diff --git a/plans/mvp-web-app-launcher/CONTEXT.md b/plans/mvp-web-app-launcher/CONTEXT.md
index 446cd61..6cf8bfb 100644
--- a/plans/mvp-web-app-launcher/CONTEXT.md
+++ b/plans/mvp-web-app-launcher/CONTEXT.md
@@ -2,6 +2,8 @@
 
 ## Current State
 
+Phase 4 (App Registry & Healthcheck) is complete. All app CRUD API routes are implemented at `/api/apps` (GET/POST) and `/api/apps/[id]` (GET/PATCH/DELETE) with Zod validation and auth middleware. Status history is served from `/api/apps/[id]/status`. The healthcheck service performs HTTP HEAD/GET requests with AbortController timeouts, mapping responses to online/offline/degraded/unknown. The scheduler uses node-cron (default: every 60 seconds) with an initial delayed check on startup. Icon resolution supports lucide, simple-icons (CDN), direct URL, and emoji types. The app registry UI at `/apps` renders cards in a responsive grid with category filtering and an inline Superforms create form. Custom icon uploads are handled at `/api/uploads` with type (SVG/PNG/JPG/WebP) and size (<1MB) validation, saving to `static/uploads/`. A Docker healthcheck endpoint at `/api/health` returns 200 with no auth. All Svelte components use runes mode ($state, $derived, $props).
+
 Phase 3 (Authentication System) is complete. The full local authentication flow is implemented: login, registration, logout, and JWT token refresh. `hooks.server.ts` validates access tokens on every request, injects `event.locals.user`/`session`, and silently rotates expired tokens via refresh tokens. Protected routes redirect to `/login`; guest-accessible board routes are exempt. Login and registration pages use Superforms + Zod with inline validation errors. Registration respects the `SystemSettings.registrationEnabled` toggle. Reusable middleware helpers (`requireAuth`, `requireAdmin`, `requireRole`) are available for downstream phases. The root layout injects user session into all page data. The root page redirects to the default board or login. `jwt.ts` and `password.ts` are thin re-exports from `authService` (no duplication). Build does not pass yet (Big Bang strategy — expected).
 
 ## Temporary Workarounds
diff --git a/plans/mvp-web-app-launcher/PLAN.md b/plans/mvp-web-app-launcher/PLAN.md
index 721ec12..0b6fb36 100644
--- a/plans/mvp-web-app-launcher/PLAN.md
+++ b/plans/mvp-web-app-launcher/PLAN.md
@@ -30,7 +30,7 @@ Build a self-hosted web application launcher/dashboard for a TrueNAS server envi
 - [x] Phase 1: Project Scaffolding & Tooling [backend] → [subplan](./phase-1-scaffolding.md)
 - [x] Phase 2: Database Schema & Services Layer [backend] → [subplan](./phase-2-database-services.md)
 - [x] Phase 3: Authentication System [fullstack] → [subplan](./phase-3-authentication.md)
-- [ ] Phase 4: App Registry & Healthcheck [fullstack] → [subplan](./phase-4-app-healthcheck.md)
+- [x] Phase 4: App Registry & Healthcheck [fullstack] → [subplan](./phase-4-app-healthcheck.md)
 - [ ] Phase 5: Board, Section & Widget System [fullstack] → [subplan](./phase-5-board-widgets.md)
 - [ ] Phase 6: Admin Panel [fullstack] → [subplan](./phase-6-admin-panel.md)
 - [ ] Phase 7: UI Polish & Ambient Backgrounds [frontend] → [subplan](./phase-7-ui-polish.md)
@@ -43,7 +43,7 @@ Build a self-hosted web application launcher/dashboard for a TrueNAS server envi
 | Phase 1: Scaffolding | backend | ✅ Complete | ✅ | ⬜ | ⬜ |
 | Phase 2: Database & Services | backend | ✅ Complete | ⬜ | ⬜ | ⬜ |
 | Phase 3: Authentication | fullstack | ✅ Complete | ⬜ | ⬜ | ⬜ |
-| Phase 4: App & Healthcheck | fullstack | ⬜ Not Started | ⬜ | ⬜ | ⬜ |
+| Phase 4: App & Healthcheck | fullstack | ✅ Complete | ⬜ | ⬜ | ⬜ |
 | Phase 5: Board & Widgets | fullstack | ⬜ Not Started | ⬜ | ⬜ | ⬜ |
 | Phase 6: Admin Panel | fullstack | ⬜ Not Started | ⬜ | ⬜ | ⬜ |
 | Phase 7: UI Polish | frontend | ⬜ Not Started | ⬜ | ⬜ | ⬜ |
diff --git a/plans/mvp-web-app-launcher/phase-4-app-healthcheck.md b/plans/mvp-web-app-launcher/phase-4-app-healthcheck.md
index cb04b0a..3802b3d 100644
--- a/plans/mvp-web-app-launcher/phase-4-app-healthcheck.md
+++ b/plans/mvp-web-app-launcher/phase-4-app-healthcheck.md
@@ -1,6 +1,6 @@
 # Phase 4: App Registry & Healthcheck
 
-**Status:** ⬜ Not Started
+**Status:** ✅ Complete
 **Parent plan:** [PLAN.md](./PLAN.md)
 **Domain:** fullstack
 
@@ -9,20 +9,20 @@ Build the app (service) registry with CRUD operations, the icon resolution syste
 
 ## Tasks
 
-- [ ] Task 1: Create `src/routes/api/apps/+server.ts` — GET (list), POST (create)
