212 apps Self-Hosted
Jirafeau screenshot thumbnail

Jirafeau

Upload a file, get a unique download link and a separate delete link - Jirafeau has done exactly this one thing since 2008. It is plain PHP with no database, no mail server, no JavaScript framework, and no external dependencies - files and metadata live on the filesystem, which is why it runs on nearly anything and why it has outlasted most of its imitators. Uploads use the HTML5 file API, so PHP's post_max_size ceiling does not constrain file size, with live progress showing speed, percentage, and time remaining. Every upload takes options: expiration from one minute to a year to unlimited, self-destruct after first download, and password protection with configurable policy - passwords can be optional, required, or server-generated with complexity rules. Server-side encryption (modern builds use XChaCha20-Poly1305) stores files encrypted at rest with the decrypt key embedded only in the download URL, never on the server, so a compromised host cannot read the contents. Unencrypted deployments get file-level deduplication - identical files stored once with multiple links. Upload access can be gated by password lists or IP allowlists, a small admin panel manages stored files, and a CLI cleanup script handles expired files via cron. Recipients can preview supported files in-browser.

Deploy
Wizarr screenshot thumbnail

Wizarr

Getting non-technical friends and family onto a media server is its most tedious chore - Wizarr solves it. Instead of manually creating accounts, dictating server addresses, and explaining which app to install, you send one invite link. When the recipient clicks it, Wizarr creates their account on your server automatically - Plex, Jellyfin, Emby, Audiobookshelf, Komga, Kavita, and Romm are all supported - then walks them through a mobile-first, app-like onboarding wizard: download the right client, sign in, and learn how to request movies through your Overseerr or Ombi instance, with an optional Discord server invite along the way. Invitations are genuinely manageable: set expiration dates, usage limits, passphrases, library-scoped access tiers, and time-limited memberships that end access automatically. The wizard itself is fully customizable - Markdown-based steps managed from the admin UI, organized into pre-invite and post-invite phases (terms of service before joining, app setup after), reorderable bundles assignable to specific invitation types, and combined flows for invites spanning multiple servers. Multi-server and multi-admin support manages several backends from one dashboard, SSO support is plug-and-play, and a REST API with OpenAPI/Swagger documentation covers automation. A Flask/HTMX app in a single Docker container.

Deploy
UptimeKuma screenshot thumbnail

UptimeKuma

Sixty-thousand-plus GitHub stars make Uptime Kuma the most popular self-hosted monitoring tool - MIT-licensed, Node.js, and the standard replacement for UptimeRobot, Pingdom, and Freshping. It watches a dozen monitor types: HTTP(S) endpoints with keyword and JSON-query content validation, TCP ports, ICMP ping, DNS records, WebSockets, Docker containers via the socket, Steam game servers, MQTT brokers, gRPC services, and push-based heartbeats for cron jobs and internal workers. Checks run at intervals as tight as 20 seconds - versus UptimeRobot's 5-minute free tier - with unlimited monitors and unlimited data retention. When something fails, alerts fan out through 90+ notification channels: Slack, Discord, Telegram, email with LiquidJS templating, PagerDuty, OpsGenie, ntfy, Gotify, Matrix, and dozens more via native providers plus the Apprise library. Unlimited public or password-protected status pages - mappable to specific domains and organized into monitor groups - communicate health to customers, with maintenance windows that suppress alerts during planned work. The reactive dashboard graphs response times, tracks SSL certificate expiry with advance warnings, supports proxies and 2FA, and ships in dozens of languages. One Docker container with a SQLite volume covers an entire infrastructure.

Deploy
Open-Meteo screenshot thumbnail

Open-Meteo

High-resolution weather forecasts became a free commodity because of Open-Meteo - and this deployment puts the whole open-source engine on your own infrastructure. The public open-meteo.com service aggregates national weather models (NOAA GFS, DWD ICON, ECMWF, Meteo-France, and others) into one consistent JSON interface; self-hosting gives you that same API without rate limits, third-party dependency, or usage metering. The architecture is two cooperating services: the API server exposes forecast endpoints fully compatible with Open-Meteo query parameters - latitude, longitude, hourly and daily variables like temperature, precipitation, wind, and radiation - while a background sync worker downloads fresh weather model data on a configurable interval into a shared persistent volume at /app/data, so forecasts stay current and survive restarts without re-downloading. You control which weather models to mirror, which variables to store, how much historical depth to keep, and how often to refresh - meaning a lean deployment can sync only the model and region you actually query. Responses are plain HTTP/JSON, so integration with dashboards, Home Assistant-style automations, agricultural monitoring, IoT fleets, or any application takes minutes. For anyone making thousands of forecast calls a day, replacing a metered weather API with your own instance turns a recurring bill into a flat infrastructure cost.

