Flagsmith
Wrap code in a flag, then toggle it per environment, per user, per segment, or by percentage - no redeploy required: Flagsmith is an open-source feature flag and remote config platform. Every flag doubles as remote config, carrying string, number, or JSON values, so functional and visual changes ship to production without a code push. Segments are the targeting engine: build them from stored user traits, then release to beta testers first, test in production by exposing features only to internal teams, or run canary deployments to a small percentage before going wide - segment membership changes instantly without app updates. Multivariate flags split traffic across two or more variations for A/B/n testing, with flag events flowing into Amplitude, Mixpanel, or Segment for analysis. SDKs cover 15+ languages including TypeScript, .NET, Java, Python, and Go, with framework support for React, Next.js, and mobile, plus local evaluation for latency-sensitive paths. Organizations, projects, and roles keep multi-team setups tidy. Core functionality - unlimited flags, remote config, targeting, multivariate flags - is BSD-3-Clause licensed with an explicit commitment that it stays open. Self-hosting suits privacy-conscious teams: flag rules and user traits stay on your infrastructure, deployable via Docker or Kubernetes with Helm.
Owncloud
The project that proved organizations could have Dropbox-style convenience with complete data ownership: ownCloud is the original open-source file sync and share platform - the codebase Nextcloud later forked from. This deployment runs the classic ownCloud Server (PHP over PostgreSQL or MariaDB, with Redis caching), the battle-tested edition trusted across enterprises, universities, and public institutions worldwide. The core loop: store files on your server, sync them via desktop clients for Windows, macOS, and Linux plus iOS and Android apps, and access everything through the web interface or standard WebDAV. Sharing is granular - internal users and groups, external recipients via public links with passwords and expiration dates, and federated sharing that connects separate ownCloud instances into one network. Security controls include file firewall rules, multi-factor authentication, encryption, and detailed audit-friendly lifecycle management with versioning and trash-bin recovery. An app marketplace extends the platform, and Web Office integrations bring collaborative document editing through Collabora Online, OnlyOffice, or Microsoft Office Online directly into your files. LDAP and Active Directory integration slots it into existing identity infrastructure. For teams that need a proven, self-hosted alternative to Dropbox or Google Drive - where compliance demands knowing exactly which disk your data sits on - ownCloud remains a foundational choice.
Apprise-API
One REST call, 130+ notification services: Apprise API wraps the well-known Apprise library in a lightweight Django/Gunicorn microservice, so "send an alert" works the same whether it goes to Slack, Discord, Telegram, Teams, email, SMS, Pushover, or PagerDuty - each addressed by a simple URL scheme. It solves the credential-sprawl problem cleanly: instead of embedding provider tokens in every app, cron job, and CI pipeline, you centralize them here and everything else just POSTs a body and title. Two modes cover every workflow. Stateless calls to /notify carry target URLs in the payload (or fall back to a default set via APPRISE_STATELESS_URLS); stateful mode stores named configurations server-side under keys, so /notify/{KEY} fans out to everything registered - with tag-based routing (comma for OR, space for AND) selecting which endpoints fire per message. Messages take info, success, warning, or failure types in text, Markdown, or HTML, with attachments up to a configurable size. A built-in web UI manages and tests configurations, APPRISE_CONFIG_LOCK makes the store read-only, service allow/deny lists restrict which schemes work, webhook remapping adapts third-party payloads, and a Prometheus /metrics endpoint watches the gateway itself.
