DEV.co
Open-Source DevOps · Yooooomi

your_spotify

Your Spotify is a self-hosted web dashboard that tracks your Spotify listening history and provides detailed statistics. It polls the Spotify API regularly to build a personal music analytics database, deployed via Docker with a TypeScript backend and React frontend.

Source: GitHub — github.com/Yooooomi/your_spotify
4.5k
GitHub stars
202
Forks
TypeScript
Primary language
GPL-3.0
License (OSI-approved)

Key facts

Objective fields from the source. Values we can't verify are shown as “Unknown” rather than guessed.

FieldValue
RepositoryYooooomi/your_spotify
OwnerYooooomi
Primary languageTypeScript
LicenseGPL-3.0 — OSI-approved
Stars4.5k
Forks202
Open issues134
Latest release1.20.0 (2026-05-24)
Last updated2026-07-05
Sourcehttps://github.com/Yooooomi/your_spotify

What your_spotify is

A full-stack application (TypeScript backend, React frontend, MongoDB persistence) that integrates with Spotify's OAuth2 API to fetch and aggregate listening data, exposing analytics through a web UI. Deployment is containerized; data import supports Spotify's privacy exports to backfill historical streams.

Quickstart

Get the your_spotify source

Clone the repository and explore it locally.

terminalbash
git clone https://github.com/Yooooomi/your_spotify.gitcd your_spotify# follow the project's README for install & configuration

Need it deployed, integrated, or customized instead? DEV.co ships production installs.

Best use cases

Personal Music Analytics

Users who want detailed listening statistics, trends, and insights about their Spotify habits without relying on third-party analytics services.

Self-Hosted Privacy-Conscious Setup

Organizations or individuals prioritizing data ownership who need to run analytics infrastructure on their own servers rather than cloud SaaS.

Home Lab / Hobby Deployment

Enthusiasts building self-hosted application portfolios or NAS-based services where lightweight full-stack applications fit the infrastructure.

Implementation considerations

  • Spotify API credentials (client ID and secret) and OAuth2 redirect URI registration are mandatory prerequisites; misconfiguration blocks the entire application.
  • MongoDB instance must be provisioned and network-accessible to the backend container; no embedded or alternative database options stated.
  • Timezone handling is server-configured at deploy time (defaults to Europe/Paris); changing timezones later affects historical data interpretation.
  • User registration can be disabled post-deployment via admin Settings panel, but there is no role-based access control (RBAC) or fine-grained permissions visible.
  • Import of historical Spotify data can take up to 30 days and fails if the server restarts; plan import windows and monitor for failures.

When to avoid it — and what to weigh

  • Production Enterprise Analytics — If you require SLA-backed uptime, enterprise-grade monitoring, or support contracts. This is a community hobby project without commercial backing.
  • Multi-Tenant SaaS Model — The codebase and deployment model are designed for single-user or small group self-hosting. Scaling to multi-tenant with billing is not a stated design goal.
  • Complex Data Governance — If you need formal audit trails, HIPAA/GDPR compliance documentation, or data retention policies built-in; governance features are not evident.
  • Low Maintenance Tolerance — Self-hosted deployments require database management (MongoDB), certificate renewal, and dependency updates. Hands-off operation is not feasible.

License & commercial use

Licensed under GPL-3.0 (GNU General Public License v3.0). This is a copyleft open-source license requiring that any distributed derivative work also be released under GPL-3.0 and include source code.

GPL-3.0 is a copyleft license. You may run this privately for internal use without restriction. Commercial distribution or SaaS offering of this software (or derivatives) requires: (1) offering the complete source code under GPL-3.0 to recipients, (2) respecting copyleft obligations. Using it as a private hosted service for paying users may trigger copyleft obligations depending on jurisdiction and distribution model. Requires legal review if commercial use is planned.

DEV.co evaluation signals

Editorial assessment — not user reviews. Directional, with an explicit confidence level.

SignalAssessment
MaintenanceActive
DocumentationAdequate
License clarityClear
Deployment complexityModerate
DEV.co fitGood
Assessment confidenceHigh
Security considerations

Spotify credentials (client ID and secret) are passed as plaintext environment variables; ensure secure secret management in deployment. Cookie-based session auth with configurable validity (default 1h); no mention of CSRF protection, rate limiting, or input validation. CORS and X-Frame-Options can be configured to restrict embedding. No published security policy or CVE handling process. Self-hosted means you are responsible for patching, network isolation, and monitoring. Spotify OAuth2 integration delegates authentication but relies on Spotify's security posture.

Alternatives to consider

Last.fm

Established cloud SaaS for music listening tracking with rich analytics, social features, and no self-hosting required. Trade-off: privacy data is on third-party servers; less customization.

Maroofy or Stats for Spotify

Browser-based Spotify analytics tools requiring no backend setup. Trade-off: limited history retention, fewer customization options, cloud-dependent.

Subsonic or Plex with music integration

Self-hosted media servers with built-in listening statistics. Trade-off: requires managing your own music library; not Spotify-native, requires server-side music files.

Software development agency

Build on your_spotify with DEV.co software developers

Deploy Your Spotify today using Docker Compose. Full source code on GitHub, GPL-3.0 licensed, actively maintained.

Talk to DEV.co

Related open-source tools

Surfaced by semantic similarity across the DEV.co open-source index.

Related on DEV.co

Explore the category and the services that help you build with it.

your_spotify FAQ

Can I block new registrations after deployment?
Yes. From an admin account, navigate to Settings and click 'Disable new registrations'.
What is the maximum history I can import?
Full privacy data import includes entire account history since creation (up to 30 days processing); standard privacy data gives the past year only (up to 5 days processing).
What happens if my server restarts during an import?
The import fails. You can retry it from the Settings page. Delete failed imports if you do not want to re-run them.
Is there a Kubernetes Helm chart?
Not mentioned in the README. Docker Compose is the documented deployment method.

Software development & web development with DEV.co

From first prototype to production, DEV.co delivers software development services around tools like your_spotify. Our software development agency staffs experienced software developers and web developers for custom software development, web development, integrations, and ongoing support across open-source devops and beyond.

Ready to Self-Host Your Music Analytics?

Deploy Your Spotify today using Docker Compose. Full source code on GitHub, GPL-3.0 licensed, actively maintained.