Carbone
Document-generation code is the worst kind of code in your backlog - Carbone kills it. Its insight is separating design from data - templates are ordinary office documents (DOCX, ODT, XLSX, PPTX, HTML, even custom XML) built in LibreOffice, Microsoft Office, or Google Docs, with mustache-like markers such as {d.companyName} typed directly into the text. Send a template plus JSON from your existing APIs to the HTTP API, and Carbone returns the finished document - exported as-is or converted to PDF, XLSX, CSV, HTML, PNG, EPUB, and more via its integrated LibreOffice converter (Chromium and OnlyOffice engines are also supported for HTML-fidelity and office-format conversions). The template language goes well beyond substitution: loops over arrays render dynamic table rows, filters and aggregations run inside the document, and built-in formatters handle dates, numbers, currencies, timezones, and locales, with custom JavaScript formatters when needed. One template serves multiple languages through translation markers with auto-maintained translation files. The XML-agnostic engine means anything your document editor can design - pagination, headers, footers, nested tables, charts - survives generation intact, and Carbone guarantees no breaking changes in template syntax. Node.js-based, fast via multi-threaded LibreOffice conversion. The invoices, contracts, and reports your product owes its users become template edits, not sprints.
Muse
"A highly-opinionated midwestern self-hosted Discord music bot that doesn't suck," per its own README - Muse is built for servers the size of you, your friends, and your friends' friends. It exists because the big public music bots kept getting shut down or paywalled, and self-hosting yours means nobody can take it away. Written in TypeScript on discord.js, it joins voice channels and plays audio resolved from YouTube via yt-dlp, and given optional Spotify API credentials it auto-converts Spotify tracks, albums, artists, and entire playlists to playable equivalents. The playback details show real care: seeking within songs and videos, livestream support, local caching so repeated plays start instantly, volume normalization across tracks, and configurable volume controls including optional ducking that lowers music when people speak. SponsorBlock integration can skip non-music segments automatically. Users save favorite queries as reusable shortcuts, and one Muse instance serves multiple guilds simultaneously - one deployment for all your communities. Configuration is three environment variables (Discord token, YouTube API key, optional Spotify pair) and the personality is free: there is no vote-to-skip, because "this is anarchy, not a democracy," and the bot remains a loyal Green Bay Packers fan. MIT-licensed and easily extendable.
Keeper
Work, personal, business, and school calendars at different providers double-book because no one system sees your real availability - Keeper solves that multi-calendar collision problem. Its pull-compare-push sync engine aggregates events from Google Calendar, Outlook/Office 365, iCloud, FastMail, any CalDAV server, or read-only iCal/ICS feeds, and pushes blocking events to one or many destination calendars so time slots align everywhere. The design is deliberately content-agnostic - it syncs timeslots, not titles or descriptions, so a personal appointment shows as busy time on your work calendar without leaking details. Sync logic is clean: events Keeper creates carry a traceable UID suffix, deletions propagate, and orphaned entries are purged automatically. A token-authenticated aggregated iCal feed combines selected calendars into one subscribable URL for Apple Calendar or Thunderbird. An optional MCP server gives AI agents read-only calendar access over OAuth 2.1 - list calendars and query events by date range, with no write capability. Built with Next.js and Bun under AGPL-3.0, the standalone Docker image bundles web, API, cron, worker, Redis, and PostgreSQL in one container, and self-hosting unlocks every Pro feature - unlimited calendars and one-minute sync intervals - for free.
Hasty Paste
Paste some text, hit save, share the link - Hasty Paste is a fast, minimal pastebin written in Python on the async Quart framework, named, by its author's own admission, "because you use it so fast without a care in the world." No accounts, no authentication, no friction - built for the everyday case of handing a debug log, config snippet, or stack trace to someone in tech support or a chat channel. Pastes get randomly generated IDs, with an optional "long" ID mode that makes brute-force URL guessing impractical, and expiry times ensure throwaway content actually gets thrown away. Optional Pygments syntax highlighting makes code readable, a dark theme spares your eyes, and the whole interface works without JavaScript - it renders in terminal browsers and under the strictest script blockers. Storage is a custom flat-file system (no database), caching runs internally or through Redis for busier instances, and a REST API plus the companion "Hastily Paste It" CLI script enable piping command output straight into a paste from the terminal. The Alpine-based Docker image is tiny, resource usage is minimal, and the license is AGPL.