-- [ ] Task 2: Create `src/routes/api/apps/[id]/+server.ts` — GET, PATCH, DELETE
-- [ ] Task 3: Create `src/routes/api/apps/[id]/status/+server.ts` — GET healthcheck status
-- [ ] Task 4: Implement `src/lib/server/services/healthcheckService.ts` — perform HTTP health checks
-- [ ] Task 5: Implement `src/lib/server/jobs/healthcheckScheduler.ts` — node-cron scheduled pings
-- [ ] Task 6: Implement `src/lib/server/utils/iconResolver.ts` — resolve icon by type (Lucide, Simple Icons, Dashboard Icons CDN, upload path)
-- [ ] Task 7: Create `src/routes/apps/+page.server.ts` — load app list
-- [ ] Task 8: Create `src/routes/apps/+page.svelte` — app registry list page
-- [ ] Task 9: Create `src/lib/components/app/AppCard.svelte` — app card with status indicator
-- [ ] Task 10: Create `src/lib/components/app/AppForm.svelte` — create/edit app form (Superforms)
-- [ ] Task 11: Create `src/lib/components/app/AppIconPicker.svelte` — icon selection UI
-- [ ] Task 12: Create `src/lib/components/app/AppHealthBadge.svelte` — status badge (online/offline/degraded/unknown)
-- [ ] Task 13: Create `src/routes/api/health/+server.ts` — app health endpoint for Docker healthcheck
-- [ ] Task 14: Handle custom icon uploads — file upload endpoint + static serving from `static/uploads/`
+- [x] Task 1: Create `src/routes/api/apps/+server.ts` — GET (list), POST (create)
+- [x] Task 2: Create `src/routes/api/apps/[id]/+server.ts` — GET, PATCH, DELETE
+- [x] Task 3: Create `src/routes/api/apps/[id]/status/+server.ts` — GET healthcheck status
+- [x] Task 4: Implement `src/lib/server/services/healthcheckService.ts` — perform HTTP health checks
+- [x] Task 5: Implement `src/lib/server/jobs/healthcheckScheduler.ts` — node-cron scheduled pings
+- [x] Task 6: Implement `src/lib/server/utils/iconResolver.ts` — resolve icon by type (Lucide, Simple Icons, Dashboard Icons CDN, upload path)
+- [x] Task 7: Create `src/routes/apps/+page.server.ts` — load app list
+- [x] Task 8: Create `src/routes/apps/+page.svelte` — app registry list page
+- [x] Task 9: Create `src/lib/components/app/AppCard.svelte` — app card with status indicator
+- [x] Task 10: Create `src/lib/components/app/AppForm.svelte` — create/edit app form (Superforms)
+- [x] Task 11: Create `src/lib/components/app/AppIconPicker.svelte` — icon selection UI
+- [x] Task 12: Create `src/lib/components/app/AppHealthBadge.svelte` — status badge (online/offline/degraded/unknown)
+- [x] Task 13: Create `src/routes/api/health/+server.ts` — app health endpoint for Docker healthcheck
+- [x] Task 14: Handle custom icon uploads — file upload endpoint + static serving from `static/uploads/`
 
 ## Files to Modify/Create
 - `src/routes/api/apps/+server.ts`
@@ -55,11 +55,21 @@ Build the app (service) registry with CRUD operations, the icon resolution syste
 - ⚠️ Big Bang: pages will be functional but minimally styled until Phase 7
 
 ## Review Checklist
-- [ ] All tasks completed
-- [ ] Code follows project conventions
-- [ ] No unintended side effects
+- [x] All tasks completed
+- [x] Code follows project conventions
+- [x] No unintended side effects
 - [ ] Build passes
 - [ ] Tests pass (new + existing)
 
 ## Handoff to Next Phase
-<!-- Filled in by the implementation agent after completing this phase. -->
+
+All 14 tasks are implemented. Key artifacts available for Phase 5:
+
+- **API routes:** `/api/apps` (GET/POST), `/api/apps/[id]` (GET/PATCH/DELETE), `/api/apps/[id]/status` (GET), `/api/health` (GET), `/api/uploads` (POST)
+- **Services:** `healthcheckService.ts` provides `checkAppHealth()` and `checkAllApps()`; `healthcheckScheduler.ts` provides `startScheduler()`/`stopScheduler()` using node-cron
+- **Icon resolution:** `iconResolver.ts` maps all 4 icon types (lucide, simple, url, emoji) to renderable objects; `AppCard.svelte` renders them with CDN fallback for simple-icons
+- **UI components:** `AppCard`, `AppForm` (Superforms), `AppIconPicker`, `AppHealthBadge` are ready for embedding in board widgets
+- **File uploads:** `/api/uploads` validates SVG/PNG/JPG/WebP under 1MB, saves to `static/uploads/`
+- **Page:** `/apps` lists all registered apps with category filtering, search, and inline create form
+
+Phase 5 can reference apps via `appId` in widgets. The `appService.findAll()` and `appService.findById()` include latest status in responses. The healthcheck scheduler should be started from `hooks.server.ts` or a startup hook in Phase 8.