Bazarr
Subtitles are the one chore Sonarr and Radarr leave behind - Bazarr finishes the *arr media stack by automating them. It connects to both via their APIs and mirrors their libraries - it doesn't scan disk itself, it manages exactly what your *arr apps index. For every monitored episode and movie it checks existing internal and external subtitles against your language profiles, then hunts missing ones across dozens of providers - OpenSubtitles.com, Podnapisi, Addic7ed, Subscene, and many regional sources - covering 184 subtitle languages including forced/foreign-dialogue tracks. Matching is smarter than filename guessing: releases are compared by release group and source, some providers support exact file-hash matching, and every downloaded subtitle gets a percentage score. Set a minimum score per Sonarr/Radarr connection and Bazarr rejects weak matches; enable upgrades and it replaces previously downloaded subtitles when better ones surface. Out-of-sync files get fixed too - automatic subtitle synchronization realigns timing after download, triggered only below a configurable score threshold so good subs aren't touched. Per-show and per-movie language configuration, download history, manual on-demand search, and adaptive searching that throttles provider API calls round it out, all behind a clean Sonarr-style web UI written in Python. If your library serves multilingual viewers, this removes the last manual step.
Tandoor
The deep end of self-hosted recipe management: Tandoor Recipes is a Django/Vue application that replaces Paprika, AnyList, and ad-choked recipe sites with a database you control. Import is where most people start: paste any URL and Tandoor scrapes schema.org markup for ingredients, instructions, images, times, and nutrition; bulk-paste URLs for batch import; or migrate wholesale from Mealie, Paprika, Nextcloud Cookbook, Pepperplate, and other managers with built-in importers. The structured recipe editor tracks ingredients individually, which is what powers everything downstream: full-text search with trigram similarity, a "what can I make with what's in the fridge" ingredient search, automatic nutrition via OpenFoodFacts, and shopping lists that merge duplicate ingredients across recipes, convert units, scale by servings, and sort by your supermarket's actual aisle layout. The weekly meal planner is drag-and-drop, feeds shopping lists automatically, exports to your calendar, and shows a nutritional summary for the week. Multi-user support comes with a granular permission system - shared household cookbooks, private recipes, even secret ones - and shopping lists sync in real time so two people can shop simultaneously. A full REST API integrates with Home Assistant and Grocy. For households serious about cooking, Tandoor's depth is unmatched.
pgweb
Inspect a PostgreSQL database right now, without installing pgAdmin or exposing Postgres to the internet - pgweb answers that recurring need. It's a Go application from Dan Sosedoff, a decade in development, shipped as a single statically-linked binary with zero dependencies - the Docker image is essentially just the executable - that puts a clean browser UI in front of any PostgreSQL 9.1+ server. Connect via URL string or host/port credentials, and browse tables, views, and sequences from the sidebar; selecting a table shows its rows immediately alongside tabs for structure, indexes, and constraints. The Query tab executes arbitrary SQL with query history, and the Explain Query button renders the query plan - estimated cost, row counts, execution strategy - which makes pgweb a quick performance-triage tool, not just a browser. Results and entire tables export to CSV, JSON, or XML in a click. Connectivity is more flexible than its size suggests: native SSH tunneling (password or key) reaches databases behind firewalls, server bookmarks make switching instances instant, and an optional multi-session mode handles several databases concurrently. For a RepoCloud stack full of Postgres-backed apps, one pgweb instance is the universal inspection hatch. MIT-licensed, actively maintained.
Homarr
A single pane of glass for every service you run, arranged by drag-and-drop with no YAML or JSON files: Homarr is the modern dashboard for self-hosted infrastructure. Its grid system arranges apps, widgets, and bookmarks on desktop or touch, backed by an icon picker with over 11,000 icons. What separates Homarr from static launchers is 50+ live integrations: Plex, Jellyfin, and Emby media stats, the *arr suite (Sonarr, Radarr) with a unified release calendar, download clients, Pi-hole and AdGuard Home controls, Proxmox, Home Assistant, OPNsense, and Unifi monitoring. Widgets update in real time over WebSockets (tRPC and Redis under the hood), and a built-in search queries thousands of data points across connected services. Custom widgets extend the reach to any HTTP API without code: define endpoint, auth, and refresh interval in the management UI, then render responses as stat grids, tables, progress bars, status indicators, action buttons, or full custom JSX layouts - with an AI-prompt helper for generating templates. Multi-user support is first-class: credentials, OIDC, or LDAP sign-on, groups with granular permissions, and secrets encrypted with AES-256-CBC. A robust background-job system scales it from a Raspberry Pi homelab to deployments serving hundreds of users.
