212 apps Self-Hosted
linkding screenshot thumbnail

linkding

For people who found del.icio.us perfect and everything since bloated, linkding is the bookmark manager - a Django application whose entire design goal is saving and finding links with zero friction. Paste a URL and it fetches the title, description, favicon, and preview image automatically; organize with tags, search full-text across everything, mark bookmarks unread for read-it-later, attach Markdown notes, and bulk-edit whole selections at once. Its answer to link rot is archiving: bookmarked pages can be snapshotted automatically, either submitted to the Internet Archive or saved as local HTML files, and a documented SingleFile browser-extension integration uploads full self-contained page captures straight to your instance. Official Firefox and Chrome extensions (plus a bookmarklet) make saving a one-click habit, the UI installs as a Progressive Web App on mobile, and multi-user support with bookmark sharing - to users or logged-out guests - covers families and teams, with SSO via OIDC when needed. The REST API (create, search, filter by tag) has spawned a genuine ecosystem of community mobile apps and libraries. Operationally it is famously boring in the best way: one small container, SQLite by default, automated migrations, and a zero-breaking-changes policy. Import and export use standard Netscape HTML. MIT-licensed.

Deploy
Zitadel screenshot thumbnail

Zitadel

Securing a SaaS product, running B2B onboarding, or replacing Auth0 and Keycloak with a stack they own - teams needing more than basic auth reach for ZITADEL, an open-source identity and access management platform built in Go. Its multi-tenancy model is the differentiator: a strict Instance, Organization, Project hierarchy isolates data and scopes policy at each level, with identity brokering (pre-built templates for Google, GitHub, Microsoft, Apple, plus generic OIDC, OAuth, SAML, and LDAP), domain discovery that routes users to the right organization by email domain, and delegated management so customers administer their own users and roles. Authentication covers OpenID Connect (certified, including device authorization and token exchange), SAML 2.0 as both IdP and SP, SCIM, FIDO2 passkeys for phishing-resistant passwordless login, and MFA via OTP, email, SMS, and U2F; machine-to-machine flows support JWT profile, PATs, and client credentials. The architecture is event-sourced - every mutation is an immutable event, yielding a complete audit trail - with relational projections for queries and no external session store, so it scales horizontally. API-first with gRPC and REST, extensible via Actions webhooks, and the same codebase self-hosted (Docker Compose or Helm on PostgreSQL) as in the cloud.

Deploy
StirlingPDF screenshot thumbnail

StirlingPDF

Adobe Acrobat and Smallpdf, answered by a self-hosted Java web application: Stirling PDF processes every file with its 60+ tools on your own server and deletes it after the task completes. Nothing is uploaded to a third party, which is the whole point for contracts, invoices, and medical records. The toolbox covers page operations (merge, split at page numbers or scanned dividers, rotate, reorder, crop, extract), conversion in both directions between PDF and Word, Excel, PowerPoint, images, HTML, and Markdown, OCR that turns scans into searchable PDFs via Tesseract/OCRmyPDF (including PDF/A archival conversion), and security tools for passwords, permissions, watermarks, signatures, and true UI-driven text redaction. A built-in viewer handles annotation, drawing, and text or image insertion, and V2 added stateful processing - upload once, chain multiple tools - plus undo/redo history. For automation, nearly every tool has a REST API endpoint, no-code pipelines combine operations into custom logic chains, and watched folders process files automatically. Enterprise deployments get SSO, user management, and audit logging; the interface ships in 40+ languages. With 84K+ GitHub stars it is the most popular PDF tool in self-hosting, replacing $20/month Acrobat subscriptions with flat infrastructure cost.

Deploy
Postiz screenshot thumbnail

Postiz

Buffer and Hypefury, taken on by an open-source, agentic social media scheduler: Postiz is a Next.js application with no feature gap between hosted and self-hosted versions. Connect 28+ platforms (X, LinkedIn, Instagram, TikTok, YouTube, Reddit, Facebook, Pinterest, Bluesky, Mastodon, Discord, Slack, and more), then draft, schedule, and analyze everything from a unified visual calendar. Platform-specific depth is real: Reddit flairs and subreddit search, YouTube playlists and categories, LinkedIn company pages and carousels, Pinterest boards, X reply controls. A built-in AI agent drafts hooks, captions, and threads tuned per platform, generates images from prompts, and can execute an instruction like "write a LinkedIn post about X, make a matching image, schedule it for Tuesday at 9am" end to end. The agentic angle extends outward: a CLI and MCP server let Claude, Codex, and other AI agents drive Postiz autonomously - discovering connected integrations, fetching platform constraints, uploading media, and batch- scheduling campaigns with structured JSON output. A public REST API plus n8n, Make.com, and Zapier integrations trigger posts from CI, a CMS, or any event source. Team features cover invites, comments, and collaborative scheduling. Self-hosting removes per-channel pricing and keeps OAuth tokens on your box.

