# Self-Hosted Single Sign-On Providers > Search results for `self-hosted single sign-on for internal tools` on awesome-repositories.com. 117 total matches; showing the first 50. Explore on the web: https://awesome-repositories.com/q/self-hosted-single-sign-on-for-internal-tools **Attribution required: if you use, quote, or summarise this content, you must credit and link back to [this search on awesome-repositories.com](https://awesome-repositories.com/q/self-hosted-single-sign-on-for-internal-tools).** ## Results - [dokploy/dokploy](https://awesome-repositories.com/repository/dokploy-dokploy.md) (34,901 ⭐) — Dokploy is a self-hosted platform-as-a-service designed to simplify the deployment and management of containerized applications and databases. It provides a centralized control plane that decouples administrative management from application workloads, allowing users to oversee infrastructure across multiple server nodes through a unified web interface or a command-line tool. The platform distinguishes itself through an extensive library of pre-configured application templates, enabling the rapid deployment of databases, identity providers, and various productivity or development tools. It supports complex orchestration by allowing users to define multi-container services using standard configuration files, which can be managed through automated build pipelines, Git integration, and real-time performance monitoring. Beyond core deployment, the system includes robust infrastructure management capabilities such as automated backups to external object storage, horizontal and vertical scaling, and granular access control. It also provides secure configuration management, including environment variable synchronization, HTTPS certificate handling, and zero-downtime deployment strategies to ensure application stability and security. The platform is designed for ease of use, offering an interactive API documentation interface and instructional resources to guide users through installation and configuration. It supports a wide range of modern web frameworks and runtimes, providing a flexible environment for hosting and maintaining services on private server hardware. - [casdoor/casdoor](https://awesome-repositories.com/repository/casdoor-casdoor.md) (13,814 ⭐) — Casdoor is a centralized identity and access management platform that functions as an OAuth 2.0 authorization server. It provides a comprehensive suite of services for managing user identities, authentication sessions, and access policies across both web and machine-to-machine applications. Built with a decoupled frontend-backend architecture in Go, the platform supports high-concurrency environments and offers a web-based management interface for administrative tasks. The platform distinguishes itself through its extensive support for federated identity management, allowing integration with external providers via OIDC, SAML, and LDAP. It enforces granular security through role-based access control, scope-based permission validation, and hardware-backed authentication methods like WebAuthn. Beyond standard identity services, it includes specialized infrastructure for managing AI agent lifecycles, monitoring agent traffic, and securing tool access through delegated authentication. The system provides a broad capability surface that includes observability and audit logging, event-driven webhook notifications, and automated session management. It also offers developer-focused tools such as CLI-based authentication flows, secure token storage, and software development kits for integrating identity verification into external services. The platform is designed for flexible deployment, supporting configuration via JSON-based data initialization and providing APIs for querying system status and version information. - [ccfos/nightingale](https://awesome-repositories.com/repository/ccfos-nightingale.md) (13,108 ⭐) — Nightingale is a Prometheus-compatible monitoring and alerting platform designed to centralize telemetry management across multiple time-series databases. It functions as a multi-source alerting engine and metric data pipeline that ingests telemetry via remote write protocols and triggers alarms based on data from sources such as Prometheus, Elasticsearch, Loki, and ClickHouse. The system is distinguished by its automated alert healing system, which executes predefined scripts and RPC-based corrective actions when monitoring thresholds are breached. It supports distributed alert processing, allowing the evaluation engine to run at the network edge to ensure monitoring reliability in remote data centers with unstable connectivity. The platform covers a broad range of observability capabilities, including metric and log-based alerting, system metric visualization through distributed dashboards, and multi-channel notification routing. It also provides a plugin-based collection architecture for monitoring host heartbeats, network ports, and database performance, alongside enterprise access management utilizing single sign-on and hierarchical business group permissions. The project supports multiple installation paths, including single-node, cluster mode, and Kubernetes deployments via Helm charts. - [amruthpillai/reactive-resume](https://awesome-repositories.com/repository/amruthpillai-reactive-resume.md) (38,613 ⭐) — This project is a web-based platform designed for creating, managing, and sharing professional resumes. It functions as a structured document builder that integrates artificial intelligence to assist with content generation, editing, and analysis. Users can maintain a collection of resumes, customize their visual presentation through various templates, and export them into multiple formats for job applications. The platform distinguishes itself through its autonomous AI agent capabilities, which can perform research, suggest incremental edits, and apply data patches directly to documents. It also provides a secure, self-hostable environment that allows users to maintain full control over their data and infrastructure. The system supports advanced authentication methods, including passkeys and federated identity providers, ensuring that personal and professional information remains protected. Beyond core editing, the application includes tools for document organization, such as tagging, filtering, and legacy data migration. It features a robust document generation engine that separates content from design, allowing for precise layout control and styling. Users can share their resumes via password-protected public URLs and monitor document performance through integrated analytics. The application is designed for containerized deployment, utilizing Docker Compose to facilitate consistent installation across private infrastructure. It includes built-in health monitoring and feature flagging to manage system performance and functionality without requiring code redeployments. - [navidrome/navidrome](https://awesome-repositories.com/repository/navidrome-navidrome.md) (21,753 ⭐) — Navidrome is a self-hosted music streaming server designed to organize, index, and stream personal digital music collections. It functions as a centralized audio streaming platform that manages local audio files, automatically enriching them with metadata and artwork while providing a web interface for playback. The system supports multi-user access, allowing administrators to manage