Kutt
Built for self-hosting from the ground up, Kutt is a modern, MIT-licensed URL shortener: zero-configuration setup, no build step, and SQLite, PostgreSQL, or MySQL with optional Redis caching. Links carry real management features - custom slugs from a configurable alphabet (confusable characters like 0/O and l/1 omitted by default), password protection, descriptions, expiration times, and the ability to edit a destination URL without changing the short link already in circulation. Custom domains make branded short links first-class: add as many as you like and serve each under your own name instead of a third-party's. Private, per-link statistics track clicks, browsers, operating systems, and countries without logging visitor IPs or sensitive data. An admin page manages users and links instance-wide, and two environment flags (DISALLOW_REGISTRATION, DISALLOW_ANONYMOUS_LINKS) lock the instance down for private use; OpenID Connect login integrates with an existing identity provider. Automation runs through a documented REST API - create, list, delete, and pull stats - plus Chrome and Firefox extensions and ShareX compatibility for shortening from anywhere. Built with Node.js and React, deployed in one Docker container, it replaces Bitly with something you own: your domain, your analytics, and links that never die with a vendor.
mCaptcha
The CAPTCHA bargain - annoy your users and feed their behavior to Google - gets replaced with economics by mCaptcha. Instead of image puzzles, it uses SHA256 proof-of-work: every visitor's browser silently solves a small computational challenge (via a WebAssembly library) before submitting a form. Humans never notice the milliseconds; bots hammering your site must burn more compute sending requests than your server spends answering them, which makes attacks more expensive than defense - the property that also makes mCaptcha genuine DoS protection, not just bot filtering. Written in Rust, the system is fully automated: difficulty scales with traffic, so challenges stay trivial in normal conditions and harden under attack. The privacy and accessibility wins are structural rather than promised: no tracking, no profiling, no user-pattern data collection, and no visual puzzles that exclude users with visual or cognitive impairments - the design was published in Communications of the ACM. Rate limiting is IP-independent, so users behind NATs, VPNs, or Tor get the same experience instead of endless challenge loops, and proofs resist replay attacks, neutering captcha farms. Migration is deliberately easy: the API is compatible with reCAPTCHA and hCaptcha, making it a drop-in replacement. AGPL-licensed core with proprietary-friendly client libraries.
BeaverHabits
No targets, no gamification spiral, no motivational nagging: Beaver Habit Tracker is a self-hosted habit tracker deliberately built without "Goals". The core loop is honest: add habits, check them off each day, watch streaks accumulate on a calendar view. Its design follows behavioral-science basics - make it obvious (visual streak cues), make it attractive (progress is the motivator), make it satisfying (tracking becomes its own reward). Beyond the daily checklist it supports per-day notes intelligently grouped per habit, periodic habits, habit categories and tags, drag-to-reorder (manual or automatic), dark mode, and detailed streak and frequency views. Data lives where you choose: a single SQLite database or flat JSON files on a mounted volume, with JSON export and import for full portability. A REST API opens automation - community integrations already cover Stream Deck buttons, Home Assistant triggers, and CalDAV. The Python app ships as one Docker container with no external dependencies; environment variables tune everything from first day of week and index-page columns to iOS standalone PWA mode, and single-user setups can bypass the login entirely with TRUSTED_LOCAL_EMAIL. BSD-3-Clause licensed with no commercial restrictions - a well-executed single-purpose tool whose mobile PWA works anywhere a browser does.