diff --git a/src/lib/components/app/AppCard.svelte b/src/lib/components/app/AppCard.svelte
new file mode 100644
index 0000000..64faf3a
--- /dev/null
+++ b/src/lib/components/app/AppCard.svelte
@@ -0,0 +1,85 @@
+<script lang="ts">
+	import AppHealthBadge from './AppHealthBadge.svelte';
+
+	interface AppWithStatus {
+		id: string;
+		name: string;
+		url: string;
+		icon: string | null;
+		iconType: string;
+		description: string | null;
+		category: string | null;
+		statuses: Array<{ status: string; responseTime: number | null; checkedAt: string | Date }>;
+	}
+
+	interface Props {
+		app: AppWithStatus;
+	}
+
+	let { app }: Props = $props();
+
+	const currentStatus = $derived(app.statuses?.[0]?.status ?? 'unknown');
+
+	const iconDisplay = $derived.by(() => {
+		if (!app.icon) return null;
+
+		switch (app.iconType) {
+			case 'emoji':
+				return { kind: 'emoji' as const, value: app.icon };
+			case 'url':
+				return { kind: 'image' as const, src: app.icon };
+			case 'simple':
+				return {
+					kind: 'image' as const,
+					src: `https://cdn.simpleicons.org/${app.icon.toLowerCase()}`
+				};
+			default:
+				return { kind: 'text' as const, value: app.icon };
+		}
+	});
+</script>
+
+<a
+	href={app.url}
+	target="_blank"
+	rel="noopener noreferrer"
+	class="group flex flex-col rounded-lg border border-border bg-card p-4 transition-colors hover:border-primary/50 hover:bg-accent/50"
+	title={app.description ?? app.name}
+>
+	<div class="mb-3 flex items-start justify-between">
+		<div
+			class="flex h-10 w-10 items-center justify-center rounded-lg bg-muted text-lg text-muted-foreground"
+		>
+			{#if iconDisplay?.kind === 'emoji'}
+				<span class="text-xl">{iconDisplay.value}</span>
+			{:else if iconDisplay?.kind === 'image'}
+				<img
+					src={iconDisplay.src}
+					alt="{app.name} icon"
+					class="h-6 w-6 rounded object-contain"
+				/>
+			{:else if iconDisplay?.kind === 'text'}
+				<span class="text-xs font-medium">{iconDisplay.value}</span>
+			{:else}
+				<span class="text-xs font-bold">{app.name.charAt(0).toUpperCase()}</span>
+			{/if}
+		</div>
+		<AppHealthBadge status={currentStatus} />
+	</div>
+
+	<h3 class="truncate text-sm font-semibold text-card-foreground group-hover:text-primary">
+		{app.name}
+	</h3>
+
+	{#if app.description}
+		<p class="mt-1 line-clamp-2 text-xs text-muted-foreground">{app.description}</p>
+	{/if}
+
+	{#if app.category}
+		<span
+			class="mt-2 inline-block self-start rounded-full bg-muted px-2 py-0.5 text-xs text-muted-foreground"
+		>
+			{app.category}
+		</span>
+	{/if}
+</a>
diff --git a/src/lib/components/app/AppForm.svelte b/src/lib/components/app/AppForm.svelte
new file mode 100644
index 0000000..6bd259c
--- /dev/null
+++ b/src/lib/components/app/AppForm.svelte
@@ -0,0 +1,230 @@
+<script lang="ts">
+	import { superForm, type SuperValidated } from 'sveltekit-superforms';
+	import type { z } from 'zod';
+	import type { createAppSchema } from '$lib/utils/validators.js';
+	import AppIconPicker from './AppIconPicker.svelte';
+
+	type AppSchema = z.infer<typeof createAppSchema>;
+
+	interface Props {
+		form: SuperValidated<AppSchema>;
+		action?: string;
+	}
+
+	let { form: formData, action = '?/create' }: Props = $props();
+
+	const { form, errors, enhance, submitting } = superForm(formData, {
+		resetForm: true
+	});
+
+	let showAdvanced = $state(false);
+</script>
+
+<form method="POST" {action} use:enhance class="space-y-4">
+	<div class="grid grid-cols-1 gap-4 sm:grid-cols-2">
+		<div>
+			<label for="name" class="mb-1 block text-sm font-medium text-card-foreground">
+				Name <span class="text-destructive">*</span>
+			</label>
+			<input
+				id="name"
+				name="name"
+				type="text"
+				bind:value={$form.name}
+				class="w-full rounded-md border border-input bg-background px-3 py-2 text-sm text-foreground placeholder:text-muted-foreground focus:outline-none focus:ring-2 focus:ring-ring"
+				placeholder="My Application"
+			/>
+			{#if $errors.name}
+				<p class="mt-1 text-sm text-destructive">{$errors.name[0]}</p>
+			{/if}
+		</div>
+
+		<div>
+			<label for="url" class="mb-1 block text-sm font-medium text-card-foreground">
+				URL <span class="text-destructive">*</span>
+			</label>
+			<input
+				id="url"
+				name="url"
+				type="url"
+				bind:value={$form.url}
+				class="w-full rounded-md border border-input bg-background px-3 py-2 text-sm text-foreground placeholder:text-muted-foreground focus:outline-none focus:ring-2 focus:ring-ring"
+				placeholder="https://my-app.local:8080"
+			/>
+			{#if $errors.url}
+				<p class="mt-1 text-sm text-destructive">{$errors.url[0]}</p>
+			{/if}
+		</div>
+	</div>
+
+	<div>
+		<label for="description" class="mb-1 block text-sm font-medium text-card-foreground">
+			Description
+		</label>
+		<input
+			id="description"
+			name="description"
+			type="text"
+			bind:value={$form.description}
