no external validation of how it performs at scale, what breaks, or what the real setup pain points are. You’re trusting the project’s own materials.
• Solo maintainer. No company, no paid support, no SLA. The project could go dormant. MIT license means you can keep running it and fork it, but active maintenance is a one-person operation [2].
• Free tier is genuinely limited. 5 domains on the hosted plan covers a personal setup at most. Anyone with a real portfolio needs Hobby ($5/mo) or Pro ($20/mo) — or self-hosting [pricing page].
• No cross-registrar API integration. Domain Locker monitors domains you tell it about; it doesn’t pull your portfolio automatically from Namecheap, Cloudflare, or GoDaddy. You add domains manually or via import. This is a real friction point if your portfolio changes frequently.
• Notification channel setup requires credentials. Telegram, Signal, and WhatsApp notifications require non-trivial per-channel configuration. Email and webhooks are the easy path [website][README].
• No community beyond GitHub Issues. No Discord, no forum, no subreddit. Troubleshooting is you plus GitHub Issues plus reading the source.

---

Who Should Use This / Who Shouldn’t

Use Domain Locker if:

• You manage 10+ domains across multiple registrars and have no centralized view of expirations or configurations.
• You’ve been burned by a silent SSL expiry, a DNS misconfiguration that took days to notice, or a renewal you missed.
• You’re comfortable deploying a Docker container (or using Umbrel/Proxmox), or you’ll pay someone once to deploy it for you.
• You want expiry + change monitoring in one tool, not a WHOIS service for one thing and UptimeRobot for another.
• You want Prometheus metrics from your domain portfolio feeding into existing Grafana dashboards.

Skip it (stay on manual registrar dashboards) if:

• You own 3–5 domains and they’re all at one registrar with built-in expiry reminders.
• You’ve never managed a Docker container and have no one to help you. Use the hosted free tier until you hit the 5-domain limit, then upgrade to Hobby.

Skip it (use a paid specialist service) if:

• You need guaranteed SLAs, paid support, and a company behind the tool. The self-hosted path here is one developer’s project, not a product with enterprise backing.
• Your compliance requirements prohibit running infrastructure you maintain yourself.

Consider the hosted plan over self-hosting if:

• You want the features but don’t want to manage infrastructure. At $5/mo, the Hobby plan is cheap enough that the VPS savings from self-hosting are marginal unless you’re already running a home server.

---

Alternatives Worth Considering

• DomainMOD — open-source domain portfolio manager, self-hostable, PHP-based. Covers asset tracking and cost management but lacks active monitoring and alerting. Older codebase, less polished UI.
• UptimeRobot — free tier covers uptime monitoring well. Doesn’t do DNS change tracking, WHOIS, SSL chain analysis, or domain-specific data. Complementary rather than competitive.
• StatusCake — commercial monitoring SaaS with domain expiry monitoring as one feature among many. Paid plans from around $24/mo. No self-hosting.
• Freshping — similar to UptimeRobot, uptime-focused, free tier available. No domain-specific intelligence.
• Registrar-native dashboards — Cloudflare, Namecheap, and others have expiry reminders and basic DNS management built in. Sufficient if your portfolio is at one registrar and you don’t need change notifications or security monitoring.
• Manual spreadsheet + calendar alerts — still surprisingly common. Works for 5 domains; breaks down at 20+.

For a founder with a multi-registrar portfolio who wants monitoring beyond simple expiry reminders, the realistic shortlist is Domain Locker self-hosted or its own hosted Hobby tier. There’s no direct open-source competitor with equivalent scope.

---

Bottom Line

Domain Locker fills a real gap: most domain tools either track portfolios without monitoring (DomainMOD) or monitor uptime without domain-specific intelligence (UptimeRobot). Domain Locker does both — SSL, DNS, WHOIS, expiry, uptime, security scoring — under an MIT license with a self-host path that costs nothing beyond a VPS. The trade-offs are equally real: no independent validation, solo maintainer, no enterprise backing. But for a founder managing 15–50 domains across multiple registrars who’s tired of discovering expired certs or DNS changes after the fact, the setup time is about an afternoon and the ongoing cost is $0. The main risk isn’t the software — it’s betting operational monitoring on a one-person project. Run it on infrastructure you control, keep backups of your domain data, and that risk is manageable.

If deploying it yourself is the blocker, that’s the kind of one-time setup upready.dev handles for clients. You end up owning the infrastructure and the bill stops there.

---

Sources

1. GitHub — lissy93/domain-locker (README, features, install instructions, MIT license). https://github.com/lissy93/domain-locker

2. Codeberg — alicia/domain-locker (mirror of GitHub repository, confirms README content and commit history). https://codeberg.org/alicia/domain-locker

3. Domain Locker — Official Website (homepage features, pricing tiers, notification channels, live demo). https://domain-locker.com

4. Domain Locker — Pricing Page (Free / Hobby / Pro tier details and limits). https://domain-locker.com/#pricing