Community Apps

Browse our large and growing catalog of applications to run in your Unraid server. 

Download the Plugin  |  Become a Community Developer


Community-built

All the applications you love—built and maintained by a community member who understands what you need on Unraid. Love a particular app or plugin? Donate directly to the developer to support their work.

Created by a Legend

Andrew (aka Squid) has worked tirelessly to build and enhance the experience of Community Apps for users like you.

Moderated and Vetted

Moderators ensure that apps listed in the store offer a safe, compatible, and consistent experience. 


fail2ban's Icon

Fail2ban container Icon URL : https://raw.githubusercontent.com/FrankM77/docker-fail2ban/master/Fail2ban_logo.png You must add a path to your container log file that you want fail2ban to monitor. Important: If you are using Nginx Proxy Manger with Cloudflare tunnels then you need to pass the client IP to your container that you want fail2ban to protect. For instance I have fail2ban protecting my Jellyfin container but inititally in the Jellyfin logfiles it would log the IP address as 172.18.0.1, so in order to log the real connecting client IP you need to go into Nginx Proxy manager--->proxy host---->Advanced------>Under custom configuration add "real ip header CF-Connecting-IP" without the quotes. You will then notice that your container log (in my case jellyfin) will have the real ip of the connecting user/client.

frak-gvm's Icon

OpenVAS is a full-featured vulnerability scanner. Its capabilities include unauthenticated testing, authenticated testing, various high level and low level Internet and industrial protocols, performance tuning for large-scale scans and a powerful internal programming language to implement any type of vulnerability test.

frigate's Icon

A complete and local NVR designed for Home Assistant with AI object detection. Uses OpenCV and Tensorflow to perform realtime object detection locally for IP cameras. You cas use a integrated or dedicated GPU (Intel/AMD/Nvidia) to perform the image decoding of the input streams of your cameras. Optionally (but highly recommended), you can use multiple devices to perform the object detetion, such as a Google Coral Accelerator Nvidia GPU, OpenVINO (Intel GPU) and Intel NCS2 VPU See the documentation for more details about your specific hardware and needs (https://docs.frigate.video/). This is a general templeate that aims to give a fast deoplyment for every user so check all the options carefully and remove all the configurations that you are not going to use.

GLauth's Icon

GLauth

Security

GLAuth is a secure, easy-to-use, LDAP server with configurable backends.

Hoodik's Icon

Hoodik is a lightweight, secure, and self-hosted cloud storage solution. It's designed and built with Rust and Vue, focusing on end-to-end encryption that shields your data from prying eyes and hackers. Hoodik supports file uploading and downloading, making it easy for you to share files with other users. The simple and intuitive web interface makes file management a breeze. Thanks to Rust's focus on speed and performance, your data transfers will be lightning fast.

KeeperAutomator's Icon

KeeperAutomator

Security

The Keeper Automator service performs instant device approvals upon a successful login from the SSO identity provider. Once Automator is running, users can seamlessly access Keeper on a new (not previously approved) device after a successful authentication with your identity provider, without any further approval steps. More Information: https://docs.keeper.io/sso-connect-cloud/device-approvals/automator

LibreY's Icon

A fork of LibreX, a framework- and JavaScript-free privacy respecting meta search engine, giving you results from Google, Qwant, Ahmia and popular torrent sites without spying on you. LibreY changed some features like automatic redirection. See documentation for all available settings: https://github.com/Ahwxorg/LibreY/tree/main/docker#environment-variables-that-can-be-set-in-the-docker-container

log4jscan's Icon

log4jscan

Security

A fully automated, accurate, and extensive scanner for finding vulnerable log4j hosts To Use After install you will see this container in the docker tab but will apear as not started and seem not to start and the log will show an error. You must add a url list before running to get a result. The container will have made a folder in the appdata folder. You will need to reset its permissions run the line below from the Unraid terminal chmod -R u-x,go-rwx,go+u,ugo+X /mnt/user/appdata/log4j-scan/ then put a file called urls.txt with each url on a separate line in that location then run the below command After run the container and view the log to see the result post arguments in the template optional arguments can be added to the post arguements (see https://github.com/fullhunt/log4j-scan) -h, --help show this help message and exit -u URL, --url URL Check a single URL. -p PROXY, --proxy PROXY send requests through proxy -l USEDLIST, --list USEDLIST Check a list of URLs. --request-type REQUEST_TYPE Request Type: (get, post) - . --headers-file HEADERS_FILE Headers fuzzing list - . --run-all-tests Run all available tests on each URL. --exclude-user-agent-fuzzing Exclude User-Agent header from fuzzing - useful to bypass weak checks on User-Agents. --wait-time WAIT_TIME Wait time after all URLs are processed (in seconds) - . --waf-bypass Extend scans with WAF bypass payloads. --custom-waf-bypass-payload CUSTOM_WAF_BYPASS_PAYLOAD Test with custom WAF bypass payload. --test-CVE-2021-45046 Test using payloads for CVE-2021-45046 (detection payloads). --dns-callback-provider DNS_CALLBACK_PROVIDER DNS Callback provider (Options: dnslog.cn, interact.sh) - . --custom-dns-callback-host CUSTOM_DNS_CALLBACK_HOST Custom DNS Callback Host. --disable-http-redirects Disable HTTP redirects. Note: HTTP redirects are useful as it allows the payloads to have a higher chance of reaching vulnerable systems.