ExpenseOwl
Log a date, amount, and category; get a clean monthly pie chart and a cashflow strip showing income, expenses, and net balance - ExpenseOwl is expense tracking stripped to what actually matters. The MIT-licensed Go application deliberately is not a budgeting system - no envelopes, no accounts, no double-entry, no bank sync - because its author found tools like Firefly III and Actual too heavy for the simple question "where did this month's money go?" The dashboard makes that question fast: click a pie slice to exclude fixed costs like rent and see discretionary spending clearly, then drill into a chronological table view to inspect or delete individual transactions. Recurring transactions handle salaries and subscriptions automatically, optional tags add a second classification axis, and settings cover custom categories, currency symbol, and a configurable month start date for non-calendar pay cycles. CSV import migrates data from virtually any other tool, and CSV export keeps your data portable. It ships as a self-contained binary and multi-architecture Docker image with zero internet interaction, stores data in flat JSON files by default (PostgreSQL optional), and installs as a PWA on phones. Single-user by design; pair it with an authenticating reverse proxy if exposed publicly.
Kimai
From a freelancer logging billable hours to companies with hundreds of users, Kimai scales professional-grade open-source time tracking - a Symfony/PHP application without the per-seat pricing of Harvest or Toggl. Tracking is flexible by design: run multiple concurrent timers, use punch-in/punch-out mode, or enter times manually, organized by customer, project, and activity with tags, and priced by user-, customer-, or project-specific rates. The billing pipeline is where Kimai earns "professional grade": generate invoices directly from timesheet data with configurable templates (DOCX, ODS, XLSX, PDF), entry grouping, and invoice-number generators, while an export flag locks billed records against editing and excludes them from future invoices - the audit-safety detail spreadsheet workflows never get right. E-invoicing supports EN 16931, XRechnung 3.0, and Zugferd/Factur-X. Enterprise controls come standard: SAML and LDAP login against Google Workspace, Azure AD, or Authentik, TOTP two-factor auth, customizable role permissions, and teams that scope customers and projects to departments. Money and time budgets alert before overruns, advanced reporting slices recorded time by any dimension, and an extensive JSON API plus a plugin marketplace (expenses, approvals, and more) integrate it with existing infrastructure. Over 30 translations, multi-timezone, AGPL-licensed.
Swetrix
Traffic analytics, real-user performance monitoring, and client-side error tracking - normally three tools - in one cookieless, privacy-first dashboard: Swetrix. The Community Edition ships the same core engine as the cloud product - a NestJS API with ClickHouse for high-volume event storage, MySQL for relational data, and Redis for caching, fronted by a React dashboard and a ~5 KB tracking script with official packages for 20+ frameworks including Next.js, WordPress, and Shopify. Traffic analytics cover pageviews, referrers, UTM campaigns, geolocation, sessions with page flows, funnels, and custom events - all anonymized server-side with no cookies, no cross-device tracking, and no consent banner required for GDPR compliance. Performance monitoring records real-user metrics per pageview: TTFB, DNS and TLS timing, and render times, so regressions surface in the same place as traffic. Error tracking captures unhandled JavaScript exceptions automatically with formatted stack traces, filename/line metadata, affected browsers and pages, first/last-seen timestamps, and a resolve workflow - replacing a separate error monitoring subscription for many teams. Alerts fire to email, Slack, Telegram, Discord, or webhooks on traffic spikes, new errors, and custom events. If Plausible covers your traffic questions but you also want to know why the site broke, Swetrix answers both.
