chevereto
Media ServersThe mature, battle-tested, high-end, OG self-hosted image and video hosting solution trusted since 2007. Build your own Flickr or Imgur-style media sharing platform with complete control over your content, data, and platform rules.
Features
- Self‑hosted media sharing for images and videos
- Multi‑tenant architecture supporting multiple independent sites
- Extensive API and language/localization support
Recent releases
View all 5 releases →
4.5.2
Breaking risk
⚠ Upgrade required
- Update any deployments using CHEVERETO_TENANTS_API_ALLOW_LIST to CHEVERETO_TENANTS_API_IP_ALLOW_LIST
Breaking changes
- CHEVERETO_TENANTS_API_ALLOW_LIST renamed to CHEVERETO_TENANTS_API_IP_ALLOW_LIST
Notable features
- Added proxy configuration environment variables: CHEVERETO_PROXY_ENTRYPOINT, CHEVERETO_PROXY_IP_ALLOW_LIST, CHEVERETO_ROUTER_SECRET, CHEVERETO_INTERNAL_HOSTNAME, CHEVERETO_SERVICE_NAME, CHEVERETO_SERVICE_PORT, CHEVERETO_HEADER_FORWARDED_HOST, CHEVERETO_HEADER_ROUTER_SECRET
- Traefik Cloudflare middleware support
- Support for X-Forwarded-Host and X-Router-Secret headers; email_mode setting now optional
Full changelog
Chevereto 4.5.2 (2026-04-21)
- Added CHEVERETO_INTERNAL_HOSTNAME environment variable
- Added CHEVERETO_PROXY_ENTRYPOINT environment variable
- Added CHEVERETO_PROXY_IP_ALLOW_LIST environment variable
- Added CHEVERETO_ROUTER_SECRET, CHEVERETO_HEADER_FORWARDED_HOST, and CHEVERETO_HEADER_ROUTER_SECRET environment variables
- Added CHEVERETO_SERVICE_NAME environment variable
- Added CHEVERETO_SERVICE_PORT environment variable
- Added missing root namespace configuration in Traefik configuration
- Added support for Traefik Cloudflare middleware
- Added support for X-Forwarded-Host and X-Router-Secret headers
- Fixed JSON YAML syntax error in Traefik configuration
- Improved system notices
- Renamed CHEVERETO_TENANTS_API_ALLOW_LIST to CHEVERETO_TENANTS_API_IP_ALLOW_LIST
- Setting email_mode is now optional
4.5.0
Breaking risk
⚠ Upgrade required
- Update configuration to use CHEVERETO_SCHEDULER_INTERVAL instead of CHEVERETO_JOBS_WORKER_INTERVAL
Breaking changes
- Minimum PHP version 8.2 required
- Environment variable CHEVERETO_JOBS_WORKER_INTERVAL removed
Notable features
- Support for 18+ email providers: AhaSend, Amazon SES, Azure, Brevo, Infobip, MailerSend, Mailgun, Mailjet, Mailomat, MailPace, Mailtrap, Mandrill, Microsoft Graph, Postal, Postmark, Resend, Scaleway, SendGrid, Sweego
- Trial mode with configurable features and limits via CHEVERETO_TRIAL_ENABLE_* and CHEVERETO_TRIAL_MAX_* environment variables
- New API routes: /_/api/4/auth/verify, /_/api/4/config/traefik, /_/api/4/tenants/{id}/user-password-reset
Full changelog
Chevereto 4.5.0 (2026-04-08)
- Added /_/api/4/auth/verify route
- Added /_/api/4/config/traefik internal HTTP provider route
- Added /_/api/4/tenants/{id}/user-password-reset route
- Added CHEVERETO_ENABLE_GUESTS env for controlling guest interactions
- Added CHEVERETO_SERVICE_NAME env for specifying the service name
- Added CHEVERETO_TRIAL_ENABLE_* keys support for controlling features enabled during trial
- Added CHEVERETO_TRIAL_MAX_* keys support for controlling max limits during trial
- Added CHEVERETO_TRIAL env for controlling trial mode
- Added envTrialAware helper function for accessing trial-aware env variables
- Added version-installed command
- Added login_providers tenant stats
- Added password parameter for password-reset command
- Added port 8080 to the list of allowed ports
- Added support for more email providers: AhaSend, Amazon SES, Azure, Brevo, Infobip, MailerSend, Mailgun, Mailjet, Mailomat, MailPace, Mailtrap, Mandrill, Microsoft Graph, Postal, Postmark, Resend, Scaleway, SendGrid and Sweego
- Bumped minimum PHP version to 8.2
- Fixed "Powered by" message
- Fixed bug affecting homepage (free edition)
- Fixed bug on /_/api/4/* routes missing error responses
- Fixed bug on Tenants jobs:worker command when passing tenant id
- Fixed bug on Tenants caching system
- Fixed bug on tenants CLI database-migrate command
- Fixed bug preventing Tenant installation
- Fixed missing custom semantics parsing for image route description
- Improved "Something went wrong" error page for both SaaS and self-hosted contexts
- Improved album dropdown options on uploader
- Renamed env variable CHEVERETO_JOBS_WORKER_INTERVAL to CHEVERETO_SCHEDULER_INTERVAL
Links
4.4.2
Bug fix
Fixed UI bugs with upgrade button display, API settings routes, delete URL functionality, missing Follow class in Free edition, and incorrect API documentation links.
Weekly OSS security release digest.
The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.
No spam, unsubscribe anytime.
About
Stars
928
Forks
73
Languages
PHP
JavaScript
CSS
Install & Platforms
Install via
docker
binary
