# Self-Hosted Network Access Control > Search results for `self-hosted network access control and segmentation` on awesome-repositories.com. 119 total matches; showing the first 50. Explore on the web: https://awesome-repositories.com/q/self-hosted-network-access-control-and-segmentation **Attribution required: if you use, quote, or summarise this content, you must credit and link back to [this search on awesome-repositories.com](https://awesome-repositories.com/q/self-hosted-network-access-control-and-segmentation).** ## Results - [gravitl/netmaker](https://awesome-repositories.com/repository/gravitl-netmaker.md) (11,630 ⭐) — Netmaker is a platform for automating and managing virtual mesh networks built on WireGuard. It functions as a centralized control plane that orchestrates encrypted, peer-to-peer tunnels across distributed infrastructure, including cloud environments, on-premise data centers, and containerized clusters. By automating the configuration of routing tables and access policies, the system enables secure, private connectivity between diverse devices and services without requiring manual network administration. The platform distinguishes itself through its focus on zero-trust network access and soft - [infisical/infisical](https://awesome-repositories.com/repository/infisical-infisical.md) (27,374 ⭐) — Infisical is a centralized secrets management platform designed to store, synchronize, and control access to sensitive credentials and configuration data across distributed development, staging, and production environments. It employs client-side encryption to ensure that secrets remain unreadable to the underlying storage infrastructure, while providing a hierarchical permission model to govern both user and machine access. The platform distinguishes itself through dynamic credential provisioning, which generates short-lived access tokens that are automatically revoked after use. It supports - [getsentry/self-hosted](https://awesome-repositories.com/repository/getsentry-self-hosted.md) (9,426 ⭐) — This project is a containerized error tracking platform and monitoring suite designed for self-hosted deployment on private infrastructure. It provides a collection of services for capturing and analyzing software crashes and exceptions, ensuring that sensitive application data remains within a controlled environment. The system includes specialized tooling for air-gapped deployment, allowing the software to be installed and operated on servers without internet access through the manual transfer of container images. It also supports corporate network integration via proxy configurations to ma - [stoatchat/self-hosted](https://awesome-repositories.com/repository/stoatchat-self-hosted.md) (2,497 ⭐) — This project is a self-hosted communication suite and private messaging infrastructure. It is a containerized chat platform designed for deployment on independent hardware to maintain full control over user data and server dependencies. The system features a modular plugin framework that allows custom features and behaviors to be loaded into the client at runtime via manifest files. It is designed as a proxy-compatible service, supporting configurable network port routing to operate behind external reverse proxy servers. The platform covers capabilities for containerized service orchestratio - [formbricks/formbricks](https://awesome-repositories.com/repository/formbricks-formbricks.md) (12,391 ⭐) — Formbricks is an open-source survey and feedback platform designed to help teams capture and analyze user insights through targeted, in-app, and website-based interactions. It functions as a comprehensive customer experience analytics system that allows organizations to maintain full control over their data, user attributes, and survey workflows. The platform distinguishes itself through its event-driven architecture, which enables precise behavioral targeting by triggering surveys based on specific user actions or application events. It supports deep integration with external ecosystems by a - [netbirdio/netbird](https://awesome-repositories.com/repository/netbirdio-netbird.md) (26,188 ⭐) — NetBird is a zero-trust networking platform that builds secure, encrypted peer-to-peer overlay networks using the WireGuard protocol. It functions as a software-defined perimeter, connecting distributed infrastructure across cloud environments and physical locations while hiding network resources from the public internet. By integrating with external identity providers, the platform enforces granular access control and identity-based segmentation for every user and device. The platform distinguishes itself through extensive automation and programmatic management capabilities. It provides a ce - [owasp/cheatsheetseries](https://awesome-repositories.com/repository/owasp-cheatsheetseries.md) (32,298 ⭐) — The OWASP Cheat Sheet Series is a comprehensive, community-driven repository of concise security best practices and defensive coding patterns. It