Server and Hardware

Server and Hardware

The customer is responsible for providing a Linux server. Use the following specifications for optimal performance:

Network and Firewall

For Intric to function and be able to communicate with necessary services, the following network configurations are required.

Incoming traffic (Ports)

The following ports must be open and forwarded to the server:

• Port 22: SSH access (for operation and installation).
• Port 443: Web interface (HTTPS).
• Port 80: Automatic redirect to HTTPS.

Outgoing traffic (Whitelist - Infrastructure)

In addition to language models (see section below), the server needs access to the following services for infrastructure and code:

• github.com (Fetching application code)
• ghcr.io (GitHub Container Registry)
• *.docker.io (Docker Hub)
• login.intric.ai (Intric’s IdP is used for authentication)

Language models for on-prem operation

For Intric to function correctly, the system needs to communicate with external language models and AI services. The following addresses and IP numbers must be allowed for outgoing traffic in your firewall:

Intric Hosted Models (EU):

• 65.108.33.103 (Intric hosted Gemma 3 EU)
• 65.109.75.50 (Intric hosted Multilingual-E5-Large EU & Whisper)
• 77.87.121.4 (Intric hosted Gemma 3 SWE)
• mcp.intric.ai/* (Intric hosted MCP servers)

External Public Models (APIs):

• api.openai.com/v1
• api.anthropic.com
• api.berget.ai/v1
• api.mistral.ai/v1

Domain and Certificate

For the application to be securely accessible for end users, the following is required:

1. DNS: Point your chosen domain (e.g., app.company.se) to the server’s IP with an A or AAAA record.

2. SSL/TLS certificate: You need to provide valid certificates:

   • Certificate file (.crt): Full chain in PEM format.
   • Private key (.key): Private key in PEM format.
   • Note: The customer is responsible for certificate renewal.