separate collections and listening histories with granular permissions. The platform distinguishes itself through its compatibility with the Subsonic API, enabling users to connect a wide range of third-party music players and mobile applications to their library. It features an event-driven library scanner that monitors file system changes in real-time and performs on-demand audio transcoding to ensure compatibility across various devices and network conditions. Users can further extend the server's capabilities through a plugin architecture that supports custom metadata agents, scrobblers, and event handlers. Beyond core streaming, the software includes administrative tools for managing user accounts, security, and data resilience. It supports reverse-proxy authentication for single sign-on integration and provides command-line utilities for service lifecycle control. The server also manages public sharing links, dynamic playlist synchronization, and listening history tracking. The application is distributed as a single binary, simplifying deployment across various hosting environments, including containerized and custom setups. It includes built-in performance optimizations for image delivery and security measures such as brute-force protection to safeguard access. - [datawranglerai/self-host-n8n-on-gcr](https://awesome-repositories.com/repository/datawranglerai-self-host-n8n-on-gcr.md) (608 ⭐) — Self-host n8n on Google Cloud without the subscription fees or server headaches - because your automation workflows shouldn't cost more than your coffee budget - [twentyhq/twenty](https://awesome-repositories.com/repository/twentyhq-twenty.md) (50,113 ⭐) — Twenty is a headless customer relationship management framework that enables developers to build, version, and deploy custom business applications using code. By utilizing a declarative approach to data modeling, the platform allows for the definition of custom objects, fields, and complex relationships directly within the source code. This schema-driven architecture automatically generates corresponding REST and GraphQL APIs, ensuring that data structures and interface components remain synchronized across development and production environments. The platform distinguishes itself through a modular, code-first development experience that avoids proprietary lock-in. Developers can extend core functionality by packaging custom server-side logic, automated workflows, and React-based user interface components. These extensions execute within sandboxed environments, providing secure, isolated runtime performance while maintaining granular control over data access and system resources. Beyond its core modeling capabilities, the platform includes a comprehensive suite of tools for business automation, integration, and team collaboration. It supports event-driven workflows that trigger actions based on record changes, scheduled tasks, or external webhooks, alongside AI-powered agents for data processing and conversational interaction. The system also provides robust developer tooling, including command-line scaffolding, containerized deployment support, and integrated CI/CD pipelines to manage the entire application lifecycle. The project is designed for self-hosting or cloud deployment, offering full data ownership and infrastructure control. Documentation and installation are facilitated through standard command-line interfaces, allowing teams to initialize projects, manage dependencies, and sync code changes in real time. - [duplicati/duplicati](https://awesome-repositories.com/repository/duplicati-duplicati.md) (14,283 ⭐) — Duplicati is a self-hosted backup server designed to perform encrypted, incremental, and compressed backups to a wide range of local, network, and cloud-based storage providers. It functions as a background service that automates recurring data protection tasks, ensuring that only changed data blocks are stored to maximize efficiency and minimize bandwidth usage. The project distinguishes itself through a centralized management console that allows for the orchestration of multiple distributed backup agents from a single web-based dashboard. It supports multi-tenant management, enabling the organization of users and resources into hierarchical structures for delegated access and data isolation. Furthermore, it provides robust security features, including AES-256 encryption for data at rest, support for OIDC and SAML2 authentication, and provider-level immutability protections to prevent unauthorized modification of backup archives. Beyond its core backup capabilities, the system includes comprehensive tools for data lifecycle management, such as automated retention policies, versioning, and integrity verification. It offers flexible configuration through both a graphical interface and a command-line utility, supporting automation scripting and dry-run simulations to verify workflows before execution. The software also handles complex environments by managing locked files and providing metadata indexing to ensure rapid restoration even if the primary configuration database is unavailable. Duplicati is available through various installation formats, including native system packages, portable archives, and containerized deployments, allowing it to run in diverse operating environments. - [getsentry/self-hosted](https://awesome-repositories.com/repository/getsentry-self-hosted.md) (9,426 ⭐) — This project is a containerized error tracking platform and monitoring suite designed for self-hosted deployment on private infrastructure. It provides a collection of services for capturing and analyzing software crashes and exceptions, ensuring that sensitive application data remains within a controlled environment. The system includes specialized tooling for air-gapped deployment, allowing the software to be installed and operated on servers without internet access through the manual transfer of container images. It also supports corporate network integration via proxy configurations to maintain connectivity within restricted firewall environments. The operational surface covers infrastructure health monitoring through dedicated status endpoints and request routing via a reverse proxy. Persistent storage is managed through volume mapping to decouple data from container lifecycles. - [photoprism/photoprism](https://awesome-repositories.com/repository/photoprism-photoprism.md) (39,816 ⭐) — PhotoPrism is a self-hosted digital asset management platform designed to organize, classify, and manage large collections of photos and videos on personal infrastructure. It functions as a private alternative to cloud-based services, ensuring that all media remains under the user's control. The platform utilizes neural-network-based media analysis to automatically detect objects, faces, and locations, providing a comprehensive, AI-powered approach to library organization. The project distinguishes itself through its containerized architecture, which simplifies deployment and lifecycle management across diverse hardware environments. It features an asynchronous background worker system that handles compute-intensive tasks like transcoding and thumbnail generation, ensuring the web interface remains responsive even during large-scale indexing operations. Furthermore, it employs a sidecar-based metadata persistence model, storing information in external files alongside original