mpl2-licensed
Filesystem-based module system for Nix
Haumea is not related to or a replacement for NixOS modules. It is closer to the module systems of traditional programming languages, with support for file hierarchy and visibility.
In short, haumea maps a directory of Nix files into an attribute set.
Run Terraform in pull requests without the constraints. GitOps-native Infrastructure Orchestration.
GitOps automation that adapts to your workflows, not the other way around. Plan, govern, and ship on your terms.
Terrateam is open-source GitOps infrastructure orchestration. It integrates with GitHub to automate Terraform, OpenTofu, CDKTF, Terragrunt, and Pulumi workflows through pull requests.
Automatically load secrets from your preferred vault as environment variables or files, and clear them once your shell command is over.
Lade (/leɪd/) is a tool allowing you to automatically load secrets from your preferred vault into environment variables or files. It limits the exposure of secrets to the time the command requiring the secrets lives.
Related contents:
Git integration usable to store encrypted secrets in the git repository while having the plaintext available in the working tree. An alternative to git-crypt using age instead of GPG.
Do not use this tool unless you understand the security implications. I am by no mean a security expert and this code hasn't been audited. Use at your own risk.
Open Source, SQL-driven Data Dashboards powered by DuckDB.
Build analytics dashboards simply by writing SQL.
Related contents:
Secure File Sharing.
Self-hostable, open-source, and encrypted by default. Built with RustFS for speed and FastAPI for reliability.
Chithi (pronounced: chee-thee | IPA: /ˈtʃiː θiː/) is an open source end-to-end encrypted file sharing system with a zero trust backend server architecture.
Related contents:
OpenSource compliance CLI for GitLab CI/CD.
Analyze your GitLab CI/CD pipelines for security and compliance: pipeline composition (templates, components, version constraints), container images (mutable tags, trusted registries), and branch protection settings.
Plumber is a compliance scanner for GitLab. It reads your .gitlab-ci.yml and repository settings, then checks for security and compliance issues.
Related contents:
Backup Docker volumes locally or to any S3, WebDAV, Azure Blob Storage, Dropbox, Google Drive or SSH compatible storage.
The offen/docker-volume-backup Docker image can be used as a lightweight (below 15MB) companion container to an existing Docker setup. It handles recurring or one-off backups of Docker volumes to a local directory, any S3, WebDAV, Azure Blob Storage, Dropbox, Google Drive or SSH compatible storage (or any combination thereof) and rotates away old backups if configured. It also supports encrypting your backups using GPG and sending notifications for (failed) backup runs.
NGINX Configuration Security & Hardening Scanner.
Gixy-Next (Gixy) is an open-source NGINX configuration security scanner and hardening tool that statically analyzes your nginx.conf to detect security misconfigurations, hardening gaps, and common performance pitfalls before they reach production. It is an actively maintained fork of Yandex's Gixy. Gixy-Next's source code is available on GitHub.
Related contents:
Kanidm is a modern and simple identity management platform written in rust.
Kanidm is a simple and secure identity management platform, allowing other applications and services to offload the challenge of authenticating and storing identities to Kanidm.
Turn Your IaC into a Lightning-Fast Platform. Rapidly accelerate Terraform, OpenTofu, and Terragrunt projects with faster pipelines, reduced blast radius, drift and vulnerability detection, full visibility and observability in minutes.
Open-source Infrastructure as Code (IaC) orchestration platform: GitOps workflows, orchestration, code generation, observability, drift detection, asset management, policies, Slack notifications, and more. Integrates with Terraform, OpenTofu, Terragrunt, Kubernetes, GitHub Actions, GitLab CI/CD, BitBucket Pipelines, and any other CI/CD platform.
Terramate CLI is an open-source orchestration and code generation engine that allows Infrastructure as Code (IaC) such as Terraform, OpenTofu, Terragrunt and Kubernetes to scale.
Related contents:
dragonfire:
- reads all the static libraries in one pass
- deduplicates the object files inside them based on their size and naming (Rust has its own, unique naming convention for object files -- pretty useful!)
- copies the duplicate objects into a new static library (usually called gstrsworkspace as its primary use is for the GStreamer ecosystem)
- removes the duplicates from the rest of the libraries
- updates the symbol table in each of the libraries with the bundled LLVM tools.
Related contents:
Elegant types in Ruby.
