--- og_image: "/images/guides/how-to-self-host-it-tools-developer-utilities-2026.webp" title: "Self-Host IT-Tools: 100+ Developer Utilities in 2026" description: "Self-host IT-Tools (GPL-3.0, 20K+ stars) in 2026 — 100+ developer and sysadmin utilities in one container. Base64, JWT decode, UUID, cron, and regex tools." date: "2026-03-09" author: "OSSAlt Team" tags: ["it-tools", "developer-tools", "utilities", "self-hosting", "docker", "2026"] --- # Self-Host IT-Tools: 100+ Developer Utilities in 2026 ## TL;DR [IT-Tools](https://github.com/CorentinTh/it-tools) (GPL-3.0, 20K+ GitHub stars, Vue.js) is a self-hosted collection of 100+ developer and sysadmin utilities in a clean web interface. Encode/decode Base64, decode JWTs, generate UUIDs, test regex, convert timestamps, generate QR codes, hash strings — all in one place, all running in-browser, all without sending data to third-party websites. One Docker container, zero configuration, 20 MB RAM, instant access. ## Key Takeaways - **IT-Tools**: GPL-3.0, 20K+ stars, Vue.js — 100+ utilities in a single web app - **Privacy**: All processing runs in-browser — no data sent to any server (not even yours) - **Zero config**: `docker compose up` and it's ready — no database, no authentication, no setup - **Categories**: Crypto/encoding, converters, web/network, text, math, images, development - **Offline capable**: Once the page loads, all tools work without internet connection - **Tiny footprint**: Static Vue.js app served by Nginx — ~20 MB RAM usage --- ## Why Self-Host Developer Utility Tools? Developers rely on dozens of small utility websites for daily tasks: CyberChef for encoding, jwt.io for token inspection, regex101 for pattern testing, crontab.guru for cron expressions. These sites are convenient but have a privacy problem — you're pasting API keys, JWT tokens, password hashes, internal data, and sensitive business information into third-party websites. The alternative is CopyPasta — manually running `openssl dgst -sha256` or writing a one-off Python script every time you need to hash a string. Neither is great. IT-Tools solves this by providing all those utilities in a self-hosted web app where all processing happens in-browser. Your JWT tokens, HMAC secrets, and encryption keys never leave the page. Set it up once on your internal network or VPN, and your entire team has access to a private utility toolkit. --- ## Part 1: Docker Setup (2 Minutes) IT-Tools is a static Vue.js application served by Nginx. There is no backend, no database, no user accounts. Deployment is as simple as any Docker deployment gets. ```yaml # docker-compose.yml services: it-tools: image: corentinth/it-tools:latest container_name: it-tools restart: unless-stopped ports: - "8080:80" # No volumes needed — it's a static site # No environment variables needed — zero configuration ``` ```bash docker compose up -d ``` Visit `http://your-server:8080` — instantly usable. **Alternative: Single docker run command** ```bash docker run -d \ --name it-tools \ --restart unless-stopped \ -p 8080:80 \ corentinth/it-tools:latest ``` --- ## Part 2: HTTPS with a Reverse Proxy For HTTPS and a custom domain, add Caddy or Nginx as a reverse proxy: **With Caddy (automatic TLS):** ```caddyfile # /etc/caddy/Caddyfile tools.yourdomain.com { reverse_proxy localhost:8080 } ``` ```bash # Restart Caddy systemctl reload caddy # or if running Caddy in Docker: docker exec caddy caddy reload --config /etc/caddy/Caddyfile ``` **With Nginx:** ```nginx server { listen 80; server_name tools.yourdomain.com; return 301 https://$server_name$request_uri; } server { listen 443 ssl http2; server_name tools.yourdomain.com; ssl_certificate /etc/letsencrypt/live/tools.yourdomain.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/tools.yourdomain.com/privkey.pem; location / { proxy_pass http://localhost:8080; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; } } ``` **Internal network only (no public exposure):** If you want IT-Tools accessible only on your VPN or local network, bind to a private IP instead of `0.0.0.0`: ```yaml ports: - "192.168.1.100:8080:80" # Only accessible from LAN ``` --- ## Part 3: Complete Tool Reference ### Crypto / Encoding Tools These are the most privacy-sensitive tools — the ones where you should never use a public website. | Tool | What it does | Common use case | |------|-------------|-----------------| | **Base64 encoder/decoder** | Encode/decode Base64 text and files | Decode base64 email attachments, encode binary data | | **Hash generator** | MD5, SHA-1, SHA-256, SHA-512 from text | Verify file integrity, generate content hashes | | **HMAC generator** | HMAC-SHA256, HMAC-SHA512 from text + secret | Verify