Owncloud
The project that proved organizations could have Dropbox-style convenience with complete data ownership: ownCloud is the original open-source file sync and share platform - the codebase Nextcloud later forked from. This deployment runs the classic ownCloud Server (PHP over PostgreSQL or MariaDB, with Redis caching), the battle-tested edition trusted across enterprises, universities, and public institutions worldwide. The core loop: store files on your server, sync them via desktop clients for Windows, macOS, and Linux plus iOS and Android apps, and access everything through the web interface or standard WebDAV. Sharing is granular - internal users and groups, external recipients via public links with passwords and expiration dates, and federated sharing that connects separate ownCloud instances into one network. Security controls include file firewall rules, multi-factor authentication, encryption, and detailed audit-friendly lifecycle management with versioning and trash-bin recovery. An app marketplace extends the platform, and Web Office integrations bring collaborative document editing through Collabora Online, OnlyOffice, or Microsoft Office Online directly into your files. LDAP and Active Directory integration slots it into existing identity infrastructure. For teams that need a proven, self-hosted alternative to Dropbox or Google Drive - where compliance demands knowing exactly which disk your data sits on - ownCloud remains a foundational choice.
Tolgee
Hold Alt/Option, click any string in your running app, and edit the translation in place: Tolgee is an open-source localization platform built the way developers wish translation worked - changes save straight to the platform with no hunting through JSON or PO files. In-context editing works even in production via the Tolgee Tools browser extension, which injects credentials without touching source code, so a client or colleague with zero coding skills can translate the product inside the product. The SDKs (React, Angular, Vue, Svelte, plus iOS and Android) extract context from each UI element and capture one-click screenshots, giving both human translators and machines the surrounding meaning that raw string files lose. Autonomous translation uses that context: new keys are instantly filled from translation memory or machine translation (DeepL, Google Translate, AWS Translate), with optional human review afterward - shipping no longer waits on a translation agency. A CLI handles import/export, a REST API covers automation, a Figma plugin bridges design, and an MCP server lets AI coding assistants search keys, create translations, and trigger machine translation without leaving the editor. Self-hosting this Crowdin/Phrase/Lokalise alternative keeps every string, screenshot, and API key on your infrastructure.
Monetr
After the bills are covered, how much is actually safe to spend? monetr organizes an entire budgeting application around that one question. Inspired by the defunct Simple bank, it budgets paycheck by paycheck rather than month by month. Funding schedules encode when you get paid - including multiple schedules per account and a weekend-exclusion option for deposits that land early - and every expense or savings goal is tied to one. monetr then calculates how much of each recurring obligation (rent, car payment, subscriptions, on any repeat interval) to set aside from each paycheck, so a large bill never has to come out of a single check. What remains after allocations is surfaced as Free-To-Use, and a forecasting timeline projects contributions, due dates, and leftover funds forward so low-balance periods are visible before they happen. Transactions arrive either as OFX uploads from your bank or automatically through a Plaid connection using your own API credentials, keeping balances and transactions synced without manual entry. The app is mobile-friendly and installable as a PWA on desktop or phone. Self-hosting via Docker Compose is completely free, with all source code public and your financial data on your own hardware.
Tiddlywiki
The entire wiki - content, code, and interface - is built from "tiddlers," small addressable units of information that link, transclude, tag, and filter into each other: TiddlyWiki is a non-linear personal notebook with a design philosophy unlike anything else in this catalog. Instead of pages in a hierarchy, you compose views by pulling tiddlers together on demand, which is why researchers, zettelkasten practitioners, and GTD devotees have sworn by it for two decades. The whole application is JavaScript, and the UI itself is written in hackable WikiText - customization goes as deep as rewriting the interface from inside the wiki. Self-hosting runs the Node.js version, which upgrades the classic single-HTML-file architecture in the ways that matter for a server: every tiddler is stored as an individual text file (Git-friendly, organizable), edits save through the HTTP API from any modern browser including phones, and one installation can serve multiple wikis blending shared and unique content. The plugin ecosystem covers graph visualizations, themes, languages, and hundreds of community extensions, declared per-wiki in a simple tiddlywiki.info file; the newer MultiWikiServer plugin adds multi-user accounts and tiddler sharing. Your notes stay usable for decades, independent of any corporation - the project's founding promise. BSD-licensed.
