243 applications
Ties screenshot thumbnail

Ties

A federated bookmark manager written in Rust: Ties (formerly linkblocks) is your own small corner of the web for saving, organizing, and sharing good pages, connected to the fediverse over ActivityPub. Instead of rigid folders, bookmarks live in arbitrarily nested lists that link together into a knowledge graph. Saved pages are fetched, converted to a readable archived version, and stored in the database, so full-text search covers titles, URLs, and the actual page text - and the content survives if the original disappears. The federation model is deliberately anti-viral: there is no global timeline and no algorithmic feed. You publish public lists for anyone, follow users whose taste you trust, and mark trusted users whose bookmarks become part of your search range - extendable to trusted-users-of-trusted-users for a wider net. Public bookmarks post to Mastodon timelines, and WebFinger lookup makes your handle discoverable across fediverse platforms. Operationally it is about as light as web software gets: a single binary with all assets baked in, integrated TLS so it can run without a reverse proxy, PostgreSQL as the only dependency, OIDC single sign-on, and a bookmarklet for one-click saves. Note the project is alpha: single-user instances only, and all data should be considered public. AGPL-3.0 licensed, built with Rust and htmx.

Deploy
Collabora Office screenshot thumbnail

Collabora Office

Real LibreOffice document engineering in the browser: Collabora Online is built by the company employing much of the former SUSE LibreOffice team - not a reimplementation. This deployment runs CODE (Collabora Online Development Edition), the collabora/code server that renders and edits documents entirely server-side while browsers get high-fidelity WYSIWYG output, so layout and formatting survive round-trips that break lesser converters. Four editors ship in one container: Writer for text documents (comments, track changes with comparison and restoration, form handling), Calc for spreadsheets (advanced formulas, macros, pivot tables, per-user sheet views, server-enforced cell protection), Impress for presentations, and Draw for Visio-class diagrams. Format compatibility spans DOCX, XLSX, PPTX, the ODF family, PDF, and dozens more - including Visio and Publisher import. Real-time collaborative editing supports multiple simultaneous editors with visible cursors and commenting. The architectural point: documents are processed on your server and never leave it, which is why Collabora is the engine behind Nextcloud Office and integrates with ownCloud, Seafile, and any WOPI-speaking host - or embeds in your own application via the SDK. An admin console monitors sessions and memory. For organizations that need Google Docs-style collaboration with actual data sovereignty, this is the reference open-source answer.

Deploy
Statping-ng screenshot thumbnail

Statping-ng

A status page and uptime monitor in one Go binary: Statping-ng - the actively maintained fork of Statping - replaces the UptimeRobot-plus-Statuspage combo with a ~20 MB Docker image using under 50 MB of RAM. It checks services over HTTP, TCP, UDP, ICMP ping, and gRPC health checks on configurable intervals, with per-service timeouts, expected status codes, POST requests with custom JSON bodies, SSL verification, and failure thresholds before alerting. The public status page is the differentiator against plain monitors: visitors see live status, uptime percentages, and latency charts grouped into service categories, with incident announcements and scheduled-maintenance messages you publish from the dashboard - and Sass-based custom styling matches the page to your brand rather than a vendor template. When something fails, notifiers fire immediately: Slack, Discord, Telegram, SMTP email, PagerDuty, Twilio SMS, Pushover, and custom webhooks, each testable before saving. Because notifiers are single Go files, the plugin system makes new channels straightforward. A RESTful API manages services and reads uptime data programmatically, and the free Statping mobile app connects to your server via QR code for on-the-go monitoring. Data persists to SQLite, MySQL, or PostgreSQL. Point it at internal services too - anything the container can reach is monitorable.

Deploy
ExpenseOwl screenshot thumbnail

ExpenseOwl

Log a date, amount, and category; get a clean monthly pie chart and a cashflow strip showing income, expenses, and net balance - ExpenseOwl is expense tracking stripped to what actually matters. The MIT-licensed Go application deliberately is not a budgeting system - no envelopes, no accounts, no double-entry, no bank sync - because its author found tools like Firefly III and Actual too heavy for the simple question "where did this month's money go?" The dashboard makes that question fast: click a pie slice to exclude fixed costs like rent and see discretionary spending clearly, then drill into a chronological table view to inspect or delete individual transactions. Recurring transactions handle salaries and subscriptions automatically, optional tags add a second classification axis, and settings cover custom categories, currency symbol, and a configurable month start date for non-calendar pay cycles. CSV import migrates data from virtually any other tool, and CSV export keeps your data portable. It ships as a self-contained binary and multi-architecture Docker image with zero internet interaction, stores data in flat JSON files by default (PostgreSQL optional), and installs as a PWA on phones. Single-user by design; pair it with an authenticating reverse proxy if exposed publicly.

