Calibre-Web-Automated
Calibre-Web Automated is a self-hosted eBook library management system that combines Calibre's powerful features with a modern, lightweight web interface. It automates eBook ingestion, conversion, and organization across multiple device formats (Kindle, Kobo, EPUB) with features like OAuth authentication, KOReader syncing, and network share support.
Key facts
Objective fields from the source. Values we can't verify are shown as “Unknown” rather than guessed.
| Field | Value |
|---|---|
| Repository | crocodilestick/Calibre-Web-Automated |
| Owner | crocodilestick |
| Primary language | JavaScript |
| License | GPL-3.0 — OSI-approved |
| Stars | 5.9k |
| Forks | 462 |
| Open issues | 461 |
| Latest release | v4.0.6 (2026-02-04) |
| Last updated | 2026-07-05 |
| Source | https://github.com/crocodilestick/Calibre-Web-Automated |
What Calibre-Web-Automated is
A JavaScript-based fork of Calibre-Web that integrates Calibre's conversion and metadata engines with Flask/Python backend, supporting containerized deployment via Docker. It implements Write-Ahead Logging for SQLite optimization, polling-based file watchers for network shares, ProxyFix middleware for multi-proxy chains, and OIDC/OAuth 2.0 authentication.
Get the Calibre-Web-Automated source
Clone the repository and explore it locally.
git clone https://github.com/crocodilestick/Calibre-Web-Automated.gitcd Calibre-Web-Automated# follow the project's README for install & configurationNeed it deployed, integrated, or customized instead? DEV.co ships production installs.
Best use cases
Implementation considerations
- Database optimization: Enable `NETWORK_SHARE_MODE=true` if deploying on NFS/SMB to disable SQLite WAL and switch to polling-based file watching; default local-disk configuration uses WAL for better concurrency.
- Proxy configuration: Validate `TRUSTED_PROXY_COUNT` matches your reverse-proxy chain depth (e.g., Cloudflare Tunnel + nginx = 2) to prevent session protection false positives and IP validation failures.
- Storage layout: Calibre metadata database (`metadata.db`) and CWA app database (`app.db`) must be on reliable, writable filesystems; network share consistency and locking behavior varies significantly by NAS vendor.
- Resource sizing: Lightweight compared to full Calibre, but metadata extraction and format conversion (especially to KEPUB/Kindle) consume CPU during bulk imports; test with your typical library size.
- Default credentials: Change default admin login immediately post-install; no evidence of rate-limiting or brute-force protection documented in README.
When to avoid it — and what to weigh
- Commercial distribution of copyrighted materials — Project explicitly disclaims responsibility for user behavior and does not approve of piracy. Use only for legal, licensed content or original materials.
- Enterprise security/compliance requirements — No evidence of security audits, penetration testing, or compliance certifications (SOC 2, HIPAA, etc.). Not suitable for regulated environments without independent security review.
- Mission-critical production use without in-house expertise — Open-source project with 461 open issues and single-maintainer risk. Requires internal engineering capacity to troubleshoot, patch, and maintain in production.
- Proprietary or closed-source derivative products — GPL-3.0 license requires all derivative works to remain open-source and GPL-licensed. Commercial proprietary forks are not permitted.
License & commercial use
Licensed under GPL-3.0 (GNU General Public License v3.0), a strong copyleft license requiring all derivative works, modifications, and distributions to remain under GPL-3.0 and include source code. Modifications for internal use only do not trigger distribution obligations; public distribution or SaaS offerings require GPL compliance.
Commercial use is permitted under GPL-3.0 for internal/private deployments (e.g., hosting it for a client's private library). However, selling or offering CWA as a service, or creating closed-source derivative products, is prohibited without contributor consent. GPL-3.0 does not grant copyright exemptions; redistribution must include source and LICENSE. Seek legal review before any commercial offering.
DEV.co evaluation signals
Editorial assessment — not user reviews. Directional, with an explicit confidence level.
| Signal | Assessment |
|---|---|
| Maintenance | Active |
| Documentation | Adequate |
| License clarity | Clear |
| Deployment complexity | Moderate |
| DEV.co fit | Good |
| Assessment confidence | High |
Project does not claim to be 'secure' and no third-party security audits are documented. Key considerations: (1) Default admin credentials must be changed immediately; (2) OAuth/OIDC implementation details unknown from README—code review required before trusting with sensitive identity data; (3) Database files (`metadata.db`, `app.db`) store user credentials and library metadata—ensure proper filesystem permissions and backup security; (4) File upload/ingestion mechanisms for eBooks not documented—validate input validation and path traversal protections; (5) No mention of rate-limiting, CSRF tokens, or SQL injection countermeasures. Treat as a hobby/self-hosted project pending independent security assessment.
Alternatives to consider
Calibre (upstream, original)
Full-featured desktop application with native UI; resource-heavy (requires KasmVNC in containers); better for advanced editing workflows; not designed for lightweight web deployment.
Calibre-Web (upstream, stock)
Lighter, web-native alternative to Calibre; lacks automation, format conversion, and advanced metadata management. CWA is a fork aiming to fill these gaps.
Nextcloud + BookStack or similar
General-purpose document/file management with web UI; less specialized for eBook workflows, metadata, and device synchronization; different security/compliance posture if Nextcloud is preferred for other data.
Build on Calibre-Web-Automated with DEV.co software developers
Review the GitHub repository, test the Docker deployment in your environment, and validate OAuth/network-share configs against your infrastructure. Consult legal on GPL-3.0 compliance if planning commercial use.
Talk to DEV.coRelated open-source tools
Surfaced by semantic similarity across the DEV.co open-source index.
Related on DEV.co
Explore the category and the services that help you build with it.
Calibre-Web-Automated FAQ
Can I use CWA to distribute copyrighted eBooks I don't own?
Is CWA suitable for production use behind a reverse proxy (Cloudflare Tunnel, nginx)?
Does CWA work on network shares (NAS, NFS, SMB)?
What happens if the main maintainer stops contributing?
Software development & web development with DEV.co
From first prototype to production, DEV.co delivers software development services around tools like Calibre-Web-Automated. Our software development agency staffs experienced software developers and web developers for custom software development, web development, integrations, and ongoing support across open-source devops and beyond.
Ready to evaluate CWA for your team?
Review the GitHub repository, test the Docker deployment in your environment, and validate OAuth/network-share configs against your infrastructure. Consult legal on GPL-3.0 compliance if planning commercial use.