NetAlertX's Icon

Previously PiAlert - this can be installed in the same config directories The system continuously scans the network for New devices, New connections (re-connections), Disconnections, "Always Connected" devices down, Devices IP changes and Internet IP address changes. Scanning methods are: Method 1: arp-scan. The arp-scan system utility is used to search for devices on the network using arp frames. Method 2: Pi-hole. This method is optional and complementary to method 1. If the Pi-hole DNS server is active, Pi.Alert examines its activity looking for active devices using DNS that have not been detected by method 1. Method 3. dnsmasq. This method is optional and complementary to the previous methods. If the DHCP server dnsmasq is active, Pi.Alert examines the DHCP leases (addresses assigned) to find active devices that were not discovered by the other methods. NOTE: remember to set the scan subnets in the pialert.conf, or in the settings UI. It can take up to 15 minutes for the first scan, subsequent scans are much quicker

nordlynx's Icon

nordlynx

Security

NordLynx Docker template for unRAID https://hub.docker.com/r/bubuntux/nordlynx/

OneTimeSecret's Icon

Containerized OneTimeSecret with customization, and without paid/account features. <br> Just simple, secure password sharing. <br> Keep sensitive info (passwords) out of your email & chat logs. <br> <br> Requires Redis container with a password set on it! See support thread for more information.

OpenVPN-AIO-Client's Icon

OpenVPN-AIO-Client

Network ServicesWeb, Other, Security

An "all-in-one" docker for all your private browsing needs (including OpenVPN client with nftables kill switch ; Socks5 + HTTP proxy to both VPN and TOR (the onion router) ; DNS server to DoT (DNS-over-TLS) services). NOTE: you must place your own OpenVPN configuration to the host path that is mapped to /etc/openvpn (The ovpn file must be named openvpn.ovpn. Credentials + certs can be in the same file or split out into multiple files - the flexibility is yours.) Set DNS_SERVERS to 127.2.2.2 to use DNS-over-TLS (use google and cloudflare services by default). Your DNS query out of the VPN exit will also be encrypted for even more security. Set it to other services IP's will use normal unencrypted services. Set HOST_NETWORK to your Unraid server network in CIDR format e.g. 192.168.1.0/24. For more detailed instructions, refer to the support thread (https://forums.unraid.net/topic/96233-support-testdasi-repo/) or project page (https://github.com/testdasi/openvpn-client-aio).

OpenVPN-AIO-Client-Torless's Icon

OpenVPN-AIO-Client-Torless

Network ServicesWeb, Other, Security

An "all-in-one" docker for all your private browsing needs (including OpenVPN client with nftables kill switch ; Socks5 + HTTP proxy to the VPN ; DNS server to DoT (DNS-over-TLS) services). It's the same as OpenVPN AIO Client docker but without TOR. NOTE: you must place your own OpenVPN configuration to the host path that is mapped to /etc/openvpn (The ovpn file must be named openvpn.ovpn. Credentials + certs can be in the same file or split out into multiple files - the flexibility is yours.) Set DNS_SERVERS to 127.2.2.2 to use DNS-over-TLS (use google and cloudflare services by default). Your DNS query out of the VPN exit will also be encrypted for even more security. Set it to other services IP's will use normal unencrypted services. Set HOST_NETWORK to your Unraid server network in CIDR format e.g. 192.168.1.0/24. For more detailed instructions, refer to the support thread (https://forums.unraid.net/topic/96233-support-testdasi-repo/) or project page (https://github.com/testdasi/openvpn-client-aio).

OpenVPN-HyDeSa's Icon

OpenVPN-HyDeSa

Downloaders, Security

OpenVPN Client with integrated (NZB)Hydra2-Deluge-Sabnzbd (and HTTP + SOCKS5 proxies). Now with a Web GUI quick launch. High-level instructions: (1) Create an appdata folder in host and create a openvpn subfolder. (2) Copy your OpenVPN configuration to the above openvpn subfolder (must include openvpn.ovpn + credentials + certs). (3) Don't forget to map /data in the docker to the host (you can map the parent or individual subfolders depending on needs). (4) Start docker (other apps should configure themselves on first run). DON'T FORGET THE OVPN FILE!!! Default password for deluge is deluge Set DNS_SERVERS to 127.2.2.2 to use DNS-over-TLS (use google and cloudflare services by default). Your DNS query out of the VPN exit will also be encrypted for even more security. Set it to other services IP's will use normal unencrypted services. Set HOST_NETWORK to your Unraid server network in CIDR format e.g. 192.168.1.0/24. For more detailed instructions, refer to the support thread (https://forums.unraid.net/topic/96233-support-testdasi-repo/) or project page (https://github.com/testdasi/openvpn-hydesa).