Deploy
Thumbor screenshot thumbnail

Thumbor

Born at Brazilian media giant Globo.com, Thumbor answers imaging CDNs like Imgix and Cloudinary with an HTTP service where every image variant is just a URL. Ask for /300x200/smart/your-image.jpg and Thumbor fetches the original, crops and resizes on demand, and caches the result - one source file, unlimited renditions, no batch pre-generation pipeline. The "smart" in the URL is the signature feature: OpenCV-based face detection finds people in the frame and crops around them (no more thumbnails with severed heads), and when no faces exist, feature detection finds visually important corners and computes a weighted center of mass as the focal point. Beyond cropping, a chainable filter pipeline handles brightness, contrast, grayscale, blur, red-eye removal, rounded corners, rotation, watermarks, and format conversion with quality control - applied in order via URL segments. All common image formats work out of the box, and every layer is pluggable: loaders (HTTP, local, S3), storages and result storages (local, S3, Ceph, and community backends), engines, optimizers, filters, and even custom detectors, with the awesome-thumbor list cataloging the ecosystem. URL signing prevents abuse of your processing capacity. Integrations exist for Django, Rails, Node, WordPress, and most frameworks. MIT-licensed, battle- tested for over a decade.

Deploy
OpenHAB screenshot thumbnail

OpenHAB

Over 400 technologies and thousands of smart devices from any manufacturer, unified under one roof: openHAB is the vendor-neutral home automation platform with a pluggable binding architecture. Each binding translates a device or service into openHAB's clean abstraction: Things expose Channels, Channels link to Items, and Items feed a rules engine that runs your home. That engine meets you at your skill level: Blockly gives non-programmers drag-and-drop visual logic, JS Scripting (GraalJS with the openhab-js library) is the modern text-based standard, the classic Rules DSL remains supported, and JSR223 opens the door to Python, Ruby, and Groovy. Time- and event-based triggers, scripts, notifications, and voice control compose into automations of any complexity, and users report decade-old rule sets still running rock solid. The Main UI handles configuration, semantic modeling, and now built-in charting - no external Grafana required. Built in Java on Apache Karaf's OSGi runtime and stewarded by the non-profit openHAB Foundation, it requires no cloud to function: everything runs locally, talking directly to your devices. Optional connectors bridge to Alexa, Google Assistant, and HomeKit, with iOS, Android, and web apps for control from anywhere.

Deploy
Zipline screenshot thumbnail

Zipline

ShareX and file uploads, next generation: Zipline is a Node.js/React/PostgreSQL server that turns screenshot sharing and file hosting into something you run yourself instead of renting from Imgur or a paid image host. The core workflow is built around ShareX: generate an .sxcu config from your account settings, import it, and every screenshot or clipboard capture uploads to your domain with a short link copied automatically. Uploads accept any file type, organized with folders and tags, with token-protected uploading, optional password protection, view-limited auto-deletion, image compression, metadata stripping, automatic video thumbnails, and chunked/partial uploads for large files. File URLs come in configurable formats - UUIDs, dates, random alphanumerics, original names, even zero-width spaces. A built-in URL shortener adds vanity slugs, passwords, view caps, and custom domains. Discord embeds are first-class: customize OG metadata titles, descriptions, and colors so links unfurl exactly how you want, and fire fully customizable Discord or HTTP webhooks on each upload. Authentication is serious: OAuth2 (Discord, GitHub, Google, OIDC), TOTP two-factor, and passkeys, with invite-based registration and per-user quotas for shared instances. Storage targets local disk or any S3-compatible backend, a full REST API automates everything, and custom themes plus a PWA round out the experience.

