.env.example 25 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753
  1. # ------------------------------
  2. # Environment Variables for API service & worker
  3. # ------------------------------
  4. # ------------------------------
  5. # Common Variables
  6. # ------------------------------
  7. # The backend URL of the console API,
  8. # used to concatenate the authorization callback.
  9. # If empty, it is the same domain.
  10. # Example: https://api.console.dify.ai
  11. CONSOLE_API_URL=
  12. # The front-end URL of the console web,
  13. # used to concatenate some front-end addresses and for CORS configuration use.
  14. # If empty, it is the same domain.
  15. # Example: https://console.dify.ai
  16. CONSOLE_WEB_URL=
  17. # Service API Url,
  18. # used to display Service API Base Url to the front-end.
  19. # If empty, it is the same domain.
  20. # Example: https://api.dify.ai
  21. SERVICE_API_URL=
  22. # WebApp API backend Url,
  23. # used to declare the back-end URL for the front-end API.
  24. # If empty, it is the same domain.
  25. # Example: https://api.app.dify.ai
  26. APP_API_URL=
  27. # WebApp Url,
  28. # used to display WebAPP API Base Url to the front-end.
  29. # If empty, it is the same domain.
  30. # Example: https://app.dify.ai
  31. APP_WEB_URL=
  32. # File preview or download Url prefix.
  33. # used to display File preview or download Url to the front-end or as Multi-model inputs;
  34. # Url is signed and has expiration time.
  35. FILES_URL=
  36. # ------------------------------
  37. # Server Configuration
  38. # ------------------------------
  39. # The log level for the application.
  40. # Supported values are `DEBUG`, `INFO`, `WARNING`, `ERROR`, `CRITICAL`
  41. LOG_LEVEL=INFO
  42. # Debug mode, default is false.
  43. # It is recommended to turn on this configuration for local development
  44. # to prevent some problems caused by monkey patch.
  45. DEBUG=false
  46. # Flask debug mode, it can output trace information at the interface when turned on,
  47. # which is convenient for debugging.
  48. FLASK_DEBUG=false
  49. # A secretkey that is used for securely signing the session cookie
  50. # and encrypting sensitive information on the database.
  51. # You can generate a strong key using `openssl rand -base64 42`.
  52. SECRET_KEY=sk-9f73s3ljTXVcMT3Blb3ljTqtsKiGHXVcMT3BlbkFJLK7U
  53. # Password for admin user initialization.
  54. # If left unset, admin user will not be prompted for a password
  55. # when creating the initial admin account.
  56. INIT_PASSWORD=
  57. # Deployment environment.
  58. # Supported values are `PRODUCTION`, `TESTING`. Default is `PRODUCTION`.
  59. # Testing environment. There will be a distinct color label on the front-end page,
  60. # indicating that this environment is a testing environment.
  61. DEPLOY_ENV=PRODUCTION
  62. # Whether to enable the version check policy.
  63. # If set to empty, https://updates.dify.ai will not be called for version check.
  64. CHECK_UPDATE_URL=https://updates.dify.ai
  65. # Used to change the OpenAI base address, default is https://api.openai.com/v1.
  66. # When OpenAI cannot be accessed in China, replace it with a domestic mirror address,
  67. # or when a local model provides OpenAI compatible API, it can be replaced.
  68. OPENAI_API_BASE=https://api.openai.com/v1
  69. # When enabled, migrations will be executed prior to application startup
  70. # and the application will start after the migrations have completed.
  71. MIGRATION_ENABLED=true
  72. # File Access Time specifies a time interval in seconds for the file to be accessed.
  73. # The default value is 300 seconds.
  74. FILES_ACCESS_TIMEOUT=300
  75. # The maximum number of active requests for the application, where 0 means unlimited, should be a non-negative integer.
  76. APP_MAX_ACTIVE_REQUESTS=0
  77. # ------------------------------
  78. # Container Startup Related Configuration
  79. # Only effective when starting with docker image or docker-compose.
  80. # ------------------------------
  81. # API service binding address, default: 0.0.0.0, i.e., all addresses can be accessed.
  82. DIFY_BIND_ADDRESS=0.0.0.0
  83. # API service binding port number, default 5001.
  84. DIFY_PORT=5001
  85. # The number of API server workers, i.e., the number of gevent workers.
  86. # Formula: number of cpu cores x 2 + 1
  87. # Reference: https://docs.gunicorn.org/en/stable/design.html#how-many-workers
  88. SERVER_WORKER_AMOUNT=
  89. # Defaults to gevent. If using windows, it can be switched to sync or solo.