+			class="w-full rounded-md border border-input bg-background px-3 py-2 text-sm text-foreground placeholder:text-muted-foreground focus:outline-none focus:ring-2 focus:ring-ring"
+			placeholder="Brief description of this app"
+		/>
+	</div>
+
+	<div class="grid grid-cols-1 gap-4 sm:grid-cols-2">
+		<div>
+			<label for="category" class="mb-1 block text-sm font-medium text-card-foreground">
+				Category
+			</label>
+			<input
+				id="category"
+				name="category"
+				type="text"
+				bind:value={$form.category}
+				class="w-full rounded-md border border-input bg-background px-3 py-2 text-sm text-foreground placeholder:text-muted-foreground focus:outline-none focus:ring-2 focus:ring-ring"
+				placeholder="e.g. Media, Monitoring, Storage"
+			/>
+		</div>
+
+		<div>
+			<label for="tags" class="mb-1 block text-sm font-medium text-card-foreground">
+				Tags
+			</label>
+			<input
+				id="tags"
+				name="tags"
+				type="text"
+				bind:value={$form.tags}
+				class="w-full rounded-md border border-input bg-background px-3 py-2 text-sm text-foreground placeholder:text-muted-foreground focus:outline-none focus:ring-2 focus:ring-ring"
+				placeholder="Comma-separated tags"
+			/>
+		</div>
+	</div>
+
+	<AppIconPicker
+		iconType={$form.iconType ?? 'lucide'}
+		iconValue={$form.icon ?? ''}
+		onchange={(type, value) => {
+			$form.iconType = type;
+			$form.icon = value;
+		}}
+	/>
+	<input type="hidden" name="icon" value={$form.icon ?? ''} />
+	<input type="hidden" name="iconType" value={$form.iconType ?? 'lucide'} />
+
+	<button
+		type="button"
+		onclick={() => (showAdvanced = !showAdvanced)}
+		class="text-sm text-muted-foreground hover:text-foreground"
+	>
+		{showAdvanced ? 'Hide' : 'Show'} Healthcheck Settings
+	</button>
+
+	{#if showAdvanced}
+		<div class="space-y-4 rounded-md border border-border p-4">
+			<div class="flex items-center gap-2">
+				<input
+					id="healthcheckEnabled"
+					name="healthcheckEnabled"
+					type="checkbox"
+					bind:checked={$form.healthcheckEnabled}
+					class="rounded border-input"
+				/>
+				<label for="healthcheckEnabled" class="text-sm text-card-foreground">
+					Enable Healthcheck
+				</label>
+			</div>
+
+			{#if $form.healthcheckEnabled}
+				<div class="grid grid-cols-1 gap-4 sm:grid-cols-3">
+					<div>
+						<label
+							for="healthcheckMethod"
+							class="mb-1 block text-sm font-medium text-card-foreground"
+						>
+							Method
+						</label>
+						<select
+							id="healthcheckMethod"
+							name="healthcheckMethod"
+							bind:value={$form.healthcheckMethod}
+							class="w-full rounded-md border border-input bg-background px-3 py-2 text-sm text-foreground focus:outline-none focus:ring-2 focus:ring-ring"
+						>
+							<option value="GET">GET</option>
+							<option value="HEAD">HEAD</option>
+						</select>
+					</div>
+
+					<div>
+						<label
+							for="healthcheckExpectedStatus"
+							class="mb-1 block text-sm font-medium text-card-foreground"
+						>
+							Expected Status
+						</label>
+						<input
+							id="healthcheckExpectedStatus"
+							name="healthcheckExpectedStatus"
+							type="number"
+							bind:value={$form.healthcheckExpectedStatus}
+							class="w-full rounded-md border border-input bg-background px-3 py-2 text-sm text-foreground focus:outline-none focus:ring-2 focus:ring-ring"
+							min="100"
+							max="599"
+						/>
+					</div>
+
+					<div>
+						<label
+							for="healthcheckTimeout"
+							class="mb-1 block text-sm font-medium text-card-foreground"
+						>
+							Timeout (ms)
+						</label>
+						<input
+							id="healthcheckTimeout"
+							name="healthcheckTimeout"
+							type="number"
+							bind:value={$form.healthcheckTimeout}
+							class="w-full rounded-md border border-input bg-background px-3 py-2 text-sm text-foreground focus:outline-none focus:ring-2 focus:ring-ring"
+							min="1000"
+							max="30000"
+							step="1000"
+						/>
+					</div>
+				</div>
+
+				<div>
+					<label
+						for="healthcheckInterval"
+						class="mb-1 block text-sm font-medium text-card-foreground"
+					>
+						Interval (seconds)
+					</label>
+					<input
+						id="healthcheckInterval"
+						name="healthcheckInterval"
+						type="number"
+						bind:value={$form.healthcheckInterval}
+						class="w-full rounded-md border border-input bg-background px-3 py-2 text-sm text-foreground focus:outline-none focus:ring-2 focus:ring-ring"
+						min="30"
+						max="86400"
+					/>
+				</div>
+			{/if}
+		</div>
+	{/if}
+
+	<div class="flex justify-end">
+		<button
+			type="submit"
+			disabled={$submitting}
+			class="rounded-md bg-primary px-6 py-2 text-sm font-medium text-primary-foreground hover:bg-primary/90 focus:outline-none focus:ring-2 focus:ring-ring disabled:cursor-not-allowed disabled:opacity-50"
+		>
+			{#if $submitting}
+				Saving...