Deploy
Passbolt screenshot thumbnail

Passbolt

Security-conscious IT departments pick Passbolt for its cryptography: every user holds an OpenPGP key pair, and shared credentials are encrypted individually to each recipient's public key - real end-to-end encryption, not a vault password handed around. All crypto runs client-side in the mandatory browser extension (distributed and signed through the Chrome and Firefox stores, deliberately separating the crypto code from the server that stores ciphertext); private keys and passphrases never touch your instance, and the server admin cannot read a single secret. Authentication uses the challenge-based GpgAuth protocol, secrets are digitally signed to verify sender integrity, and metadata encryption extends protection to resource names and URLs. Day to day it behaves like a polished commercial manager: auto-fill and auto-save in forms, strong password generation, anti-phishing protection, TOTP storage, folder hierarchies shared per-user or per-group with fine-grained permissions and instant cryptographic revocation. Native iOS, Android, and desktop apps ship alongside a JSON API, CLI, and SDKs for CI/CD secret retrieval and rotation. The PHP server runs on MariaDB and is AGPL-licensed open source - including the paid tiers' codebase - with published security audits.

Deploy
GoToSocial screenshot thumbnail

GoToSocial

Mastodon serves single-user and small-community instances poorly; GoToSocial, an ActivityPub server written in Go, was built precisely for them. Where Mastodon demands Ruby, PostgreSQL, Redis, and Sidekiq, GoToSocial is one binary using roughly 250-350 MiB of RAM with SQLite as the default database (PostgreSQL optional) - it runs comfortably on a $5 VPS or a repurposed laptop. The deliberate design choice is having no built-in web client: the server exposes profile pages, a settings panel, and a faithful implementation of the Mastodon API, and you post through the client app you already like - Tusky on Android, Feditext on iOS, Pinafore or Phanpy in the browser. Federation is the point: your instance follows, boosts, and replies across Mastodon, Misskey, Pixelfed, and the rest of the Fediverse, with your identity anchored to your own domain. Safety is a stated focus, with granular per-post visibility and interaction controls, content warnings, custom emoji, hashtag following, domain allow/blocklists, and OIDC login support. Built-in Let's Encrypt provisioning simplifies the mandatory TLS. AGPL-3.0 licensed and in active beta, federating cleanly with the ecosystem's major servers.

Deploy
Chief-Onboarding screenshot thumbnail

Chief-Onboarding

New hires fail from information overload and IT bottlenecks, not lack of goodwill - the observation behind ChiefOnboarding, a free, open-source employee onboarding platform (Django, Celery, PostgreSQL, Redis). Its answer is sequences - drag-and-drop timelines that drip-feed to-do items, resources, courses, forms, and badges to each new hire, triggered by dates or by completing a previous item, so nobody faces everything at once. Onboarding starts before day one: preboarding pages welcome hires early, and colleagues can leave personal messages that appear there. The account provisioning module creates the new hire's Slack, Google, Asana, and other accounts automatically on the scheduled day via a library of integrations plus custom webhooks - the IT ticket queue never gets involved. Everything works through two equivalent interfaces: a full web dashboard and a Slack bot, either usable standalone. Slack can even auto-create new hire accounts when someone joins the workspace and assign default sequences with zero manual action. Colleague tasks with comments and collaboration, a searchable people directory, scheduled introductions, and per-hire timezone awareness (no 3 a.m. notifications) round it out. No trackers, no phoning home - third-party credentials sit in encrypted fields on your server.

Deploy
Apprise-API screenshot thumbnail

Apprise-API

One REST call, 130+ notification services: Apprise API wraps the well-known Apprise library in a lightweight Django/Gunicorn microservice, so "send an alert" works the same whether it goes to Slack, Discord, Telegram, Teams, email, SMS, Pushover, or PagerDuty - each addressed by a simple URL scheme. It solves the credential-sprawl problem cleanly: instead of embedding provider tokens in every app, cron job, and CI pipeline, you centralize them here and everything else just POSTs a body and title. Two modes cover every workflow. Stateless calls to /notify carry target URLs in the payload (or fall back to a default set via APPRISE_STATELESS_URLS); stateful mode stores named configurations server-side under keys, so /notify/{KEY} fans out to everything registered - with tag-based routing (comma for OR, space for AND) selecting which endpoints fire per message. Messages take info, success, warning, or failure types in text, Markdown, or HTML, with attachments up to a configurable size. A built-in web UI manages and tests configurations, APPRISE_CONFIG_LOCK makes the store read-only, service allow/deny lists restrict which schemes work, webhook remapping adapts third-party payloads, and a Prometheus /metrics endpoint watches the gateway itself.