  90. SERVER_WORKER_CLASS=
  91. # Similar to SERVER_WORKER_CLASS. Default is gevent.
  92. # If using windows, it can be switched to sync or solo.
  93. CELERY_WORKER_CLASS=
  94. # Request handling timeout. The default is 200,
  95. # it is recommended to set it to 360 to support a longer sse connection time.
  96. GUNICORN_TIMEOUT=360
  97. # The number of Celery workers. The default is 1, and can be set as needed.
  98. CELERY_WORKER_AMOUNT=
  99. # Flag indicating whether to enable autoscaling of Celery workers.
  100. #
  101. # Autoscaling is useful when tasks are CPU intensive and can be dynamically
  102. # allocated and deallocated based on the workload.
  103. #
  104. # When autoscaling is enabled, the maximum and minimum number of workers can
  105. # be specified. The autoscaling algorithm will dynamically adjust the number
  106. # of workers within the specified range.
  107. #
  108. # Default is false (i.e., autoscaling is disabled).
  109. #
  110. # Example:
  111. # CELERY_AUTO_SCALE=true
  112. CELERY_AUTO_SCALE=false
  113. # The maximum number of Celery workers that can be autoscaled.
  114. # This is optional and only used when autoscaling is enabled.
  115. # Default is not set.
  116. CELERY_MAX_WORKERS=
  117. # The minimum number of Celery workers that can be autoscaled.
  118. # This is optional and only used when autoscaling is enabled.
  119. # Default is not set.
  120. CELERY_MIN_WORKERS=
  121. # API Tool configuration
  122. API_TOOL_DEFAULT_CONNECT_TIMEOUT=10
  123. API_TOOL_DEFAULT_READ_TIMEOUT=60
  124. # ------------------------------
  125. # Database Configuration
  126. # The database uses PostgreSQL. Please use the public schema.
  127. # It is consistent with the configuration in the 'db' service below.
  128. # ------------------------------
  129. DB_USERNAME=postgres
  130. DB_PASSWORD=difyai123456
  131. DB_HOST=db
  132. DB_PORT=5432
  133. DB_DATABASE=dify
  134. # The size of the database connection pool.
  135. # The default is 30 connections, which can be appropriately increased.
  136. SQLALCHEMY_POOL_SIZE=30
  137. # Database connection pool recycling time, the default is 3600 seconds.
  138. SQLALCHEMY_POOL_RECYCLE=3600
  139. # Whether to print SQL, default is false.
  140. SQLALCHEMY_ECHO=false
  141. # Maximum number of connections to the database
  142. # Default is 100
  143. #
  144. # Reference: https://www.postgresql.org/docs/current/runtime-config-connection.html#GUC-MAX-CONNECTIONS
  145. POSTGRES_MAX_CONNECTIONS=100
  146. # Sets the amount of shared memory used for postgres's shared buffers.
  147. # Default is 128MB
  148. # Recommended value: 25% of available memory
  149. # Reference: https://www.postgresql.org/docs/current/runtime-config-resource.html#GUC-SHARED-BUFFERS
  150. POSTGRES_SHARED_BUFFERS=128MB
  151. # Sets the amount of memory used by each database worker for working space.
  152. # Default is 4MB
  153. #
  154. # Reference: https://www.postgresql.org/docs/current/runtime-config-resource.html#GUC-WORK-MEM
  155. POSTGRES_WORK_MEM=4MB
  156. # Sets the amount of memory reserved for maintenance activities.
  157. # Default is 64MB
  158. #
  159. # Reference: https://www.postgresql.org/docs/current/runtime-config-resource.html#GUC-MAINTENANCE-WORK-MEM
  160. POSTGRES_MAINTENANCE_WORK_MEM=64MB
  161. # Sets the planner's assumption about the effective cache size.
  162. # Default is 4096MB
  163. #
  164. # Reference: https://www.postgresql.org/docs/current/runtime-config-query.html#GUC-EFFECTIVE-CACHE-SIZE
  165. POSTGRES_EFFECTIVE_CACHE_SIZE=4096MB
  166. # ------------------------------
  167. # Redis Configuration
  168. # This Redis configuration is used for caching and for pub/sub during conversation.
