.env.example 32 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995
  1. # ------------------------------
  2. # Environment Variables for API service & worker
  3. # ------------------------------
  4. # ------------------------------
  5. # Common Variables
  6. # ------------------------------
  7. # The backend URL of the console API,
  8. # used to concatenate the authorization callback.
  9. # If empty, it is the same domain.
  10. # Example: https://api.console.dify.ai
  11. CONSOLE_API_URL=
  12. # The front-end URL of the console web,
  13. # used to concatenate some front-end addresses and for CORS configuration use.
  14. # If empty, it is the same domain.
  15. # Example: https://console.dify.ai
  16. CONSOLE_WEB_URL=
  17. # Service API Url,
  18. # used to display Service API Base Url to the front-end.
  19. # If empty, it is the same domain.
  20. # Example: https://api.dify.ai
  21. SERVICE_API_URL=
  22. # WebApp API backend Url,
  23. # used to declare the back-end URL for the front-end API.
  24. # If empty, it is the same domain.
  25. # Example: https://api.app.dify.ai
  26. APP_API_URL=
  27. # WebApp Url,
  28. # used to display WebAPP API Base Url to the front-end.
  29. # If empty, it is the same domain.
  30. # Example: https://app.dify.ai
  31. APP_WEB_URL=
  32. # File preview or download Url prefix.
  33. # used to display File preview or download Url to the front-end or as Multi-model inputs;
  34. # Url is signed and has expiration time.
  35. FILES_URL=
  36. # ------------------------------
  37. # Server Configuration
  38. # ------------------------------
  39. # The log level for the application.
  40. # Supported values are `DEBUG`, `INFO`, `WARNING`, `ERROR`, `CRITICAL`
  41. LOG_LEVEL=INFO
  42. # Log file path
  43. LOG_FILE=/app/logs/server.log
  44. # Log file max size, the unit is MB
  45. LOG_FILE_MAX_SIZE=20
  46. # Log file max backup count
  47. LOG_FILE_BACKUP_COUNT=5
  48. # Log dateformat
  49. LOG_DATEFORMAT=%Y-%m-%d %H:%M:%S
  50. # Log Timezone
  51. LOG_TZ=UTC
  52. # Debug mode, default is false.
  53. # It is recommended to turn on this configuration for local development
  54. # to prevent some problems caused by monkey patch.
  55. DEBUG=false
  56. # Flask debug mode, it can output trace information at the interface when turned on,
  57. # which is convenient for debugging.
  58. FLASK_DEBUG=false
  59. # A secretkey that is used for securely signing the session cookie
  60. # and encrypting sensitive information on the database.
  61. # You can generate a strong key using `openssl rand -base64 42`.
  62. SECRET_KEY=sk-9f73s3ljTXVcMT3Blb3ljTqtsKiGHXVcMT3BlbkFJLK7U
  63. # Password for admin user initialization.
  64. # If left unset, admin user will not be prompted for a password
  65. # when creating the initial admin account.
  66. # The length of the password cannot exceed 30 charactors.
  67. INIT_PASSWORD=
  68. # Deployment environment.
  69. # Supported values are `PRODUCTION`, `TESTING`. Default is `PRODUCTION`.
  70. # Testing environment. There will be a distinct color label on the front-end page,
  71. # indicating that this environment is a testing environment.
  72. DEPLOY_ENV=PRODUCTION
  73. # Whether to enable the version check policy.
  74. # If set to empty, https://updates.dify.ai will be called for version check.
  75. CHECK_UPDATE_URL=https://updates.dify.ai
  76. # Used to change the OpenAI base address, default is https://api.openai.com/v1.
  77. # When OpenAI cannot be accessed in China, replace it with a domestic mirror address,
  78. # or when a local model provides OpenAI compatible API, it can be replaced.
  79. OPENAI_API_BASE=https://api.openai.com/v1
  80. # When enabled, migrations will be executed prior to application startup
  81. # and the application will start after the migrations have completed.
  82. MIGRATION_ENABLED=true
  83. # File Access Time specifies a time interval in seconds for the file to be accessed.
  84. # The default value is 300 seconds.
  85. FILES_ACCESS_TIMEOUT=300
  86. # Access token expiration time in minutes
  87. ACCESS_TOKEN_EXPIRE_MINUTES=60
  88. # Refresh token expiration time in days
  89. REFRESH_TOKEN_EXPIRE_DAYS=30
  90. # The maximum number of active requests for the application, where 0 means unlimited, should be a non-negative integer.
  91. APP_MAX_ACTIVE_REQUESTS=0
  92. APP_MAX_EXECUTION_TIME=1200
  93. # ------------------------------
  94. # Container Startup Related Configuration
  95. # Only effective when starting with docker image or docker-compose.
  96. # ------------------------------
  97. # API service binding address, default: 0.0.0.0, i.e., all addresses can be accessed.
  98. DIFY_BIND_ADDRESS=0.0.0.0
  99. # API service binding port number, default 5001.
  100. DIFY_PORT=5001
  101. # The number of API server workers, i.e., the number of workers.
  102. # Formula: number of cpu cores x 2 + 1 for sync, 1 for Gevent
  103. # Reference: https://docs.gunicorn.org/en/stable/design.html#how-many-workers
  104. SERVER_WORKER_AMOUNT=1
  105. # Defaults to gevent. If using windows, it can be switched to sync or solo.
  106. SERVER_WORKER_CLASS=gevent
  107. # Default number of worker connections, the default is 10.
  108. SERVER_WORKER_CONNECTIONS=10
  109. # Similar to SERVER_WORKER_CLASS.
  110. # If using windows, it can be switched to sync or solo.
  111. CELERY_WORKER_CLASS=
  112. # Request handling timeout. The default is 200,
  113. # it is recommended to set it to 360 to support a longer sse connection time.
  114. GUNICORN_TIMEOUT=360
  115. # The number of Celery workers. The default is 1, and can be set as needed.
  116. CELERY_WORKER_AMOUNT=
  117. # Flag indicating whether to enable autoscaling of Celery workers.