Flagsmith
Wrap code in a flag, then toggle it per environment, per user, per segment, or by percentage - no redeploy required: Flagsmith is an open-source feature flag and remote config platform. Every flag doubles as remote config, carrying string, number, or JSON values, so functional and visual changes ship to production without a code push. Segments are the targeting engine: build them from stored user traits, then release to beta testers first, test in production by exposing features only to internal teams, or run canary deployments to a small percentage before going wide - segment membership changes instantly without app updates. Multivariate flags split traffic across two or more variations for A/B/n testing, with flag events flowing into Amplitude, Mixpanel, or Segment for analysis. SDKs cover 15+ languages including TypeScript, .NET, Java, Python, and Go, with framework support for React, Next.js, and mobile, plus local evaluation for latency-sensitive paths. Organizations, projects, and roles keep multi-team setups tidy. Core functionality - unlimited flags, remote config, targeting, multivariate flags - is BSD-3-Clause licensed with an explicit commitment that it stays open. Self-hosting suits privacy-conscious teams: flag rules and user traits stay on your infrastructure, deployable via Docker or Kubernetes with Helm.
Peppermint
A deliberately simple ticketing system standing in for both Zendesk and Jira: Peppermint handles internal staff requests and external customer support alike. The stack is modern full-stack TypeScript: Next.js and React over Prisma and PostgreSQL, which makes it light to run and approachable for developers extending it. Ticket creation is straightforward - a markdown editor with file uploads, assignment, status tracking, and a logical workflow that new agents grasp without a manual. Mailbox integration converts email into tickets automatically: configure SMTP/IMAP per mailbox and incoming messages become trackable tickets. Each client accumulates an interaction history, giving agents context on every past request before replying. Two touches distinguish it from bare-bones ticketing: a built-in markdown notebook with todo lists for internal documentation and knowledge sharing, and OIDC authentication so agents sign in through your existing identity provider - Keycloak, Okta, Authentik, or Azure AD. Configurable webhooks and email notifications push ticket events to third-party services. The UI is responsive from mobile to 4K, and everything works fully offline in air-gapped environments. Docker-native and scalable via Kubernetes, with an active community of 3,000+ GitHub stargazers.
Redmine
Nearly two decades running engineering organizations: Redmine is the veteran open-source project management and issue tracker, a Ruby on Rails application (GPLv2) still in active development. Its core strength is configurability: define your own trackers (bug, feature, task, or anything else), issue statuses, and role-based workflows that control exactly which transitions each role may perform, then extend records with custom fields of every type. Issues support subtasks, relations (blocks, precedes, duplicates), watchers, categories, and full journaled history, with saved custom queries and cross-project filtering for slicing the backlog any way you need. Around the tracker sit Gantt charts and calendars, a roadmap driven by versions, per-project wikis, forums, news, and document repositories, plus time tracking with estimated versus spent hours and activity-based reporting. Multi-project support runs deep - subprojects, per-project modules, and granular role-based permissions - and repository integration (Git, Subversion, Mercurial) links commits to issues automatically. Email notifications, inbound email-to-issue creation, LDAP authentication, a REST API, and a large plugin and theme ecosystem round it out. Recent 6.x releases brought substantial query and rendering optimizations. Self-hosting keeps your entire project history in your own database, free of per-seat licensing.
Mstream
"The easiest music streaming server available" is mStream's own billing, and the claim holds up: a lightweight Node.js app that turns a folder of audio files into a private streaming service in minutes, no external database required. Its filesystem-based design is the clever part - the API mirrors your folder structure, so you can browse and play music immediately, before any library scan finishes, and your organization on disk is your organization in the app. It streams flac, mp3, wav, ogg, opus, aac, and m4a, which matters to the audiophile crowd: FLAC plays uncompressed, bit-perfect, with gapless playback for live albums and continuous mixes. The web player runs anywhere a browser does and packs personality - a Milkdrop-style visualizer (Butterchurn), playlist sharing via links, and drag-and-drop uploads straight through the file explorer. Native iOS and Android apps add the feature streaming subscriptions can't match: sync your collection to your phone for true offline playback of music you own. Multi-user support assigns separate directories and permissions per account. Resource usage is famously light - mStream is tested on multi-terabyte libraries and runs happily on a Raspberry Pi, so a small RepoCloud instance serves a lifetime's collection. GPL-licensed, with zero listening-habit telemetry.