Deploy
Joplin screenshot thumbnail

Joplin

Notes on Windows, macOS, Linux, Android, iOS, and the terminal, synced through your own server: Joplin pairs its open-source clients with Joplin Server, the official self-hosted backend that replaces Dropbox, OneDrive, or Nextcloud as the synchronization target. Notes are Markdown with inline attachments (images, PDFs, audio), organized into hierarchical notebooks and sub-notebooks with cross-cutting tags, alongside to-do lists with reminders and alarms. End-to-end encryption is the headline feature: enabled in the clients, it encrypts sync payloads on-device before upload, so the server stores blobs it cannot read - genuine protection even if the host is compromised. The desktop app offers both Rich Text and Markdown editors, extended by a plugin ecosystem, custom themes, and an Extension API for writing your own scripts; a Web Clipper for Chrome and Firefox captures full pages or screenshots straight into notebooks. Joplin Server ships as a Docker image with SQLite for evaluation and PostgreSQL for production, offers a filesystem storage driver for large content, and includes multi-user support and note sharing - all free under AGPL-3.0 when self-hosted. Notes stay in an open format, so the exit path always exists.

Deploy
Inbox Zero screenshot thumbnail

Inbox Zero

Your Gmail, Google Workspace, or Outlook inbox, worked by an AI assistant: Inbox Zero sits on top of the account you already have. Its core idea is rules written in plain English - tell the assistant "label invoices and file the PDF to Drive" or "archive cold outreach unless they mention my company" - and it executes against every incoming message. Emails that need a response arrive with a pre-drafted reply written in your tone, learned from your email history and calendar context. Reply Zero tracks what you owe responses to and what you're waiting on; the Bulk Unsubscriber surfaces newsletters you never read (with read-rate analytics) for one-click unsubscribe-and-archive; the Cold Email Blocker auto-archives unsolicited pitches based on your own definition of "cold." Smart Filing routes attachments - receipts, contracts, PDFs - into the right Google Drive or OneDrive folder, and Slack/Telegram integration lets you read, draft, and triage without opening a mail client. Email analytics show top senders and volume trends. It is not a new email client: everything happens in your real mailbox using native filters. Self-hosting means your mail content and the LLM calls that process it run on infrastructure you control.

Deploy
Heimdall screenshot thumbnail

Heimdall

Links stop drowning in browser bookmarks once Heimdall - the application dashboard from the LinuxServer.io team - gives every web app and service you run a single, organized front door. Items come in three tiers. Generic items link to anything on the web with a name, color, and optional icon. Foundation apps are recognized as you type, auto-filling the application's icon and tile color so a full homelab dashboard assembles in minutes. Enhanced apps go further: supply API credentials and the tile shows live data - queue size and download speed for SABnzbd and NZBGet, plus integrations for Sonarr, Radarr, Plex, Jellyfin, Pi-hole, Portainer, Transmission, and many more. There are no iframes and no apps-within-apps; tiles are honest links with real-time stats layered on. Tiles arrange by drag and drop, backgrounds are customizable, an optional search bar (Google, Bing, or DuckDuckGo) makes it work as a browser start page, and optional multi-user authentication keeps dashboards personal. Built on Laravel with SQLite file-based storage - no external database - it stays light, responsive on mobile, and simple to back up. A natural first deployment: the page that ties every other self-hosted service together.