LowType introduces the concept of "type expressions" in method arguments. When an argument's default value resolves to a type instead of a value then it's treated as a type expression. Now you can have types in Ruby in the simplest syntax possible
Short-form Looping Videos on Nostr. Authentic moments. Human creativity.
A Syncthing Wrapper for Android.
A wrapper of Syncthing for Android. Head to the "releases" section or F-Droid for builds. Please seek help on the forum and/or social media apps first before creating issues on the tracker.
It's a bird, it's a plane, it's... a self-hosted, pi-hole esque, DNS resolver serverless-dns is a Pi-Hole esque content-blocking, serverless, stub DNS-over-HTTPS (DoH) and DNS-over-TLS (DoT) resolver. Runs out-of-the-box on Cloudflare Workers, Deno Deploy, Fastly Compute@Edge, and Fly.io. Free tiers of all these services should be enough to cover 10 to 20 devices worth of DNS traffic per month.
A Simple Free Productivity Tool.
LeechBlock iconLeechBlock NG is a simple productivity tool: a web browser extension designed to block those time-wasting sites that can suck the life out of your working day. (You know: the ones that rhyme with ‘Blue Cube’, ‘Space Hook’, ‘Sticky Media’, ‘Quitter’, and the like.) All you need to do is specify which sites to block and when to block them.
- LeechBlockNG for Firefox @ GitHub.
- [LeechBlockNG for Chrome @ GitHub]https://github.com/proginosko/LeechBlockNG-chrome).
- LeechBlockNG for Edge @ GitHub.
Related contents:
A Golang Matrix framework. Used by gomuks, go-neb, mautrix-whatsapp and others.
Related contents:
websites notes. Take notes on every website in a smart and simple way!
Related contents:
vault-tasks is a TUI Markdown task manager.
It will parse any Markdown file or vault and display the tasks it contains.
CudaText is a cross-platform text editor, written in Object Pascal. It is open source project and can be used free of charge, even for business. It starts quite fast: ~0.3 sec with ~30 plugins, on Linux on CPU Intel Core i3 3GHz. It is extensible by Python add-ons: plugins, linters, code tree parsers, external tools. Syntax parser is feature-rich, from EControl engine.
Remote debugging AWS Lambda functions.
Lambda Live Debugger is an indispensable tool for debugging AWS Lambda functions from your computer, even though they are deployed in the cloud. The code runs with the same IAM permissions as in the cloud environment, and there's no need to redeploy when you make code changes. It supports Lambdas written in JavaScript or TypeScript. It requires almost no configuration. It is free and open source.
An extensible and keyboard-focused web browser.
Glide is a Firefox fork with a TypeScript config that lets you build anything.
Related contents:
WebExtensions for restoring and saving window / tab states.
Save and restore the state of browser windows and tabs. It also supports automatic saving.
Related contents:
A lightweight, memory-protected, message-passing kernel for deeply embedded systems.
Hubris is an operating system for microcontrollers developed by Oxide Computer Company. We also have a blog post announcing Hubris on the Oxide blog.
Hubris provides preemptive multitasking, memory isolation between separately-compiled components, the ability to isolate crashing drivers and restart them without affecting the rest of the system, and flexible inter-component messaging that eliminates the need for most syscalls — in about 2000 lines of Rust. The Hubris debugger, Humility, allows us to walk up to a running system and inspect the interaction of all tasks, or capture a dump for offline debugging.
Related contents:
Scans Software Bill of Materials (SBOMs) for security vulnerabilities.
bomber is an application that scans SBOMs for security vulnerabilities.
Terraform Private Registry for modules and providers manageable from a REST API.
Terralist is a private Terraform registry for providers and modules that follows the published HashiCorp protocols. It provides:
-
A secure way to distribute your confidential modules and providers;
-
A management interface to visualize artifacts (including modules documentation);
The Terraform MCP Server provides seamless integration with Terraform ecosystem, enabling advanced automation and interaction capabilities for Infrastructure as Code (IaC) development.
Related contents:
Open-Source Low-Latency Accelerated Linux WebRTC HTML5 Remote Desktop Streaming Platform for Self-Hosting, Containers, Kubernetes, or Cloud/HPC .
An open source anti-detect browser with robust fingerprint injection. 🦊 A stealthy, minimalistic, custom build of Firefox for web scraping 🦊
Cost-effective compute resources for AI applications.
