Ten best-in-class tools, one login, one config file. Klyvra replaces your SaaS sprawl with a unified, self-hosted workspace you actually control.
Your team logs in once through Authentik and gets immediate access to every tool — wiki, chat, code, files, tasks, email. No separate accounts, no password fatigue, no "which login was it again?"
Create an "engineering" group and Klyvra gives them code repos, wiki access, and a chat channel — automatically. HR gets timesheets and policies but no source code. New hires? Add them to a group and they get the right access on their first login.
No clicking through admin panels. No setup wizards. Klyvra uses blueprints, init containers, and adapters to wire everything together before anyone logs in. The only manual step? Creating your first admin account.
Start with Docker Compose on a single server for development or small teams. When you're ready to scale, the Helm chart deploys the same stack to any Kubernetes cluster — same config structure, same RBAC model, same apps.
values.yaml RBAC structure in bothmake uphelm installWhether you're a 5-person startup or a 500-person org, Klyvra adapts to how you actually work.
Spin up a complete workspace in 5 minutes. Wiki, chat, code hosting, file sharing, passwords, email — all with one login. No per-seat costs eating your runway.
Define engineering, sales, HR, and ops as groups. Each team sees only what they need. Onboard new hires by adding them to a group — every app grants access automatically.
Data stays on your infrastructure. No US cloud dependencies, no third-party access. GDPR-compliant by architecture. Deploy on Hetzner, OVH, or your own racks.
Give students and staff a full collaboration suite at zero cost. Unlimited users, no feature gates. Self-host on whatever hardware you have.
Every component is open source and auditable. No black-box SaaS. Vaultwarden for passwords, end-to-end encryption in Seafile, MFA via Authentik.
Gitea for code, Mattermost for discussions, Outline for documentation, Vikunja for tasks, Kimai for time tracking — all connected, all with SSO. Ship faster.
When you create a group in Authentik, five lightweight adapters instantly create the matching resources: a Gitea org, a Mattermost channel, an Outline group, a Seafile group, and a Stalwart mailing list. Add a user to the group and they're added everywhere. Remove the group and everything's cleaned up.
Stalwart gives your team full email, calendar (CalDAV), and contacts (CardDAV) — with mailboxes auto-created the moment someone logs in via SSO. Group mailing lists are created automatically when you create a group in Authentik.
How Klyvra stacks up against the incumbents.
| Feature | Klyvra | Google Workspace | Microsoft 365 |
|---|---|---|---|
| SSO & Identity | ✓ Built-in (Authentik) | ✓ Included | ✓ Included (Entra) |
| File Storage & Sync | ✓ Seafile | ✓ Google Drive | ✓ OneDrive / SharePoint |
| Email & Calendar | ✓ Stalwart | ✓ Gmail | ✓ Exchange / Outlook |
| Chat & Video | ✓ Mattermost | ✓ Google Chat/Meet | ✓ Microsoft Teams |
| Wiki & Docs | ✓ Outline | ✓ Google Docs | ✓ SharePoint / OneNote |
| Git Hosting & CI | ✓ Gitea | ✗ Extra cost / Third-party | ✗ Extra cost (GitHub) |
| Time Tracking | ✓ Kimai | ✗ Not included | ✗ Not included |
| Task Management | ✓ Vikunja | ✓ Google Tasks | ✓ Microsoft Planner |
| Password Manager | ✓ Vaultwarden | ✗ Basic browser sync only | ✗ Basic sync only |
| Office Documents | ✓ OnlyOffice | ✓ Google Workspace | ✓ Office 365 |
| Per-user Cost | ✓ €0 forever | ✗ ~€11.50/mo | ✗ ~€11.70/mo |
| Data Sovereignty | ✓ Your infrastructure | ✗ US Cloud Act exposure | ✗ US Cloud Act exposure |
| Open Source (Auditable) | ✓ 100% FOSS | ✗ Closed source | ✗ Closed source |
| GDPR Compliance | ✓ Full control | ✓ Standard | ✓ Standard |
| Deployment Control | ✓ Docker / Kubernetes | ✗ SaaS only | ✗ SaaS only |
Why rent your infrastructure when you can own it? Let's look at the numbers for a typical 25-person company.
Built for European digital sovereignty from day one.
Deploy on bare metal, Hetzner, OVH, or your own local racks.
Keep your data completely shielded from foreign jurisdiction requests.
You control where the data lives and who has access, simplifying audits.
Centralized logging of every authentication event across your entire stack.
Standard formats and APIs. Your data is yours to export whenever you want.
No black-box SaaS. Every component's source code can be reviewed.
Scale your team without hitting arbitrary paywalls or subscription tiers.
Runs on any EU sovereign cloud provider — Hetzner, OVH, IONOS, or your own infrastructure.