ExpenseOwl
Log a date, amount, and category; get a clean monthly pie chart and a cashflow strip showing income, expenses, and net balance - ExpenseOwl is expense tracking stripped to what actually matters. The MIT-licensed Go application deliberately is not a budgeting system - no envelopes, no accounts, no double-entry, no bank sync - because its author found tools like Firefly III and Actual too heavy for the simple question "where did this month's money go?" The dashboard makes that question fast: click a pie slice to exclude fixed costs like rent and see discretionary spending clearly, then drill into a chronological table view to inspect or delete individual transactions. Recurring transactions handle salaries and subscriptions automatically, optional tags add a second classification axis, and settings cover custom categories, currency symbol, and a configurable month start date for non-calendar pay cycles. CSV import migrates data from virtually any other tool, and CSV export keeps your data portable. It ships as a self-contained binary and multi-architecture Docker image with zero internet interaction, stores data in flat JSON files by default (PostgreSQL optional), and installs as a PWA on phones. Single-user by design; pair it with an authenticating reverse proxy if exposed publicly.
Ties
A federated bookmark manager written in Rust: Ties (formerly linkblocks) is your own small corner of the web for saving, organizing, and sharing good pages, connected to the fediverse over ActivityPub. Instead of rigid folders, bookmarks live in arbitrarily nested lists that link together into a knowledge graph. Saved pages are fetched, converted to a readable archived version, and stored in the database, so full-text search covers titles, URLs, and the actual page text - and the content survives if the original disappears. The federation model is deliberately anti-viral: there is no global timeline and no algorithmic feed. You publish public lists for anyone, follow users whose taste you trust, and mark trusted users whose bookmarks become part of your search range - extendable to trusted-users-of-trusted-users for a wider net. Public bookmarks post to Mastodon timelines, and WebFinger lookup makes your handle discoverable across fediverse platforms. Operationally it is about as light as web software gets: a single binary with all assets baked in, integrated TLS so it can run without a reverse proxy, PostgreSQL as the only dependency, OIDC single sign-on, and a bookmarklet for one-click saves. Note the project is alpha: single-user instances only, and all data should be considered public. AGPL-3.0 licensed, built with Rust and htmx.
Hiccup
"Get to your most important links, FAST" - Hiccup's README states its whole mission in that one line, and the static start page delivers it. It is a client-side React single-page app - no backend, no database, no accounts - driven entirely by a config.json that defines featured link cards, categorized sections, and search providers. The search bar is the power feature: it queries your own links by name, URL, and tag while simultaneously offering external providers like Google, DuckDuckGo, and Amazon (plus custom URL-template providers you define), with arrow-key navigation and Enter to launch, so muscle memory replaces mousing. Editing happens in the browser - drag and drop links and background images, tweak cards in edit mode - with changes persisting to localStorage; a built-in config manager exports the JSON for hosting, and remote profile loading pulls a shared config across every browser and device you use. Multiple profiles keep home-server, work, and dev-tool link sets separate. PWA support installs it on a phone home screen, caching strategies keep it fast offline, read-only mode suits kiosk displays, and Cmd/Ctrl+/ reveals the full hotkey reference. Serve it from any static host and point your new tab at it.
BeaverHabits
No targets, no gamification spiral, no motivational nagging: Beaver Habit Tracker is a self-hosted habit tracker deliberately built without "Goals". The core loop is honest: add habits, check them off each day, watch streaks accumulate on a calendar view. Its design follows behavioral-science basics - make it obvious (visual streak cues), make it attractive (progress is the motivator), make it satisfying (tracking becomes its own reward). Beyond the daily checklist it supports per-day notes intelligently grouped per habit, periodic habits, habit categories and tags, drag-to-reorder (manual or automatic), dark mode, and detailed streak and frequency views. Data lives where you choose: a single SQLite database or flat JSON files on a mounted volume, with JSON export and import for full portability. A REST API opens automation - community integrations already cover Stream Deck buttons, Home Assistant triggers, and CalDAV. The Python app ships as one Docker container with no external dependencies; environment variables tune everything from first day of week and index-page columns to iOS standalone PWA mode, and single-user setups can bypass the login entirely with TRUSTED_LOCAL_EMAIL. BSD-3-Clause licensed with no commercial restrictions - a well-executed single-purpose tool whose mobile PWA works anywhere a browser does.