Ryax is the low-code serverless and open-source solution to build faster your AI workflows and applications. Developers, build your AI workflows and Applications in record time; deploy at scale with serverless technology; self-host, install on any cloud and HPC or use our hosted platform; Open source, low code.
Lock, Stock, and Two Smoking MicroVMs. Create and manage the lifecycle of MicroVMs backed by containerd.
A streamlined service to manage the lifecycle of microVMs. Flintlock lets you focus on deploying your application in MicroVMs tailored for its need.
The original use case for flintlock was to create microVMs on a bare-metal host where the microVMs will be used as nodes in a virtualized Kubernetes cluster. It is an essential part of Liquid Metal and can be orchestrated by Cluster API Provider Microvm.
Servo aims to empower developers with a lightweight, high-performance alternative for embedding web technologies in applications.
Servo is a prototype web browser engine written in the Rust language. It is currently developed on 64-bit macOS, 64-bit Linux, 64-bit Windows, 64-bit OpenHarmony, and Android.
Related contents:
A language for building concurrent software with confidence
Inko makes it easy to build concurrent software, without having to worry about unpredictable performance, unexpected runtime errors, data races, and type errors. Inko features deterministic automatic memory management, move semantics, static typing, type-safe concurrency, efficient error handling, and more.
Related contents:
OpenGFW is a flexible, easy-to-use, open source implementation of GFW (Great Firewall of China) on Linux.
OpenGFW is your very own DIY Great Firewall of China, available as a flexible, easy-to-use open source program on Linux. Why let the powers that be have all the fun? It's time to give power to the people and democratize censorship. Bring the thrill of cyber-sovereignty right into your home router and start filtering like a pro - you too can play Big Brother.
Clojure/LLVM/C++.
jank is a general-purpose programming language which embraces the interactive, value-oriented nature of Clojure as well as the desire for native compilation and minimal runtimes. jank is strongly compatible with Clojure and considers itself a dialect of Clojure. Please note that jank is under heavy development; assume all features are planned or incomplete.
SOPS is an editor of encrypted files that supports YAML, JSON, ENV, INI and BINARY formats and encrypts with AWS KMS, GCP KMS, Azure Key Vault, age, and PGP
Related contents:
Fearless Kubernetes App Updates. Check your Kubernetes manifests before it hits the cluster.
kubechecks allows users of Github and Gitlab to see exactly what their changes will affect on their current ArgoCD deployments, as well as automatically run various conformance test suites prior to merge.
A Model Context Protocol (MCP) server for accessing the OpenTofu Registry. This server allows language model assistants to search for and retrieve information about OpenTofu providers, modules, resources, and data sources.
The Data Layer for Agentic Enrichment and ML Features. The Virtual Feature Store. Turn your existing data infrastructure into a feature store.
Featureform is a virtual feature store. It enables data scientists to define, manage, and serve their ML model's features. Featureform sits atop your existing infrastructure and orchestrates it to work like a traditional feature store. By using Featureform, a data science team can solve the following organizational problems:
High-Performance Embedded Key-Value Database. Open-source storage engine for highly concurrent, transactional log-structured key-value storage.
LSM-tree architecture with MVCC, lock-free concurrency, and ACID transactions. Built for modern applications that demand both performance and reliability.
Wildcat is a high-performance embedded key-value database (or storage engine) written in Go with C interoptibility. It incorporates modern database design principles including LSM (Log-Structured Merge) tree architecture, MVCC (Multi-Version Concurrency Control), and lock-free data structures for its critical paths, along with automatic background operations to deliver excellent read/write performance with immediate consistency and durability.
Nova is a JavaScript (ECMAScript) and WebAssembly engine written in Rust and following data-oriented design principles. It is currently nothing more than a fun experiment to learn and to prove the viability of such an engine, but may very well become something much more in the future.
Free Email Forwarding. Custom Domain Emails.
Related contents:
Real-time collaborative dev environment with shared terminal and code editor. Runs in isolated containers on your own infrastructure.
RawPair™ is a self-hosted, real-time collaborative development environment. It enables you to spin up isolated containers with a shared terminal and code editor for effective pair (or mob) programming.
Built for fast, focused collaboration on your own infrastructure, RawPair also supports use cases like remote development, penetration testing, and red teaming, as long as it's done ethically and with proper authorization.
