{"id":49333316,"url":"https://github.com/mbombeck/healthlog","last_synced_at":"2026-06-29T01:01:04.448Z","repository":{"id":344628174,"uuid":"1162142501","full_name":"MBombeck/HealthLog","owner":"MBombeck","description":"Self-hosted, privacy-first health tracking PWA — weight, blood pressure, glucose, sleep, mood, medications, cycle. Withings, WHOOP, Fitbit and Apple Health sync, AI insights you own.","archived":false,"fork":false,"pushed_at":"2026-06-28T18:07:02.000Z","size":46714,"stargazers_count":21,"open_issues_count":3,"forks_count":5,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-06-28T19:23:24.805Z","etag":null,"topics":["ai-insights","apple-health","apple-health-import","docker","fitbit","glucose-tracker","google-health","health","health-tracking","medication-tracker","mood-tracker","nextjs","period-tracker","personal-health","privacy","pwa","quantified-self","self-hosted","whoop","withings"],"latest_commit_sha":null,"homepage":"https://healthlog.dev","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/MBombeck.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING-AI.md","funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":"AGENTS.md","dco":null,"cla":null},"funding":{"custom":["https://buymeacoffee.com/mbombeck"]}},"created_at":"2026-02-19T23:09:12.000Z","updated_at":"2026-06-28T17:53:27.000Z","dependencies_parsed_at":"2026-04-27T00:01:46.950Z","dependency_job_id":null,"html_url":"https://github.com/MBombeck/HealthLog","commit_stats":null,"previous_names":["mbombeck/healthlog"],"tags_count":218,"template":false,"template_full_name":null,"purl":"pkg:github/MBombeck/HealthLog","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/MBombeck%2FHealthLog","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/MBombeck%2FHealthLog/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/MBombeck%2FHealthLog/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/MBombeck%2FHealthLog/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/MBombeck","download_url":"https://codeload.github.com/MBombeck/HealthLog/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/MBombeck%2FHealthLog/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":34909138,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-06-28T02:00:05.809Z","response_time":54,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ai-insights","apple-health","apple-health-import","docker","fitbit","glucose-tracker","google-health","health","health-tracking","medication-tracker","mood-tracker","nextjs","period-tracker","personal-health","privacy","pwa","quantified-self","self-hosted","whoop","withings"],"created_at":"2026-04-27T00:00:19.185Z","updated_at":"2026-06-29T01:01:04.441Z","avatar_url":"https://github.com/MBombeck.png","language":"TypeScript","funding_links":["https://buymeacoffee.com/mbombeck"],"categories":[],"sub_categories":[],"readme":"\u003cp align=\"center\"\u003e\n  \u003cimg src=\"public/logo-readme.svg\" alt=\"HealthLog logo\" width=\"120\" height=\"120\" /\u003e\n\u003c/p\u003e\n\n\u003ch1 align=\"center\"\u003eHealthLog\u003c/h1\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003cstrong\u003eSelf-hosted, privacy-first health tracking. Your vitals, your devices, your server.\u003c/strong\u003e\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003ca href=\"LICENSE\"\u003e\u003cimg src=\"https://img.shields.io/badge/License-PolyForm--Noncommercial--1.0.0-blue.svg\" alt=\"License: PolyForm Noncommercial 1.0.0\" /\u003e\u003c/a\u003e\n  \u003ca href=\"https://github.com/MBombeck/HealthLog/releases\"\u003e\u003cimg src=\"https://img.shields.io/github/v/release/MBombeck/HealthLog?sort=semver\u0026color=success\u0026cacheSeconds=60\" alt=\"Latest release\" /\u003e\u003c/a\u003e\n  \u003ca href=\"https://github.com/MBombeck/HealthLog/actions/workflows/integration.yml\"\u003e\u003cimg src=\"https://img.shields.io/github/actions/workflow/status/MBombeck/HealthLog/integration.yml?branch=main\u0026label=CI\" alt=\"CI status\" /\u003e\u003c/a\u003e\n  \u003ca href=\"https://testflight.apple.com/join/bucuTBpa\"\u003e\u003cimg src=\"https://img.shields.io/badge/iOS-TestFlight-007AFF?logo=apple\u0026logoColor=white\" alt=\"iOS app on TestFlight\" /\u003e\u003c/a\u003e\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003ca href=\"https://healthlog.dev\"\u003eWebsite\u003c/a\u003e \u0026middot;\n  \u003ca href=\"https://demo.healthlog.dev\"\u003eLive Demo\u003c/a\u003e \u0026middot;\n  \u003ca href=\"https://docs.healthlog.dev\"\u003eDocumentation\u003c/a\u003e \u0026middot;\n  \u003ca href=\"https://testflight.apple.com/join/bucuTBpa\"\u003eiOS TestFlight\u003c/a\u003e\n\u003c/p\u003e\n\n\u003cimg width=\"2434\" height=\"1247\" alt=\"HealthLog dashboard: health metric tiles with 7-day trends, blood-pressure and weight charts, dark theme\" src=\"docs/assets/dashboard-hero.jpeg\" /\u003e\n\n## Why HealthLog\n\nHealthLog is a self-hosted health tracking app (PWA + native iOS client) that runs from a single `docker compose up` on a NAS, homelab, or small VPS. It brings weight, blood pressure, pulse, blood glucose, body composition, sleep, mood, menstrual cycle, and medications onto one timeline — synced from the devices you already own — and keeps everything encrypted at rest on hardware you control. No vendor cloud, no subscription, no telemetry.