serves as a centralized knowledge base for developers and security professionals, providing actionable guidance to secure applications across the entire software development lifecycle. The project covers a vast array of security domains, ranging from fundamental web application hardening and authentication protocols to specialized controls for modern infrastructure and artificial intelligence systems. What distinguishes this project is its decentral - [appwrite/appwrite](https://awesome-repositories.com/repository/appwrite-appwrite.md) (56,318 ⭐) — Appwrite is a backend-as-a-service platform that provides a unified development environment for building full-stack applications. It integrates essential infrastructure components—including authentication, databases, storage, and serverless functions—into a single, centralized interface to simplify application development and resource management. The platform distinguishes itself through a container-based microservices architecture that ensures consistent execution across diverse infrastructure. It features a versatile connectivity layer that links frontend applications with third-party servi - [yjxiong/temporal-segment-networks](https://awesome-repositories.com/repository/yjxiong-temporal-segment-networks.md) (1,579 ⭐) — Code & Models for Temporal Segment Networks (TSN) in ECCV 2016 - [donnemartin/system-design-primer](https://awesome-repositories.com/repository/donnemartin-system-design-primer.md) (353,387 ⭐) — This project is a comprehensive educational resource and study guide focused on distributed systems architecture and backend infrastructure design. It provides a structured curriculum for mastering the principles of scalability, reliability, and performance required to design complex software systems. The repository distinguishes itself by offering a methodical approach to technical interview preparation, incorporating design patterns, architectural trade-offs, and spaced repetition tools to help users retain complex concepts. It emphasizes constraint-driven analysis, teaching users how to ev - [coollabsio/coolify](https://awesome-repositories.com/repository/coollabsio-coolify.md) (57,055 ⭐) — This project is a self-hosted platform-as-a-service that provides a centralized management interface for deploying, configuring, and monitoring containerized applications and databases on private infrastructure. It functions as a visual control plane, automating the end-to-end lifecycle of services from source code to production. By managing container orchestration, networking, and resource allocation, it allows users to maintain full control over their own hardware while streamlining the delivery of software. The platform distinguishes itself through its agentless architecture, which uses se - [sergiomarotco/network-segmentation-cheat-sheet](https://awesome-repositories.com/repository/sergiomarotco-network-segmentation-cheat-sheet.md) (3,467 ⭐) — Best practices for segmentation of the corporate network of any company - [kirankalyan5/react-native-segmented-control-tab](https://awesome-repositories.com/repository/kirankalyan5-react-native-segmented-control-tab.md) (617 ⭐) — react-native-segmented-control-tab(for Android/iOS) - [microsoft/security-101](https://awesome-repositories.com/repository/microsoft-security-101.md) (6,203 ⭐) — Security-101 is a vendor-agnostic, foundational cybersecurity learning curriculum organized into modular, framework-aligned modules. It is designed to build core knowledge across multiple security domains without tying content to specific products or platforms, making it suitable for both beginners and professionals seeking a structured introduction to the field. The curriculum is built around established security frameworks, including the MITRE ATT&CK framework for standardized threat analysis and the NIST Cybersecurity Framework for incident response workflows. It covers a broad range of do - [scanopy/scanopy](https://awesome-repositories.com/repository/scanopy-scanopy.md) (4,092 ⭐) — Scanopy is a self-hosted infrastructure inventory and network discovery tool. It identifies hosts, services, and workloads across subnets to build a live model of network infrastructure, maintaining a searchable catalog of assets. The system features an interactive network topology visualizer that generates physical, logical, and application dependency diagrams. It maps the nesting chain from physical hardware and hypervisors down to virtual machines and containers, utilizing SNMP for hardware metadata and container APIs for workload discovery. The platform supports distributed network scann - [dubinc/dub](https://awesome-repositories.com/repository/dubinc-dub.md) (23,722 ⭐) — This project is a comprehensive link management and marketing attribution platform designed for creating, tracking, and analyzing shortened URLs. It functions as a centralized hub for marketing analytics, providing tools to monitor link performance, visualize conversion funnels, and manage affiliate