Mozilla Sync Storage built with Rust.
Related contents:
Open Source Virtual Machine management platform. Run Your VMware VMs Natively on Matterv.
Introducing Matterv - the world's first hypervisor to run VMware virtual machines without modifications. MatterV is an open-source virtual machine management platform that simplifies VM operations and management at scale. MatterV provides a unified interface for managing virtual machines across different environments. Whether you're running a small development setup or managing enterprise-level infrastructure, MatterV offers the tools you need to streamline your VM operations.
Related contents:
Kea includes all the most-requested features, is far newer, and is designed for a more modern network environment.
Related contents:
✨ Experience tranquillity while browsing the web without people tracking you! Zen is a privacy-focused browser that blocks trackers, ads, and other unwanted content while offering the best browsing experience!.
Beautifully designed, privacy-focused, and packed with features. We care about your experience, not your data.
Related contents:
Cross-browser bookmarks syncing. Sync your bookmarks privately across browsers and devices.
Related contents:
A fork of Mozilla's Firefox Send. Mozilla discontinued Send, this fork is a community effort to keep the project up-to-date and alive.
Related contents:
The open source infrastructure as code tool.
Previously named OpenTF, OpenTofu is a fork of Terraform that is open-source, community-driven, and managed by the Linux Foundation.
Related contents:
- OpenTofu becomes the real deal @ InfoWorld.
- Terraform Compact Function: Clean Up & Simplify Lists @ spacelift.
- How We Migrated 30+ Kubernetes Clusters to Terraform @ Learnings from the paas' Medium.
- The Case for Terraform Modules: Scaling Your Infrastructure Organization @ Infisical.
- Best Practices to Promote from DEV to PROD Environments with HashiCorp Terraform using Workspaces and Folders @ Build5Nines.
- How to Structure a Terraform Project @ Spacelift's dev.to.
- Terraform Stacks - Part 1 - An Introduction @ Mike Guy.
- How to use Terraform to generate secrets @ Techielass.
- Building Meaningful Terraform Test Workflows @ Mark Tinderholt's Medium.
- OpenTofu at Scale: 4 Strategies & Scaling Best Practices @ spacelift.
- Upgrading Our Infrastructure with OpenTofu @ spacelift.
- Terraform vs OpenTofu: Which IaC tool fits your platform strategy? @ Platform Engineering.
Most testing is ineffective.
Hypothesis is a new generation of tools for automating your testing process. It combines human understanding of your problem domain with machine intelligence to improve the quality of your testing process while spending less time writing tests.
Related contents:
A post-modern text editor. A Kakoune / Neovim inspired editor, written in Rust. The editing model is very heavily based on Kakoune; during development I found myself agreeing with most of Kakoune's design decisions.
Related contents:
Cloud Development Kit for Terraform (CDKTF) lets you use familiar programming languages to define and provision infrastructure. Cloud Development Kit for Terraform (CDKTF) allows you to use familiar programming languages to define and provision infrastructure. This gives you access to the entire Terraform ecosystem without learning HashiCorp Configuration Language (HCL) and lets you leverage the power of your existing toolchain for testing, dependency management, etc.
Related contents:
Penpot is the first Open Source design and prototyping platform meant for cross-domain teams. Non dependent on operating systems, Penpot is web based and works with open web standards (SVG). For all and empowered by the community.
Related contents:
Messaging that just works. RabbitMQ is the most widely deployed open source message broker.
Related contents:
Open Source Continuous File Synchronization.
Syncthing is a continuous file synchronization program. It synchronizes files between two or more computers in real time, safely protected from prying eyes. Your data is your data alone and you deserve to choose where it is stored, whether it is shared with some third party, and how it’s transmitted over the internet.
Related contents:
- Sync Your Files With SyncThing Over LAN or WAN @ Novaspirit Tech's YouTube.
- How I Use Syncthing for Real Time Backups @ Lawrence Systems' YouTube.
- Reprendre le contrôle de ses données : Mon installation Syncthing ultime (Docker, Nginx & MikroTik) @ RAPATT's Medium :fr:.
- Maybe we don't need a server @ lecaro.me.
Free. Open Source. Powerful. Taiga is a project management platform for startups and agile developers & designers who want a simple, beautiful tool that makes work truly enjoyable.