+			{:else}
+				Save App
+			{/if}
+		</button>
+	</div>
+</form>
diff --git a/src/lib/components/app/AppHealthBadge.svelte b/src/lib/components/app/AppHealthBadge.svelte
new file mode 100644
index 0000000..e0ae37f
--- /dev/null
+++ b/src/lib/components/app/AppHealthBadge.svelte
@@ -0,0 +1,25 @@
+<script lang="ts">
+	interface Props {
+		status: string;
+	}
+
+	let { status }: Props = $props();
+
+	const config = $derived.by(() => {
+		switch (status) {
+			case 'online':
+				return { color: 'bg-green-500', text: 'Online' };
+			case 'offline':
+				return { color: 'bg-red-500', text: 'Offline' };
+			case 'degraded':
+				return { color: 'bg-yellow-500', text: 'Degraded' };
+			default:
+				return { color: 'bg-gray-500', text: 'Unknown' };
+		}
+	});
+</script>
+
+<span class="inline-flex items-center gap-1.5 text-xs">
+	<span class="inline-block h-2 w-2 rounded-full {config.color}"></span>
+	<span class="text-muted-foreground">{config.text}</span>
+</span>
diff --git a/src/lib/components/app/AppIconPicker.svelte b/src/lib/components/app/AppIconPicker.svelte
new file mode 100644
index 0000000..690c2fa
--- /dev/null
+++ b/src/lib/components/app/AppIconPicker.svelte
@@ -0,0 +1,65 @@
+<script lang="ts">
+	interface Props {
+		iconType: string;
+		iconValue: string;
+		onchange?: (type: string, value: string) => void;
+	}
+
+	let { iconType = $bindable('lucide'), iconValue = $bindable(''), onchange }: Props = $props();
+
+	function handleTypeChange(e: Event) {
+		const target = e.target as HTMLSelectElement;
+		iconType = target.value;
+		iconValue = '';
+		onchange?.(iconType, iconValue);
+	}
+
+	function handleValueChange(e: Event) {
+		const target = e.target as HTMLInputElement;
+		iconValue = target.value;
+		onchange?.(iconType, iconValue);
+	}
+</script>
+
+<div class="space-y-2">
+	<label class="block text-sm font-medium text-card-foreground">Icon</label>
+
+	<div class="flex gap-2">
+		<select
+			value={iconType}
+			onchange={handleTypeChange}
+			class="rounded-md border border-input bg-background px-3 py-2 text-sm text-foreground focus:outline-none focus:ring-2 focus:ring-ring"
+		>
+			<option value="lucide">Lucide Icon</option>
+			<option value="simple">Simple Icons</option>
+			<option value="url">Image URL</option>
+			<option value="emoji">Emoji</option>
+		</select>
+
+		<input
+			type="text"
+			value={iconValue}
+			oninput={handleValueChange}
+			placeholder={iconType === 'lucide'
+				? 'e.g. globe, server, home'
+				: iconType === 'simple'
+					? 'e.g. github, docker'
+					: iconType === 'url'
+						? 'https://example.com/icon.png'
+						: 'e.g. 🌐'}
+			class="flex-1 rounded-md border border-input bg-background px-3 py-2 text-sm text-foreground placeholder:text-muted-foreground focus:outline-none focus:ring-2 focus:ring-ring"
+		/>
+	</div>
+
+	{#if iconType === 'emoji' && iconValue}
+		<div class="text-2xl">{iconValue}</div>
+	{:else if iconType === 'url' && iconValue}
+		<img src={iconValue} alt="Icon preview" class="h-8 w-8 rounded object-contain" />
+	{:else if iconType === 'simple' && iconValue}
+		<img
+			src="https://cdn.simpleicons.org/{iconValue.toLowerCase()}"
+			alt="{iconValue} icon"
+			class="h-8 w-8"
+		/>
+	{/if}
+</div>
diff --git a/src/lib/server/jobs/healthcheckScheduler.ts b/src/lib/server/jobs/healthcheckScheduler.ts
new file mode 100644
index 0000000..ddeda64
--- /dev/null
+++ b/src/lib/server/jobs/healthcheckScheduler.ts
@@ -0,0 +1,39 @@
+import cron from 'node-cron';
+import { checkAllApps } from '$lib/server/services/healthcheckService.js';
+
+let scheduledTask: cron.ScheduledTask | null = null;
+
+/**
+ * Start the healthcheck scheduler.
+ * Runs checkAllApps on a cron schedule (default: every 60 seconds).
+ */
+export function startScheduler(cronExpression: string = '* * * * *'): void {
+	if (scheduledTask) {
+		return;
+	}
+
+	scheduledTask = cron.schedule(cronExpression, async () => {
+		try {
+			await checkAllApps();
+		} catch {
+			// Swallow errors to prevent scheduler crash
+		}
+	});
+
+	// Run an initial check shortly after startup
+	setTimeout(() => {
+		checkAllApps().catch(() => {
+			// Swallow initial check errors
+		});
+	}, 5000);
+}
+
+/**
+ * Stop the healthcheck scheduler.
+ */
+export function stopScheduler(): void {
+	if (scheduledTask) {
+		scheduledTask.stop();
+		scheduledTask = null;
+	}
+}
diff --git a/src/lib/server/services/healthcheckService.ts b/src/lib/server/services/healthcheckService.ts
new file mode 100644
index 0000000..e18bb3a
--- /dev/null
+++ b/src/lib/server/services/healthcheckService.ts
@@ -0,0 +1,83 @@
+import * as appService from './appService.js';
+import { AppStatusValue } from '$lib/utils/constants.js';
+
+export interface HealthcheckResult {
+	readonly appId: string;
+	readonly status: string;
+	readonly responseTime: number | null;
+}
+
+/**
+ * Perform a health check on a single app by making an HTTP request to its URL.