webhook signatures (Stripe, GitHub, Slack) | | **Bcrypt hash** | Generate and verify bcrypt password hashes | Test password hashing without a full app | | **UUID generator** | v1, v4, v7 UUIDs | Generate unique IDs for testing | | **ULID generator** | Generate ULIDs (time-sortable unique IDs) | Use when insertion order matters | | **Encryption/Decryption** | AES-256 encrypt/decrypt text with password | Quick encryption of sensitive notes | | **RSA key pair generator** | Generate RSA public/private key pairs | Generate keys for JWT signing, SSH | ### Web / Network Tools | Tool | What it does | Common use case | |------|-------------|-----------------| | **JWT decoder** | Decode header, payload, signature; show expiry | Debug auth issues without manual base64 decoding | | **URL encoder/decoder** | Encode/decode URL components | Fix malformed URLs, prepare query parameters | | **URL parser** | Break URLs into scheme, host, path, query | Debug complex URLs | | **HTTP status codes** | Reference with descriptions and usage | Quick lookup without MDN | | **MIME types** | Lookup MIME type by file extension | Set Content-Type headers correctly | | **IPv4 subnet calculator** | CIDR to netmask, host range, broadcast | Network planning, firewall rules | | **IPv6 ULA generator** | Generate unique local addresses | Private IPv6 network setup | | **MAC address lookup** | Identify hardware vendor from MAC | Network debugging, DHCP logs | | **User agent parser** | Decode browser user agent strings | Debug mobile vs desktop detection | | **Basic auth header** | Generate Authorization header from credentials | Test basic auth endpoints | ### Converter Tools | Tool | What it does | Common use case | |------|-------------|-----------------| | **JSON ↔ YAML** | Convert between JSON and YAML | Translate config files | | **JSON ↔ CSV** | Convert between JSON and CSV | Prepare data for spreadsheets or APIs | | **JSON ↔ TOML** | Convert between JSON and TOML | Translate config formats | | **XML ↔ JSON** | Convert between XML and JSON | Work with legacy APIs that return XML | | **YAML beautifier** | Format and validate YAML | Fix YAML indentation errors | | **Unix timestamp** | Convert epoch timestamps to human dates | Debug log timestamps | | **Color converter** | HEX ↔ RGB ↔ HSL ↔ CMYK | Convert colors across formats for CSS | | **Temperature** | Celsius ↔ Fahrenheit ↔ Kelvin | Useful for server specs and hardware | | **Number base** | Binary ↔ octal ↔ decimal ↔ hex | Decode bitmasks and permission values | ### Text / String Tools | Tool | What it does | Common use case | |------|-------------|-----------------| | **Lorem ipsum generator** | Generate placeholder text | Mockups and wireframes | | **Text diff** | Compare two text blocks with highlighting | Compare config versions | | **Regex tester** | Test regex patterns with match highlighting | Build and debug regex without a terminal | | **Markdown preview** | Render Markdown to HTML preview | Preview docs before committing | | **Text statistics** | Word count, char count, reading time | Content length verification | | **String case converter** | camelCase, snake_case, PascalCase, kebab-case | Rename variables when switching conventions | | **Slug generator** | Create URL-safe slugs from text | Generate blog post URLs from titles | | **HTML entity encoder** | Encode/decode HTML special characters | Safely embed user content in HTML | | **NATO alphabet** | Convert text to NATO phonetic alphabet | Spell out codes over the phone | ### Development Tools | Tool | What it does | Common use case | |------|-------------|-----------------| | **Cron expression** | Parse cron expressions into plain English | Verify `0 */6 * * 1-5` before deploying | | **Docker run → Compose** | Convert docker run to docker-compose.yml | Convert quick-start commands to reusable config | | **SQL formatter** | Format and beautify SQL queries | Read dense generated SQL | | **JSON formatter** | Pretty-print and validate JSON | Format minified API responses | | **Git cheatsheet** | Quick reference for common git commands | Reference for less-used git operations | | **chmod calculator** | Calculate Unix file permissions from checkboxes | Set correct permissions without memorizing octal | | **OTP code generator** | Generate TOTP 2FA codes from a secret | Test 2FA implementations | | **Random port generator** | Generate random available port numbers | Pick ports for local development | ### Images / Media Tools | Tool | What it does | Common use case | |------|-------------|-----------------| | **QR code generator** | Create QR codes from any text or URL | Generate codes for links, WiFi passwords, cards | | **QR code reader** | Decode