Deploy
CodeX Docs screenshot thumbnail

CodeX Docs

Writing docs should feel like editing a modern document, not wrangling Markdown files - CodeX Docs delivers that on Editor.js, the block-styled editor its CodeX team builds and thousands of products use. Content is composed from clean blocks (headings, lists, code, images, embeds) with a UI that reads well on both desktop and mobile, and pages render statically with human-readable, SEO-friendly URLs. Structure is free-form: pages nest to any depth, so a flat FAQ and a deep product manual coexist in one instance, and the UI tunes to fit - collapse sections, hide the sidebar. The operational footprint is deliberately tiny. No database is required: the default driver persists to a local folder, with MongoDB available when you want it, and the whole app configures through one YAML file (overridable with APP_CONFIG_ environment variables) covering title, start page, auth password, and JWT secret. Editing mode sits behind password authentication. Thoughtful extras are wired in: readers can report misprints straight to your Telegram or Slack, Hawk error tracking catches frontend and backend exceptions, and Yandex Metrica analytics is a one-line config. A ready-made Helm chart covers Kubernetes. Written in TypeScript.

Deploy
Documize screenshot thumbnail

Documize

Enterprise documentation discipline without enterprise infrastructure: Documize Community is the Confluence alternative built on exactly that trade. The entire platform - Go backend, Ember.js frontend - compiles to a single executable binary for Linux, Windows, and macOS with zero runtime dependencies: no Elasticsearch, no Redis, no JVM. Point it at PostgreSQL, MySQL, MariaDB, Percona, or Microsoft SQL Server (rare in open source, decisive in Microsoft shops), and schema migrations run on launch with native full-text search on whichever engine you chose. Content organization rejects nested-folder sprawl for Spaces, categories, and labels, and the section-based composable editor mixes rich text, Markdown, code blocks, PDFs, diagrams, and embedded Jira or Trello content in one document, with reusable blocks and templates so teams start from standards rather than blank pages. It deliberately unifies internal team docs and customer-facing documentation in one system with granular space-, document-, and action-level permissions deciding who sees what. Where wikis stop, Documize continues: content approval workflows (draft, review, approve, publish), version management, lifecycle control, feedback capture, PDF export, analytics showing what gets read and ignored, activity streams, and audit logs. Keycloak, LDAP, and SSO integrate for enterprise auth. AGPL-licensed.

Deploy
mCaptcha screenshot thumbnail

mCaptcha

The CAPTCHA bargain - annoy your users and feed their behavior to Google - gets replaced with economics by mCaptcha. Instead of image puzzles, it uses SHA256 proof-of-work: every visitor's browser silently solves a small computational challenge (via a WebAssembly library) before submitting a form. Humans never notice the milliseconds; bots hammering your site must burn more compute sending requests than your server spends answering them, which makes attacks more expensive than defense - the property that also makes mCaptcha genuine DoS protection, not just bot filtering. Written in Rust, the system is fully automated: difficulty scales with traffic, so challenges stay trivial in normal conditions and harden under attack. The privacy and accessibility wins are structural rather than promised: no tracking, no profiling, no user-pattern data collection, and no visual puzzles that exclude users with visual or cognitive impairments - the design was published in Communications of the ACM. Rate limiting is IP-independent, so users behind NATs, VPNs, or Tor get the same experience instead of endless challenge loops, and proofs resist replay attacks, neutering captcha farms. Migration is deliberately easy: the API is compatible with reCAPTCHA and hCaptcha, making it a drop-in replacement. AGPL-licensed core with proprietary-friendly client libraries.