Deploy
Vaultwarden screenshot thumbnail

Vaultwarden

The Bitwarden server, reimplemented in Rust: Vaultwarden (formerly bitwarden_rs) is the unofficial lightweight edition. It speaks the same wire protocol as the official server, so every official Bitwarden client - browser extensions, iOS, Android, desktop, and the bw CLI - connects without modification, while the server itself runs as a single container against SQLite (or MySQL/MariaDB/PostgreSQL) instead of the official multi-container stack that wants gigabytes of RAM. Features Bitwarden gates behind paid tiers ship free: organizations with collections, groups, member roles, and policies; TOTP code storage; file attachments; Bitwarden Send; Emergency Access; event logs; and admin password reset. Two-factor options cover authenticator apps, email, FIDO2 WebAuthn, YubiKey, and Duo, and OIDC-based SSO landed natively in v1.35.0. Zero-knowledge encryption is unchanged - vault data is encrypted client-side and the master password never reaches the server. Attachments and Sends store on local disk or S3-compatible backends, an admin panel manages users and server settings, and backup is copying one data directory. Suited to individuals and teams up to roughly 50 users.

Deploy
Docmost screenshot thumbnail

Docmost

Confluence and Notion both want your team's documentation in their cloud; Docmost, an open-source collaborative wiki platform, keeps it on your server. The centerpiece is a Notion-style block editor with CRDT-based real-time collaboration: multiple people edit the same page simultaneously and changes merge without conflicts or overwrites. Content lives in spaces - per team, project, or department - with nested page trees, role-based permissions, groups, inline comments, page history with restore, and full-text search across everything. The editor covers tables, code blocks, callouts, KaTeX math, and file attachments, and diagramming is built in rather than bolted on: Mermaid, Draw.io, and Excalidraw all render inside pages, alongside embeds for Airtable, Loom, Miro, and more. Migration paths include Notion, Markdown, HTML, and ZIP archive imports (Confluence, PDF, and DOCX importers ship in the Enterprise edition, along with SSO via SAML/OIDC/LDAP and MFA). The stack is TypeScript with PostgreSQL and Redis, deploys via Docker Compose, runs in air-gapped environments with no external dependencies, and is translated into 10+ languages. The AGPL-3.0 community edition carries no per-seat fees; the project has passed 20,000 GitHub stars since its 2024 launch.

Deploy
Duplicati screenshot thumbnail

Duplicati

Encrypted, incremental, compressed backups on storage you already have - Amazon S3, Backblaze B2, Google Drive, Azure, OneDrive, Dropbox, MEGA, Storj, WebDAV, SFTP, FTP, SMB, or a plain local disk - is what the MIT-licensed Duplicati has quietly done for years. Its security model is Trust No One: every block is encrypted with AES-256 (or a local GPG instance) before leaving the machine, and the passphrase never travels, so the storage provider holds only ciphertext. The block-based storage engine gives the best of both backup worlds: after one initial full backup, only changed data blocks upload - modify a tiny part of a huge file and only that part transfers - yet every backup version restores like a full backup in a single operation, with no incremental chains to replay. Deduplication and compression keep remote storage growth slow even across years of versions. A web interface manages everything: the built-in scheduler keeps backups current automatically, flexible filters select folders, file types, or custom patterns, retention policies prune old versions, and an integrated updater flags new releases. On compatible object-lock backends, immutable (WORM) storage protects backup data from ransomware that reaches the credentials. Runs on Windows, macOS, and Linux, free even for commercial use.

Deploy
Unleash screenshot thumbnail

Unleash

Deployment decoupled from release: Unleash, the most popular open-source feature management platform on GitHub, is a Node.js server backed by PostgreSQL. Ship code dark, then control who sees it through activation strategies: gradual percentage rollouts, targeting by user ID, IP, hostname, or application name, custom constraints against your own context fields, and scheduled or time-limited releases. Strategies stack - a flag activates if any strategy matches - and strategy variants layer A/B versions on top of the on/off decision. Each flag carries per-environment configurations, so a feature can run at 100% in staging while canarying at 5% in production. Backend SDKs (Node.js, Java, Go, Python, Ruby, .NET, PHP, Rust, and more) fetch configuration and evaluate flags locally, so a flag check adds zero network latency to request paths; frontend SDKs for React, Vue, Svelte, iOS, Android, and Flutter evaluate through a proxy layer. Flag hygiene is built in: flags are typed (release, experiment, operational, kill-switch, permission) with expected lifetimes, and Unleash marks overdue flags as potentially stale and surfaces unknown flags your SDKs request but that don't exist. Self-hosting via Docker keeps flag data, targeting rules, and evaluation infrastructure entirely on your side.