\n\nHealthLog is a personal health record-keeping and wellness tool. It is not a medical device and does not diagnose, treat, cure, or prevent any disease — it helps you log, visualise, and export your own data, and leaves clinical judgement to a clinician.\n\nTry the [live demo](https://demo.healthlog.dev) to see a working install — sign in with `demo` / `demo123demo123`.\n\n## Highlights\n\n- **Every vital on one timeline.** Weight, blood pressure, pulse, glucose, body composition, sleep, SpO₂, respiratory rate, mood, and cycle tracking — charted with trends, moving averages, and clinical reference ranges (ESH 2023, ADA 2024), overridable with the targets your clinician set.\n- **Clinical signals, opt-in and additive.** Validated mental-wellbeing self-checks (PHQ-9, GAD-7) that sit beside mood tracking with calm crisis-resource handling, grip strength, a 0–10 pain score, waist and body measurements, and a longevity lab panel — each added through one signal registry, so a new signal wires into charts, correlations, the coach, the FHIR map, and the API at once.\n- **Records and the documents you're handed.** Structured allergies and family history (encrypted), lab values you key in or scan, and inbound documents — discharge letters and reports — read to extract the facts they state (values, codes, dates) for you to review and confirm. HealthLog transcribes what a document says; it never interprets or diagnoses from it. (Immunization records are deliberately out of scope.)\n- **Context that explains the numbers.** An opt-in environmental module folds weather, daylight, and temperature in as influence signals (winter darkness against mood, heat against blood pressure) using a home location you set, so a pattern has somewhere to point.\n- **Your devices, one server.** Withings, WHOOP, Oura and Polar sync over OAuth2, Fitbit connects experimentally over the Fitbit Web API, an Apple Health `export.zip` folds your full history in, and the native iOS app streams HealthKit live. A per-metric source priority decides which reading is canonical when wearables overlap.\n- **Medication tracking that tells the truth.** Flexible schedules (weekly injections, weekday-only, intervals, PRN, cyclic), a configurable intake window per dose, and a traceable dose history where every slot reads taken, late, skipped, or missed — the same ledger the compliance rate is computed from, so the percentage can never disagree with the timeline.\n- **AI insights you own.** Daily briefing, health scores, correlations, and a conversational coach grounded in your own measurements, with calm proactive check-ins it suppresses when there's nothing genuine to say. The coach describes your data, never diagnoses. Bring your own OpenAI or Anthropic key, or point at a local endpoint (Ollama, LM Studio, vLLM) so nothing leaves your network.\n- **Clinician-ready output.** A doctor-report PDF generated client-side, a read-only HL7 FHIR R4 API, and scoped, time-limited share links you revoke after the visit.\n- **Private by construction.** AES-256-GCM encryption at rest with zero-downtime key rotation, passkey login, server-side sessions, strict CSP — and no third-party tracking anywhere.\n- **Built to be lived in.** Installable PWA with offline support, medication reminders over APNs, Telegram, ntfy, and Web Push, a sub-second dashboard on years of imported history, English and German end to end.\n\nThe full feature tour, integration guides, and API reference live at [docs.healthlog.dev](https://docs.healthlog.dev).\n\n## Quick start (Docker Compose)\n\n```bash\ngit clone https://github.com/MBombeck/HealthLog.git \u0026\u0026 cd HealthLog\ncp .env.example .env\n\n# Generate the three secrets (each a 64-char hex string = 32 bytes):\necho \"POSTGRES_PASSWORD=$(openssl rand -hex 32)\" \u003e\u003e .env\necho \"ENCRYPTION_KEY=$(openssl rand -hex 32)\" \u003e\u003e .env\necho \"API_TOKEN_HMAC_KEY=$(openssl rand -hex 32)\" \u003e\u003e .env\n\n# LAN / plain-HTTP host (NAS, homelab, Tailscale) — required, or login fails:\necho \"SESSION_COOKIE_SECURE=false\" \u003e\u003e .env\n\ndocker compose up -d\n```\n\nOpen **http://localhost:3000** (or `http://\u003chost\u003e:3000`) — the first registered user becomes admin. The compose file pulls a pre-built multi-arch image (`amd64` + `arm64`) from [GHCR](https://github.com/MBombeck/HealthLog/pkgs/container/healthlog); no build step required.