  118. #
  119. # Autoscaling is useful when tasks are CPU intensive and can be dynamically
  120. # allocated and deallocated based on the workload.
  121. #
  122. # When autoscaling is enabled, the maximum and minimum number of workers can
  123. # be specified. The autoscaling algorithm will dynamically adjust the number
  124. # of workers within the specified range.
  125. #
  126. # Default is false (i.e., autoscaling is disabled).
  127. #
  128. # Example:
  129. # CELERY_AUTO_SCALE=true
  130. CELERY_AUTO_SCALE=false
  131. # The maximum number of Celery workers that can be autoscaled.
  132. # This is optional and only used when autoscaling is enabled.
  133. # Default is not set.
  134. CELERY_MAX_WORKERS=
  135. # The minimum number of Celery workers that can be autoscaled.
  136. # This is optional and only used when autoscaling is enabled.
  137. # Default is not set.
  138. CELERY_MIN_WORKERS=
  139. # API Tool configuration
  140. API_TOOL_DEFAULT_CONNECT_TIMEOUT=10
  141. API_TOOL_DEFAULT_READ_TIMEOUT=60
  142. # ------------------------------
  143. # Database Configuration
  144. # The database uses PostgreSQL. Please use the public schema.
  145. # It is consistent with the configuration in the 'db' service below.
  146. # ------------------------------
  147. DB_USERNAME=postgres
  148. DB_PASSWORD=difyai123456
  149. DB_HOST=db
  150. DB_PORT=5432
  151. DB_DATABASE=dify
  152. # The size of the database connection pool.
  153. # The default is 30 connections, which can be appropriately increased.
  154. SQLALCHEMY_POOL_SIZE=30
  155. # Database connection pool recycling time, the default is 3600 seconds.
  156. SQLALCHEMY_POOL_RECYCLE=3600
  157. # Whether to print SQL, default is false.
  158. SQLALCHEMY_ECHO=false
  159. # Maximum number of connections to the database
  160. # Default is 100
  161. #
  162. # Reference: https://www.postgresql.org/docs/current/runtime-config-connection.html#GUC-MAX-CONNECTIONS
  163. POSTGRES_MAX_CONNECTIONS=100
  164. # Sets the amount of shared memory used for postgres's shared buffers.
  165. # Default is 128MB
  166. # Recommended value: 25% of available memory
  167. # Reference: https://www.postgresql.org/docs/current/runtime-config-resource.html#GUC-SHARED-BUFFERS
  168. POSTGRES_SHARED_BUFFERS=128MB
  169. # Sets the amount of memory used by each database worker for working space.
  170. # Default is 4MB
  171. #
  172. # Reference: https://www.postgresql.org/docs/current/runtime-config-resource.html#GUC-WORK-MEM
  173. POSTGRES_WORK_MEM=4MB
  174. # Sets the amount of memory reserved for maintenance activities.
  175. # Default is 64MB
  176. #
  177. # Reference: https://www.postgresql.org/docs/current/runtime-config-resource.html#GUC-MAINTENANCE-WORK-MEM
  178. POSTGRES_MAINTENANCE_WORK_MEM=64MB
  179. # Sets the planner's assumption about the effective cache size.
  180. # Default is 4096MB
  181. #
  182. # Reference: https://www.postgresql.org/docs/current/runtime-config-query.html#GUC-EFFECTIVE-CACHE-SIZE
  183. POSTGRES_EFFECTIVE_CACHE_SIZE=4096MB
  184. # ------------------------------
  185. # Redis Configuration
  186. # This Redis configuration is used for caching and for pub/sub during conversation.
  187. # ------------------------------
  188. REDIS_HOST=redis
  189. REDIS_PORT=6379
  190. REDIS_USERNAME=
  191. REDIS_PASSWORD=difyai123456
  192. REDIS_USE_SSL=false
  193. REDIS_DB=0
  194. # Whether to use Redis Sentinel mode.
  195. # If set to true, the application will automatically discover and connect to the master node through Sentinel.
  196. REDIS_USE_SENTINEL=false
  197. # List of Redis Sentinel nodes. If Sentinel mode is enabled, provide at least one Sentinel IP and port.
  198. # Format: `<sentinel1_ip>:<sentinel1_port>,<sentinel2_ip>:<sentinel2_port>,<sentinel3_ip>:<sentinel3_port>`
  199. REDIS_SENTINELS=
  200. REDIS_SENTINEL_SERVICE_NAME=
  201. REDIS_SENTINEL_USERNAME=
  202. REDIS_SENTINEL_PASSWORD=
  203. REDIS_SENTINEL_SOCKET_TIMEOUT=0.1
  204. # List of Redis Cluster nodes. If Cluster mode is enabled, provide at least one Cluster IP and port.
  205. # Format: `<Cluster1_ip>:<Cluster1_port>,<Cluster2_ip>:<Cluster2_port>,<Cluster3_ip>:<Cluster3_port>`
  206. REDIS_USE_CLUSTERS=false
  207. REDIS_CLUSTERS=
  208. REDIS_CLUSTERS_PASSWORD=
  209. # ------------------------------
  210. # Celery Configuration
  211. # ------------------------------
  212. # Use redis as the broker, and redis db 1 for celery broker.
  213. # Format as follows: `redis://<redis_username>:<redis_password>@<redis_host>:<redis_port>/<redis_database>`
  214. # Example: redis://:difyai123456@redis:6379/1
  215. # If use Redis Sentinel, format as follows: `sentinel://<sentinel_username>:<sentinel_password>@<sentinel_host>:<sentinel_port>/<redis_database>`
  216. # Example: sentinel://localhost:26379/1;sentinel://localhost:26380/1;sentinel://localhost:26381/1
  217. CELERY_BROKER_URL=redis://:difyai123456@redis:6379/1
  218. BROKER_USE_SSL=false
  219. # If you are using Redis Sentinel for high availability, configure the following settings.
  220. CELERY_USE_SENTINEL=false
  221. CELERY_SENTINEL_MASTER_NAME=
  222. CELERY_SENTINEL_SOCKET_TIMEOUT=0.1
  223. # ------------------------------
  224. # CORS Configuration
  225. # Used to set the front-end cross-domain access policy.