Deploy
Sonarr screenshot thumbnail

Sonarr

Add a series once, set a quality profile, and everything downstream is automated: Sonarr is the smart PVR for Usenet and BitTorrent users. It monitors RSS feeds from your indexers, detects new episodes the moment they release, sends matching grabs to SABnzbd, NZBGet, qBittorrent, Deluge, or another download client, then renames files with fully configurable templates, sorts them into consistent folder structures, and notifies Plex, Kodi, or Jellyfin to update the library. Quality profiles define what's acceptable (HDTV, WEB-DL, Blu-ray, up to 4K) and an upgrade cutoff - when a better release appears, Sonarr replaces the existing file automatically, stepping from HDTV to WEB-DL to Blu-ray until the cutoff is met. Custom formats add weighted scoring for finer-grained release selection, with community-maintained TRaSH Guides presets as the widely accepted defaults. Failed downloads are handled without intervention: Sonarr retries with another release, and manual search shows every candidate with the reasons any was rejected. It scans existing libraries for missing episodes, fully supports specials, multi-episode files, and daily and anime series types, and a calendar view shows upcoming episodes across every tracked show. Runs on Linux, Windows, macOS, and Raspberry Pi, and pairs naturally with Prowlarr for centralized indexer management.

Deploy
Change Detection screenshot thumbnail

Change Detection

Price drops, restocks, job postings, government announcements, competitor edits - changedetection.io watches web pages and alerts you the moment anything changes, down to PDF text and checksums. Point it at a URL, set a check interval, and precise filters decide what counts as a change: a Visual Selector targets page elements by pointing and clicking, CSS selectors and XPath narrow scope, trigger-text and ignore-text rules (with regex support) cut noise, and JSONPath or jq handles API responses. A dedicated re-stock and price detection mode extracts product metadata and fires on thresholds - alert only when the price drops below your target or the percentage change exceeds a limit. JavaScript-heavy sites render through a real Chrome browser via Playwright, with the ability to execute JS steps first (log in, click, scroll) before extracting text. Notifications reach 85+ services through Apprise - Discord, Slack, Telegram, email, webhooks - optionally with a screenshot of the changed page, and AI-powered summaries (any OpenAI-compatible endpoint, including local Ollama) describe what changed. Per-watch proxies, custom headers, and POST/GET control cover hostile targets. Apache-2.0 licensed with local file-based storage: the URLs you monitor and why stay entirely your business.

Deploy
Faved screenshot thumbnail

Faved

Large link collections stay fast and organized in Faved, a private, self-hosted bookmark manager built for exactly that job. Its core is a nested tagging system that outgrows flat folders: place Go and Python under Programming Languages, color-code tags, add descriptions, pin frequent ones to the top of the sidebar, and optionally roll up child-tag items into parent views. Saving is frictionless - a lightweight bookmarklet works in any desktop or mobile browser without extensions, and Apple devices can send links through the native Share menu. Faved fetches titles, descriptions, and preview images automatically, keeps that metadata fresh over time, and flags duplicates as you save. Instant as-you-type search, flexible sorting, and bulk actions (retag, delete, refetch) keep collections of any size manageable, while customizable layouts - card, list, or table - plus a system-synced dark mode adapt the interface to your workflow. Migration is first-class: import from Chrome, Safari, Firefox, or Edge with folder structure preserved, or move from Pocket and Raindrop.io keeping tags and collections. The stack is deliberately light - PHP 8 with SQLite behind a React/Tailwind frontend - deploying via Docker with no external dependencies. All data stays local: no ads, no tracking, and no risk of your library vanishing with a discontinued service.

