DEV.co
Open-Source DevOps · pawelmalak

flame

Flame is a self-hosted startpage application that lets you organize apps, bookmarks, and services in a customizable dashboard. It runs in Docker, includes built-in editors for content management, and integrates with Docker and Kubernetes to auto-discover and surface deployed services.

Source: GitHub — github.com/pawelmalak/flame
6.5k
GitHub stars
345
Forks
TypeScript
Primary language
MIT
License (OSI-approved)

Key facts

Objective fields from the source. Values we can't verify are shown as “Unknown” rather than guessed.

FieldValue
Repositorypawelmalak/flame
Ownerpawelmalak
Primary languageTypeScript
LicenseMIT — OSI-approved
Stars6.5k
Forks345
Open issues170
Latest releasev2.4.0 (2026-04-24)
Last updated2026-06-25
Sourcehttps://github.com/pawelmalak/flame

What flame is

TypeScript-based full-stack application (Node.js/Express backend, React/Redux frontend) using SQLite via Sequelize ORM. Deployed via Docker with multiarch support (amd64, armv7, arm64); integrates Docker API and Kubernetes Ingress for dynamic app discovery.

Quickstart

Get the flame source

Clone the repository and explore it locally.

terminalbash
git clone https://github.com/pawelmalak/flame.gitcd flame# follow the project's README for install & configuration

Need it deployed, integrated, or customized instead? DEV.co ships production installs.

Best use cases

Internal service dashboard for DevOps teams

Aggregate and surface deployed apps, microservices, and monitoring tools in a single customizable hub with Docker/Kubernetes label-based auto-discovery.

Personal or team homelab/self-hosted environment

Lightweight startpage for organizing locally hosted applications, services, and bookmarks with minimal infrastructure overhead and no external dependencies.

Branded internal portal for enterprises

Deployable as an internal-only startpage with authentication, custom themes, CSS, and branding to provide employees a unified entry point to internal tools.

Implementation considerations

  • Docker Compose deployment recommended; volume mount for persistent data directory and optional Docker socket mount for Docker integration required.
  • Password environment variable handling supports Docker Secrets; rotate default password immediately and use secure secret management in production.
  • Weather widget requires external API key from weatherapi.com (free tier covers typical usage ~3K/month).
  • Docker and Kubernetes integrations require specific label/annotation formats; document labeling strategy before rollout.
  • Custom CSS and theme builder available; test theming and custom CSS thoroughly before deployment.

When to avoid it — and what to weigh

  • Require role-based access control (RBAC) — Authentication system is present but data appears to be shared; granular per-user or per-team permissions are not documented.
  • Need external identity provider integration — No mention of OAuth, SAML, or LDAP support; authentication is built-in password-only, requiring manual credential management.
  • Expect high-volume API service discovery — Docker and Kubernetes integrations work via labels/annotations; large-scale dynamic environments or frequent app churn may require manual curation.
  • Require enterprise SLA or commercial support — Open-source community project with no documented commercial support, SLA, or maintenance guarantees.

License & commercial use

MIT License: permissive, allows commercial use, modification, and distribution with attribution. No copyleft or proprietary restrictions.

MIT is a permissive OSI license; commercial use is permitted. However, this is a community-maintained open-source project without commercial backing, indemnification, or warranty. Evaluate risk tolerance and support needs independently.

DEV.co evaluation signals

Editorial assessment — not user reviews. Directional, with an explicit confidence level.

SignalAssessment
MaintenanceActive
DocumentationAdequate
License clarityClear
Deployment complexityLow
DEV.co fitGood
Assessment confidenceHigh
Security considerations

Authentication system present and documented; password can be passed via environment or Docker Secrets. Docker socket mount for API integration introduces host-level access risk and requires network isolation. SQLite as single-instance database lacks multi-tenancy isolation. No security audit, penetration test results, or vulnerability disclosure policy documented. Evaluate threat model before deploying in sensitive environments.

Alternatives to consider

Homer

Similar self-hosted startpage with YAML configuration and Helm/Kubernetes support; offers alternative deployment model but less GUI-driven content management.

Dashy

Self-hosted dashboard with more granular user management, multiple dashboard support, and widget ecosystem; higher feature complexity than Flame.

Heimdall

Self-hosted application dashboard with application management and customization; alternative UI paradigm and community ecosystem.

Software development agency

Build on flame with DEV.co software developers

Flame offers a lightweight, MIT-licensed solution for organizing internal services. Evaluate integration needs and security requirements, then deploy via Docker Compose.

Talk to DEV.co

Related open-source tools

Surfaced by semantic similarity across the DEV.co open-source index.

Related on DEV.co

Explore the category and the services that help you build with it.

flame FAQ

Can I run Flame without Docker?
Yes, but setup is manual; refer to the project wiki for non-Docker installation instructions.
Does Flame support multi-user with separate dashboards?
Not documented. Authentication protects settings/apps/bookmarks, but per-user or per-team isolation is not clearly stated.
What is the backup/restore strategy?
Data persists in mounted volume (default /app/data); back up the data directory. Import/export or disaster recovery procedures are not documented.
Can Flame auto-discover apps running outside Docker/Kubernetes?
No; discovery is limited to Docker labels and Kubernetes Ingress annotations. Manual app/bookmark creation via GUI is required for other services.

Custom software development services

DEV.co helps companies turn open-source tools like flame into production software. Our software development services cover the full lifecycle — architecture, web development, integration, and maintenance — delivered by software developers and web developers who ship. Engage our software development agency to implement or customize it for your open-source devops stack.

Ready to Deploy Your Internal Startpage?

Flame offers a lightweight, MIT-licensed solution for organizing internal services. Evaluate integration needs and security requirements, then deploy via Docker Compose.