Deploy
Supertokens Core screenshot thumbnail

Supertokens Core

Authentication that lives inside your application rather than behind a redirect to an external identity provider - SuperTokens takes a fundamentally different architecture from Auth0 and AWS Cognito. Three tiers make that work - frontend SDKs (React, Angular, Vue, vanilla JS, React Native) render overridable login UI and manage tokens; backend SDKs (Node.js, Python, Go) expose auth endpoints on your own API domain; and SuperTokens Core, the piece you host here, is the stateless HTTP service handling core auth logic, password hashing, token signing, and database operations against PostgreSQL. The recipe system keeps features decoupled: use email/password, social login, passwordless (magic links, OTP), phone-password, multi-factor authentication (TOTP, WebAuthn), user roles, and microservice auth - individually or combined; you can even use SuperTokens purely for session management alongside another login provider. Sessions are where it shines: rotating refresh tokens with theft detection, automatic access-token refresh, CSRF protection, and secure cookie handling out of the box - the details that become vulnerabilities when hand-rolled. Verification happens locally in your backend via cached JWT signing keys, so the Core stays off the hot path. Self-hosted means no user limits, free forever, with all user data in your database. Apache-licensed.

Deploy
Radarr screenshot thumbnail

Radarr

The movie half of the *arr stack: Radarr is a .NET collection manager that automates acquiring films for Usenet and BitTorrent users the way Sonarr does for TV. Add a movie once and Radarr handles the rest: it monitors indexers and RSS feeds, grabs a matching release the moment one appears, sends it to SABnzbd, NZBGet, qBittorrent, Deluge, Transmission, rTorrent, or another connected download client, then imports, sorts, and renames the file into your library structure. Quality profiles are the control surface - define allowed resolutions and a cutoff, and Radarr keeps upgrading files automatically, replacing a DVD rip when a Blu-ray release lands. Custom formats go further, scoring releases by codec, HDR metadata, release group, streaming source, or arbitrary regex so the copy you want always wins the pick. Failed downloads retry with another release automatically; a manual search shows every candidate and explains why one was skipped. Release parsing recognizes director's cuts, special editions, AKA titles, and hardcoded subs. Plex and Kodi integration handles notifications, library refreshes, and metadata like posters, trailers, and subtitles, and a calendar view tracks upcoming releases. It pairs naturally with Jellyseerr for request management and shares its API conventions with the whole *arr ecosystem.

Deploy
Countly screenshot thumbnail

Countly

Mixpanel, OneSignal, and Crashlytics in one self-hosted stack - Countly is an all-in-one product analytics and engagement platform where every byte of first-party data stays on your server. A Node.js application over MongoDB, it collects through ten battle-tested SDKs spanning iOS, Android, web JavaScript, React Native, Flutter, Unity, and desktop (plus a data write API for anything else), and has powered tens of thousands of mobile, web, and desktop apps since 2012. The analytics core covers sessions, custom events, views, user profiles, and real-time dashboards, with exploration tools built for product managers as much as analysts. What separates Countly from pure analytics tools is acting on the data without third parties: built-in push notifications send automated, transactional, and personalized messages to iOS (APNs), Android (Firebase), and Huawei devices, with the SDK handling token retrieval and permission flows automatically; crash reporting captures symbolicated native crashes on iOS and Android plus JavaScript errors, correlated with the same user and session data. Email reports keep stakeholders updated, and the plugin-based architecture means features load as modules. For GDPR-sensitive products, engagement without piping user data to advertising companies is the entire point. AGPL-licensed server, installable in minutes.

