DEV.co
Open-Source DevOps · crocodilestick

Calibre-Web-Automated

Calibre-Web Automated is a self-hosted eBook library management system that combines Calibre's powerful features with a modern, lightweight web interface. It automates eBook ingestion, conversion, and organization across multiple device formats (Kindle, Kobo, EPUB) with features like OAuth authentication, KOReader syncing, and network share support.

Source: GitHub — github.com/crocodilestick/Calibre-Web-Automated
5.9k
GitHub stars
462
Forks
JavaScript
Primary language
GPL-3.0
License (OSI-approved)

Key facts

Objective fields from the source. Values we can't verify are shown as “Unknown” rather than guessed.

FieldValue
Repositorycrocodilestick/Calibre-Web-Automated
Ownercrocodilestick
Primary languageJavaScript
LicenseGPL-3.0 — OSI-approved
Stars5.9k
Forks462
Open issues461
Latest releasev4.0.6 (2026-02-04)
Last updated2026-07-05
Sourcehttps://github.com/crocodilestick/Calibre-Web-Automated

What Calibre-Web-Automated is

A JavaScript-based fork of Calibre-Web that integrates Calibre's conversion and metadata engines with Flask/Python backend, supporting containerized deployment via Docker. It implements Write-Ahead Logging for SQLite optimization, polling-based file watchers for network shares, ProxyFix middleware for multi-proxy chains, and OIDC/OAuth 2.0 authentication.

Quickstart

Get the Calibre-Web-Automated source

Clone the repository and explore it locally.

terminalbash
git clone https://github.com/crocodilestick/Calibre-Web-Automated.gitcd Calibre-Web-Automated# follow the project's README for install & configuration

Need it deployed, integrated, or customized instead? DEV.co ships production installs.

Best use cases

Self-hosted personal eBook library

Individual users or small teams managing private eBook collections with automated ingestion, format conversion, and cross-device synchronization without relying on commercial services.

Containerized home lab or NAS deployment

Resource-constrained environments (Raspberry Pi, low-power NAS) requiring lightweight, Docker-based eBook management with support for network-attached storage and minimal CPU overhead.

Multi-user institutional or shared library

Organizations needing per-user permissions, metadata editing, OPDS feed distribution to eReaders, and automated workflows without maintaining separate Calibre instances.

Implementation considerations

  • Database optimization: Enable `NETWORK_SHARE_MODE=true` if deploying on NFS/SMB to disable SQLite WAL and switch to polling-based file watching; default local-disk configuration uses WAL for better concurrency.
  • Proxy configuration: Validate `TRUSTED_PROXY_COUNT` matches your reverse-proxy chain depth (e.g., Cloudflare Tunnel + nginx = 2) to prevent session protection false positives and IP validation failures.
  • Storage layout: Calibre metadata database (`metadata.db`) and CWA app database (`app.db`) must be on reliable, writable filesystems; network share consistency and locking behavior varies significantly by NAS vendor.
  • Resource sizing: Lightweight compared to full Calibre, but metadata extraction and format conversion (especially to KEPUB/Kindle) consume CPU during bulk imports; test with your typical library size.
  • Default credentials: Change default admin login immediately post-install; no evidence of rate-limiting or brute-force protection documented in README.

When to avoid it — and what to weigh

  • Commercial distribution of copyrighted materials — Project explicitly disclaims responsibility for user behavior and does not approve of piracy. Use only for legal, licensed content or original materials.
  • Enterprise security/compliance requirements — No evidence of security audits, penetration testing, or compliance certifications (SOC 2, HIPAA, etc.). Not suitable for regulated environments without independent security review.
  • Mission-critical production use without in-house expertise — Open-source project with 461 open issues and single-maintainer risk. Requires internal engineering capacity to troubleshoot, patch, and maintain in production.
  • Proprietary or closed-source derivative products — GPL-3.0 license requires all derivative works to remain open-source and GPL-licensed. Commercial proprietary forks are not permitted.