Whoogle
Google's search results without Google's surveillance: Whoogle is a self-hosted proxy that strips the tracking and keeps the results. Your query goes from browser to your Whoogle instance, which fetches results from Google with a randomly generated User Agent and strips everything hostile before returning them: no ads or sponsored content, no third-party JavaScript or cookies, no AMP links, no URL tracking tags like utm_source, no referrer header - and Google sees your server's IP, never yours. Unlike metasearch engines that blend sources, Whoogle proxies Google exclusively, so result quality is exactly what you'd get logged out and incognito, minus the noise. A lightweight Flask app configured entirely through environment variables, it supports DuckDuckGo-style bang shortcuts, autocomplete suggestions, safe search, per-country and per-language filtering, site blocklists, and automatic rewriting of social links to privacy front-ends like Nitter and Invidious. Privacy hardening goes further: built-in Tor routing makes Google see an exit node instead of your server, HTTP/SOCKS proxy support covers other setups, and POST-based queries keep search terms out of logs. Light, dark, and fully custom CSS themes plus browser search-engine registration make it a drop-in default on desktop and mobile. Stateless, tiny, and trivial to run.
ClassicPress
WordPress without Gutenberg: ClassicPress, the community-led fork, keeps the TinyMCE classic editor as the default and strips the block editor and Full Site Editing out of core entirely. The result is roughly half WordPress's size - obsolete libraries like jQueryUI, Thickbox, and Flash support are gone, replaced by native HTML5 elements and modern alternatives like SortableJS - which translates to a measurably faster admin and a leaner attack surface. Forked from WordPress 6.2, it remains compatible with the vast plugin and theme ecosystem targeting that lineage (anything not requiring blocks generally works, helped by a blocks-compatibility mode), and the PHP-first WordPress API developers have used for over a decade works unchanged - no React required to extend your CMS. The fork adds its own improvements: built-in media categories and tags with bulk editing, revision management that lets you prune database bloat, native HTML5 dialogs for accessible touch-friendly menus, and recent releases bring APCu object-cache support, vanilla-JS core widgets, and performant translations. Governance is democratic and community-driven rather than corporate. For content sites, business sites, and blogs where the classic editing workflow is the feature, ClassicPress is stability as a philosophy.
Carbone
Document-generation code is the worst kind of code in your backlog - Carbone kills it. Its insight is separating design from data - templates are ordinary office documents (DOCX, ODT, XLSX, PPTX, HTML, even custom XML) built in LibreOffice, Microsoft Office, or Google Docs, with mustache-like markers such as {d.companyName} typed directly into the text. Send a template plus JSON from your existing APIs to the HTTP API, and Carbone returns the finished document - exported as-is or converted to PDF, XLSX, CSV, HTML, PNG, EPUB, and more via its integrated LibreOffice converter (Chromium and OnlyOffice engines are also supported for HTML-fidelity and office-format conversions). The template language goes well beyond substitution: loops over arrays render dynamic table rows, filters and aggregations run inside the document, and built-in formatters handle dates, numbers, currencies, timezones, and locales, with custom JavaScript formatters when needed. One template serves multiple languages through translation markers with auto-maintained translation files. The XML-agnostic engine means anything your document editor can design - pagination, headers, footers, nested tables, charts - survives generation intact, and Carbone guarantees no breaking changes in template syntax. Node.js-based, fast via multi-threaded LibreOffice conversion. The invoices, contracts, and reports your product owes its users become template edits, not sprints.