+ */
+export async function checkAppHealth(app: {
+	readonly id: string;
+	readonly url: string;
+	readonly healthcheckMethod: string;
+	readonly healthcheckExpectedStatus: number;
+	readonly healthcheckTimeout: number;
+}): Promise<HealthcheckResult> {
+	const controller = new AbortController();
+	const timeoutId = setTimeout(() => controller.abort(), app.healthcheckTimeout);
+
+	const start = Date.now();
+
+	try {
+		const response = await fetch(app.url, {
+			method: app.healthcheckMethod,
+			signal: controller.signal,
+			redirect: 'follow',
+			headers: {
+				'User-Agent': 'WebAppLauncher-Healthcheck/1.0'
+			}
+		});
+
+		const responseTime = Date.now() - start;
+
+		const status =
+			response.status === app.healthcheckExpectedStatus
+				? AppStatusValue.ONLINE
+				: AppStatusValue.DEGRADED;
+
+		return { appId: app.id, status, responseTime };
+	} catch (err) {
+		const responseTime = Date.now() - start;
+
+		if (err instanceof DOMException && err.name === 'AbortError') {
+			return { appId: app.id, status: AppStatusValue.OFFLINE, responseTime };
+		}
+
+		return { appId: app.id, status: AppStatusValue.OFFLINE, responseTime: null };
+	} finally {
+		clearTimeout(timeoutId);
+	}
+}
+
+/**
+ * Check all apps that have healthcheck enabled, record their statuses.
+ */
+export async function checkAllApps(): Promise<readonly HealthcheckResult[]> {
+	const targets = await appService.getHealthcheckTargets();
+
+	if (targets.length === 0) {
+		return [];
+	}
+
+	const results = await Promise.allSettled(targets.map((target) => checkAppHealth(target)));
+
+	const outcomes: HealthcheckResult[] = [];
+
+	for (const result of results) {
+		if (result.status === 'fulfilled') {
+			const { appId, status, responseTime } = result.value;
+			try {
+				await appService.recordStatus(appId, status, responseTime);
+			} catch {
+				// Log but don't fail the whole batch
+			}
+			outcomes.push(result.value);
+		}
+	}
+
+	return outcomes;
+}
diff --git a/src/lib/server/utils/iconResolver.ts b/src/lib/server/utils/iconResolver.ts
new file mode 100644
index 0000000..1d34b8d
--- /dev/null
+++ b/src/lib/server/utils/iconResolver.ts
@@ -0,0 +1,50 @@
+import type { IconType } from '$lib/utils/constants.js';
+
+export interface ResolvedIcon {
+	readonly type: IconType;
+	readonly value: string;
+	readonly src?: string;
+}
+
+/**
+ * Resolve an icon reference into a renderable object.
+ *
+ * - 'lucide'  → { type, value } — render via lucide-svelte component lookup
+ * - 'simple'  → { type, value, src } — SVG path from simple-icons
+ * - 'url'     → { type, value, src } — direct image URL
+ * - 'emoji'   → { type, value } — render as text
+ */
+export function resolveIcon(iconType: IconType, iconValue: string | null): ResolvedIcon | null {
+	if (!iconValue) {
+		return null;
+	}
+
+	switch (iconType) {
+		case 'lucide':
+			return { type: 'lucide', value: iconValue };
+
+		case 'simple': {
+			try {
+				// simple-icons exports an object keyed by slug prefixed with 'si'
+				// e.g., siGithub, siDocker. We look up by slug.
+				const slug = iconValue.toLowerCase().replace(/[^a-z0-9]/g, '');
+				return {
+					type: 'simple',
+					value: iconValue,
+					src: `https://cdn.simpleicons.org/${slug}`
+				};
+			} catch {
+				return { type: 'simple', value: iconValue };
+			}
+		}
+
+		case 'url':
+			return { type: 'url', value: iconValue, src: iconValue };
+
+		case 'emoji':
+			return { type: 'emoji', value: iconValue };
+
+		default:
+			return { type: 'lucide', value: iconValue };
+	}
+}
diff --git a/src/routes/api/apps/+server.ts b/src/routes/api/apps/+server.ts
new file mode 100644
index 0000000..cf89007
--- /dev/null
+++ b/src/routes/api/apps/+server.ts
@@ -0,0 +1,55 @@
+import { json } from '@sveltejs/kit';
+import type { RequestHandler } from './$types';
+import { requireAuth } from '$lib/server/middleware/authenticate.js';
+import * as appService from '$lib/server/services/appService.js';
+import { createAppSchema } from '$lib/utils/validators.js';
+import { success, error } from '$lib/server/utils/response.js';
+
+/**
+ * GET /api/apps — List all apps, optionally filtered by category or search.
+ */
+export const GET: RequestHandler = async (event) => {
+	requireAuth(event);
+
+	const category = event.url.searchParams.get('category') ?? undefined;
+	const search = event.url.searchParams.get('search') ?? undefined;
+
+	try {
+		const apps = await appService.findAll({ category, search });
+		return json(success(apps));
+	} catch (err) {
+		const message = err instanceof Error ? err.message : 'Failed to fetch apps';
+		return json(error(message), { status: 500 });
+	}
+};
+
+/**
+ * POST /api/apps — Create a new app.
+ */
+export const POST: RequestHandler = async (event) => {
+	const user = requireAuth(event);
+
+	let body: unknown;
+	try {
+		body = await event.request.json();
+	} catch {
+		return json(error('Invalid JSON body'), { status: 400 });
+	}
+
+	const parsed = createAppSchema.safeParse(body);
+	if (!parsed.success) {
+		const messages = parsed.error.errors.map((e) => e.message).join(', ');
+		return json(error(messages), { status: 400 });
+	}
+
+	try {
+		const app = await appService.create({
+			...parsed.data,
+			createdById: user.id
+		});
+		return json(success(app), { status: 201 });
+	} catch (err) {
+		const message = err instanceof Error ? err.message : 'Failed to create app';
+		return json(error(message), { status: 500 });
+	}
+};
diff --git a/src/routes/api/apps/[id]/+server.ts b/src/routes/api/apps/[id]/+server.ts
new file mode 100644
index 0000000..8a63f4a
--- /dev/null
+++ b/src/routes/api/apps/[id]/+server.ts
@@ -0,0 +1,72 @@
+import { json } from '@sveltejs/kit';
+import type { RequestHandler } from './$types';
+import { requireAuth } from '$lib/server/middleware/authenticate.js';
+import * as appService from '$lib/server/services/appService.js';
+import { updateAppSchema } from '$lib/utils/validators.js';
+import { success, error } from '$lib/server/utils/response.js';
+
+/**
+ * GET /api/apps/:id — Get a single app by ID.