WBO
A Node.js server, a large shared canvas, and a URL - WBO (Whiteboard Ophir) is collaborative whiteboarding reduced to its essence. There are no accounts and no setup - to collaborate, you send someone the board's link, and every stroke appears for all connected users in real time over WebSockets, with cursor positions shared so you can see where collaborators are working. Board state persists automatically and continuously, so a diagram drawn in today's lesson is still there next week at the same URL. Boards come in three flavors: a public free-for-all, private boards with random unguessable names, and named boards with custom URLs shared by anyone who knows the name. The tools cover teaching and brainstorming needs - pencil, straight lines, rectangles, ellipses, text annotations, eraser, a full color palette with brush sizes - and boards export as SVG or PNG. Despite the simplicity, the server is production-minded: JWT authentication gates board access with granular capabilities (open, edit, and clear as separate permissions), rate limiting caps per-client message volume, reverse-proxy and subpath deployment are supported, and OpenTelemetry provides metrics, logs, and traces. It works on tablets and touch devices, speaks multiple languages, and consumes minimal resources. AGPL-licensed.
Journiv
A Day One alternative that keeps your most personal writing on your own server: Journiv is journaling purpose-built for self-hosters. The FastAPI backend runs on SQLite by default with optional PostgreSQL, Redis, and Celery for background work, behind a clean, minimal web UI. Unlike general note-taking apps, it ships the features journaling actually needs: customizable moods and mood groups, activity tracking, goals with automated progress from logged activities, and daily writing prompts filterable by category and difficulty so a blank page never stalls you. Quick Log captures a moment in seconds and expands into a full entry later; "On This Day" resurfaces entries from past weeks, months, and years. Multiple journals separate work, gratitude, and personal writing, with tags and full-text search across everything, plus media uploads with automatic thumbnails and an Immich integration for linking photo-library memories. Analytics chart mood trends and writing patterns over time. Data portability is taken seriously: native import of Day One exports, JSON/Markdown/HTML export, and a standalone HTML viewer that opens your archive in any browser with no server running. OIDC single sign-on works with Authentik or Keycloak, and multi-arch images cover amd64 and arm64.
PsiTransfer
Upload files, get a share link, let it expire: PsiTransfer is a self-hosted WeTransfer with no accounts, no logins, and no third-party cloud with size caps and metadata harvesting. The engineering focus is large files over imperfect networks. Uploads use the tus.io resumable protocol, so a dropped connection on a multi-gigabyte video resumes exactly where it stopped once you're back online; downloads support HTTP range headers for the same resilience, and everything streams, so file size is bounded by your disk rather than memory. Files organize into upload buckets with retention you control: expire after a set time (up to weeks) or after a one-time download, with automatic cleanup when links lapse. Recipients need nothing installed - they open the link, preview files in modal views, and grab everything as a zip or tar.gz archive with one click. Buckets can be password-protected (AES-encrypted download lists), and security-through-obscurity is done properly: bucket URLs use hashed UUID tokens and stored filenames are replaced with UUIDs. An optional admin page (enabled by setting an admin password) lists bucket information and storage. The Vue.js frontend ships under 100 KB gzipped and is fully responsive. Honest caveat from the author: no end-to-end payload encryption yet. BSD-licensed, Docker-ready.
Apprise-API
One REST call, 130+ notification services: Apprise API wraps the well-known Apprise library in a lightweight Django/Gunicorn microservice, so "send an alert" works the same whether it goes to Slack, Discord, Telegram, Teams, email, SMS, Pushover, or PagerDuty - each addressed by a simple URL scheme. It solves the credential-sprawl problem cleanly: instead of embedding provider tokens in every app, cron job, and CI pipeline, you centralize them here and everything else just POSTs a body and title. Two modes cover every workflow. Stateless calls to /notify carry target URLs in the payload (or fall back to a default set via APPRISE_STATELESS_URLS); stateful mode stores named configurations server-side under keys, so /notify/{KEY} fans out to everything registered - with tag-based routing (comma for OR, space for AND) selecting which endpoints fire per message. Messages take info, success, warning, or failure types in text, Markdown, or HTML, with attachments up to a configurable size. A built-in web UI manages and tests configurations, APPRISE_CONFIG_LOCK makes the store read-only, service allow/deny lists restrict which schemes work, webhook remapping adapts third-party payloads, and a Prometheus /metrics endpoint watches the gateway itself.