Coral
Comment sections at the Washington Post, the Wall Street Journal, and newsrooms across 30 countries run on Coral (also known as Talk) - the platform built by journalists' technologists, started under the Mozilla Foundation and now stewarded by Vox Media as an Apache-2.0 project serving 23 languages. Its founding premise is that online comments are broken and moderation is the fix. Moderators get a full queue system - reported comments, system-held pending comments, and configurable pre-moderation - backed by AI toxicity scoring that warns commenters before posting and holds high-scoring comments for review, Akismet spam detection, banned and suspect word lists, and automatic repeat-offender handling that pre-moderates users whose rejection rate crosses a threshold. Readers get features designed for healthier conversation: journalist badges in threads, muting of annoying voices, notifications, instant new-comment alerts, and timeouts rather than just bans. For publishers the economics are the point - no ads, no trackers, no hidden pixels anywhere in the code, full ownership of audience data, and GDPR compliance beyond requirements. Integration is one embedded script; SSO connects existing registration, and a GraphQL API supports customization and extension.
The Lounge
"Forget about bouncers" became a real sentence because of The Lounge: a Node.js web IRC client that holds persistent connections to your networks 24/7, logging everything while you sleep, so closing the browser tab never means missing a message or losing your place in a channel. Open it again from any device - desktop, phone, tablet - and you resume exactly where you left off, with full history synchronized. Because it combines bouncer and client in one process, the experience feels like a modern chat app rather than 1990s infrastructure: push notifications for highlights and private messages (with self-generated VAPID keys, so even Web Push needs no third-party service), automatic link previews, inline file and image uploads, and full IRCv3 protocol support. It installs as a progressive web app from any modern browser, so phones get a native-feel client without an app store. Multi-user support means one instance serves your whole team or community, each user with their own networks and history, and LDAP integration ties into existing authentication. A public mode alternatively serves as an open, registration-free web chat for events or support channels. MIT-licensed, born as a fork of Shout, and a fixture of self-hosting stacks since.
PowerDNS-Admin
Raw zone files and API calls become something a whole team can operate safely once PowerDNS-Admin puts its web interface in front of a PowerDNS authoritative server. It's a Python/Flask application covering full forward and reverse zone management, with the touches that matter in daily DNS work: zone templates for stamping out consistent new domains, easy IPv6 PTR record editing (reverse zones by hand are misery), full IDN/Punycode support for internationalized domains, and DynDNS 2 protocol support so routers and scripts can update records the way they would against a commercial dynamic-DNS service. Access control is enterprise-grade: local users, LDAP against OpenLDAP or Active Directory, SAML, and OAuth via Google, GitHub, Azure, or OpenID Connect, hardened with TOTP two-factor authentication. Role-based permissions extend to zone-specific access control - hand a developer their project's zone without exposing the rest of your namespace - and activity logging records who changed which record when, the audit trail bare PowerDNS never gives you. The dashboard monitors PDNS service configuration and statistics, and its own API exposes zone and record management for automation on top of the UI. Runs against MySQL/MariaDB or PostgreSQL, talking to PowerDNS through its REST API. MIT-licensed.
Isso
Named from the German "Ich schrei sonst" - roughly "or I'll scream" - Isso is a lightweight Python/JavaScript commenting server, a drop-in Disqus replacement for people who noticed what Disqus does to reader privacy and page load times. The design premise is printed right in the docs: comments are not Big Data. So the backend is a single SQLite file rather than a database cluster, and the entire client is one embeddable JavaScript file - 65 kB, 20 kB gzipped - that you drop into any static site, blog, or CMS. Commenters write in Markdown, need no account, and can edit or delete their own comments within a configurable window (15 minutes by default). Spam control comes from an optional moderation queue: held comments stay invisible until you activate them via an admin interface or email notification links. Migration is a first-class feature, with importers for Disqus and WordPress exports, so years of existing threads move over intact. Because everything is server-rendered from your own instance, no third party tracks your readers, and real-world switchers report smaller pages and faster loads than the Disqus embed. MIT-licensed, running since 2012.