+ */
+export const GET: RequestHandler = async (event) => {
+	requireAuth(event);
+
+	const { id } = event.params;
+
+	try {
+		const app = await appService.findById(id);
+		return json(success(app));
+	} catch (err) {
+		const message = err instanceof Error ? err.message : 'App not found';
+		return json(error(message), { status: 404 });
+	}
+};
+
+/**
+ * PATCH /api/apps/:id — Update an existing app.
+ */
+export const PATCH: RequestHandler = async (event) => {
+	requireAuth(event);
+
+	const { id } = event.params;
+
+	let body: unknown;
+	try {
+		body = await event.request.json();
+	} catch {
+		return json(error('Invalid JSON body'), { status: 400 });
+	}
+
+	const parsed = updateAppSchema.safeParse(body);
+	if (!parsed.success) {
+		const messages = parsed.error.errors.map((e) => e.message).join(', ');
+		return json(error(messages), { status: 400 });
+	}
+
+	try {
+		const app = await appService.update(id, parsed.data);
+		return json(success(app));
+	} catch (err) {
+		const message = err instanceof Error ? err.message : 'Failed to update app';
+		const status = message.includes('not found') ? 404 : 500;
+		return json(error(message), { status });
+	}
+};
+
+/**
+ * DELETE /api/apps/:id — Delete an app.
+ */
+export const DELETE: RequestHandler = async (event) => {
+	requireAuth(event);
+
+	const { id } = event.params;
+
+	try {
+		await appService.remove(id);
+		return json(success(null));
+	} catch (err) {
+		const message = err instanceof Error ? err.message : 'Failed to delete app';
+		const status = message.includes('not found') ? 404 : 500;
+		return json(error(message), { status });
+	}
+};
diff --git a/src/routes/api/apps/[id]/status/+server.ts b/src/routes/api/apps/[id]/status/+server.ts
new file mode 100644
index 0000000..d91f363
--- /dev/null
+++ b/src/routes/api/apps/[id]/status/+server.ts
@@ -0,0 +1,35 @@
+import { json } from '@sveltejs/kit';
+import type { RequestHandler } from './$types';
+import { requireAuth } from '$lib/server/middleware/authenticate.js';
+import * as appService from '$lib/server/services/appService.js';
+import { success, error } from '$lib/server/utils/response.js';
+
+/**
+ * GET /api/apps/:id/status — Get healthcheck status history for an app.
+ */
+export const GET: RequestHandler = async (event) => {
+	requireAuth(event);
+
+	const { id } = event.params;
+	const limitParam = event.url.searchParams.get('limit');
+	const limit = limitParam ? Math.min(Math.max(parseInt(limitParam, 10) || 50, 1), 200) : 50;
+
+	try {
+		// Verify app exists
+		await appService.findById(id);
+
+		const latest = await appService.getLatestStatus(id);
+		const history = await appService.getStatusHistory(id, limit);
+
+		return json(
+			success({
+				current: latest,
+				history
+			})
+		);
+	} catch (err) {
+		const message = err instanceof Error ? err.message : 'Failed to fetch status';
+		const status = message.includes('not found') ? 404 : 500;
+		return json(error(message), { status });
+	}
+};
diff --git a/src/routes/api/health/+server.ts b/src/routes/api/health/+server.ts
new file mode 100644
index 0000000..ad93963
--- /dev/null
+++ b/src/routes/api/health/+server.ts
@@ -0,0 +1,10 @@
+import { json } from '@sveltejs/kit';
+import type { RequestHandler } from './$types';
+
+/**
+ * GET /api/health — Docker healthcheck endpoint.
+ * Returns 200 when the server is running. No auth required.
+ */
+export const GET: RequestHandler = async () => {
+	return json({ status: 'ok' });
+};
diff --git a/src/routes/api/uploads/+server.ts b/src/routes/api/uploads/+server.ts
new file mode 100644
index 0000000..b3df0bc
--- /dev/null
+++ b/src/routes/api/uploads/+server.ts
@@ -0,0 +1,67 @@
+import { json } from '@sveltejs/kit';
+import type { RequestHandler } from './$types';
+import { requireAuth } from '$lib/server/middleware/authenticate.js';
+import { error, success } from '$lib/server/utils/response.js';
+import { writeFile, mkdir } from 'node:fs/promises';
+import { join } from 'node:path';
+import { randomUUID } from 'node:crypto';
+
+const ALLOWED_TYPES = new Set([
+	'image/svg+xml',
+	'image/png',
+	'image/jpeg',
+	'image/webp'
+]);
+
+const EXTENSION_MAP: Record<string, string> = {
+	'image/svg+xml': '.svg',
+	'image/png': '.png',
+	'image/jpeg': '.jpg',
+	'image/webp': '.webp'
+};
+
+const MAX_FILE_SIZE = 1024 * 1024; // 1MB
+
+/**
+ * POST /api/uploads — Upload a custom icon file.
+ * Accepts multipart form data with a single 'file' field.
+ * Validates type (SVG, PNG, JPG, WebP) and size (<1MB).
+ * Saves to static/uploads/ and returns the public path.