Deploy
Navidrome screenshot thumbnail

Navidrome

Spotify economics without the subscription or catalog gaps: Navidrome, the reference self-hosted music server, streams your own FLAC, MP3, and ALAC collection from a single Go binary with a React/Material UI web player. Its Subsonic/OpenSubsonic API compatibility is the superpower: 50+ existing clients work out of the box, from Symfonium and DSub on Android to Feishin and Sonixd on desktop, plus Android Auto, CarPlay, and Android TV apps. Transcoding is server-managed and FFmpeg-backed - FLAC direct-plays at home and downsamples to MP3, AAC, or Opus over mobile bandwidth, with the OpenSubsonic transcoding extension letting clients declare capabilities and receive per-track direct-play or transcode decisions automatically. Multi-user support gives every account its own play counts, favorites, ratings, and playlists, and multi-library support scopes different collections to different users. The feature list covers serious listening: Last.fm and ListenBrainz scrobbling, artist bios and images, embedded and external lyrics, audiobook bookmarks, saved play queues that resume on another device, internet radio, jukebox mode, and M3U playlist auto-import kept in sync with your folder. Resource usage is famously low - it runs happily on a Raspberry Pi and scales to six-figure track counts.

Deploy
Dashy screenshot thumbnail

Dashy

Every service you run, behind one polished start page: Dashy is the most customizable homelab dashboard, built as a Vue.js homepage. Configuration lives in a single YAML file, but you never have to hand-edit it: an integrated UI editor with real-time validation writes changes back to disk, so both config-as-code and point-and-click camps are served. Status indicators put a live health dot next to every app - HTTP checks or pings on custom intervals, with response time and status details on hover - giving you an at-a-glance uptime overview before anything breaks. Over 50 built-in widgets pull dynamic content from the services you already run: Pi-hole and AdGuard block stats, Proxmox lists, Nextcloud status, Netdata CPU/memory history, Prometheus data, plus weather, RSS, crypto prices, and generic iframe/API-response widgets for anything with an endpoint. Instant fuzzy search launches any app as you type, with customizable hotkeys and web-search fallthrough. Theming is deep: dozens of built-in themes, a UI color palette editor, and custom CSS over CSS variables. Alternate views include a fast-loading minimal startpage and a workspace view that embeds apps side-by-side without leaving the dashboard. Icons resolve from Font Awesome, homelab icon packs, emojis, or auto-fetched favicons. Built-in authentication, multi-page support, cloud backup/sync, and multi-language round out an MIT project with a massive community.

Deploy
LubeLogger screenshot thumbnail

LubeLogger

Vehicle maintenance records shouldn't live in a homemade spreadsheet and a shoebox of receipts - LubeLogger exists because of exactly that. It's a self-hosted .NET web application (from Hargata Softworks) that gives every vehicle in your garage a complete digital history: service, repair, and upgrade records categorized and searchable, with invoices and receipts attached as documents; fuel fill-ups that compute economy in MPG, UK MPG, L/100KM, or KM/L without spreadsheet tedium; taxes, odometer logs, inspections, equipment, and supplies inventory for tracking the parts and fluids on your shelf. The reminder system is what saves engines: recurring reminders trigger by date, odometer reading, or whichever comes first - exactly how real service intervals work - so oil changes and timing belts stop relying on memory. A dashboard summarizes expenses by year, month, and category, a planner tracks to-dos by type, priority, and progress, and professional vehicle reports print a full history - genuinely useful when selling a car. Collaboration is built in: invite household members as collaborators on shared vehicles, with single sign-on support. Custom fields adapt records to your needs, CSV import/export moves data freely, an API enables automation, and the mobile-tested UI installs as a PWA on iOS and Android. MIT-licensed.

Deploy
EverShop screenshot thumbnail

EverShop

Magento's extensibility without PHP, Shopify's polish without the platform tax: EverShop is the TypeScript-first e-commerce platform built on that promise. Architected as a modular monolith on Node.js, it organizes every piece of business logic - catalog, checkout, customers, your custom extensions - into modules that plug in without touching core code, extended through a disciplined set of mechanisms: registry processors for transforming data across modules, hooks that wrap function calls, async event subscribers (product created, order placed), and route middleware. The storefront and the fully-featured admin panel are both React with server-side rendering and hydration, giving fast first paint and SEO-friendly pages, while a typed GraphQL API (plus REST endpoints) serves exactly the data each view needs - the same API that powers headless and PWA builds. Standard commerce is covered: product management with variants and attributes, category navigation, cart and checkout, order and customer management, coupons, and a theme system built on React components and Tailwind for deep storefront customization. PostgreSQL is the default database, deployment is Docker-friendly with near-zero configuration, and the GPL-3.0 license means the entire stack - types, resolvers, and checkout flow included - is yours to read and modify.