OpenVPN-HyRoSa's Icon

OpenVPN-HyRoSa

Downloaders, Security

OpenVPN Client with integrated (NZB)Hydra2-RTorrent (Flood GUI)-Sabnzbd (and HTTP + SOCKS5 proxies). Now with a Web GUI quick launch. High-level instructions: (1) Create an appdata folder in host and create a openvpn subfolder. (2) Copy your OpenVPN configuration to the above openvpn subfolder (must include openvpn.ovpn + credentials + certs). (3) Don't forget to map /data in the docker to the host (you can map the parent or individual subfolders depending on needs). (4) Start docker (other apps should configure themselves on first run). DON'T FORGET THE OVPN FILE!!! Default login to flood is admin/flood Set DNS_SERVERS to 127.2.2.2 to use DNS-over-TLS (use google and cloudflare services by default). Your DNS query out of the VPN exit will also be encrypted for even more security. Set it to other services IP's will use normal unencrypted services. Set HOST_NETWORK to your Unraid server network in CIDR format e.g. 192.168.1.0/24. For more detailed instructions, refer to the support thread (https://forums.unraid.net/topic/96233-support-testdasi-repo/) or project page (https://github.com/testdasi/openvpn-hyrosa).

P3R-KeePassXC's Icon

KeePassXC in a container. Keep your passwords safe! I highly recommend also downloading the KeePassXC browser extension for easy input of passwords on webpages. Save your database in the /config folder for persistence after updates/reboots and backups with your AppData.

PasswordPusher's Icon

This version requires a separate PostgreSQL container. PasswordPusher or PWPush is an opensource application to communicate passwords over the web. Links to passwords expire after a certain number of views and/or time has passed.

PasswordPusherEphemeral's Icon

PasswordPusherEphemeral

Productivity, Security, Tools / UtilitiesUtilities

Ephemeral version requires no other database container! PasswordPusher or PWPush is an opensource application to communicate passwords over the web. Links to passwords expire after a certain number of views and/or time has passed.

Pihole-DoT-DoH's Icon

Pihole-DoT-DoH

Other, Security

Pi-Hole - let's block those pesky ads! Now with DNS-over-HTTPS and DNS-over-TLS! pihole.doh! Don't send your DNS queries in plain text. YOU MUST ASSIGN A STATIC IP TO THE DOCKER FOR PIHOLE TO WORK. You must set both DNS1 and DNS2 variables to 127.1.1.1#5153 (DoH) and/or 127.2.2.2#5253 (DoT). To use just DoH or just DoT, set both DNS1 and DNS2 to the same value. Otherwise, same instructions as official Pi-Hole. NOTE 1: Port 53 can only be used with custom br0/br1 network and a static IP address. NOTE 2: DNS lookup rarely ever works with ports other than 53 i.e. see note above about static IP. NOTE 3: UnRaid network settings DNS server cannot point to a docker IP. NOTE 4: This should be drop-in replacement for the now deprecated FLIPPINTURT Template.

Pihole-DoT-DoH's Icon

Pihole-DoT-DoH

Other, Security

Pi-Hole - let's block those pesky ads! Now with DNS-over-HTTPS and DNS-over-TLS! pihole.doh! Don't send your DNS queries in plain text. YOU MUST ASSIGN A STATIC IP TO THE DOCKER FOR PIHOLE TO WORK. You must set both DNS1 and DNS2 variables to 127.1.1.1#5153 (DoH) and/or 127.2.2.2#5253 (DoT). To use just DoH or just DoT, set both DNS1 and DNS2 to the same value. Otherwise, same instructions as official Pi-Hole. NOTE 1: Port 53 can only be used with custom br0/br1 network and a static IP address. NOTE 2: DNS lookup rarely ever works with ports other than 53 i.e. see note above about static IP. NOTE 3: UnRaid network settings DNS server cannot point to a docker IP.

pihole-unbound's Icon

pihole-unbound

Security

This Docker deployment runs both Pi-Hole and Unbound in a single container. The base image for the container is the official Pi-Hole container, with an extra build step added to install the Unbound resolver directly into to the container based on instructions provided directly by the Pi-Hole team. FYI - This template will install the "one-container" version the developer has built.

pihole-unbound-daily's Icon

pihole-unbound-daily

Security

This template installs Origamiofficial's Pi-Hole & Unbound in the same docker container. His repo aims for daily updates to pihole & unbound, so your install always stays current.