homepage
Homepage is a self-hosted, customizable application dashboard built with Next.js that integrates with Docker and 100+ third-party services. It runs as a static site with API proxying for security and supports YAML-based configuration, automatic Docker service discovery, and multiple language translations.
Key facts
Objective fields from the source. Values we can't verify are shown as “Unknown” rather than guessed.
| Field | Value |
|---|---|
| Repository | gethomepage/homepage |
| Owner | gethomepage |
| Primary language | JavaScript |
| License | GPL-3.0 — OSI-approved |
| Stars | 31.4k |
| Forks | 2k |
| Open issues | 1 |
| Latest release | v1.13.2 (2026-06-09) |
| Last updated | 2026-07-08 |
| Source | https://github.com/gethomepage/homepage |
What homepage is
Next.js/React-based dashboard using statically generated pages at build time, with a Node.js backend for API proxying and Docker socket integration. Supports OIDC and password-based authentication (opt-in), YAML configuration, and label-based automatic service discovery via Docker API.
Get the homepage source
Clone the repository and explore it locally.
git clone https://github.com/gethomepage/homepage.gitcd homepage# follow the project's README for install & configurationNeed it deployed, integrated, or customized instead? DEV.co ships production installs.
Best use cases
Implementation considerations
- Reverse proxy + TLS + Host header validation + authentication (OIDC or password) are mandatory if exposed beyond local network. README explicitly warns that these security controls are required.
- Docker socket mount (`/var/run/docker.sock:ro`) grants significant container host access; follow least-privilege principles and restrict network exposure.
- YAML configuration must be maintained in version control; no built-in GUI editor for non-technical users. Changes require file edits and container restart.
- Static site generation at build time means real-time service discovery updates require rebuild/restart. Fast cold starts, but not live-streaming dynamic dashboards.
- HOMEPAGE_ALLOWED_HOSTS environment variable must be set correctly (with port if non-standard). Misconfiguration blocks access; review deployment docs carefully.
When to avoid it — and what to weigh
- Require complex role-based access control (RBAC) — Authentication is binary (authenticated or not) via OIDC or password. Multi-tenant, fine-grained permission models are not built-in and would require heavy customization or wrapper layers.
- Need a managed SaaS solution with guaranteed uptime SLA — Self-hosted only; no official managed offering. You own deployment, updates, backups, and incident response. Suitable for in-house ops only.
- Operate in a highly regulated compliance environment without security audit results — README states the project is 'constantly reviewed for security by the community,' but no formal audit reports, CVE history, or security policy disclosure is provided in the data. Requires independent review before deployment in compliance-heavy contexts.
- Expect zero operational overhead or minimal configuration — While Docker integration is automatic via labels, initial setup requires YAML config authoring, reverse proxy hardening, optional OIDC/TLS setup, and ongoing Docker socket/volume management. Not plug-and-play for non-DevOps users.
License & commercial use
GPL-3.0 (GNU General Public License v3.0). This is a copyleft license requiring that any modifications or derivative works distributed must also be released under GPL-3.0. Redistribution in source or binary form must include license notices and offer GPL-3.0 source access.
GPL-3.0 allows commercial use (running the software internally is not distribution). However, if you modify Homepage and distribute it (or a product bundling it), you must license those modifications under GPL-3.0 and provide source code. Commercial support, hosting, or consulting around Homepage is separate from the license and requires review of your specific business model. If you are a software company bundling or reselling this, obtain legal review.
DEV.co evaluation signals
Editorial assessment — not user reviews. Directional, with an explicit confidence level.
| Signal | Assessment |
|---|---|
| Maintenance | Active |
| Documentation | Strong |
| License clarity | Clear |
| Deployment complexity | Moderate |
| DEV.co fit | Good |
| Assessment confidence | High |
README explicitly requires reverse proxy + TLS + Host header validation + authentication if exposed beyond localhost. API key proxying is built-in and keeps secrets server-side. Community-reviewed but no formal audit disclosed. Docker socket mount grants host-level read access; restrict network scope and review socket permissions. No built-in rate limiting, DDoS protection, or Web Application Firewall; assume deployment behind industry-standard reverse proxy (nginx, Traefik, Cloudflare). Opt-in OIDC/password auth is basic; not suitable for zero-trust or high-threat environments without additional hardening.
Alternatives to consider
Dashy (https://github.com/Lissy93/dashy)
Similar self-hosted dashboard, Vue.js-based, with offline support and customizable widgets. Lighter dependencies, smaller footprint. Less service integration depth than Homepage but faster for minimal setups.
Organizr (https://github.com/causefx/Organizr)
Veteran self-hosted dashboard with Plex/Ombi/Sonarr integrations. Database-backed (more stateful), established community. Heavier stack (PHP) than Homepage but mature for homelab contexts.
Flame (https://github.com/pawelmalak/flame)
Lightweight, React-based homepage. Simpler feature set, smaller Docker image, minimal config overhead. Good for basic bookmark + app launcher use; lacks the breadth of Homepage's service integrations.
Build on homepage with DEV.co software developers
Homepage is production-ready for self-hosted environments. Review the security requirements (reverse proxy, authentication, Host headers), plan your YAML config, and deploy on Docker. Requires in-house ops ownership but offers deep service integration and privacy-first API proxying.
Talk to DEV.coRelated open-source tools
Surfaced by semantic similarity across the DEV.co open-source index.
Related on DEV.co
Explore the category and the services that help you build with it.
homepage FAQ
Can I run Homepage without Docker?
Is authentication required?
Can I modify the dashboard via a GUI, or only YAML?
How does Docker auto-discovery work?
Work with a software development agency
From first prototype to production, DEV.co delivers software development services around tools like homepage. Our software development agency staffs experienced software developers and web developers for custom software development, web development, integrations, and ongoing support across open-source devops and beyond.
Ready to Deploy a Secure, Customizable Dashboard?
Homepage is production-ready for self-hosted environments. Review the security requirements (reverse proxy, authentication, Host headers), plan your YAML config, and deploy on Docker. Requires in-house ops ownership but offers deep service integration and privacy-first API proxying.