ClassicPress
WordPress without Gutenberg: ClassicPress, the community-led fork, keeps the TinyMCE classic editor as the default and strips the block editor and Full Site Editing out of core entirely. The result is roughly half WordPress's size - obsolete libraries like jQueryUI, Thickbox, and Flash support are gone, replaced by native HTML5 elements and modern alternatives like SortableJS - which translates to a measurably faster admin and a leaner attack surface. Forked from WordPress 6.2, it remains compatible with the vast plugin and theme ecosystem targeting that lineage (anything not requiring blocks generally works, helped by a blocks-compatibility mode), and the PHP-first WordPress API developers have used for over a decade works unchanged - no React required to extend your CMS. The fork adds its own improvements: built-in media categories and tags with bulk editing, revision management that lets you prune database bloat, native HTML5 dialogs for accessible touch-friendly menus, and recent releases bring APCu object-cache support, vanilla-JS core widgets, and performant translations. Governance is democratic and community-driven rather than corporate. For content sites, business sites, and blogs where the classic editing workflow is the feature, ClassicPress is stability as a philosophy.
Radicale
Calendars, to-do lists, journal entries, and contacts, synced over the open CalDAV and CardDAV standards nearly every client already speaks: Radicale is a small pure-Python server that works with Thunderbird, DAVx5 on Android, Apple Calendar and Contacts, GNOME, and many more. Its defining design choice is radical simplicity: there is no database. Events live as plain .ics files and contacts as .vcf files in an ordinary folder structure, which makes backup a copy command, migration a move, and disaster recovery a matter of reading text files. The server works out of the box with no complicated setup, then grows as needed: flexible authentication (htpasswd files among other methods), per-collection authorization rules, TLS-secured connections, and a plugin system for extending storage, auth, and rights handling. Built-in limits on parallel connections, file sizes, and failed authentication attempts harden it for network exposure behind a reverse proxy. A bundled web interface handles creating and managing calendars and address books - useful since many clients cannot create collections themselves. Maintained since 2011 with 140+ contributors, GPLv3-licensed, and light enough to run on the smallest VPS or a Raspberry Pi.
Flatnotes
A web interface for a folder of Markdown files - Flatnotes is exactly that, and the discipline of that design is why people love it. Every note is a plain .md file in a single flat directory: no database, no proprietary format, no hierarchy to maintain, no export step if you ever leave. Edit notes in the browser or open the same files in VS Code or Obsidian, sync them with Syncthing or rsync while the app is running - the Whoosh-powered search index synchronizes incrementally, so external edits just show up. The interface is a clean Vue.js app with both WYSIWYG and raw Markdown editing modes (TOAST UI Editor), instant full-text search behind the "/" shortcut with partial-match support, wikilinks for cross-note references, and automatic tag extraction from #hashtags in note bodies. Light and dark themes and a mobile-responsive layout make it pleasant everywhere. Authentication is flexible for a personal tool: none, read-only, username/password, or TOTP two-factor. A documented REST API covers create/read/update/delete for automation. The operational story is the quiet selling point - the only state is the notes folder and a rebuildable index, so backup is copying a directory. For a personal notepad that respects your data, Flatnotes nails minimal.