assets to maintain data portability and independence from the primary database. Beyond its core organization capabilities, the platform provides a robust suite of tools for library management, including duplicate detection, geospatial mapping, and advanced metadata-based search. It supports secure, authenticated access through a responsive web interface and offers granular control over media sharing and privacy settings. Users can extend the platform's functionality through custom AI model configurations and integrate it with external identity providers for centralized authentication. The application is distributed as a containerized service, typically managed via Docker Compose, and includes comprehensive documentation for deployment, database maintenance, and performance optimization on various hardware architectures. - [stoatchat/self-hosted](https://awesome-repositories.com/repository/stoatchat-self-hosted.md) (2,497 ⭐) — This project is a self-hosted communication suite and private messaging infrastructure. It is a containerized chat platform designed for deployment on independent hardware to maintain full control over user data and server dependencies. The system features a modular plugin framework that allows custom features and behaviors to be loaded into the client at runtime via manifest files. It is designed as a proxy-compatible service, supporting configurable network port routing to operate behind external reverse proxy servers. The platform covers capabilities for containerized service orchestration, private communication infrastructure deployment, and custom plugin development. - [bitwarden/server](https://awesome-repositories.com/repository/bitwarden-server.md) (18,074 ⭐) — This project provides a comprehensive, self-hosted platform for zero-knowledge credential management and enterprise secrets orchestration. It functions as a secure vault that ensures all encryption and decryption processes occur exclusively on the client side, preventing the server from ever accessing plaintext data. By combining identity federation with robust access controls, the system enables organizations to centralize the management of passwords, passkeys, and sensitive infrastructure credentials. The platform distinguishes itself through its focus on both human-centric security and automated machine-to-machine workflows. It supports advanced authentication methods including hardware security keys, passkeys, and biometric unlocking, while simultaneously offering programmatic interfaces for injecting secrets directly into development pipelines and automated infrastructure deployments. This dual-purpose design allows teams to maintain strict data sovereignty through local hosting and containerized deployments while enforcing granular governance across their entire user base. Beyond core storage, the system includes extensive observability and compliance tools, such as immutable audit logging, credential risk analysis, and integration with external security information and event management platforms. It also facilitates secure collaboration through encrypted information sharing, emergency access delegation, and automated identity provisioning. The software is designed for flexible deployment across diverse infrastructure environments and includes command-line utilities for administrative tasks, bulk data migration, and secret retrieval. - [gristlabs/grist-core](https://awesome-repositories.com/repository/gristlabs-grist-core.md) (11,176 ⭐) — Grist is a relational spreadsheet platform that combines the flexibility of a spreadsheet with the power of a relational database. At its core, it manages structured data across multiple linked tables, using a relational database engine to organize information while providing a familiar grid interface. The platform supports Python-based formulas for complex calculations and data transformations, with automatic recalculation when referenced cells change. The system is designed for self-hosted deployment, storing data in either portable SQLite files or enterprise-grade PostgreSQL databases. It includes an immutable action-log system that records every document modification, enabling collaborative undo and comprehensive audit history with change attribution. For authentication, Grist integrates with external identity providers using OIDC, SAML, and single sign-on protocols to manage user access and permissions. Grist offers interactive dashboard creation through drag-and-drop widgets, charts, calendars, and summary tables that can be linked together for coordinated filtering and editing. It includes native form creation for data entry, conditional cell formatting, and cross-table record referencing. The platform also provides an AI formula assistant that translates natural language prompts into spreadsheet formulas by connecting to configurable large language model endpoints. The system supports external integrations through REST APIs, webhooks, and cloud storage providers like Google Drive for data synchronization and automation. It features a plugin-based widget system for adding custom UI components and building low-code data applications. Deployment is managed through environment variable configuration, with a web-based admin panel for health monitoring and system management. - [single-spa/single-spa](https://awesome-repositories.com/repository/single-spa-single-spa.md) (13,871 ⭐) — single-spa is a microfrontend orchestration framework designed to compose multiple independent frontend applications into a single interface. It functions as a frontend routing engine and lazy-loading application loader that mounts and unmounts microfrontends based on the current URL without requiring a browser refresh. The framework enables multi-framework frontend integration, allowing different JavaScript frameworks to coexist on one page. This architecture supports distributed frontend development, where separate teams develop and deploy modules independently while maintaining a unified user experience. The system manages the lifecycle of these applications through a centralized registry and dynamic module loading. It optimizes frontend performance by deferring the download of application code until a specific route is accessed. - [bitwarden/clients](https://awesome-repositories.com/repository/bitwarden-clients.md) (13,114 ⭐) — This project is a comprehensive zero-knowledge security suite designed for enterprise credential management, secrets orchestration, and password management. It provides a secure, end-to-end encrypted vault that allows users to store, synchronize, and manage sensitive information, including passwords, passkeys, and infrastructure secrets, across desktop, mobile, and browser environments. The platform distinguishes itself through a strict zero-knowledge architecture where all encryption and decryption occur locally on the client, ensuring that plaintext data remains inaccessible to the server. It supports flexible deployment models, allowing organizations to choose between managed cloud services or self-hosted infrastructure to meet specific data sovereignty and compliance requirements. Furthermore, the system integrates with external identity providers to streamline user provisioning and authentication, while offering advanced administrative controls for policy enforcement and security auditing. Beyond core storage, the platform provides extensive tools for DevOps and automated