OpenPlan

What It Is

• A self-hosted PHP productivity suite for tasks, projects, notes, habits, invoices, inventory, and AI-assisted workflows.
• Local-first storage built on encrypted JSON files for complete data ownership.
• Portable deployments for both local development and hosted production environments.

Core Modules

• Tasks and Projects
• Notes and Knowledge Base
• Habits and Pomodoro
• Invoices, Quotes, Inventory

Security

• AES-256-GCM encryption for stored JSON data.
• Master password controls data access.
• Session timeout enforcement and audit logging.

Data Model

Data is stored as encrypted JSON records per user workspace. Each module persists its own collections, keeping tasks, projects, notes, clients, and invoices isolated with AES-256-GCM encryption.

• Encrypted JSON collections per module
• Per-user storage isolation
• Backups and exports regenerate clean data folders

Authentication Flow

Users authenticate with email + password and a master encryption key. The master key encrypts all stored data using industry-standard encryption and must be retained for future access.

• Master key encryption
• Optional email verification
• Session timeout configuration

Configuration

Configure email, branding, and hosted-only toggles through environment variables and the app settings UI.

• .env.example for baseline configuration
• MAIL, SMTP, and app branding values
• Hosted feature flags for auth + image service

Exports

Exports create clean release artifacts without secrets or live data, ready for public distribution or handoff.

• Clean data skeleton
• No user data or sessions
• Release manifest included

Hosted Run

Hosted installs rely on environment configuration for auth and mail features.

Use .env.example as a starting point for deployment settings, then define hosted-only flags and secrets in your server environment.