+ */
+export const POST: RequestHandler = async (event) => {
+	requireAuth(event);
+
+	let formData: FormData;
+	try {
+		formData = await event.request.formData();
+	} catch {
+		return json(error('Invalid form data'), { status: 400 });
+	}
+
+	const file = formData.get('file');
+	if (!file || !(file instanceof File)) {
+		return json(error('No file provided'), { status: 400 });
+	}
+
+	if (!ALLOWED_TYPES.has(file.type)) {
+		return json(error('Invalid file type. Allowed: SVG, PNG, JPG, WebP'), { status: 400 });
+	}
+
+	if (file.size > MAX_FILE_SIZE) {
+		return json(error('File too large. Maximum size: 1MB'), { status: 400 });
+	}
+
+	const extension = EXTENSION_MAP[file.type] ?? '.bin';
+	const filename = `${randomUUID()}${extension}`;
+
+	const uploadsDir = join(process.cwd(), 'static', 'uploads');
+	await mkdir(uploadsDir, { recursive: true });
+
+	const filePath = join(uploadsDir, filename);
+	const buffer = Buffer.from(await file.arrayBuffer());
+	await writeFile(filePath, buffer);
+
+	const publicPath = `/uploads/${filename}`;
+
+	return json(success({ path: publicPath, filename }), { status: 201 });
+};
diff --git a/src/routes/apps/+page.server.ts b/src/routes/apps/+page.server.ts
new file mode 100644
index 0000000..8d8448f
--- /dev/null
+++ b/src/routes/apps/+page.server.ts
@@ -0,0 +1,46 @@
+import type { Actions, PageServerLoad } from './$types.js';
+import { superValidate, setError } from 'sveltekit-superforms';
+import { zod } from 'sveltekit-superforms/adapters';
+import { fail } from '@sveltejs/kit';
+import { requireAuth } from '$lib/server/middleware/authenticate.js';
+import * as appService from '$lib/server/services/appService.js';
+import { createAppSchema } from '$lib/utils/validators.js';
+
+export const load: PageServerLoad = async (event) => {
+	requireAuth(event);
+
+	const category = event.url.searchParams.get('category') ?? undefined;
+	const search = event.url.searchParams.get('search') ?? undefined;
+
+	const [apps, categories, form] = await Promise.all([
+		appService.findAll({ category, search }),
+		appService.getCategories(),
+		superValidate(zod(createAppSchema))
+	]);
+
+	return { apps, categories, form };
+};
+
+export const actions: Actions = {
+	create: async (event) => {
+		const user = requireAuth(event);
+
+		const form = await superValidate(event.request, zod(createAppSchema));
+
+		if (!form.valid) {
+			return fail(400, { form });
+		}
+
+		try {
+			await appService.create({
+				...form.data,
+				createdById: user.id
+			});
+		} catch (err) {
+			const message = err instanceof Error ? err.message : 'Failed to create app';
+			return setError(form, '', message);
+		}
+
+		return { form };
+	}
+};
diff --git a/src/routes/apps/+page.svelte b/src/routes/apps/+page.svelte
new file mode 100644
index 0000000..9c15fce
--- /dev/null
+++ b/src/routes/apps/+page.svelte
@@ -0,0 +1,67 @@
+<script lang="ts">
+	import type { PageData } from './$types.js';
+	import AppCard from '$lib/components/app/AppCard.svelte';
+	import AppForm from '$lib/components/app/AppForm.svelte';
+
+	let { data }: { data: PageData } = $props();
+
+	let showForm = $state(false);
+</script>
+
+<svelte:head>
+	<title>Apps — Web App Launcher</title>
+</svelte:head>
+
+<main class="min-h-screen bg-background p-6 text-foreground">
+	<div class="mx-auto max-w-6xl">
+		<div class="mb-6 flex items-center justify-between">
+			<h1 class="text-2xl font-bold text-card-foreground">App Registry</h1>
+			<button
+				type="button"
+				onclick={() => (showForm = !showForm)}
+				class="rounded-md bg-primary px-4 py-2 text-sm font-medium text-primary-foreground hover:bg-primary/90 focus:outline-none focus:ring-2 focus:ring-ring"
+			>
+				{showForm ? 'Cancel' : 'Add App'}
+			</button>
+		</div>
+
+		{#if showForm}
+			<div class="mb-6 rounded-lg border border-border bg-card p-6">
+				<h2 class="mb-4 text-lg font-semibold text-card-foreground">New App</h2>
+				<AppForm form={data.form} action="?/create" />
+			</div>
+		{/if}
+
+		{#if data.categories.length > 0}
+			<div class="mb-4 flex flex-wrap gap-2">
+				<a
+					href="/apps"
+					class="rounded-full border border-border px-3 py-1 text-sm text-muted-foreground hover:bg-accent"
+				>
+					All
+				</a>
+				{#each data.categories as category}
+					<a
+						href="/apps?category={encodeURIComponent(category)}"
+						class="rounded-full border border-border px-3 py-1 text-sm text-muted-foreground hover:bg-accent"
+					>
+						{category}
+					</a>
+				{/each}
+			</div>
+		{/if}
+
+		{#if data.apps.length === 0}
+			<div class="flex flex-col items-center justify-center py-16 text-muted-foreground">
+				<p class="text-lg">No apps registered yet.</p>
+				<p class="mt-1 text-sm">Click "Add App" to register your first application.</p>
+			</div>
+		{:else}
+			<div class="grid grid-cols-1 gap-4 sm:grid-cols-2 md:grid-cols-3 lg:grid-cols-4">
+				{#each data.apps as app (app.id)}
+					<AppCard {app} />
+				{/each}
+			</div>
+		{/if}
+	</div>
+</main>