Raw FFmpeg
The raw.ffmpeg job type lets you execute arbitrary FFmpeg commands through the Rendobar API. This gives you full FFmpeg power while Rendobar handles file transfer, execution isolation, timeout enforcement, and output upload.
Raw FFmpeg is available on Starter plans and above.
How it works
When you submit a raw.ffmpeg job, Rendobar:
- Validates your command against a whitelist of allowed flags.
- Downloads your input files to a sandboxed execution environment.
- Substitutes input references in your command with local file paths.
- Executes the FFmpeg command inside an isolated container.
- Uploads the output to R2 storage.
- Returns a presigned download URL.
You provide the input file URLs and the FFmpeg command string. Rendobar handles everything else.
Submitting a raw FFmpeg job
curl -X POST https://api.rendobar.com/jobs \
-H "Authorization: Bearer rb_live_YOUR_KEY" \
-H "Content-Type: application/json" \
-d '{
"type": "raw.ffmpeg",
"inputs": {
"files": [
"https://example.com/video.mp4",
"https://example.com/audio.mp3"
]
},
"params": {
"command": "-i {0} -i {1} -c:v libx264 -c:a aac -map 0:v -map 1:a {output}"
}
}'Input references
Use {0}, {1}, {2}, etc. to reference input files by their position in the files array. Use {output} for the output file path.
The executor replaces these placeholders with actual local file paths before running the command. You never handle file paths directly.
Allowed flags
Only whitelisted FFmpeg flags are permitted. Any flag not on this list causes the job to be rejected with a validation error.
Allowed flags:
| Flag | Purpose |
|---|---|
-i | Input file |
-f | Force format |
-c:v | Video codec |
-c:a | Audio codec |
-vf | Video filter |
-af | Audio filter |
-filter_complex | Complex filter graph |
-map | Stream mapping |
-ss | Seek position |
-t | Duration |
-r | Frame rate |
-s | Resolution |
-b:v | Video bitrate |
-b:a | Audio bitrate |
-crf | Constant rate factor |
-preset | Encoding preset |
-an | Disable audio |
-vn | Disable video |
-y | Overwrite output |
-movflags | MOV/MP4 flags |
Blocked flags
The following flags are explicitly blocked because they enable network access or other unsafe behavior:
| Flag | Reason |
|---|---|
-protocol_whitelist | Could enable network protocols |
-re | Real-time streaming |
-listen | Opens a listening socket |
-rtmp_live | RTMP streaming |
-http_proxy | HTTP proxy access |
-ftp_proxy | FTP proxy access |
Any command containing a blocked flag is rejected immediately.
Security model
Raw FFmpeg jobs have multiple security layers:
- Flag whitelist. Only known-safe flags are permitted.
- Network isolation. Blocked flags prevent any network access from within the FFmpeg process.
- Input substitution. You provide R2 keys or public URLs. The executor downloads files and substitutes local paths, so FFmpeg only accesses local files.
- Output sandboxing. The output path is forced to a sandboxed directory. FFmpeg cannot write to arbitrary file system locations.
- Timeout enforcement. Each plan has a maximum job timeout. The FFmpeg process is killed if it exceeds this limit.
- Container isolation. The execution environment runs in an isolated Trigger.dev container with no access to other jobs or system resources.
Cost
Raw FFmpeg jobs cost $1.00 per 2 minutes of compute time. Compute time is measured from when FFmpeg starts to when it finishes, not including file transfer time.
For example, a command that takes 3 minutes of FFmpeg execution time costs $1.50.
Timeout limits
Maximum job timeout varies by plan:
| Plan | Max timeout |
|---|---|
| Starter | 5 minutes |
| Pro | 15 minutes |
| Scale | 30 minutes |
If your FFmpeg command exceeds the timeout, the job fails with a PROVIDER_TIMEOUT error and no credits are deducted.
Examples
Scale a video to 720p
{
"type": "raw.ffmpeg",
"inputs": { "files": ["https://example.com/video.mp4"] },
"params": {
"command": "-i {0} -vf scale=1280:720 -c:v libx264 -preset fast -crf 23 {output}"
}
}Extract audio from video
{
"type": "raw.ffmpeg",
"inputs": { "files": ["https://example.com/video.mp4"] },
"params": {
"command": "-i {0} -vn -c:a aac -b:a 128k {output}"
}
}Trim a video (30 seconds starting at 1 minute)
{
"type": "raw.ffmpeg",
"inputs": { "files": ["https://example.com/video.mp4"] },
"params": {
"command": "-i {0} -ss 00:01:00 -t 00:00:30 -c:v libx264 -c:a aac {output}"
}
}Merge video and audio tracks
{
"type": "raw.ffmpeg",
"inputs": {
"files": [
"https://example.com/video.mp4",
"https://example.com/narration.mp3"
]
},
"params": {
"command": "-i {0} -i {1} -c:v libx264 -c:a aac -map 0:v -map 1:a {output}"
}
}Error handling
If FFmpeg exits with a non-zero status code, the job fails with a PROVIDER_ERROR:
{
"error": {
"code": "PROVIDER_ERROR",
"message": "FFmpeg process exited with code 1"
}
}If the command contains disallowed flags, it is rejected before dispatch:
{
"error": {
"code": "VALIDATION_ERROR",
"message": "Flag '-protocol_whitelist' is not allowed in raw FFmpeg commands"
}
}Next steps
- Job Types for all 23 operations (including simplified alternatives to raw FFmpeg)
- Credits for billing and cost details
- Webhooks for push-based job status updates
- Authentication for API key setup