workflows, including command-line interfaces for secret injection and programmatic SDKs for custom integrations. It also includes robust collaboration features for secure data sharing, team resource management, and credential health monitoring to help organizations maintain a strong security posture. - [d0ge/sign-saboteur](https://awesome-repositories.com/repository/d0ge-sign-saboteur.md) (167 ⭐) — SignSaboteur is a Burp Suite extension for editing, signing, verifying various signed web tokens - [hoppscotch/hoppscotch](https://awesome-repositories.com/repository/hoppscotch-hoppscotch.md) (79,618 ⭐) — Hoppscotch is an open-source API development ecosystem designed for building, testing, and debugging REST, GraphQL, and real-time APIs. It provides a unified platform that functions across web browsers, desktop applications, and command-line interfaces, allowing developers to manage the entire API lifecycle from a single environment. The platform distinguishes itself through a highly interactive, command-driven interface that utilizes a global spotlight palette and keyboard shortcuts to streamline complex workflows. It supports advanced request manipulation and validation by executing JavaScript-based scripts and assertions within a sandboxed runtime. Furthermore, it integrates AI-assisted tools to automate the generation of request payloads, test scripts, and documentation, while maintaining compatibility with existing API definitions and collections from other formats. Beyond core testing capabilities, the project offers a collaborative workspace for teams to organize, share, and synchronize API collections and environment variables. It includes robust support for diverse authorization methods, proxy interception for network requests, and enterprise-grade features such as SCIM user provisioning and activity auditing. The software is available for self-hosted deployment via containerized architectures, ensuring consistent behavior across various production and development environments. - [roundcube/roundcubemail](https://awesome-repositories.com/repository/roundcube-roundcubemail.md) (6,793 ⭐) — Roundcube is an open-source, self-hosted webmail client designed for reading, composing, and organizing emails stored on remote servers using IMAP and SMTP protocols. It provides a browser-based interface that allows users to manage their mailboxes and sender identities through a secure communication platform. The platform is distinguished by its modular architecture, featuring a plugin-based extension system for adding new functional modules and a skin-based theme layer for customizing the visual appearance and responsive layouts. It further supports embedding its interface into external cloud productivity suites and collaborative workspaces using single sign-on. Core capabilities include encrypted email communication, collaborative address book management via directory connectors, and advanced message organization using threaded listings and global search. The system incorporates security measures such as two-factor authentication, brute-force prevention, HTML content sanitization, and shared folder access control lists. The software includes built-in tools for mailbox data import and export, as well as scripts for configuration migration during system upgrades. - [formbricks/formbricks](https://awesome-repositories.com/repository/formbricks-formbricks.md) (12,391 ⭐) — Formbricks is an open-source survey and feedback platform designed to help teams capture and analyze user insights through targeted, in-app, and website-based interactions. It functions as a comprehensive customer experience analytics system that allows organizations to maintain full control over their data, user attributes, and survey workflows. The platform distinguishes itself through its event-driven architecture, which enables precise behavioral targeting by triggering surveys based on specific user actions or application events. It supports deep integration with external ecosystems by automatically synchronizing response data to CRMs, databases, and communication tools, while providing programmatic interfaces for managing resources and automating feedback loops. Beyond core collection, the system includes advanced logic for conditional branching, scoring, and personalized routing to create adaptive survey experiences. It offers extensive customization options, including white-labeling, CSS overrides, and multi-channel distribution across web, mobile, and email environments. The platform is built for self-hosting, supporting containerized deployments with built-in multi-tenant data isolation and enterprise-grade security features like single sign-on and role-based access control. - [n8n-io/self-hosted-ai-starter-kit](https://awesome-repositories.com/repository/n8n-io-self-hosted-ai-starter-kit.md) (14,997 ⭐) — This project provides a dockerized AI workflow stack and orchestration templates for deploying a self-hosted AI environment. It establishes a localized infrastructure for building autonomous agents and model chains that process private data on-premises without external cloud dependencies. The environment is designed to support autonomous agent development, allowing models to dynamically select tools, execute shell commands, and interact with local file systems. It includes integrated vector database support to enable retrieval augmented generation and private document analysis. The stack covers a broad range of capabilities, including local model inference hosting, node-based workflow sequencing, and stateful conversation memory. It also incorporates text analysis tools for embedding generation, structured information extraction, and automated file system change triggers. - [baserow/baserow](https://awesome-repositories.com/repository/baserow-baserow.md) (4,188 ⭐) — Baserow is a self-hosted, no-code relational database platform built on PostgreSQL. It provides a spreadsheet-like interface for structuring and managing data without writing code, while exposing all database resources via a REST API to support headless architectures. The platform distinguishes itself by integrating large language models and embedding servers to power AI assistants and automated data generation. It further extends its utility as a no-code application builder, allowing users to create custom internal portals, dashboards, and business tools using visual logic and managed data. The system covers a broad range of capabilities, including business process automation with visual triggers, collaborative workspace management, and flexible data visualization through kanban boards, calendars, and timelines. It also supports advanced extensibility via a plugin system for custom field types and view filters, and executes user-defined scripts within a secure webassembly sandbox. Deployment is supported across various environments using Docker Compose, Helm charts for Kubernetes, and cloud infrastructure templates. - [openfaas/faas](https://awesome-repositories.com/repository/openfaas-faas.md) (26,092 ⭐) — OpenFaaS is a serverless function platform that provides a container-native framework for deploying and managing event-driven code. It functions as an abstraction layer over container orchestrators, allowing developers to package code into scalable functions that run across Kubernetes clusters or edge computing environments. The platform distinguishes itself through a developer-centric