Deploy
Coral screenshot thumbnail

Coral

Comment sections at the Washington Post, the Wall Street Journal, and newsrooms across 30 countries run on Coral (also known as Talk) - the platform built by journalists' technologists, started under the Mozilla Foundation and now stewarded by Vox Media as an Apache-2.0 project serving 23 languages. Its founding premise is that online comments are broken and moderation is the fix. Moderators get a full queue system - reported comments, system-held pending comments, and configurable pre-moderation - backed by AI toxicity scoring that warns commenters before posting and holds high-scoring comments for review, Akismet spam detection, banned and suspect word lists, and automatic repeat-offender handling that pre-moderates users whose rejection rate crosses a threshold. Readers get features designed for healthier conversation: journalist badges in threads, muting of annoying voices, notifications, instant new-comment alerts, and timeouts rather than just bans. For publishers the economics are the point - no ads, no trackers, no hidden pixels anywhere in the code, full ownership of audience data, and GDPR compliance beyond requirements. Integration is one embedded script; SSO connects existing registration, and a GraphQL API supports customization and extension.

Deploy
Bazarr screenshot thumbnail

Bazarr

Subtitles are the one chore Sonarr and Radarr leave behind - Bazarr finishes the *arr media stack by automating them. It connects to both via their APIs and mirrors their libraries - it doesn't scan disk itself, it manages exactly what your *arr apps index. For every monitored episode and movie it checks existing internal and external subtitles against your language profiles, then hunts missing ones across dozens of providers - OpenSubtitles.com, Podnapisi, Addic7ed, Subscene, and many regional sources - covering 184 subtitle languages including forced/foreign-dialogue tracks. Matching is smarter than filename guessing: releases are compared by release group and source, some providers support exact file-hash matching, and every downloaded subtitle gets a percentage score. Set a minimum score per Sonarr/Radarr connection and Bazarr rejects weak matches; enable upgrades and it replaces previously downloaded subtitles when better ones surface. Out-of-sync files get fixed too - automatic subtitle synchronization realigns timing after download, triggered only below a configurable score threshold so good subs aren't touched. Per-show and per-movie language configuration, download history, manual on-demand search, and adaptive searching that throttles provider API calls round it out, all behind a clean Sonarr-style web UI written in Python. If your library serves multilingual viewers, this removes the last manual step.

Deploy
Fireshare screenshot thumbnail

Fireshare

The moment after ShadowPlay saves a great clip is what Fireshare was built for: your friends see it now, not after a YouTube upload, processing queue, and platform terms review. Drop videos into a watched folder and this Flask/React application generates a unique shareable URL for each one, complete with Open Graph metadata - so pasting the link into Discord, Twitter, or Slack produces a proper embed with title, description, and video thumbnail instead of a raw URL. Viewers need no account and no app. Visibility is per-file: public (browseable on your feed), private (unlisted, reachable only by direct link), or password protected. For game clips specifically, Fireshare organizes automatically - clips sort by game with cover art pulled from SteamGridDB, no manual tagging - while tags and full-library search cover everything else. Optional transcoding (CPU or GPU) creates lower-quality renditions so viewers on weak connections get automatic quality adaptation, and video cropping trims clips in place. The extras round out a genuinely finished tool: view counters, timestamped share links, a shuffle button, restrictable uploads, Discord notifications for new videos, an RSS feed of the public feed, mobile support, and LDAP for multi-user setups. No storage limits, no watermarks, no platform deciding what stays up. GPL-licensed.

Deploy
Astuto screenshot thumbnail

Astuto

Feature requests, bug reports, upvotes, and a public roadmap: Astuto (Ruby on Rails backend, React frontend) gives users a Canny-style feedback portal so product decisions rest on visible demand rather than the loudest voice in the room. Feedback organizes into as many boards as you want (features, bugs, integrations), each post carrying a custom status you define - "planned," "in progress," "shipped," or whatever matches your process - and those statuses feed a public roadmap view showing users what is actually being worked on. Participation friction is adjustable at both ends: sign-in works with plain email or any OAuth2 provider, anonymous feedback can be enabled for unregistered users, and a moderation queue lets you approve posts before they appear when spam is a concern. Integration hooks are practical rather than sprawling - webhooks fire on events to connect Jira, Trello, or Slack, and a REST API manages the whole feedback space programmatically. Brand customization, an invitation system, private-site settings, and recap emails for administrators complete a deliberately minimal tool: it collects, organizes, and prioritizes feedback well, for free, forever.

Deploy