programs through a unified dashboard. The platform distinguishes itself by integrating advanced attribution modeling and partner management directly into the link infrastructure. It supports complex marketing workflows, including automated commission calculations, fraud detection, and payout distr - [lucidrains/global-self-attention-network](https://awesome-repositories.com/repository/lucidrains-global-self-attention-network.md) (0 ⭐) — An implementation of Global Self-Attention Network , which proposes an all-attention vision backbone that achieves better results than convolutions with less parameters and compute. - [deviantony/docker-elk](https://awesome-repositories.com/repository/deviantony-docker-elk.md) (18,375 ⭐) — This project is a containerized orchestration layer for the Elastic Stack, providing a pre-configured set of Docker Compose files to deploy Elasticsearch, Logstash, and Kibana as a unified data analysis stack. It functions as a centralized log management system for ingesting, indexing, and searching log data using a cluster of interconnected services. The deployment pattern includes an Elasticsearch cluster manager that enables scaling data nodes through replica scaling and internal discovery. It provides a web-based administration interface for monitoring cluster health and status. The syst - [datawranglerai/self-host-n8n-on-gcr](https://awesome-repositories.com/repository/datawranglerai-self-host-n8n-on-gcr.md) (608 ⭐) — Self-host n8n on Google Cloud without the subscription fees or server headaches - because your automation workflows shouldn't cost more than your coffee budget - [kubernetes/minikube](https://awesome-repositories.com/repository/kubernetes-minikube.md) (31,877 ⭐) — Minikube is a command-line tool designed for local Kubernetes development, enabling users to provision and manage full-featured container clusters directly on a workstation. It serves as a local orchestrator that automates the lifecycle of isolated environments, allowing developers to start, stop, pause, and delete clusters to support testing and integration workflows. The project distinguishes itself through its flexible architecture, which supports multiple virtualization drivers and container runtimes to accommodate diverse host environments. It provides deep integration between the host a - [docker-archive-public/docker.labs](https://awesome-repositories.com/repository/docker-archive-public-docker-labs.md) (11,904 ⭐) — This project is a comprehensive collection of tutorials and guided laboratories designed to teach containerization, networking, and security using Docker. It serves as a learning path for building portable images and executing isolated processes. The materials provide specific guides for managing container clusters and scaling services through Docker Swarm and overlay networks. It includes a security handbook for implementing image scanning and secret management, as well as laboratories dedicated to modernizing legacy applications by wrapping older software installers into containers. The co - [hoang8f/android-segmented-control](https://awesome-repositories.com/repository/hoang8f-android-segmented-control.md) (1,883 ⭐) — ios UISegmentedControl for android - [amruthpillai/reactive-resume](https://awesome-repositories.com/repository/amruthpillai-reactive-resume.md) (38,613 ⭐) — This project is a web-based platform designed for creating, managing, and sharing professional resumes. It functions as a structured document builder that integrates artificial intelligence to assist with content generation, editing, and analysis. Users can maintain a collection of resumes, customize their visual presentation through various templates, and export them into multiple formats for job applications. The platform distinguishes itself through its autonomous AI agent capabilities, which can perform research, suggest incremental edits, and apply data patches directly to documents. It - [docker-easyconnect/docker-easyconnect](https://awesome-repositories.com/repository/docker-easyconnect-docker-easyconnect.md) (5,287 ⭐) — This project provides a containerized network bridge that isolates corporate VPN software from the host operating system. It utilizes a Docker container to encapsulate the VPN client, preventing software conflicts and installation clutter on the host machine. The system includes a web-accessible graphical user interface for remote login and session management, allowing users to interact with VPN authentication prompts from any device. To enable application-level access, it implements a SOCKS5 and HTTP proxy gateway that routes host machine network traffic through the containerized connection. - [googlehosts/hosts](https://awesome-repositories.com/repository/googlehosts-hosts.md) (20,619 ⭐) — This project is a curated collection of domain-to-IP mappings designed to bypass network censorship and restore access to restricted web services. It provides a set of host file entries and static domain mapping files that