  226. # ------------------------------
  227. # Specifies the allowed origins for cross-origin requests to the Web API,
  228. # e.g. https://dify.app or * for all origins.
  229. WEB_API_CORS_ALLOW_ORIGINS=*
  230. # Specifies the allowed origins for cross-origin requests to the console API,
  231. # e.g. https://cloud.dify.ai or * for all origins.
  232. CONSOLE_CORS_ALLOW_ORIGINS=*
  233. # ------------------------------
  234. # File Storage Configuration
  235. # ------------------------------
  236. # The type of storage to use for storing user files.
  237. STORAGE_TYPE=opendal
  238. # Apache OpenDAL Configuration
  239. # The configuration for OpenDAL consists of the following format: OPENDAL_<SCHEME_NAME>_<CONFIG_NAME>.
  240. # You can find all the service configurations (CONFIG_NAME) in the repository at: https://github.com/apache/opendal/tree/main/core/src/services.
  241. # Dify will scan configurations starting with OPENDAL_<SCHEME_NAME> and automatically apply them.
  242. # The scheme name for the OpenDAL storage.
  243. OPENDAL_SCHEME=fs
  244. # Configurations for OpenDAL Local File System.
  245. OPENDAL_FS_ROOT=storage
  246. # S3 Configuration
  247. #
  248. S3_ENDPOINT=
  249. S3_REGION=us-east-1
  250. S3_BUCKET_NAME=difyai
  251. S3_ACCESS_KEY=
  252. S3_SECRET_KEY=
  253. # Whether to use AWS managed IAM roles for authenticating with the S3 service.
  254. # If set to false, the access key and secret key must be provided.
  255. S3_USE_AWS_MANAGED_IAM=false
  256. # Azure Blob Configuration
  257. #
  258. AZURE_BLOB_ACCOUNT_NAME=difyai
  259. AZURE_BLOB_ACCOUNT_KEY=difyai
  260. AZURE_BLOB_CONTAINER_NAME=difyai-container
  261. AZURE_BLOB_ACCOUNT_URL=https://<your_account_name>.blob.core.windows.net
  262. # Google Storage Configuration
  263. #
  264. GOOGLE_STORAGE_BUCKET_NAME=your-bucket-name
  265. GOOGLE_STORAGE_SERVICE_ACCOUNT_JSON_BASE64=
  266. # The Alibaba Cloud OSS configurations,
  267. #
  268. ALIYUN_OSS_BUCKET_NAME=your-bucket-name
  269. ALIYUN_OSS_ACCESS_KEY=your-access-key
  270. ALIYUN_OSS_SECRET_KEY=your-secret-key
  271. ALIYUN_OSS_ENDPOINT=https://oss-ap-southeast-1-internal.aliyuncs.com
  272. ALIYUN_OSS_REGION=ap-southeast-1
  273. ALIYUN_OSS_AUTH_VERSION=v4
  274. # Don't start with '/'. OSS doesn't support leading slash in object names.
  275. ALIYUN_OSS_PATH=your-path
  276. # Tencent COS Configuration
  277. #
  278. TENCENT_COS_BUCKET_NAME=your-bucket-name
  279. TENCENT_COS_SECRET_KEY=your-secret-key
  280. TENCENT_COS_SECRET_ID=your-secret-id
  281. TENCENT_COS_REGION=your-region
  282. TENCENT_COS_SCHEME=your-scheme
  283. # Oracle Storage Configuration
  284. #
  285. OCI_ENDPOINT=https://your-object-storage-namespace.compat.objectstorage.us-ashburn-1.oraclecloud.com
  286. OCI_BUCKET_NAME=your-bucket-name
  287. OCI_ACCESS_KEY=your-access-key
  288. OCI_SECRET_KEY=your-secret-key
  289. OCI_REGION=us-ashburn-1
  290. # Huawei OBS Configuration
  291. #
  292. HUAWEI_OBS_BUCKET_NAME=your-bucket-name
  293. HUAWEI_OBS_SECRET_KEY=your-secret-key
  294. HUAWEI_OBS_ACCESS_KEY=your-access-key
  295. HUAWEI_OBS_SERVER=your-server-url
  296. # Volcengine TOS Configuration
  297. #
  298. VOLCENGINE_TOS_BUCKET_NAME=your-bucket-name
  299. VOLCENGINE_TOS_SECRET_KEY=your-secret-key
  300. VOLCENGINE_TOS_ACCESS_KEY=your-access-key
  301. VOLCENGINE_TOS_ENDPOINT=your-server-url
  302. VOLCENGINE_TOS_REGION=your-region
  303. # Baidu OBS Storage Configuration
  304. #
  305. BAIDU_OBS_BUCKET_NAME=your-bucket-name
  306. BAIDU_OBS_SECRET_KEY=your-secret-key
  307. BAIDU_OBS_ACCESS_KEY=your-access-key
  308. BAIDU_OBS_ENDPOINT=your-server-url
  309. # Supabase Storage Configuration
  310. #
  311. SUPABASE_BUCKET_NAME=your-bucket-name
  312. SUPABASE_API_KEY=your-access-key
  313. SUPABASE_URL=your-server-url
  314. # ------------------------------
  315. # Vector Database Configuration
  316. # ------------------------------
  317. # The type of vector store to use.
  318. # Supported values are `weaviate`, `qdrant`, `milvus`, `myscale`, `relyt`, `pgvector`, `pgvecto-rs`, `chroma`, `opensearch`, `tidb_vector`, `oracle`, `tencent`, `elasticsearch`, `elasticsearch-ja`, `analyticdb`, `couchbase`, `vikingdb`, `oceanbase`, `opengauss`.
  319. VECTOR_STORE=weaviate
  320. # The Weaviate endpoint URL. Only available when VECTOR_STORE is `weaviate`.