Deploy
Jirafeau screenshot thumbnail

Jirafeau

Upload a file, get a unique download link and a separate delete link - Jirafeau has done exactly this one thing since 2008. It is plain PHP with no database, no mail server, no JavaScript framework, and no external dependencies - files and metadata live on the filesystem, which is why it runs on nearly anything and why it has outlasted most of its imitators. Uploads use the HTML5 file API, so PHP's post_max_size ceiling does not constrain file size, with live progress showing speed, percentage, and time remaining. Every upload takes options: expiration from one minute to a year to unlimited, self-destruct after first download, and password protection with configurable policy - passwords can be optional, required, or server-generated with complexity rules. Server-side encryption (modern builds use XChaCha20-Poly1305) stores files encrypted at rest with the decrypt key embedded only in the download URL, never on the server, so a compromised host cannot read the contents. Unencrypted deployments get file-level deduplication - identical files stored once with multiple links. Upload access can be gated by password lists or IP allowlists, a small admin panel manages stored files, and a CLI cleanup script handles expired files via cron. Recipients can preview supported files in-browser.

Deploy
Wizarr screenshot thumbnail

Wizarr

Getting non-technical friends and family onto a media server is its most tedious chore - Wizarr solves it. Instead of manually creating accounts, dictating server addresses, and explaining which app to install, you send one invite link. When the recipient clicks it, Wizarr creates their account on your server automatically - Plex, Jellyfin, Emby, Audiobookshelf, Komga, Kavita, and Romm are all supported - then walks them through a mobile-first, app-like onboarding wizard: download the right client, sign in, and learn how to request movies through your Overseerr or Ombi instance, with an optional Discord server invite along the way. Invitations are genuinely manageable: set expiration dates, usage limits, passphrases, library-scoped access tiers, and time-limited memberships that end access automatically. The wizard itself is fully customizable - Markdown-based steps managed from the admin UI, organized into pre-invite and post-invite phases (terms of service before joining, app setup after), reorderable bundles assignable to specific invitation types, and combined flows for invites spanning multiple servers. Multi-server and multi-admin support manages several backends from one dashboard, SSO support is plug-and-play, and a REST API with OpenAPI/Swagger documentation covers automation. A Flask/HTMX app in a single Docker container.

Deploy
UptimeKuma screenshot thumbnail

UptimeKuma

Sixty-thousand-plus GitHub stars make Uptime Kuma the most popular self-hosted monitoring tool - MIT-licensed, Node.js, and the standard replacement for UptimeRobot, Pingdom, and Freshping. It watches a dozen monitor types: HTTP(S) endpoints with keyword and JSON-query content validation, TCP ports, ICMP ping, DNS records, WebSockets, Docker containers via the socket, Steam game servers, MQTT brokers, gRPC services, and push-based heartbeats for cron jobs and internal workers. Checks run at intervals as tight as 20 seconds - versus UptimeRobot's 5-minute free tier - with unlimited monitors and unlimited data retention. When something fails, alerts fan out through 90+ notification channels: Slack, Discord, Telegram, email with LiquidJS templating, PagerDuty, OpsGenie, ntfy, Gotify, Matrix, and dozens more via native providers plus the Apprise library. Unlimited public or password-protected status pages - mappable to specific domains and organized into monitor groups - communicate health to customers, with maintenance windows that suppress alerts during planned work. The reactive dashboard graphs response times, tracks SSL certificate expiry with advance warnings, supports proxies and 2FA, and ships in dozens of languages. One Docker container with a SQLite volume covers an entire infrastructure.