allow users to redirect blocked traffic to accessible mirrors or proxy servers. The system functions by prioritizing local host entries over external DNS responses. It utilizes plain-text configuration files that are intended for manual injection into a system's hosts file to override default name resolution. The project covers network connectivity and DNS override managem - [directus/directus](https://awesome-repositories.com/repository/directus-directus.md) (36,030 ⭐) — Directus is a headless content platform that functions as a backend service, automatically generating REST and GraphQL APIs by performing introspection on existing SQL database schemas. It serves as a unified data orchestration layer, decoupling content management from frontend delivery while providing a secure, stateless gateway for database transactions. The platform distinguishes itself through a granular role-based access control engine that enforces security policies at the field level across all API endpoints. It includes a visual, low-code administrative dashboard that allows non-techn - [n8n-io/self-hosted-ai-starter-kit](https://awesome-repositories.com/repository/n8n-io-self-hosted-ai-starter-kit.md) (14,997 ⭐) — This project provides a dockerized AI workflow stack and orchestration templates for deploying a self-hosted AI environment. It establishes a localized infrastructure for building autonomous agents and model chains that process private data on-premises without external cloud dependencies. The environment is designed to support autonomous agent development, allowing models to dynamically select tools, execute shell commands, and interact with local file systems. It includes integrated vector database support to enable retrieval augmented generation and private document analysis. The stack cov - [fosrl/pangolin](https://awesome-repositories.com/repository/fosrl-pangolin.md) (21,255 ⭐) — Pangolin is a zero-trust remote access platform designed to provide secure, identity-aware connectivity to private network resources. It functions as a cloud-native network controller that orchestrates encrypted tunnels, traffic routing, and access policies across distributed environments. By leveraging WireGuard for secure data transport, the platform enables authenticated access to internal web applications, terminal sessions, and remote desktops without exposing services to the public internet. The platform distinguishes itself through a declarative infrastructure model that synchronizes n - [containers/bubblewrap](https://awesome-repositories.com/repository/containers-bubblewrap.md) (5,839 ⭐) — Bubblewrap is a Linux sandbox runner that creates lightweight, isolated execution environments for running untrusted applications. It combines Linux user, mount, network, PID, and UTS namespaces with seccomp-BPF system call filtering to restrict filesystem, network, process, and inter-process communication access. The project provides comprehensive process isolation by giving each sandbox its own private tmpfs root with selective bind-mounts, a separate network stack containing only a loopback interface, an independent process ID space, and remapped user and group identifiers. It applies secc - [google/gvisor](https://awesome-repositories.com/repository/google-gvisor.md) (17,748 ⭐) — This project is a secure container runtime that provides strong isolation for application workloads by implementing a userspace kernel. By intercepting system calls and executing them within a memory-safe, restricted environment, it minimizes the attack surface exposed to the host kernel. It functions as a drop-in engine for standard container orchestration platforms, ensuring compatibility with industry-standard runtime specifications while maintaining a hardened execution boundary. The runtime distinguishes itself through its ability to virtualize core system resources, including an indepen - [actions/actions-runner-controller](https://awesome-repositories.com/repository/actions-actions-runner-controller.md) (6,320 ⭐) — Kubernetes controller for GitHub Actions self-hosted runners - [gitroomhq/postiz-app](https://awesome-repositories.com/repository/gitroomhq-postiz-app.md) (32,271 ⭐) — Postiz is an open-source social media management platform designed to centralize the scheduling, publishing, and analysis of content across diverse social networks, community forums, and blogging platforms. It functions as a unified hub where users can coordinate, review, and distribute content through a shared team workspace, while leveraging integrated artificial intelligence to assist in drafting text and generating multimedia assets. The platform distinguishes itself through a modular architecture that utilizes a provider-specific adapter pattern to ensure consistent content distribution - [claude-code-best/claude-code](https://awesome-repositories.com/repository/claude-code-best-claude-code.md) (20,272 ⭐) — Claude Code is a command-line interface and multi-agent orchestration framework designed for