  321. WEAVIATE_ENDPOINT=http://weaviate:8080
  322. WEAVIATE_API_KEY=WVF5YThaHlkYwhGUSmCRgsX3tD5ngdN8pkih
  323. # The Qdrant endpoint URL. Only available when VECTOR_STORE is `qdrant`.
  324. QDRANT_URL=http://qdrant:6333
  325. QDRANT_API_KEY=difyai123456
  326. QDRANT_CLIENT_TIMEOUT=20
  327. QDRANT_GRPC_ENABLED=false
  328. QDRANT_GRPC_PORT=6334
  329. # Milvus configuration. Only available when VECTOR_STORE is `milvus`.
  330. # The milvus uri.
  331. MILVUS_URI=http://host.docker.internal:19530
  332. MILVUS_TOKEN=
  333. MILVUS_USER=
  334. MILVUS_PASSWORD=
  335. MILVUS_ENABLE_HYBRID_SEARCH=False
  336. # MyScale configuration, only available when VECTOR_STORE is `myscale`
  337. # For multi-language support, please set MYSCALE_FTS_PARAMS with referring to:
  338. # https://myscale.com/docs/en/text-search/#understanding-fts-index-parameters
  339. MYSCALE_HOST=myscale
  340. MYSCALE_PORT=8123
  341. MYSCALE_USER=default
  342. MYSCALE_PASSWORD=
  343. MYSCALE_DATABASE=dify
  344. MYSCALE_FTS_PARAMS=
  345. # Couchbase configurations, only available when VECTOR_STORE is `couchbase`
  346. # The connection string must include hostname defined in the docker-compose file (couchbase-server in this case)
  347. COUCHBASE_CONNECTION_STRING=couchbase://couchbase-server
  348. COUCHBASE_USER=Administrator
  349. COUCHBASE_PASSWORD=password
  350. COUCHBASE_BUCKET_NAME=Embeddings
  351. COUCHBASE_SCOPE_NAME=_default
  352. # pgvector configurations, only available when VECTOR_STORE is `pgvector`
  353. PGVECTOR_HOST=pgvector
  354. PGVECTOR_PORT=5432
  355. PGVECTOR_USER=postgres
  356. PGVECTOR_PASSWORD=difyai123456
  357. PGVECTOR_DATABASE=dify
  358. PGVECTOR_MIN_CONNECTION=1
  359. PGVECTOR_MAX_CONNECTION=5
  360. PGVECTOR_PG_BIGM=false
  361. PGVECTOR_PG_BIGM_VERSION=1.2-20240606
  362. # pgvecto-rs configurations, only available when VECTOR_STORE is `pgvecto-rs`
  363. PGVECTO_RS_HOST=pgvecto-rs
  364. PGVECTO_RS_PORT=5432
  365. PGVECTO_RS_USER=postgres
  366. PGVECTO_RS_PASSWORD=difyai123456
  367. PGVECTO_RS_DATABASE=dify
  368. # analyticdb configurations, only available when VECTOR_STORE is `analyticdb`
  369. ANALYTICDB_KEY_ID=your-ak
  370. ANALYTICDB_KEY_SECRET=your-sk
  371. ANALYTICDB_REGION_ID=cn-hangzhou
  372. ANALYTICDB_INSTANCE_ID=gp-ab123456
  373. ANALYTICDB_ACCOUNT=testaccount
  374. ANALYTICDB_PASSWORD=testpassword
  375. ANALYTICDB_NAMESPACE=dify
  376. ANALYTICDB_NAMESPACE_PASSWORD=difypassword
  377. ANALYTICDB_HOST=gp-test.aliyuncs.com
  378. ANALYTICDB_PORT=5432
  379. ANALYTICDB_MIN_CONNECTION=1
  380. ANALYTICDB_MAX_CONNECTION=5
  381. # TiDB vector configurations, only available when VECTOR_STORE is `tidb`
  382. TIDB_VECTOR_HOST=tidb
  383. TIDB_VECTOR_PORT=4000
  384. TIDB_VECTOR_USER=
  385. TIDB_VECTOR_PASSWORD=
  386. TIDB_VECTOR_DATABASE=dify
  387. # Tidb on qdrant configuration, only available when VECTOR_STORE is `tidb_on_qdrant`
  388. TIDB_ON_QDRANT_URL=http://127.0.0.1
  389. TIDB_ON_QDRANT_API_KEY=dify
  390. TIDB_ON_QDRANT_CLIENT_TIMEOUT=20
  391. TIDB_ON_QDRANT_GRPC_ENABLED=false
  392. TIDB_ON_QDRANT_GRPC_PORT=6334
  393. TIDB_PUBLIC_KEY=dify
  394. TIDB_PRIVATE_KEY=dify
  395. TIDB_API_URL=http://127.0.0.1
  396. TIDB_IAM_API_URL=http://127.0.0.1
  397. TIDB_REGION=regions/aws-us-east-1
  398. TIDB_PROJECT_ID=dify
  399. TIDB_SPEND_LIMIT=100
  400. # Chroma configuration, only available when VECTOR_STORE is `chroma`
  401. CHROMA_HOST=127.0.0.1
  402. CHROMA_PORT=8000
  403. CHROMA_TENANT=default_tenant
  404. CHROMA_DATABASE=default_database
  405. CHROMA_AUTH_PROVIDER=chromadb.auth.token_authn.TokenAuthClientProvider
  406. CHROMA_AUTH_CREDENTIALS=
  407. # Oracle configuration, only available when VECTOR_STORE is `oracle`
  408. ORACLE_USER=dify
  409. ORACLE_PASSWORD=dify
  410. ORACLE_DSN=oracle:1521/FREEPDB1
  411. ORACLE_CONFIG_DIR=/app/api/storage/wallet
  412. ORACLE_WALLET_LOCATION=/app/api/storage/wallet
  413. ORACLE_WALLET_PASSWORD=dify
  414. ORACLE_IS_AUTONOMOUS=false
  415. # relyt configurations, only available when VECTOR_STORE is `relyt`
  416. RELYT_HOST=db
  417. RELYT_PORT=5432
  418. RELYT_USER=postgres
  419. RELYT_PASSWORD=difyai123456
  420. RELYT_DATABASE=postgres
  421. # open search configuration, only available when VECTOR_STORE is `opensearch`
  422. OPENSEARCH_HOST=opensearch
  423. OPENSEARCH_PORT=9200
  424. OPENSEARCH_USER=admin
  425. OPENSEARCH_PASSWORD=admin
  426. OPENSEARCH_SECURE=true