runtime that utilizes standardized language templates and automated build pipelines to simplify the creation of container images. It features a central API gateway that manages request routing, authentication, and metrics, while a sidecar-based watchdog process handles the translation of HTTP requests into standard input and output for function code. To support complex workflows, the system includes an asynchronous queue-based execution layer that buffers requests for long-running tasks and provides reliable retries. The project covers a broad capability surface, including event-driven integration through connectors for various message queues and external sources, as well as comprehensive tooling for CLI-based management, secret handling, and CI/CD pipeline integration. It also supports advanced operational requirements such as autoscaling, fine-grained monitoring, and identity management through various single sign-on providers. The platform is designed for deployment on Kubernetes, including managed services and local environments, and provides extensive documentation and tutorials to guide users through the installation and development lifecycle. - [onerciller/laravel5-on-shared-hosting](https://awesome-repositories.com/repository/onerciller-laravel5-on-shared-hosting.md) (0 ⭐) - [coollabsio/coolify](https://awesome-repositories.com/repository/coollabsio-coolify.md) (57,055 ⭐) — This project is a self-hosted platform-as-a-service that provides a centralized management interface for deploying, configuring, and monitoring containerized applications and databases on private infrastructure. It functions as a visual control plane, automating the end-to-end lifecycle of services from source code to production. By managing container orchestration, networking, and resource allocation, it allows users to maintain full control over their own hardware while streamlining the delivery of software. The platform distinguishes itself through its agentless architecture, which uses secure shell connections to execute administrative tasks and manage remote servers without requiring persistent local software. It integrates directly with version control systems to trigger automated build and deployment pipelines, including the creation of temporary, isolated preview environments for every pull request. This workflow is supported by a declarative engine that uses templates to standardize the deployment of complex multi-container architectures and persistent database engines. Beyond core orchestration, the system handles the operational requirements of hosted services by managing dynamic reverse-proxy routing and automated SSL certificate lifecycles. It provides a comprehensive suite of infrastructure management tools, including browser-based terminal access for debugging, automated system dependency installation, and persistent state management via a central database. These capabilities ensure that infrastructure remains synchronized and consistent across multiple remote environments. - [awesome-foss/awesome-sysadmin](https://awesome-repositories.com/repository/awesome-foss-awesome-sysadmin.md) (34,338 ⭐) — This project is a community-curated directory of open-source tools and resources designed to assist system administrators with infrastructure management. It functions as a centralized knowledge base, providing a structured index of software and documentation that helps professionals discover solutions for automating, monitoring, and maintaining distributed computing environments. The repository distinguishes itself through a collaborative, community-driven structure that organizes a vast array of technical resources into a hierarchical taxonomy. By utilizing hyperlink-centric navigation, it directs users to external repositories and official documentation, ensuring that practitioners can easily locate high-quality utilities for specific operational domains. The entire collection is managed via a version-controlled system, which facilitates ongoing contributions and updates from the community. The directory covers a comprehensive range of infrastructure capabilities, including automated configuration management, deployment pipelines, and container orchestration. It also provides access to resources for identity and access control, performance monitoring, log management, and network service discovery. Beyond core infrastructure tasks, the collection includes tools for database administration, backup solutions, and project management. The project is maintained as a collection of markdown-based files, ensuring the documentation remains portable and easy to navigate. - [dubinc/dub](https://awesome-repositories.com/repository/dubinc-dub.md) (23,722 ⭐) — This project is a comprehensive link management and marketing attribution platform designed for creating, tracking, and analyzing shortened URLs. It functions as a centralized hub for marketing analytics, providing tools to monitor link performance, visualize conversion funnels, and manage affiliate programs through a unified dashboard. The platform distinguishes itself by integrating advanced attribution modeling and partner management directly into the link infrastructure. It supports complex marketing workflows, including automated commission calculations, fraud detection, and payout distribution for affiliates, alongside granular traffic redirection based on device, location, or A/B testing requirements. By utilizing custom domains and reverse proxy configurations, it ensures reliable data collection that bypasses common browser-based tracking restrictions. Beyond core link operations, the system offers extensive programmatic capabilities, including a robust API, SDKs, and event-driven webhooks for real-time integration with external services. It also incorporates enterprise-grade administrative features such as multi-tenant workspace isolation, role-based access control, and single sign-on integration to support collaborative team environments. The platform is built to be deployed within private infrastructure, allowing organizations to maintain full control over their data and system configuration. - [lnbits/nostr-signing-device](https://awesome-repositories.com/repository/lnbits-nostr-signing-device.md) (147 ⭐) — Signing device for Nostr - [cisofy/lynis](https://awesome-repositories.com/repository/cisofy-lynis.md) (15,284 ⭐) — Lynis is an automated security auditing and system hardening framework designed for UNIX-based operating systems. It functions as a command-line utility that inspects local system configurations to identify security vulnerabilities, configuration weaknesses, and compliance gaps. By executing a series of modular tests, the tool generates actionable reports and remediation suggestions to assist in strengthening system defenses. The project distinguishes itself through a highly modular architecture that relies on shell-script-based execution and native system inspection. Users can define custom audit profiles to standardize security policies across diverse environments, while the plugin-driven extensibility allows for the development of specialized security checks tailored to unique infrastructure requirements. This flexibility enables the tool to operate in non-interactive batch modes, facilitating integration into automated scheduling and continuous monitoring workflows. Beyond core auditing, the framework supports enterprise-wide security management by aggregating