autonomous software engineering. It enables AI agents to perform codebase modifications, debugging, and Git workflow management while coordinating multiple specialized agents to decompose and execute complex engineering tasks in parallel. The system distinguishes itself through a high degree of isolation and safety, utilizing Git worktrees to create independent working directories for concurrent agents and implementing a tiered permission system that combines user rules, project policies, and OS-level - [dotheevo/selfhosted-apps-docker](https://awesome-repositories.com/repository/dotheevo-selfhosted-apps-docker.md) (2,833 ⭐) — This project is a curated collection of deployment files and configurations for hosting a wide variety of open-source services on a home server. It primarily utilizes Docker and Docker Compose to automate the orchestration, lifecycle management, and deployment of containerized applications. The repository provides a comprehensive suite for self-hosted infrastructure, covering network management tools, media streaming, and home automation. It includes specialized configurations for securing internal services via reverse proxies, WireGuard VPN tunnels, and automated SSL/TLS certificate manageme - [liquidgalaxylab/lg-gesture-and-voice-control](https://awesome-repositories.com/repository/liquidgalaxylab-lg-gesture-and-voice-control.md) (0 ⭐) — LG Gesture and Voice Control An App To Provide Gesture and Voice Control for Liquid Galaxy . - [kananinirav/aws-certified-cloud-practitioner-notes](https://awesome-repositories.com/repository/kananinirav-aws-certified-cloud-practitioner-notes.md) (3,829 ⭐) — This project is a collection of structured study notes and conceptual breakdowns designed for the AWS Certified Cloud Practitioner exam. It serves as a technical reference and study guide, organizing cloud service details and architectural principles to assist in certification preparation. The knowledge base is built using markdown files and includes curated cheat sheets and interactive mind-map visualizations. These tools map complex certification topics into visual hierarchies to enable drill-down study paths and rapid revision. The materials cover a wide range of cloud capabilities, inclu - [capsoftware/cap](https://awesome-repositories.com/repository/capsoftware-cap.md) (17,026 ⭐) — Cap is a self-hosted screen recording and video collaboration platform designed for teams to replace synchronous meetings with asynchronous video updates. It provides a comprehensive suite for capturing high-resolution desktop activity, including system audio, microphone input, and camera overlays, which are then processed through an integrated post-production workflow. The platform distinguishes itself by offering full data sovereignty through containerized deployment and object storage abstractions, allowing users to host their media assets on private infrastructure or S3-compatible buckets - [accelerationnet/access](https://awesome-repositories.com/repository/accelerationnet-access.md) (91 ⭐) — A common lisp library to unify access to common dictionary-like data-structures - [kodekloudhub/certified-kubernetes-administrator-course](https://awesome-repositories.com/repository/kodekloudhub-certified-kubernetes-administrator-course.md) (10,209 ⭐) — This project is a Kubernetes certification training course and cluster administration guide. It provides an educational program and instructional materials designed to prepare students for the Certified Kubernetes Administrator professional exam. The project functions as an exam simulator and troubleshooting lab, offering mock exams and lightning labs that mimic the practical challenges of the certification process. It includes hands-on practice environments for resolving configuration, storage, and networking issues. The training covers the management of cluster architecture, scheduling, an - [bluesky-social/social-app](https://awesome-repositories.com/repository/bluesky-social-social-app.md) (18,063 ⭐) — This project provides a comprehensive implementation of the AT Protocol, serving as a framework for building decentralized social networking applications. It enables the creation of distributed data repositories where users maintain cryptographic ownership of their identity and content, allowing for portable accounts that can be migrated between independent servers without central authority intervention. The platform distinguishes itself by decoupling content hosting from discovery through modular algorithmic curation. Users can select third-party services to filter and organize their feeds, - [blevesearch/segment](https://awesome-repositories.com/repository/blevesearch-segment.md) (89 ⭐) — A Go library for performing Unicode Text Segmentation as described in Unicode Standard Annex #29 - [stevenblack/hosts](https://awesome-repositories.com/repository/stevenblack-hosts.md) (30,553 ⭐) — This project provides a system-wide content filtering utility that controls network traffic by