  427. # tencent vector configurations, only available when VECTOR_STORE is `tencent`
  428. TENCENT_VECTOR_DB_URL=http://127.0.0.1
  429. TENCENT_VECTOR_DB_API_KEY=dify
  430. TENCENT_VECTOR_DB_TIMEOUT=30
  431. TENCENT_VECTOR_DB_USERNAME=dify
  432. TENCENT_VECTOR_DB_DATABASE=dify
  433. TENCENT_VECTOR_DB_SHARD=1
  434. TENCENT_VECTOR_DB_REPLICAS=2
  435. # ElasticSearch configuration, only available when VECTOR_STORE is `elasticsearch`
  436. ELASTICSEARCH_HOST=0.0.0.0
  437. ELASTICSEARCH_PORT=9200
  438. ELASTICSEARCH_USERNAME=elastic
  439. ELASTICSEARCH_PASSWORD=elastic
  440. KIBANA_PORT=5601
  441. # baidu vector configurations, only available when VECTOR_STORE is `baidu`
  442. BAIDU_VECTOR_DB_ENDPOINT=http://127.0.0.1:5287
  443. BAIDU_VECTOR_DB_CONNECTION_TIMEOUT_MS=30000
  444. BAIDU_VECTOR_DB_ACCOUNT=root
  445. BAIDU_VECTOR_DB_API_KEY=dify
  446. BAIDU_VECTOR_DB_DATABASE=dify
  447. BAIDU_VECTOR_DB_SHARD=1
  448. BAIDU_VECTOR_DB_REPLICAS=3
  449. # VikingDB configurations, only available when VECTOR_STORE is `vikingdb`
  450. VIKINGDB_ACCESS_KEY=your-ak
  451. VIKINGDB_SECRET_KEY=your-sk
  452. VIKINGDB_REGION=cn-shanghai
  453. VIKINGDB_HOST=api-vikingdb.xxx.volces.com
  454. VIKINGDB_SCHEMA=http
  455. VIKINGDB_CONNECTION_TIMEOUT=30
  456. VIKINGDB_SOCKET_TIMEOUT=30
  457. # Lindorm configuration, only available when VECTOR_STORE is `lindorm`
  458. LINDORM_URL=http://lindorm:30070
  459. LINDORM_USERNAME=lindorm
  460. LINDORM_PASSWORD=lindorm
  461. # OceanBase Vector configuration, only available when VECTOR_STORE is `oceanbase`
  462. OCEANBASE_VECTOR_HOST=oceanbase
  463. OCEANBASE_VECTOR_PORT=2881
  464. OCEANBASE_VECTOR_USER=root@test
  465. OCEANBASE_VECTOR_PASSWORD=difyai123456
  466. OCEANBASE_VECTOR_DATABASE=test
  467. OCEANBASE_CLUSTER_NAME=difyai
  468. OCEANBASE_MEMORY_LIMIT=6G
  469. # opengauss configurations, only available when VECTOR_STORE is `opengauss`
  470. OPENGAUSS_HOST=opengauss
  471. OPENGAUSS_PORT=6600
  472. OPENGAUSS_USER=postgres
  473. OPENGAUSS_PASSWORD=Dify@123
  474. OPENGAUSS_DATABASE=dify
  475. OPENGAUSS_MIN_CONNECTION=1
  476. OPENGAUSS_MAX_CONNECTION=5
  477. # Upstash Vector configuration, only available when VECTOR_STORE is `upstash`
  478. UPSTASH_VECTOR_URL=https://xxx-vector.upstash.io
  479. UPSTASH_VECTOR_TOKEN=dify
  480. # ------------------------------
  481. # Knowledge Configuration
  482. # ------------------------------
  483. # Upload file size limit, default 15M.
  484. UPLOAD_FILE_SIZE_LIMIT=15
  485. # The maximum number of files that can be uploaded at a time, default 5.
  486. UPLOAD_FILE_BATCH_LIMIT=5
  487. # ETL type, support: `dify`, `Unstructured`
  488. # `dify` Dify's proprietary file extraction scheme
  489. # `Unstructured` Unstructured.io file extraction scheme
  490. ETL_TYPE=dify
  491. # Unstructured API path and API key, needs to be configured when ETL_TYPE is Unstructured
  492. # Or using Unstructured for document extractor node for pptx.
  493. # For example: http://unstructured:8000/general/v0/general
  494. UNSTRUCTURED_API_URL=
  495. UNSTRUCTURED_API_KEY=
  496. SCARF_NO_ANALYTICS=true
  497. # ------------------------------
  498. # Model Configuration
  499. # ------------------------------
  500. # The maximum number of tokens allowed for prompt generation.
  501. # This setting controls the upper limit of tokens that can be used by the LLM
  502. # when generating a prompt in the prompt generation tool.
  503. # Default: 512 tokens.
  504. PROMPT_GENERATION_MAX_TOKENS=512
  505. # The maximum number of tokens allowed for code generation.
  506. # This setting controls the upper limit of tokens that can be used by the LLM
  507. # when generating code in the code generation tool.
  508. # Default: 1024 tokens.
  509. CODE_GENERATION_MAX_TOKENS=1024
  510. # ------------------------------
  511. # Multi-modal Configuration
  512. # ------------------------------
  513. # The format of the image/video/audio/document sent when the multi-modal model is input,
  514. # the default is base64, optional url.
  515. # The delay of the call in url mode will be lower than that in base64 mode.
  516. # It is generally recommended to use the more compatible base64 mode.
  517. # If configured as url, you need to configure FILES_URL as an externally accessible address so that the multi-modal model can access the image/video/audio/document.
  518. MULTIMODAL_SEND_FORMAT=base64
  519. # Upload image file size limit, default 10M.