Papercups
Companies with privacy and security concerns about piping customer conversations through Intercom or Zendesk run Papercups - open-source live customer chat. The stack is a deliberate strength: an Elixir/Phoenix API over PostgreSQL, with real-time messaging powered by Phoenix Channels and Presence - the same BEAM foundation trusted by Discord and PagerDuty for fault-tolerant, low-latency messaging. Customers see a customizable chat widget that embeds in any site as an HTML snippet, a React component, or even inside React Native apps, with configurable colors, greetings, and away messages. Your team sees a dashboard for managing conversations - close, assign, and prioritize - with Markdown and emoji in replies. The killer workflow is the reply-channel integration: connect Slack or Mattermost and every customer conversation becomes a synced thread your team answers without leaving the tool they already live in, with two-way message syncing handled by webhooks. Email and SMS channels extend intake beyond the widget, an analytics dashboard tracks communication patterns, and the Storytime feature adds real-time screen sharing to watch users navigate while you help them. A documented API supports fully custom chat UIs in Svelte, Flutter, or Vue. MIT-licensed and GDPR-conscious - customer data stays in your PostgreSQL.
Whiteboard
The drawing surface inside WebRTC conference tools like Meetzi and the LAMS online-learning platform is Whiteboard (by cracker0dks) - a lightweight Node.js collaborative sketchboard built to be embedded and customized, which also slots into Nextcloud via the External Sites app. Everyone opening the same whiteboardid URL parameter draws on the same board, with remote user cursors visible live, per-user undo/redo, and an indicator showing the smallest participating screen so nobody draws outside a colleague's view. Content handling goes beyond pen strokes: drag-and-drop or paste images and PDFs from any PC or browser, then resize, rotate, and draw over them on canvas or background; add text and sticky notes; hold Shift for angle-snapped lines and perfect squares. Every function has a keybinding - deliberately friendly to pen displays like Wacom and XP-Pen whose hardware buttons map to shortcuts. Boards save to image or JSON (with reload), export directly to Nextcloud via WebDAV, and persist across restarts with the file-database option. A REST API with bundled interactive docs allows full programmatic control, an optional access token locks down uploads, and YAML configuration tunes behavior and performance. MIT-licensed and reverse-proxy friendly.
KeeWeb
Your KeePass vaults, opened from any browser: KeeWeb reads, edits, and creates standard KDBX files, so it works with the same databases as KeePass and KeePassXC without conversion or lock-in. Self-hosting the web app gives you a password manager reachable from any modern browser, including mobile, with no client installation and no third-party cloud in the loop. All KDBX cryptography runs client-side; the server just serves the static app. Open multiple vault files simultaneously and search them all from one box, with advanced options covering specific fields, password history, and regular expressions. Vaults load from local files, your own server (WebDAV), or Dropbox, Google Drive, and OneDrive, with automatic sync - and files are cached for offline use, so a dropped connection never locks you out; changes resync once you're back online. Day-to-day niceties include a configurable password generator, protected fields that stay masked and are held in memory more defensively, entry history, tags with easy input, drag-and-drop attachments, and per-entry icons with favicon fetching. The optional KeeWeb Connect extension (Chrome, Firefox, Edge, Safari) autofills credentials using the keepassxc-protocol. MIT-licensed with matching desktop apps for macOS, Windows, and Linux.
Lingva Translate
What Nitter was to Twitter and Invidious is to YouTube, Lingva Translate is to Google Translate: a privacy front-end delivering the service's full capability while cutting Google out of the loop between you and your text. Built on Next.js with TypeScript and Chakra UI, it uses the purpose-built Lingva Scraper to fetch translations from Google Translate without your browser ever touching a Google-related service - no cookies, no tracking, no account, while retaining what makes Google Translate hard to give up: 100+ languages with the translation quality of Google's production models, unlike offline engines that trade privacy for accuracy. The clean interface covers automatic source-language detection, text-to-speech audio playback for pronunciations, definitions and examples, and light/dark themes. For developers, every instance doubles as a translation API: a RESTful endpoint at /api/v1/:source/:target/:query returns JSON translations, an audio endpoint serves TTS buffers, and a full GraphQL API at /api/graphql exposes translations, audio, and language lists for richer integrations - all unmetered on your own instance. Deployment is a single stateless container with one environment variable for the site domain; defaults for theme and language pair are configurable. GPL-licensed, and popular as the translation backend for privacy-respecting apps.