data from multiple hosts into centralized reports. It provides capabilities for tracking system integrity, enforcing compliance baselines, and prioritizing hardening tasks based on risk assessments. The system also supports structured data serialization, allowing audit findings to be exported for external analysis and visualization. - [thumlp/internal](https://awesome-repositories.com/repository/thumlp-internal.md) (1 ⭐) — Code of the NeurIPS 2025 paper "Investigating and Mitigating Catastrophic Forgetting in Medical Knowledge Injection through Internal Knowledge Augmentation Learning" - [pluralsight/git-internals-pdf](https://awesome-repositories.com/repository/pluralsight-git-internals-pdf.md) (2,621 ⭐) — PDF on Git Internals - [apple/foundationdb](https://awesome-repositories.com/repository/apple-foundationdb.md) (16,446 ⭐) — FoundationDB is an ACID-compliant distributed transactional key-value store. It functions as a scalable database engine that ensures strict serializability and data consistency across a cluster of servers using a shared-nothing architecture. The system is distinguished by its multi-region replication capabilities, allowing data to be synchronized across different datacenters for high availability and disaster recovery. It utilizes optimistic concurrency control to manage distributed transactions and employs a majority-based coordination system to maintain cluster state. The platform provides extensive support for custom data modeling, enabling the implementation of complex structures like priority queues and multidimensional tables on top of the ordered key-value store. Its operational surface includes multi-tenant isolation via named transaction domains, deterministic cluster simulation for testing, and zero-downtime hardware migration. The database provides specialized client libraries for multi-language support and a system for managing client API versioning to ensure compatibility during cluster upgrades. - [gitkraken/vscode-gitlens](https://awesome-repositories.com/repository/gitkraken-vscode-gitlens.md) (9,846 ⭐) — GitLens is a Git extension for VS Code that brings inline blame annotations, CodeLens authorship information, and an interactive commit graph directly into the editor. It provides a visual timeline of repository history with color-coded branch relationships, search, and filtering, alongside file-level annotations that show who last changed each line and why. The extension also functions as a cross-provider pull request manager, integrating with GitHub, GitLab, Bitbucket, and Azure DevOps to centralize PR and issue tracking within the IDE. What distinguishes GitLens is its AI-powered Git assistant, which generates commit messages, pull request descriptions, and changelogs by analyzing staged changes and repository history. It also offers a cloud patch sharing platform that lets users share work-in-progress code as encrypted, revocable patches without pushing to a remote repository. For multi-repository workspaces, GitLens aggregates repositories from multiple providers into a unified dashboard, supports bulk actions, and enables one-click team onboarding by cloning all required repositories at once. The extension includes a commit graph review mode for validating changes and preparing commits, along with inline code suggestions on pull requests and merge conflict validation. It supports worktree-based parallel development, allowing users to maintain separate working directories for different branches without stashing. GitLens also provides enterprise identity provider integration with SSO authentication and granular access control for shared patches. GitLens is installed as a VS Code extension and provides its functionality through custom views, commands, and editor decorations. - [authelia/authelia](https://awesome-repositories.com/repository/authelia-authelia.md) (26,785 ⭐) — Authelia is a centralized identity and access management server designed to secure web applications through unified authentication and authorization. It functions as an identity authority that enables single sign-on across diverse platforms, allowing users to access multiple services with a single set of credentials. By acting as a standards-compliant provider, it facilitates secure identity propagation and token issuance for client applications. The platform distinguishes itself through its ability to integrate directly with web gateways as a reverse proxy authentication middleware, intercepting requests to validate user identity before granting access to protected resources. It enforces granular access control policies and provides robust multi-factor authentication, supporting various verification methods such as hardware security keys, mobile push notifications, and time-based one-time passwords. To maintain consistency across distributed environments, it utilizes stateless session management via encrypted cookies. Authelia offers a flexible integration surface, featuring a pluggable backend that supports multiple external directory services like LDAP alongside internal database options. Its configuration is managed through a declarative, version-controlled YAML schema, which can be further automated using environment variables. The project provides comprehensive command-line tooling for policy validation and configuration management, with native support for deployment in containerized and orchestrated environments. - [sindresorhus/internal-ip](https://awesome-repositories.com/repository/sindresorhus-internal-ip.md) (0 ⭐) — ``sh npm install internal-ip `` - [gitroomhq/postiz-app](https://awesome-repositories.com/repository/gitroomhq-postiz-app.md) (32,271 ⭐) — Postiz is an open-source social media management platform designed to centralize the scheduling, publishing, and analysis of content across diverse social networks, community forums, and blogging platforms. It functions as a unified hub where users can coordinate, review, and distribute content through a shared team workspace, while leveraging integrated artificial intelligence to assist in drafting text and generating multimedia assets. The platform distinguishes itself through a modular architecture that utilizes a provider-specific adapter pattern to ensure consistent content distribution across various external services. It incorporates an AI-driven tool execution model that connects natural language models to internal functions, enabling automated content generation and media configuration. Furthermore, the system provides a programmatic API gateway that allows external applications to interact with its scheduling and management features via structured payloads. Beyond core scheduling, the platform includes comprehensive tools for performance tracking, media storage abstraction, and collaborative workflows. It supports complex content strategies through features like multi-part thread scheduling and automated campaign execution, while maintaining secure identity management through OAuth-based mediation and support for external identity providers. The application is designed for self-hosting and can be deployed into containerized environments using provided configuration charts. - [internlm/intern-s1](https://awesome-repositories.com/repository/internlm-intern-s1.md) (0 ⭐) — 🤗Intern-S2 Model Collections • 🤗Intern-S1 Model Collections • ModelScope • 📜Technical Report(S1) • 📜Technical Report(S1-Pro) • 💬Online Chat - [argoproj/argo-cd](https://awesome-repositories.com/repository/argoproj-argo-cd.md) (22,087 ⭐) — Argo CD is a declarative, GitOps-based continuous delivery tool designed for Kubernetes. It functions as a centralized control plane that synchronizes application states from version-controlled repositories directly into target clusters, ensuring that the live environment consistently matches the desired configuration defined in Git. The platform distinguishes itself through its ability to manage multi-cluster deployments from a single interface, providing unified oversight across distinct computing environments. It employs a controller-based reconciliation loop to continuously monitor for configuration drift, automatically remediating discrepancies to maintain the integrity of the infrastructure. Furthermore, it supports complex lifecycle orchestration, allowing for the execution of custom logic during deployment phases to facilitate advanced release strategies such as blue-green or canary upgrades. Beyond core delivery, the project provides comprehensive observability into deployment health and maintains an event-driven audit log of all infrastructure modifications. It includes an integrated security layer that enforces granular access control by syncing with external identity providers, enabling centralized management of user permissions across the entire deployment infrastructure. - [cockroachdb/cockroach](https://awesome-repositories.com/repository/cockroachdb-cockroach.md) (32,207 ⭐) — Cockroach is a distributed SQL database designed to scale horizontally across multiple nodes while maintaining strict ACID compliance and global data consistency. It functions as a relational database engine that automatically partitions data into ranges, rebalancing them across a cluster to accommodate growing storage and throughput requirements. By utilizing a distributed consensus protocol, the system ensures that all nodes agree on the order of operations, providing fault tolerance and continuous availability even in the event of hardware failures. The system distinguishes itself through a layered architecture that separates the relational SQL abstraction from a distributed key-value store. It achieves global consistency without requiring perfectly synchronized hardware clocks by employing a hybrid logical clock synchronization mechanism. To support high-concurrency environments, it utilizes multi-version concurrency control and lock-free transaction execution, which allow for consistent snapshots and efficient conflict resolution. Furthermore, the engine is built for compatibility, implementing the standard wire protocol to support existing relational database drivers and tools. Beyond its core transactional capabilities, the platform includes comprehensive tooling for cluster orchestration, security, and performance diagnostics. It supports a variety of deployment models, ranging from self-hosted on-premises configurations to fully managed cloud services. The system provides a command-line interface for session management and query execution, ensuring that administrators can monitor cluster health and manage workloads through standard relational interfaces. - [asciinema/asciinema](https://awesome-repositories.com/repository/asciinema-asciinema.md) (16,852 ⭐) — Asciinema is a platform for capturing, replaying, and sharing command-line sessions. It provides a comprehensive suite of tools to record terminal activity into lightweight, text-based files that preserve ANSI escape sequences, allowing users to document technical workflows, troubleshooting steps, and software demonstrations with high fidelity. The project distinguishes itself through its versatile playback and distribution capabilities. It features a web-based player that renders interactive terminal sessions directly in the browser, supporting features like seeking, playback speed control, and custom visual themes. Beyond interactive playback, it includes utilities for converting recordings into animated images or videos, and provides infrastructure for self-hosting recording servers to maintain full control over data storage and security. The platform supports a wide range of integration and automation needs, including embedding interactive sessions into technical documentation, broadcasting live terminal activity to remote viewers, and programmatically generating recordings via scripts. It also offers robust management tools for indexing, searching, and organizing historical session data. The software is designed for flexible deployment, with server and storage components packaged into containerized units for independent hosting. - [frooodle/stirling-pdf](https://awesome-repositories.com/repository/frooodle-stirling-pdf.md) (81,168 ⭐) — Stirling-PDF is a web-based PDF management suite used for editing, merging, splitting, and converting PDF documents. It functions as a self-hosted document manager, providing a centralized interface for users to manipulate files on a private server. The system features a workflow automation engine that allows for the creation of processing pipelines to handle large volumes of documents without writing custom code. It also includes an optical character recognition tool to convert scanned PDFs into searchable and editable text. Access is managed through single sign-on integration and OIDC compatibility, which supports secure authentication and the maintenance of audit logs for compliance. The application is delivered as a container-based deployment and exposes its functions through a REST API for external software integration. - [googlehosts/hosts](https://awesome-repositories.com/repository/googlehosts-hosts.md) (20,619 ⭐) — This project is a curated collection of domain-to-IP mappings designed to bypass network censorship and restore access to restricted web services. It provides a set of host file entries and static domain mapping files that allow users to redirect blocked traffic to accessible mirrors or proxy servers. The system functions by prioritizing local host entries over external DNS responses. It utilizes plain-text configuration files that are intended for manual injection into a system's hosts file to override default name resolution. The project covers network connectivity and DNS override management through the distribution of verified IP collections and curated domain lists. - [theoxo/self-repair](https://awesome-repositories.com/repository/theoxo-self-repair.md) (0 ⭐) — This is is the accompanying repository for the paper Is Self-Repair a Silver Bullet for Code Generation?, presented at the Twelfth International Conference on Learning Representations (Vienna, May 2024). It contains source code used to run the experiments; the resulting data; as well as scripts… - [helpyio/helpy](https://awesome-repositories.com/repository/helpyio-helpy.md) (2,548 ⭐) — Helpy is a customer support platform and omnichannel help desk designed to manage support tickets, knowledgebases, and community forums. It functions as a centralized hub that converts emails into trackable tickets and provides a web interface for support agents. The system includes an embeddable support widget for external websites that connects users to agents or AI chatbots. It also serves as a self-service knowledge base for hosting searchable help articles and as an identity integrator for connecting users to external providers via single sign-on protocols. The platform covers a broad