  520. UPLOAD_IMAGE_FILE_SIZE_LIMIT=10
  521. # Upload video file size limit, default 100M.
  522. UPLOAD_VIDEO_FILE_SIZE_LIMIT=100
  523. # Upload audio file size limit, default 50M.
  524. UPLOAD_AUDIO_FILE_SIZE_LIMIT=50
  525. # ------------------------------
  526. # Sentry Configuration
  527. # Used for application monitoring and error log tracking.
  528. # ------------------------------
  529. SENTRY_DSN=
  530. # API Service Sentry DSN address, default is empty, when empty,
  531. # all monitoring information is not reported to Sentry.
  532. # If not set, Sentry error reporting will be disabled.
  533. API_SENTRY_DSN=
  534. # API Service The reporting ratio of Sentry events, if it is 0.01, it is 1%.
  535. API_SENTRY_TRACES_SAMPLE_RATE=1.0
  536. # API Service The reporting ratio of Sentry profiles, if it is 0.01, it is 1%.
  537. API_SENTRY_PROFILES_SAMPLE_RATE=1.0
  538. # Web Service Sentry DSN address, default is empty, when empty,
  539. # all monitoring information is not reported to Sentry.
  540. # If not set, Sentry error reporting will be disabled.
  541. WEB_SENTRY_DSN=
  542. # ------------------------------
  543. # Notion Integration Configuration
  544. # Variables can be obtained by applying for Notion integration: https://www.notion.so/my-integrations
  545. # ------------------------------
  546. # Configure as "public" or "internal".
  547. # Since Notion's OAuth redirect URL only supports HTTPS,
  548. # if deploying locally, please use Notion's internal integration.
  549. NOTION_INTEGRATION_TYPE=public
  550. # Notion OAuth client secret (used for public integration type)
  551. NOTION_CLIENT_SECRET=
  552. # Notion OAuth client id (used for public integration type)
  553. NOTION_CLIENT_ID=
  554. # Notion internal integration secret.
  555. # If the value of NOTION_INTEGRATION_TYPE is "internal",
  556. # you need to configure this variable.
  557. NOTION_INTERNAL_SECRET=
  558. # ------------------------------
  559. # Mail related configuration
  560. # ------------------------------
  561. # Mail type, support: resend, smtp
  562. MAIL_TYPE=resend
  563. # Default send from email address, if not specified
  564. MAIL_DEFAULT_SEND_FROM=
  565. # API-Key for the Resend email provider, used when MAIL_TYPE is `resend`.
  566. RESEND_API_URL=https://api.resend.com
  567. RESEND_API_KEY=your-resend-api-key
  568. # SMTP server configuration, used when MAIL_TYPE is `smtp`
  569. SMTP_SERVER=
  570. SMTP_PORT=465
  571. SMTP_USERNAME=
  572. SMTP_PASSWORD=
  573. SMTP_USE_TLS=true
  574. SMTP_OPPORTUNISTIC_TLS=false
  575. # ------------------------------
  576. # Others Configuration
  577. # ------------------------------
  578. # Maximum length of segmentation tokens for indexing
  579. INDEXING_MAX_SEGMENTATION_TOKENS_LENGTH=4000
  580. # Member invitation link valid time (hours),
  581. # Default: 72.
  582. INVITE_EXPIRY_HOURS=72
  583. # Reset password token valid time (minutes),
  584. RESET_PASSWORD_TOKEN_EXPIRY_MINUTES=5
  585. # The sandbox service endpoint.
  586. CODE_EXECUTION_ENDPOINT=http://sandbox:8194
  587. CODE_EXECUTION_API_KEY=dify-sandbox
  588. CODE_MAX_NUMBER=9223372036854775807
  589. CODE_MIN_NUMBER=-9223372036854775808
  590. CODE_MAX_DEPTH=5
  591. CODE_MAX_PRECISION=20
  592. CODE_MAX_STRING_LENGTH=80000
  593. CODE_MAX_STRING_ARRAY_LENGTH=30
  594. CODE_MAX_OBJECT_ARRAY_LENGTH=30
  595. CODE_MAX_NUMBER_ARRAY_LENGTH=1000
  596. CODE_EXECUTION_CONNECT_TIMEOUT=10
  597. CODE_EXECUTION_READ_TIMEOUT=60
  598. CODE_EXECUTION_WRITE_TIMEOUT=10
  599. TEMPLATE_TRANSFORM_MAX_LENGTH=80000
  600. # Workflow runtime configuration
  601. WORKFLOW_MAX_EXECUTION_STEPS=500
  602. WORKFLOW_MAX_EXECUTION_TIME=1200
  603. WORKFLOW_CALL_MAX_DEPTH=5
  604. MAX_VARIABLE_SIZE=204800
  605. WORKFLOW_PARALLEL_DEPTH_LIMIT=3
  606. WORKFLOW_FILE_UPLOAD_LIMIT=10
  607. # HTTP request node in workflow configuration
  608. HTTP_REQUEST_NODE_MAX_BINARY_SIZE=10485760
  609. HTTP_REQUEST_NODE_MAX_TEXT_SIZE=1048576
  610. HTTP_REQUEST_NODE_SSL_VERIFY=True
  611. # SSRF Proxy server HTTP URL
  612. SSRF_PROXY_HTTP_URL=http://ssrf_proxy:3128
  613. # SSRF Proxy server HTTPS URL
  614. SSRF_PROXY_HTTPS_URL=http://ssrf_proxy:3128
  615. # Maximum loop count in the workflow
  616. LOOP_NODE_MAX_COUNT=100
  617. # The maximum number of tools that can be used in the agent.
  618. MAX_TOOLS_NUM=10
  619. # Maximum number of Parallelism branches in the workflow
  620. MAX_PARALLEL_LIMIT=10
  621. # ------------------------------
  622. # Environment Variables for web Service
  623. # ------------------------------
  624. # The timeout for the text generation in millisecond
  625. TEXT_GENERATION_TIMEOUT_MS=60000
  626. # ------------------------------
  627. # Environment Variables for db Service
  628. # ------------------------------
  629. PGUSER=${DB_USERNAME}
  630. # The password for the default postgres user.