QR codes from uploaded images | Read QR codes without a phone | | **SVG placeholder** | Generate SVG placeholder images | Lazy-loading image placeholders | | **Camera/Webcam** | Capture photos from webcam | Quick screenshots without extra software | | **Image to Base64** | Convert images to Base64 data URIs | Embed small images in CSS or HTML | --- ## Part 4: Keyboard Navigation and Productivity Tips IT-Tools is designed for fast keyboard-driven use: **Search:** Press `/` from anywhere to open the search bar and find any tool by name or keyword. Type `jwt` to jump to the JWT decoder, `uuid` to get the UUID generator. **Favorites:** Click the ⭐ star icon on any tool to pin it to your home dashboard. Your most-used tools appear at the top of the homepage. **Direct URLs:** Every tool has a stable, bookmarkable URL path: ``` https://tools.yourdomain.com/base64-string-converter https://tools.yourdomain.com/jwt-parser https://tools.yourdomain.com/uuid-generator https://tools.yourdomain.com/crontab-generator https://tools.yourdomain.com/docker-run-to-docker-compose-converter https://tools.yourdomain.com/bcrypt https://tools.yourdomain.com/hmac-generator https://tools.yourdomain.com/hash-text ``` Set your most-used tools as browser bookmarks with keyboard shortcuts for instant access. --- ## Part 5: Common Workflows ### Decode a JWT token quickly 1. Open JWT Parser (`/jwt-parser`) 2. Paste the full token (including the `eyJ...` header) 3. See: header algorithm, payload claims, expiry time, issued-at — all decoded in milliseconds ### Debug a cron expression 1. Open Cron Expression Describer (`/crontab-generator`) 2. Enter: `0 */6 * * 1-5` 3. Output: "At minute 0 past every 6th hour, Monday through Friday" 4. The UI also shows the next 5 scheduled runs ### Verify a webhook HMAC signature 1. Open HMAC Generator (`/hmac-generator`) 2. Enter the webhook payload as the message 3. Enter your webhook secret as the key 4. Choose SHA-256 5. Compare the output against the `X-Hub-Signature-256` header from GitHub/Stripe ### Convert docker run to docker-compose.yml 1. Open Docker Run to Compose (`/docker-run-to-docker-compose-converter`) 2. Paste: `docker run -d -p 8080:80 -e NODE_ENV=production -v /data:/app/data --name myapp myimage:latest` 3. Get the complete docker-compose.yml with services, ports, environment, and volumes ### Calculate subnet ranges 1. Open IPv4 Subnet Calculator (`/ipv4-subnet-calculator`) 2. Enter: `10.0.1.0/26` 3. Get: netmask `255.255.255.192`, 62 usable hosts, range `10.0.1.1 - 10.0.1.62`, broadcast `10.0.1.63` --- ## IT-Tools vs Alternatives | Feature | IT-Tools | CyberChef | DevToys | Hoppscotch | |---------|---------|-----------|---------|------------| | Platform | Web (self-host) | Web (self-host) | Desktop | Web | | Tool count | 100+ | 300+ operations | 30+ | API-focused | | Interface | Clean, modern | Complex recipe builder | Native desktop | Modern | | Tool chaining | No | Yes (recipes) | No | No | | Privacy | All client-side | All client-side | Local only | Server for API | | Ease of use | Very easy | Learning curve | Very easy | Medium | | Memory usage | 20 MB | 50 MB | N/A | 200 MB+ | | Network tools | Good | Excellent | Limited | API-only | **When to use CyberChef instead:** CyberChef's "recipe" system lets you chain 300+ operations — decode Base64, then decompress gzip, then parse JSON, then extract a field. For forensics and security analysis workflows requiring multi-step transformations, CyberChef is the more powerful tool. **When to use DevToys instead:** If you prefer a native desktop app that works fully offline without any server, DevToys (Windows, macOS) provides 30+ tools with a system-native feel. --- ## Maintenance IT-Tools is stateless — there's no database, no persistent state, no user accounts. Updates are trivial: ```bash # Pull latest image and restart docker compose pull docker compose up -d # That's all. No migrations, no config changes, no data to preserve. ``` Check for updates monthly. The project is actively maintained with new tools added regularly. --- ## Resource Requirements IT-Tools is one of the lightest self-hosted applications available: | Resource | Usage | |----------|-------| | RAM | ~20 MB | | CPU | Negligible (static serving) | | Disk | ~50 MB (image) | | Network | Minimal (static files cached by browser) | You can run IT-Tools on the same VPS as 5 other services without noticing its presence. --- *Related: [Best Open Source Developer Tools 2026](/guides/best-open-source-developer-tools-2026) · [Best Open Source Alternatives to Postman](/guides/best-open-source-alternatives-to-postman-2026) · [Complete Self-Hosting Stack 2026](/guides/complete-self-hosting-stack-2026)*