Clapshot: Self-Hosted Video/Media Review Tool

Release Build and test

Overview

Clapshot is an open-source, self-hosted tool for collaborative video/media review and annotation. Mainly for organizations that can't or won't put their media in commercial cloud services.

Review UI screenshot

Key Features

For a comprehensive feature list, see FEATURES.md.

Video listing screenshot

When not to use Clapshot

If you don't require local hosting, or are not adept in networking and Linux, consider commercial cloud services. They'll offer more user-friendly interfaces and additional features out of the box.

Demo

Quick Demo with Docker.

Local single-user demo without authentication

docker run --rm -it -p 0.0.0.0:8080:80 -v clapshot-demo:/mnt/clapshot-data/data elonen/clapshot:latest-demo

After the Docker image starts, browse the web UI at http://127.0.0.1:8080.

Local multi-user demo with a login form

docker run --rm -it -p 0.0.0.0:8080:80 -v clapshot-demo-htwicket:/mnt/clapshot-data/data elonen/clapshot:latest-demo-htwicket

Passwords are printed on console.

⚠ Demo images are for evaluation only — don't run them for anything serious. See Deploying Clapshot for more info.

Tips for testing it

The multi-user demo uses HTWicket for login and user management. Default credentials (including the randomly generated admin password) are shown in the terminal.

Note: Chrome / Chromium-based browsers work best. If accessing from a different machine, configure the CLAPSHOT_SERVER__URL_BASE environment variable (or legacy CLAPSHOT_URL_BASE). See the Quick Start Reference for common deployment scenarios.

Known Limitations and Workarounds

Deploying for Real Use

Two supported, maintainable paths — pick by your platform. (For the full overview, see Deploying Clapshot.)

AUTH NEWS: HTWicket has replaced htadmin as the example auth provider for Clapshot. It's compatible with htadmin's .htpasswd files, doesn't need PHP, provides better logout, and is able to transparently upgrade password hashes to use more secure algorithms.

1. Docker Compose

Deploy a Compose recipe straight from this repo. Each recipe is one directory you deploy as-is; Caddy terminates TLS and fetches Let's Encrypt certificates automatically. Pick by how you authenticate users:

(A no-auth/ recipe is also available for no-login setups.)

Should works with plain docker compose, Portainer, Komodo etc. Upgrades are git pull + redeploy. See deploy/compose/README.md for more info.

2. Linux VM / bare-metal → Debian package + systemd

The right choice when you already manage a VM and prefer packages to containers.

There's a one-shot install script install-clapshot-deb.sh, that sets up Clapshot + HTWicket auth on a pristine Debian 12/13 host. You can either run it or follow it manually.

Step-by-step: Debian 12/13 install
  1. Prepare a Debian host with a mounted block device (or just directory) at /mnt/clapshot-data.
  2. Download Clapshot Debian Deployment Script
  3. Run the script as root to install and auto-configure Clapshot.
  4. !! Change/verify the admin password (the installer prints a generated one), and delete the example users in /htwicket/admin !!

If you want to expose this to the Internet, you'll probably want to get HTTPS certificates with Let's Encrypt and use some reverse proxy to encrypt Clapshot traffic.

Security Note: Monitored folder ingestion assigns files to users based on OS file ownership. Ensure file system permissions align with your intended user access model before enabling this feature.

Exposing a quick demo to the Internet (not production)

To show Clapshot to someone over a temporary public URL — without DNS or certificates — the test/run-cloudflare.sh script starts the single-container demo image behind a Cloudflare tunnel. This is a demo convenience, not a deployment: the container is the all-in-one demo build and Cloudflare's free plan limits upload size/time. For real internet-facing use, deploy a Compose recipe with CADDY_CERT_DOMAIN set (automatic Let's Encrypt), or put the .deb install behind your own HTTPS proxy.

Step-by-step: Docker + Cloudflare tunnel (demo)

You'll run the demo container (binding a local directory for Clapshot data), then start Cloudflared in another container to expose it over an HTTPS tunnel.

  1. Download and read test/run-cloudflare.sh, then run it
  2. Once satisfied about operation, move to a Compose recipe for a real, upgradeable deployment
  3. !! Change the default passwords (the admin password is generated and shown in the container log), and delete example users in /htwicket/admin !!

Configuration and Operation

New to Clapshot? Start with the Quick Start Reference for common deployment scenarios.

Need help? Ask your favorite LLM to read llms.txt and to follow the links for comprehensive configuration assistance.

See the Sysadmin Guide for information on:

Having connection issues? See the Connection Troubleshooting Guide for help with common deployment and connectivity problems.

See Upgrading Guide for instructions on installing a new release over an old one.

Want to customize media processing? See the Transcoding and Thumbnailing Guide for configuring hardware acceleration, custom encoders, and specialized processing workflows.

Using Slack? An optional Slack unfurl bot is available in extras/ — it runs alongside Clapshot and shows rich link previews (thumbnail, title, timecode) when Clapshot URLs are posted in Slack channels.

Architecture Overview

Core: Clapshot Client (browser, connects via WebSocket) · Clapshot Server (Rust daemon) · Clapshot Organizer(s) (plugins in Python or any language).

Also needs: Nginx (TLS reverse proxy) · Authentication Proxy · SQLite DB · FFmpeg + Mediainfo · File system.

What each component does

Main components:

Production deployments also depend on:

See sequence diagram for details on how these interact when a user opens the main page.

Organizer Plugin System

Clapshot includes an extensible Organizer Plugin system that enables custom workflows and integrations. Organizers use gRPC communication and can be implemented in any language.

More on Basic Folders and its Metaplugins

The included "basic_folders" organizer (Python) provides:

Customization with Basic_Folders Metaplugins

NEW: Add custom functionality by dropping a single Python file into /opt/clapshot-org-bf-metaplugins – no need to modify core code or deal with gRPC protocol directly. Example use cases:

This approach is easier to develop and more robust against upgrades than modifying core code or writing a full custom Organizer (if you're fine with Python). See METAPLUGINS.md for complete documentation and a working example.

Development Setup

The development setup guide covers setting up the server and client development environments, and running local builds and tests.

Translating the UI? Clapshot uses a single gettext-based catalog shared by the server, organizer and client. See i18n/README.md for how to mark strings and add or update translations.

Contributions

Contributions are welcome, especially for features and improvements that benefit the wider user base. Please add your copyright notice for significant contributions.

Contributors

Licensing

Copyright 2022 – 2026 by Jarno Elonen and contributors

This split licensing allows you to implement proprietary UIs and workflows through custom Organizer plugins without releasing them to the public.