Freshrss
Where Miniflux strips reading down, FreshRSS gives you knobs - the feature-rich pole of self-hosted RSS, comfortable with thousands of feeds. It's a multi-user PHP aggregator (host family and friends on one instance, with an anonymous reading mode) with the reading workflow refined over a decade: favorites, custom tags, powerful filter and search queries, three reading views, and statistics that reveal each site's publishing frequency - useful for pruning subscriptions. Two properties make it the standard choice. First, the Google Reader-compatible API (plus a Fever API) syncs with virtually every serious RSS client - Reeder, NetNewsWire, ReadYou, FeedMe, Fluent Reader - so your phone reads from your server. Second, native WebSub support means compatible sources (WordPress, Blogger, Medium, Friendica) push new articles instantly instead of waiting for polling. A 50+ extension ecosystem adds what truncated feeds omit - full-text content fetching, reading-time estimates, trending views, auto-unsubscribe for dead feeds - alongside community themes and custom CSS. OPML import/export keeps subscriptions portable, a CLI handles administration, and article sharing posts to many services. AGPL-licensed, running on SQLite, MySQL, or PostgreSQL. Feedly Pro's feature set, minus Feedly's subscription and its algorithms.
ChatChat
One clean interface in front of Anthropic, OpenAI, Google Gemini, Cohere, and more: Chat Chat is a Next.js front door to the major AI providers, ending the juggling of separate subscriptions, tabs, and UIs per model. Bring your own API keys, pick a provider and model per conversation, and switch between them as the task demands: Claude for long-form reasoning, GPT for code, Gemini for multimodal work - the interface stays identical. Beyond configured presets, custom providers plug in with their own API endpoints and keys, which covers OpenAI-compatible gateways and local inference servers. The design splits into two dedicated modes: a chat interface for conversational work with customizable system prompts, and a search interface that pairs AI processing with query handling for research-style questions. The stack is modern and hackable - Next.js 14, Tailwind CSS, shadcn/ui on Radix primitives, Jotai for state - with full internationalization including English, Chinese, and Japanese. Self-hosting means your conversation history and API keys live on your instance rather than a third-party wrapper service, and pay-per-token API pricing typically beats stacking multiple monthly chat subscriptions. AGPL-licensed and deliberately simple to deploy: one container, environment variables for keys, done.
Aptabase
Web analytics tools ignore native mobile, desktop, and game apps; Aptabase was built for exactly those. If Firebase Analytics would force a privacy-policy footnote you don't want to write, this is the alternative - session-based metrics with no cookies, no IDFA or GAID, no device fingerprinting, and a daily-rotated salt that makes cross-day re-identification mathematically impossible. That design means GDPR, CCPA, and PECR compliance out of the box and "Data Not Collected" App Store privacy labels without ATT prompts. The SDK coverage is the widest in its category: eleven first-party libraries spanning Swift, Kotlin, Flutter, React Native, Tauri, Electron, .NET MAUI, NativeScript, Unity, Unreal Engine, and JavaScript for web - each MIT-licensed, following platform conventions, and accepting a custom host parameter that points at your instance. Integration is minutes: initialize with an app key, call trackEvent with optional properties, and the dashboard shows sessions, events, app versions, OS breakdowns, and country-level geography. The self-hosted stack is a .NET server over PostgreSQL for metadata and ClickHouse for high-volume event ingestion, giving cloud-parity features under an AGPL license. For indie iOS/Android apps, Electron and Tauri tools, and Unity or Unreal games, it replaces Firebase without the Google entanglement.