ByteStash
The functions, config files, and one-liners you keep re-deriving finally get a searchable home: ByteStash is a self-hosted code snippet manager - a private Gist. Each snippet holds multiple code fragments, so a Docker Compose file, its .env template, and a plaintext usage note live together under one titled, categorized entry. Monaco-based syntax highlighting covers dozens of languages, from Python, TypeScript, Go, and Rust to YAML, Dockerfiles, Terraform, and Markdown. Retrieval is the point: filter by language or category, search titles and descriptions, and optionally include snippet contents in full-text search. Snippets can be pinned for quick access and shared via public links that recipients open without an account. Multi-user support runs on JWT authentication with optional OIDC single sign-on for teams on centralized identity, and a full CRUD REST API with Swagger documentation wires snippet retrieval into editors, scripts, and CI pipelines. Storage is a single SQLite database with optional encryption, and collections export as JSON or Markdown. A React frontend on a Node.js backend, deployed as one lightweight container.
Cockpit
Built by an agency in 2011 and refined by real client work since, Cockpit is a headless CMS whose pragmatism is earned. It's a pure content backend: model your data, let editors manage it, and fetch it over REST or GraphQL from any frontend - React, Vue, Flutter, a static site generator, or an IoT dashboard. Content modeling covers three shapes: Collections for repeatable items (posts, products, events), Singletons for one-off content (settings, about pages), and Trees for hierarchies (navigation, categories), all assembled from 20+ field types including relationships. The API layer is unusually capable: MongoDB-style query filtering, field selection to trim payloads, automatic image optimization through the assets API, and built-in caching. Localization is first-class with per-field multi-language content and fallback support; user management includes roles, granular permissions, two-factor authentication, and API tokens; and webhooks push changes into external workflows. Agencies get multi-tenant Spaces - several sites or clients from one installation. The operational footprint is refreshingly small: PHP plus either SQLite or MongoDB, no build steps, no toolchain, extensible through hooks, events, and addons (pages/SEO, forms, full-text search, layout components). Where enterprise headless platforms bill per seat and per locale, Cockpit is MIT-licensed and simply yours.
MediKeep
Your medical history, fragmented across a dozen patient portals, in one place on your server: MediKeep (formerly Personal Medical Records Keeper) is a self-hosted health record system. Built with a React frontend and FastAPI backend over PostgreSQL, it organizes 14 categories of medical data - medications with dosages and schedules, conditions, procedures, allergies, immunizations, symptoms, injuries, doctor visits and encounters, treatments, lab results, and even medical equipment with service dates and supplier info. Treatment management is genuinely sophisticated: an advanced mode links treatments to their medications with per-medication overrides for prescriber, pharmacy, and effective dates, and reverse lookup shows which treatments use a given medication. A dashboard summarizes records and recent activity, file uploads attach documents to records, and tagging works across categories. When a new specialist asks for your history, the report builder assembles custom reports by category and exports to PDF, JSON, or CSV - a curated, portable summary instead of a folder of photocopies. Authentication supports Google and GitHub SSO with OIDC providers like Keycloak and Authelia expected to work, and the built-in backup system protects the archive. Health data is exactly what should never live in someone else's cloud.
ChatChat
One clean interface in front of Anthropic, OpenAI, Google Gemini, Cohere, and more: Chat Chat is a Next.js front door to the major AI providers, ending the juggling of separate subscriptions, tabs, and UIs per model. Bring your own API keys, pick a provider and model per conversation, and switch between them as the task demands: Claude for long-form reasoning, GPT for code, Gemini for multimodal work - the interface stays identical. Beyond configured presets, custom providers plug in with their own API endpoints and keys, which covers OpenAI-compatible gateways and local inference servers. The design splits into two dedicated modes: a chat interface for conversational work with customizable system prompts, and a search interface that pairs AI processing with query handling for research-style questions. The stack is modern and hackable - Next.js 14, Tailwind CSS, shadcn/ui on Radix primitives, Jotai for state - with full internationalization including English, Chinese, and Japanese. Self-hosting means your conversation history and API keys live on your instance rather than a third-party wrapper service, and pay-per-token API pricing typically beats stacking multiple monthly chat subscriptions. AGPL-licensed and deliberately simple to deploy: one container, environment variables for keys, done.