redirecting domain resolution requests to local null addresses. By mapping unwanted hostnames to these addresses at the operating system level, it effectively blocks connections to advertising, tracking, and malicious domains across all applications on a machine. The core of the system is a data-driven build pipeline that aggregates multiple curated source lists into a single, unified configuration file. This process is highly customizable, allowing users to employ declarative filtering logic throug - [chartdb/chartdb](https://awesome-repositories.com/repository/chartdb-chartdb.md) (21,286 ⭐) — ChartDB is a database schema visualizer and entity-relationship diagramming platform designed to help developers understand, design, and document complex data architectures. It functions as a visual workspace where users can create and modify database schemas, define table attributes, and map foreign key relationships. By parsing database metadata or SQL scripts, the tool generates interactive diagrams that provide a clear overview of structural interdependencies and data associations. The platform distinguishes itself through its focus on automated documentation and schema synchronization. I - [sandboxie-plus/sandboxie](https://awesome-repositories.com/repository/sandboxie-plus-sandboxie.md) (18,636 ⭐) — Sandboxie is an operating system-level virtualization tool designed to run Windows applications in isolated, secure environments. By intercepting system calls and redirecting file system and registry modifications to a separate, discardable storage area, it prevents untrusted software from making permanent changes to the host system. This containment ensures that browser history, temporary files, and potential malware remain trapped within the sandbox, protecting the integrity and privacy of the underlying host. The software distinguishes itself through granular control over the isolation env - [alexxit/go2rtc](https://awesome-repositories.com/repository/alexxit-go2rtc.md) (13,236 ⭐) — go2rtc is a media streaming server that functions as a protocol-agnostic gateway for video and audio feeds. It ingests media from diverse sources and redistributes them across multiple streaming standards, enabling compatibility between proprietary camera hardware and web-based playback clients. The system utilizes a centralized configuration schema to manage stream routing and lifecycle orchestration based on client demand. The platform distinguishes itself through its focus on low-latency delivery, utilizing peer-to-peer connections to facilitate sub-second playback directly within web brow - [docmost/docmost](https://awesome-repositories.com/repository/docmost-docmost.md) (19,049 ⭐) — Docmost is an open-source knowledge management system designed as a collaborative documentation platform for teams. It functions as an enterprise wiki that centralizes organizational information into structured, searchable workspaces, enabling users to create, organize, and share content through a hierarchical system of spaces and pages. The platform distinguishes itself by integrating artificial intelligence directly into the documentation lifecycle. It utilizes vector-based semantic search to allow for natural language queries across stored content and provides AI-assisted tools for draftin - [paulymorphous/road-segmentation](https://awesome-repositories.com/repository/paulymorphous-road-segmentation.md) (142 ⭐) — Road and Building Segmentation in Satellite Imagery - [clicon/clixon-controller](https://awesome-repositories.com/repository/clicon-clixon-controller.md) (31 ⭐) — Clixon network controller - [heyform/heyform](https://awesome-repositories.com/repository/heyform-heyform.md) (8,852 ⭐) — Heyform is an open-source form builder and self-hosted data collection platform. It provides a no-code designer for creating dynamic web-based surveys and input forms, supported by an extensible backend for managing submissions and storing results in a private database. The system distinguishes itself through advanced form logic and branding controls. It includes a conditional logic engine to show or hide sections based on user responses and allows for precise visual identity customization through configurable themes and custom CSS injection. The platform covers a broad range of operational - [infrasys-ai/aisystem](https://awesome-repositories.com/repository/infrasys-ai-aisystem.md) (17,017 ⭐) — AISystem is a comprehensive AI full-stack infrastructure project covering the entire pipeline from AI chip architecture to high-level training frameworks. It encompasses the development of AI compiler frameworks, inference engines, and distributed training orchestrators designed to coordinate workloads across a heterogeneous compute stack of CPUs, GPUs, and NPUs. The project focuses on the deep integration of software and hardware, employing software-hardware co-design to align tensor layouts with physical memory structures. It provides specialized capabilities for accelerating Transformer mo