Deploy
Open-Meteo screenshot thumbnail

Open-Meteo

High-resolution weather forecasts became a free commodity because of Open-Meteo - and this deployment puts the whole open-source engine on your own infrastructure. The public open-meteo.com service aggregates national weather models (NOAA GFS, DWD ICON, ECMWF, Meteo-France, and others) into one consistent JSON interface; self-hosting gives you that same API without rate limits, third-party dependency, or usage metering. The architecture is two cooperating services: the API server exposes forecast endpoints fully compatible with Open-Meteo query parameters - latitude, longitude, hourly and daily variables like temperature, precipitation, wind, and radiation - while a background sync worker downloads fresh weather model data on a configurable interval into a shared persistent volume at /app/data, so forecasts stay current and survive restarts without re-downloading. You control which weather models to mirror, which variables to store, how much historical depth to keep, and how often to refresh - meaning a lean deployment can sync only the model and region you actually query. Responses are plain HTTP/JSON, so integration with dashboards, Home Assistant-style automations, agricultural monitoring, IoT fleets, or any application takes minutes. For anyone making thousands of forecast calls a day, replacing a metered weather API with your own instance turns a recurring bill into a flat infrastructure cost.

Deploy
Joplin screenshot thumbnail

Joplin

Notes on Windows, macOS, Linux, Android, iOS, and the terminal, synced through your own server: Joplin pairs its open-source clients with Joplin Server, the official self-hosted backend that replaces Dropbox, OneDrive, or Nextcloud as the synchronization target. Notes are Markdown with inline attachments (images, PDFs, audio), organized into hierarchical notebooks and sub-notebooks with cross-cutting tags, alongside to-do lists with reminders and alarms. End-to-end encryption is the headline feature: enabled in the clients, it encrypts sync payloads on-device before upload, so the server stores blobs it cannot read - genuine protection even if the host is compromised. The desktop app offers both Rich Text and Markdown editors, extended by a plugin ecosystem, custom themes, and an Extension API for writing your own scripts; a Web Clipper for Chrome and Firefox captures full pages or screenshots straight into notebooks. Joplin Server ships as a Docker image with SQLite for evaluation and PostgreSQL for production, offers a filesystem storage driver for large content, and includes multi-user support and note sharing - all free under AGPL-3.0 when self-hosted. Notes stay in an open format, so the exit path always exists.

Deploy
Inbox Zero screenshot thumbnail

Inbox Zero

Your Gmail, Google Workspace, or Outlook inbox, worked by an AI assistant: Inbox Zero sits on top of the account you already have. Its core idea is rules written in plain English - tell the assistant "label invoices and file the PDF to Drive" or "archive cold outreach unless they mention my company" - and it executes against every incoming message. Emails that need a response arrive with a pre-drafted reply written in your tone, learned from your email history and calendar context. Reply Zero tracks what you owe responses to and what you're waiting on; the Bulk Unsubscriber surfaces newsletters you never read (with read-rate analytics) for one-click unsubscribe-and-archive; the Cold Email Blocker auto-archives unsolicited pitches based on your own definition of "cold." Smart Filing routes attachments - receipts, contracts, PDFs - into the right Google Drive or OneDrive folder, and Slack/Telegram integration lets you read, draft, and triage without opening a mail client. Email analytics show top senders and volume trends. It is not a new email client: everything happens in your real mailbox using native filters. Self-hosting means your mail content and the LLM calls that process it run on infrastructure you control.

Deploy
Heimdall screenshot thumbnail

Heimdall

Links stop drowning in browser bookmarks once Heimdall - the application dashboard from the LinuxServer.io team - gives every web app and service you run a single, organized front door. Items come in three tiers. Generic items link to anything on the web with a name, color, and optional icon. Foundation apps are recognized as you type, auto-filling the application's icon and tile color so a full homelab dashboard assembles in minutes. Enhanced apps go further: supply API credentials and the tile shows live data - queue size and download speed for SABnzbd and NZBGet, plus integrations for Sonarr, Radarr, Plex, Jellyfin, Pi-hole, Portainer, Transmission, and many more. There are no iframes and no apps-within-apps; tiles are honest links with real-time stats layered on. Tiles arrange by drag and drop, backgrounds are customizable, an optional search bar (Google, Bing, or DuckDuckGo) makes it work as a browser start page, and optional multi-user authentication keeps dashboards personal. Built on Laravel with SQLite file-based storage - no external database - it stays light, responsive on mobile, and simple to back up. A natural first deployment: the page that ties every other self-hosted service together.

Deploy