Server
--server runs zshot as an HTTP server instead of rendering a single capture. It binds 127.0.0.1:3000 by default; set --server-bind-address and --server-bind-port to change that. To reach the server from another host or a container, bind 0.0.0.0.
zshot --server --server-bind-address 0.0.0.0 --server-bind-port 3000Endpoints
A bare server exposes only the render and status endpoints; everything else is opt-in.
GET /renders from query parameters;POST /renders from a JSON body. See the API for additional assets and theLinkheader.GET /statusreturns 200 with the current number of in-flight requests. Use it for readiness and health checks.GET /assetsserves additional artifacts referenced by the render response.GET /metricsexposes Prometheus metrics when--server-enable-prometheusis set (Enterprise). Alongside the HTTP-layerzshot_http_requests_*series it reportszshot_requests_total{endpoint,format,outcome},zshot_auth_failures_total{endpoint,format,reason}, and thezshot_request_duration_seconds{format,cache,status}histogram. Protect it with--server-prometheus-author move it to a private listener with--server-prometheus-bind-addressand--server-prometheus-bind-port.GET /openapi.jsonserves the OpenAPI document when--server-enable-schemais set./swagger-uiserves interactive API docs when--server-enable-docsis set./mcpserves the Model Context Protocol endpoint when--server-enable-mcpis set.
Concurrency
--server-max-concurrency caps simultaneous renders. --server-queue-requests holds requests over that cap instead of rejecting them.
To run the server in Docker, see Docker.
| Flag | Description |
|---|---|
--server | Run as an HTTP server PRO |
--server-additional-asset-expiration | Lifetime in seconds for additional render assets (HAR/WARC/pprof/trace/ |
--server-basic-auth | Basic auth requirement for requests |
--server-bind-address | Bind address or path for server |
--server-bind-port | Bind port for server |
--server-cache | Cache successful render results on disk and serve repeat GETs from the cache ENT |
--server-cache-size-limit | Maximum cache size in bytes; oldest entries are evicted when exceeded ENT |
--server-cache-ttl | How long a cached render stays fresh, in seconds ENT |
--server-enable-docs | Enable /swagger-ui |
--server-enable-mcp | Enable /mcp (Model Context Protocol streamable-HTTP endpoint) |
--server-enable-prometheus | Enable /metrics (Prometheus) |
--server-enable-schema | Enable /openapi.json |
--server-max-concurrency | Max concurrent requests ENT |
--server-prometheus-auth | Basic auth for the /metrics endpoint only |
--server-prometheus-bind-address | Serve /metrics from a separate listener |
--server-prometheus-bind-port | Port for the separate /metrics listener |
--server-queue-requests | Queue requests when at max concurrency instead of returning 429 ENT |
--server-signed-url | Require signed URLs for GET requests ENT |
--server-signed-url-max-age | Maximum age (in seconds) for signed URL expiration ENT |
--server-token-auth | Token auth requirement for requests |
--server-update-adblock-interval | Re-fetch --adblock-rules sources every N seconds in server and MCP modes ENT |
--server-update-blocklist-interval | Re-fetch --ip-blocklist sources every N seconds in server and MCP modes ENT |