  631. POSTGRES_PASSWORD=${DB_PASSWORD}
  632. # The name of the default postgres database.
  633. POSTGRES_DB=${DB_DATABASE}
  634. # postgres data directory
  635. PGDATA=/var/lib/postgresql/data/pgdata
  636. # ------------------------------
  637. # Environment Variables for sandbox Service
  638. # ------------------------------
  639. # The API key for the sandbox service
  640. SANDBOX_API_KEY=dify-sandbox
  641. # The mode in which the Gin framework runs
  642. SANDBOX_GIN_MODE=release
  643. # The timeout for the worker in seconds
  644. SANDBOX_WORKER_TIMEOUT=15
  645. # Enable network for the sandbox service
  646. SANDBOX_ENABLE_NETWORK=true
  647. # HTTP proxy URL for SSRF protection
  648. SANDBOX_HTTP_PROXY=http://ssrf_proxy:3128
  649. # HTTPS proxy URL for SSRF protection
  650. SANDBOX_HTTPS_PROXY=http://ssrf_proxy:3128
  651. # The port on which the sandbox service runs
  652. SANDBOX_PORT=8194
  653. # ------------------------------
  654. # Environment Variables for weaviate Service
  655. # (only used when VECTOR_STORE is weaviate)
  656. # ------------------------------
  657. WEAVIATE_PERSISTENCE_DATA_PATH=/var/lib/weaviate
  658. WEAVIATE_QUERY_DEFAULTS_LIMIT=25
  659. WEAVIATE_AUTHENTICATION_ANONYMOUS_ACCESS_ENABLED=true
  660. WEAVIATE_DEFAULT_VECTORIZER_MODULE=none
  661. WEAVIATE_CLUSTER_HOSTNAME=node1
  662. WEAVIATE_AUTHENTICATION_APIKEY_ENABLED=true
  663. WEAVIATE_AUTHENTICATION_APIKEY_ALLOWED_KEYS=WVF5YThaHlkYwhGUSmCRgsX3tD5ngdN8pkih
  664. WEAVIATE_AUTHENTICATION_APIKEY_USERS=hello@dify.ai
  665. WEAVIATE_AUTHORIZATION_ADMINLIST_ENABLED=true
  666. WEAVIATE_AUTHORIZATION_ADMINLIST_USERS=hello@dify.ai
  667. # ------------------------------
  668. # Environment Variables for Chroma
  669. # (only used when VECTOR_STORE is chroma)
  670. # ------------------------------
  671. # Authentication credentials for Chroma server
  672. CHROMA_SERVER_AUTHN_CREDENTIALS=difyai123456
  673. # Authentication provider for Chroma server
  674. CHROMA_SERVER_AUTHN_PROVIDER=chromadb.auth.token_authn.TokenAuthenticationServerProvider
  675. # Persistence setting for Chroma server
  676. CHROMA_IS_PERSISTENT=TRUE
  677. # ------------------------------
  678. # Environment Variables for Oracle Service
  679. # (only used when VECTOR_STORE is Oracle)
  680. # ------------------------------
  681. ORACLE_PWD=Dify123456
  682. ORACLE_CHARACTERSET=AL32UTF8
  683. # ------------------------------
  684. # Environment Variables for milvus Service
  685. # (only used when VECTOR_STORE is milvus)
  686. # ------------------------------
  687. # ETCD configuration for auto compaction mode
  688. ETCD_AUTO_COMPACTION_MODE=revision
  689. # ETCD configuration for auto compaction retention in terms of number of revisions
  690. ETCD_AUTO_COMPACTION_RETENTION=1000
  691. # ETCD configuration for backend quota in bytes
  692. ETCD_QUOTA_BACKEND_BYTES=4294967296
  693. # ETCD configuration for the number of changes before triggering a snapshot
  694. ETCD_SNAPSHOT_COUNT=50000
  695. # MinIO access key for authentication
  696. MINIO_ACCESS_KEY=minioadmin
  697. # MinIO secret key for authentication
  698. MINIO_SECRET_KEY=minioadmin
  699. # ETCD service endpoints
  700. ETCD_ENDPOINTS=etcd:2379
  701. # MinIO service address
  702. MINIO_ADDRESS=minio:9000
  703. # Enable or disable security authorization
  704. MILVUS_AUTHORIZATION_ENABLED=true
  705. # ------------------------------
  706. # Environment Variables for pgvector / pgvector-rs Service
  707. # (only used when VECTOR_STORE is pgvector / pgvector-rs)
  708. # ------------------------------
  709. PGVECTOR_PGUSER=postgres
  710. # The password for the default postgres user.
  711. PGVECTOR_POSTGRES_PASSWORD=difyai123456
  712. # The name of the default postgres database.
  713. PGVECTOR_POSTGRES_DB=dify
  714. # postgres data directory
  715. PGVECTOR_PGDATA=/var/lib/postgresql/data/pgdata
  716. # ------------------------------
  717. # Environment Variables for opensearch
  718. # (only used when VECTOR_STORE is opensearch)
  719. # ------------------------------
  720. OPENSEARCH_DISCOVERY_TYPE=single-node
  721. OPENSEARCH_BOOTSTRAP_MEMORY_LOCK=true
  722. OPENSEARCH_JAVA_OPTS_MIN=512m
  723. OPENSEARCH_JAVA_OPTS_MAX=1024m
  724. OPENSEARCH_INITIAL_ADMIN_PASSWORD=Qazwsxedc!@#123
  725. OPENSEARCH_MEMLOCK_SOFT=-1
  726. OPENSEARCH_MEMLOCK_HARD=-1
  727. OPENSEARCH_NOFILE_SOFT=65536
  728. OPENSEARCH_NOFILE_HARD=65536
  729. # ------------------------------
  730. # Environment Variables for Nginx reverse proxy
  731. # ------------------------------
  732. NGINX_SERVER_NAME=_
  733. NGINX_HTTPS_ENABLED=false
  734. # HTTP port
  735. NGINX_PORT=80
  736. # SSL settings are only applied when HTTPS_ENABLED is true
  737. NGINX_SSL_PORT=443
  738. # if HTTPS_ENABLED is true, you're required to add your own SSL certificates/keys to the `./nginx/ssl` directory
  739. # and modify the env vars below accordingly.