License & commercial use

Licensed under GPL-3.0 (GNU General Public License v3.0), a strong copyleft license requiring all derivative works, modifications, and distributions to remain under GPL-3.0 and include source code. Modifications for internal use only do not trigger distribution obligations; public distribution or SaaS offerings require GPL compliance.

Commercial use is permitted under GPL-3.0 for internal/private deployments (e.g., hosting it for a client's private library). However, selling or offering CWA as a service, or creating closed-source derivative products, is prohibited without contributor consent. GPL-3.0 does not grant copyright exemptions; redistribution must include source and LICENSE. Seek legal review before any commercial offering.

DEV.co evaluation signals

Editorial assessment — not user reviews. Directional, with an explicit confidence level.

SignalAssessment
MaintenanceActive
DocumentationAdequate
License clarityClear
Deployment complexityModerate
DEV.co fitGood
Assessment confidenceHigh
Security considerations

Project does not claim to be 'secure' and no third-party security audits are documented. Key considerations: (1) Default admin credentials must be changed immediately; (2) OAuth/OIDC implementation details unknown from README—code review required before trusting with sensitive identity data; (3) Database files (`metadata.db`, `app.db`) store user credentials and library metadata—ensure proper filesystem permissions and backup security; (4) File upload/ingestion mechanisms for eBooks not documented—validate input validation and path traversal protections; (5) No mention of rate-limiting, CSRF tokens, or SQL injection countermeasures. Treat as a hobby/self-hosted project pending independent security assessment.

Alternatives to consider

Calibre (upstream, original)

Full-featured desktop application with native UI; resource-heavy (requires KasmVNC in containers); better for advanced editing workflows; not designed for lightweight web deployment.

Calibre-Web (upstream, stock)

Lighter, web-native alternative to Calibre; lacks automation, format conversion, and advanced metadata management. CWA is a fork aiming to fill these gaps.

Nextcloud + BookStack or similar

General-purpose document/file management with web UI; less specialized for eBook workflows, metadata, and device synchronization; different security/compliance posture if Nextcloud is preferred for other data.

Software development agency

Build on Calibre-Web-Automated with DEV.co software developers

Review the GitHub repository, test the Docker deployment in your environment, and validate OAuth/network-share configs against your infrastructure. Consult legal on GPL-3.0 compliance if planning commercial use.

Talk to DEV.co

Related open-source tools

Surfaced by semantic similarity across the DEV.co open-source index.

Related on DEV.co

Explore the category and the services that help you build with it.

Calibre-Web-Automated FAQ

Can I use CWA to distribute copyrighted eBooks I don't own?
No. The project explicitly disclaims approval of piracy and states it is not responsible for user behavior. Use only for licensed, original, or public-domain materials. Legal liability remains with the operator.
Is CWA suitable for production use behind a reverse proxy (Cloudflare Tunnel, nginx)?
Yes, but requires correct `TRUSTED_PROXY_COUNT` configuration to match your proxy chain depth. Misconfiguration can trigger session protection false positives. Test before production rollout.
Does CWA work on network shares (NAS, NFS, SMB)?
Yes, with limitations. Enable `NETWORK_SHARE_MODE=true` to disable SQLite WAL and switch to polling-based file watching. Performance is slower than local storage; NAS reliability varies by vendor.
What happens if the main maintainer stops contributing?
Unknown. The GPL-3.0 license permits forking; however, the primary repository and Docker builds are controlled by crocodilestick. A dormant project would require community fork + rebuild infrastructure. No formal succession plan documented.

Software development & web development with DEV.co

From first prototype to production, DEV.co delivers software development services around tools like Calibre-Web-Automated. Our software development agency staffs experienced software developers and web developers for custom software development, web development, integrations, and ongoing support across open-source devops and beyond.

Ready to evaluate CWA for your team?

Review the GitHub repository, test the Docker deployment in your environment, and validate OAuth/network-share configs against your infrastructure. Consult legal on GPL-3.0 compliance if planning commercial use.