\n\nVerify the running version:\n\n```bash\ncurl -s http://localhost:3000/api/version   # returns version + buildSha + builtAt\n```\n\n`SESSION_COOKIE_SECURE=false` is the one setting plain-HTTP self-hosts must set: without it the session cookie carries the `Secure` flag, the browser drops it over HTTP, and login silently fails. Leave it unset (or `true`) only when a TLS reverse proxy serves HTTPS — and then set `NEXT_PUBLIC_APP_URL` and `APP_URL` to the public URL first (see the [self-hosting guide](https://docs.healthlog.dev/self-hosting/)).\n\nPersistent state lives in exactly one named volume (`pgdata`, the Postgres data dir); the app container is stateless, so backing up the database backs up everything.\n\nNAS and homelab users have ready-made paths: [Unraid Community Applications](docs/self-hosting/unraid.md) and [Portainer app templates](docs/self-hosting/portainer/README.md).\n\n## Self-hosting\n\nOne container hosts both the web server and the job worker by default; split them via `HEALTHLOG_PROCESS_TYPE=web|worker` for horizontal scale. Encrypted daily backups to any S3-compatible bucket are opt-in via the admin panel, new users join by invite link or QR code, and the stack works out of the box behind Caddy, Traefik, Nginx, or [Coolify](https://coolify.io/).\n\nHealthLog ships releases roughly weekly. Pin a tag, back up before upgrades, and skim the [CHANGELOG](CHANGELOG.md) before pulling `latest`. The operator manual — reverse proxy, migrations, encryption-key rotation, backup and restore — lives at [docs.healthlog.dev](https://docs.healthlog.dev).\n\n## Native iOS app\n\nA SwiftUI companion in public beta via [TestFlight](https://testflight.apple.com/join/bucuTBpa), built on the same API as the web client: live HealthKit two-way sync, medication reminders with action buttons that work without opening the app, and an on-device coach on Apple-Intelligence-capable iPhones. Code lives in [MBombeck/healthlog-iOS](https://github.com/MBombeck/healthlog-iOS).\n\n## Tech stack\n\nNext.js 16 (App Router, React Server Components), TypeScript strict, PostgreSQL 16 with Prisma, pg-boss for jobs, Tailwind CSS 4 + shadcn/ui, Recharts, WebAuthn passkeys, Vitest + Playwright, multi-stage Alpine Docker image. The OpenAPI 3.1 contract for native clients is generated from the Zod schemas at [`docs/api/openapi.yaml`](docs/api/openapi.yaml).\n\n## Documentation\n\n|                        |                                                  |\n| ---------------------- | ------------------------------------------------ |\n| User and operator docs | [docs.healthlog.dev](https://docs.healthlog.dev) |\n| Release history        | [CHANGELOG.md](CHANGELOG.md)                     |\n| API contract           | [`docs/api/openapi.yaml`](docs/api/openapi.yaml) |\n| Security policy        | [SECURITY.md](SECURITY.md)                       |\n| Contributing           | [CONTRIBUTING.md](CONTRIBUTING.md)               |\n\n## Status\n\nActively developed — new releases roughly weekly, issue reports and PRs welcome. Behaviour and schema can change between versions; migrations are forward-only.\n\n## License\n\nHealthLog is licensed under the [PolyForm Noncommercial License 1.0.0](LICENSE): free to use, self-host, and modify for noncommercial purposes. Commercial use requires a separate agreement — open an issue or reach out via [healthlog.dev](https://healthlog.dev). Releases up to and including v1.15.18 were published under AGPL-3.0 and remain available under that license.\n\n---\n\n\u003cp align=\"center\"\u003e\n  \u003ca href=\"https://healthlog.dev\"\u003ehealthlog.dev\u003c/a\u003e \u0026middot;\n  \u003ca href=\"https://demo.healthlog.dev\"\u003eLive Demo\u003c/a\u003e \u0026middot;\n  \u003ca href=\"https://docs.healthlog.dev\"\u003eDocs\u003c/a\u003e \u0026middot;\n  \u003ca href=\"https://testflight.apple.com/join/bucuTBpa\"\u003eiOS TestFlight\u003c/a\u003e \u0026middot;\n  \u003ca href=\"https://buymeacoffee.com/mbombeck\"\u003eBuy Me a Coffee\u003c/a\u003e\n\u003c/p\u003e\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmbombeck%2Fhealthlog","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmbombeck%2Fhealthlog","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmbombeck%2Fhealthlog/lists"}