  740. NGINX_SSL_CERT_FILENAME=dify.crt
  741. NGINX_SSL_CERT_KEY_FILENAME=dify.key
  742. NGINX_SSL_PROTOCOLS=TLSv1.1 TLSv1.2 TLSv1.3
  743. # Nginx performance tuning
  744. NGINX_WORKER_PROCESSES=auto
  745. NGINX_CLIENT_MAX_BODY_SIZE=15M
  746. NGINX_KEEPALIVE_TIMEOUT=65
  747. # Proxy settings
  748. NGINX_PROXY_READ_TIMEOUT=3600s
  749. NGINX_PROXY_SEND_TIMEOUT=3600s
  750. # Set true to accept requests for /.well-known/acme-challenge/
  751. NGINX_ENABLE_CERTBOT_CHALLENGE=false
  752. # ------------------------------
  753. # Certbot Configuration
  754. # ------------------------------
  755. # Email address (required to get certificates from Let's Encrypt)
  756. CERTBOT_EMAIL=your_email@example.com
  757. # Domain name
  758. CERTBOT_DOMAIN=your_domain.com
  759. # certbot command options
  760. # i.e: --force-renewal --dry-run --test-cert --debug
  761. CERTBOT_OPTIONS=
  762. # ------------------------------
  763. # Environment Variables for SSRF Proxy
  764. # ------------------------------
  765. SSRF_HTTP_PORT=3128
  766. SSRF_COREDUMP_DIR=/var/spool/squid
  767. SSRF_REVERSE_PROXY_PORT=8194
  768. SSRF_SANDBOX_HOST=sandbox
  769. SSRF_DEFAULT_TIME_OUT=5
  770. SSRF_DEFAULT_CONNECT_TIME_OUT=5
  771. SSRF_DEFAULT_READ_TIME_OUT=5
  772. SSRF_DEFAULT_WRITE_TIME_OUT=5
  773. # ------------------------------
  774. # docker env var for specifying vector db type at startup
  775. # (based on the vector db type, the corresponding docker
  776. # compose profile will be used)
  777. # if you want to use unstructured, add ',unstructured' to the end
  778. # ------------------------------
  779. COMPOSE_PROFILES=${VECTOR_STORE:-weaviate}
  780. # ------------------------------
  781. # Docker Compose Service Expose Host Port Configurations
  782. # ------------------------------
  783. EXPOSE_NGINX_PORT=80
  784. EXPOSE_NGINX_SSL_PORT=443
  785. # ----------------------------------------------------------------------------
  786. # ModelProvider & Tool Position Configuration
  787. # Used to specify the model providers and tools that can be used in the app.
  788. # ----------------------------------------------------------------------------
  789. # Pin, include, and exclude tools
  790. # Use comma-separated values with no spaces between items.
  791. # Example: POSITION_TOOL_PINS=bing,google
  792. POSITION_TOOL_PINS=
  793. POSITION_TOOL_INCLUDES=
  794. POSITION_TOOL_EXCLUDES=
  795. # Pin, include, and exclude model providers
  796. # Use comma-separated values with no spaces between items.
  797. # Example: POSITION_PROVIDER_PINS=openai,openllm
  798. POSITION_PROVIDER_PINS=
  799. POSITION_PROVIDER_INCLUDES=
  800. POSITION_PROVIDER_EXCLUDES=
  801. # CSP https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP
  802. CSP_WHITELIST=
  803. # Enable or disable create tidb service job
  804. CREATE_TIDB_SERVICE_JOB_ENABLED=false
  805. # Maximum number of submitted thread count in a ThreadPool for parallel node execution
  806. MAX_SUBMIT_COUNT=100
  807. # The maximum number of top-k value for RAG.
  808. TOP_K_MAX_VALUE=10
  809. # ------------------------------
  810. # Plugin Daemon Configuration
  811. # ------------------------------
  812. DB_PLUGIN_DATABASE=dify_plugin
  813. EXPOSE_PLUGIN_DAEMON_PORT=5002
  814. PLUGIN_DAEMON_PORT=5002
  815. PLUGIN_DAEMON_KEY=lYkiYYT6owG+71oLerGzA7GXCgOT++6ovaezWAjpCjf+Sjc3ZtU+qUEi
  816. PLUGIN_DAEMON_URL=http://plugin_daemon:5002
  817. PLUGIN_MAX_PACKAGE_SIZE=52428800
  818. PLUGIN_PPROF_ENABLED=false
  819. PLUGIN_DEBUGGING_HOST=0.0.0.0
  820. PLUGIN_DEBUGGING_PORT=5003
  821. EXPOSE_PLUGIN_DEBUGGING_HOST=localhost
  822. EXPOSE_PLUGIN_DEBUGGING_PORT=5003
  823. # If this key is changed, DIFY_INNER_API_KEY in plugin_daemon service must also be updated or agent node will fail.
  824. PLUGIN_DIFY_INNER_API_KEY=QaHbTe77CtuXmsfyhR7+vRjI/+XbV1AaFy691iy+kGDv2Jvy0/eAh8Y1
  825. PLUGIN_DIFY_INNER_API_URL=http://api:5001
  826. ENDPOINT_URL_TEMPLATE=http://localhost/e/{hook_id}
  827. MARKETPLACE_ENABLED=true
  828. MARKETPLACE_API_URL=https://marketplace.dify.ai
  829. FORCE_VERIFYING_SIGNATURE=true
  830. PLUGIN_PYTHON_ENV_INIT_TIMEOUT=120
  831. PLUGIN_MAX_EXECUTION_TIMEOUT=600
  832. # PIP_MIRROR_URL=https://pypi.tuna.tsinghua.edu.cn/simple
  833. PIP_MIRROR_URL=