Deploy
Usermemos screenshot thumbnail

Usermemos

Memos, the lightweight open-source note service from the usememos project, packaged as a containerized deployment for multi-architecture Docker hosts (x86-64 and arm64): that is Usermemos. The model is frictionless capture: no folders or titles, just a chronological stream of Markdown notes with code blocks, task lists, tables, and file attachments, organized by #hashtags pulled automatically from the text. Per-memo visibility - private, protected for logged-in users, or public - lets a single instance serve as a personal journal, a shared team log, or a public microblog simultaneously. Multi-user support with authentication makes it workable for small teams, and full REST and gRPC APIs open capture and retrieval to CLIs, bots, and automation tools. The runtime is a single Go binary with a React frontend that idles around 50 MB of memory and stores content as plain Markdown in SQLite by default, with MySQL and PostgreSQL available for heavier deployments. Configuration happens through environment variables, access works over HTTP or HTTPS behind a reverse proxy, and there is no telemetry - notes stay on your server in a portable format.

Deploy
Peppermint screenshot thumbnail

Peppermint

A deliberately simple ticketing system standing in for both Zendesk and Jira: Peppermint handles internal staff requests and external customer support alike. The stack is modern full-stack TypeScript: Next.js and React over Prisma and PostgreSQL, which makes it light to run and approachable for developers extending it. Ticket creation is straightforward - a markdown editor with file uploads, assignment, status tracking, and a logical workflow that new agents grasp without a manual. Mailbox integration converts email into tickets automatically: configure SMTP/IMAP per mailbox and incoming messages become trackable tickets. Each client accumulates an interaction history, giving agents context on every past request before replying. Two touches distinguish it from bare-bones ticketing: a built-in markdown notebook with todo lists for internal documentation and knowledge sharing, and OIDC authentication so agents sign in through your existing identity provider - Keycloak, Okta, Authentik, or Azure AD. Configurable webhooks and email notifications push ticket events to third-party services. The UI is responsive from mobile to 4K, and everything works fully offline in air-gapped environments. Docker-native and scalable via Kubernetes, with an active community of 3,000+ GitHub stargazers.

Deploy
Trilium Notes screenshot thumbnail

Trilium Notes

For people whose notes number in the tens of thousands, Trilium Notes is the hierarchical note-taking application built specifically for large personal knowledge bases - actively maintained as TriliumNext. Notes arrange into arbitrarily deep trees where every note is both content and container, and cloning lets a single note live in multiple places at once - bash notes belong under both Linux and Scripting, and Trilium refuses to make you choose. A WYSIWYG editor handles rich text, tables, math, and syntax-highlighted code blocks with Markdown-style shortcuts, while dedicated note types cover Excalidraw sketches, mind maps, geo maps with GPX tracks, relation maps that visualize connections between notes, and tables with typed columns. The attribute system is the power layer: labels attach queryable metadata (#year=1999, #author), relations create named links between notes, and both inherit down the tree - feeding full-text search, saved queries, and scripting. Scripting is Trilium's deepest differentiator: JavaScript code notes run on events like note changes or hourly schedules, build custom widgets, and add server-side logic, turning the knowledge base into a programmable platform. Protected notes encrypt sensitive content, note hoisting focuses on subtrees, and the self-hosted server syncs desktop clients across devices.

Deploy
It Tools screenshot thumbnail

It Tools

The utilities engineers otherwise scatter across a dozen ad-laden websites - 80+ of them - live together in IT-Tools, one fast, polished web app. Crypto covers JWT decoding, MD5 through SHA-512 hashing, HMAC and bcrypt generation, RSA key pairs, and password strength analysis. Converters handle JSON to CSV, YAML, and TOML, Base64 files, URL encoding, HTML entities, color formats, and Docker run commands to Compose files. Generators produce UUIDv4, ULID, BIP39 mnemonics, QR codes (including Wi-Fi QR), and tokens; text tools include a regex tester, diff viewer, slug and case converters; web utilities parse URLs and user agents, look up HTTP status codes and MIME types, and inspect Open Graph metadata; plus a cron parser, chmod calculator, and more. The privacy argument is the point: JWTs contain user IDs, hashes derive from passwords, JSON dumps hold PII - exactly the inputs you least want a third-party utility site to log. IT-Tools is a frontend-only static bundle (Vue/TypeScript, GPL-3.0, 39k+ GitHub stars) served by Nginx in one container, so everything runs client-side on your infrastructure with nothing transmitted anywhere. New tools ship roughly monthly, and a scaffolding script makes adding custom ones straightforward.

Deploy