range of support capabilities, including customer support management with service level agreements, multilingual content delivery and interface localization, and GDPR data compliance for handling privacy requests. It further supports ticket workflow automation and the branding of customer portals. - [hcengineering/huly-selfhost](https://awesome-repositories.com/repository/hcengineering-huly-selfhost.md) (2,992 ⭐) — This project is a self-hosted project management platform and collaboration tool designed for private deployment on owned servers. It provides a workspace for tracking tasks and issues, utilizing a container-based application stack to orchestrate the deployment of backend services and databases. The platform functions as a unified workspace that synchronizes data from GitHub repositories and integrates Gmail accounts. It incorporates conversational AI chatbots and translation tools for automated text and voice interactions, alongside a real-time communication hub featuring audio and video calling and live presence updates. Additional capabilities include identity and access management via OpenID Connect and GitHub OAuth, as well as an automated notification workflow supporting SMTP email, Telegram bots, and web push notifications. The system also provides tools for data export and restricts user sign-ups to invited individuals. Installation and version management are handled through container configurations and environment variables. - [specialunderwear/hosts.prefpane](https://awesome-repositories.com/repository/specialunderwear-hosts-prefpane.md) (1,632 ⭐) — a Cocoa GUI for /etc/hosts - [appwrite/appwrite](https://awesome-repositories.com/repository/appwrite-appwrite.md) (56,318 ⭐) — Appwrite is a backend-as-a-service platform that provides a unified development environment for building full-stack applications. It integrates essential infrastructure components—including authentication, databases, storage, and serverless functions—into a single, centralized interface to simplify application development and resource management. The platform distinguishes itself through a container-based microservices architecture that ensures consistent execution across diverse infrastructure. It features a versatile connectivity layer that links frontend applications with third-party services, databases, and external APIs through standardized interfaces. Developers can manage and automate the configuration of these backend resources using infrastructure-as-code tools, while granular role-based access control enforces security policies across all platform resources and API endpoints. Beyond its core services, the platform offers a broad capability surface that includes cross-platform data synchronization, event-driven webhooks, and comprehensive billing and usage monitoring. It supports extensive integrations for AI utilities, payment processing, messaging, and logging, allowing developers to extend application functionality through modular, event-driven workflows. The platform is designed for both managed and self-hosted deployments, providing tools for production environment optimization, data migration, and custom domain configuration. - [esri/gis-tools-for-hadoop](https://awesome-repositories.com/repository/esri-gis-tools-for-hadoop.md) (0 ⭐) — gis-tools-for-hadoop The GIS Tools for Hadoop are a collection of GIS tools that leverage the Spatial Framework for Hadoop for spatial analysis of big data. The tools make use of the Geoprocessing Tools for Hadoop toolbox, to provide access to the Hadoop system from the ArcGIS Geoprocessing… - [gollum/gollum](https://awesome-repositories.com/repository/gollum-gollum.md) (14,279 ⭐) — Gollum is a Git-powered wiki engine and content management system that provides a web-based interface for editing and organizing files stored in a Git repository. It functions as a self-hosted documentation tool, using a Git-based storage backend to manage page content and track version history. The system is characterized by a pluggable markup rendering architecture that converts multiple markup languages and specialized notations into HTML. It supports a wide array of rich content, including mathematical typesetting, BibTeX bibliographies, and diagrams rendered via Mermaid. Broad capabilities include identity management through single sign-on integration, collaborative authoring tools with inline annotations, and full-text repository search. The platform also provides extensibility via hook-based logic extensions, template-based UI overrides, and adapter-based data persistence. The application can be deployed as a web service, a background daemon, or via container images. - [awesome-selfhosted/awesome-selfhosted](https://awesome-repositories.com/repository/awesome-selfhosted-awesome-selfhosted.md) (299,516 ⭐) — This project is a community-curated directory of open-source software designed for deployment in private server environments and home labs. It serves as a comprehensive resource for discovering independent, self-hosted alternatives to mainstream cloud services, enabling users to maintain full data ownership and control over their digital infrastructure. The directory is structured through a hierarchical taxonomy that organizes a vast collection of applications into logical categories, ranging from media management and data analytics to private communication and team productivity tools. It distinguishes itself through a collaborative peer-review process, where community members validate the quality and relevance of each submission to ensure the directory remains accurate and reliable. The project covers a broad capability surface, including infrastructure automation, container-based service deployment, and declarative configuration management. These tools assist users in maintaining reproducible server environments and managing complex service dependencies across private hardware. The directory is maintained as a version-controlled repository, ensuring that all updates and community-driven changes are tracked and transparent. - [capsoftware/cap](https://awesome-repositories.com/repository/capsoftware-cap.md) (17,026 ⭐) — Cap is a self-hosted screen recording and video collaboration platform designed for teams to replace synchronous meetings with asynchronous video updates. It provides a comprehensive suite for capturing high-resolution desktop activity, including system audio, microphone input, and camera overlays, which are then processed through an integrated post-production workflow. The platform distinguishes itself by offering full data sovereignty through containerized deployment and object storage abstractions, allowing users to host their media assets on private infrastructure or S3-compatible buckets. Beyond simple recording, it features keyframe-based video compositing, automated AI-powered transcription, and visual branding tools that enable creators to polish and annotate their content before sharing. The system facilitates team engagement through a centralized workspace where viewers can provide feedback via timestamped comments, reactions, and playback analytics. It also includes programmatic interfaces for embedding videos into external applications, managing media assets, and automating distribution workflows. The project is distributed as a containerized application, enabling deployment on private servers to maintain complete control over data storage and access permissions.