  169. # ------------------------------
  170. REDIS_HOST=redis
  171. REDIS_PORT=6379
  172. REDIS_USERNAME=
  173. REDIS_PASSWORD=difyai123456
  174. REDIS_USE_SSL=false
  175. # Whether to use Redis Sentinel mode.
  176. # If set to true, the application will automatically discover and connect to the master node through Sentinel.
  177. REDIS_USE_SENTINEL=false
  178. # List of Redis Sentinel nodes. If Sentinel mode is enabled, provide at least one Sentinel IP and port.
  179. # Format: `<sentinel1_ip>:<sentinel1_port>,<sentinel2_ip>:<sentinel2_port>,<sentinel3_ip>:<sentinel3_port>`
  180. REDIS_SENTINELS=
  181. REDIS_SENTINEL_SERVICE_NAME=
  182. REDIS_SENTINEL_USERNAME=
  183. REDIS_SENTINEL_PASSWORD=
  184. REDIS_SENTINEL_SOCKET_TIMEOUT=0.1
  185. # ------------------------------
  186. # Celery Configuration
  187. # ------------------------------
  188. # Use redis as the broker, and redis db 1 for celery broker.
  189. # Format as follows: `redis://<redis_username>:<redis_password>@<redis_host>:<redis_port>/<redis_database>`
  190. # Example: redis://:difyai123456@redis:6379/1
  191. # If use Redis Sentinel, format as follows: `sentinel://<sentinel_username>:<sentinel_password>@<sentinel_host>:<sentinel_port>/<redis_database>`
  192. # Example: sentinel://localhost:26379/1;sentinel://localhost:26380/1;sentinel://localhost:26381/1
  193. CELERY_BROKER_URL=redis://:difyai123456@redis:6379/1
  194. BROKER_USE_SSL=false
  195. # If you are using Redis Sentinel for high availability, configure the following settings.
  196. CELERY_USE_SENTINEL=false
  197. CELERY_SENTINEL_MASTER_NAME=
  198. CELERY_SENTINEL_SOCKET_TIMEOUT=0.1
  199. # ------------------------------
  200. # CORS Configuration
  201. # Used to set the front-end cross-domain access policy.
  202. # ------------------------------
  203. # Specifies the allowed origins for cross-origin requests to the Web API,
  204. # e.g. https://dify.app or * for all origins.
  205. WEB_API_CORS_ALLOW_ORIGINS=*
  206. # Specifies the allowed origins for cross-origin requests to the console API,
  207. # e.g. https://cloud.dify.ai or * for all origins.
  208. CONSOLE_CORS_ALLOW_ORIGINS=*
  209. # ------------------------------
  210. # File Storage Configuration
  211. # ------------------------------
  212. # The type of storage to use for storing user files.
  213. # Supported values are `local` and `s3` and `azure-blob` and `google-storage` and `tencent-cos` and `huawei-obs`
  214. # Default: `local`
  215. STORAGE_TYPE=local
  216. # S3 Configuration
  217. # Whether to use AWS managed IAM roles for authenticating with the S3 service.
  218. # If set to false, the access key and secret key must be provided.
  219. S3_USE_AWS_MANAGED_IAM=false
  220. # The endpoint of the S3 service.
  221. S3_ENDPOINT=
  222. # The region of the S3 service.
  223. S3_REGION=us-east-1
  224. # The name of the S3 bucket to use for storing files.
  225. S3_BUCKET_NAME=difyai
  226. # The access key to use for authenticating with the S3 service.
  227. S3_ACCESS_KEY=
  228. # The secret key to use for authenticating with the S3 service.
  229. S3_SECRET_KEY=
  230. # Azure Blob Configuration
  231. # The name of the Azure Blob Storage account to use for storing files.
  232. AZURE_BLOB_ACCOUNT_NAME=difyai
  233. # The access key to use for authenticating with the Azure Blob Storage account.
  234. AZURE_BLOB_ACCOUNT_KEY=difyai
  235. # The name of the Azure Blob Storage container to use for storing files.
  236. AZURE_BLOB_CONTAINER_NAME=difyai-container
  237. # The URL of the Azure Blob Storage account.
  238. AZURE_BLOB_ACCOUNT_URL=https://<your_account_name>.blob.core.windows.net
  239. # Google Storage Configuration
  240. # The name of the Google Storage bucket to use for storing files.
  241. GOOGLE_STORAGE_BUCKET_NAME=your-bucket-name
  242. # The service account JSON key to use for authenticating with the Google Storage service.
  243. GOOGLE_STORAGE_SERVICE_ACCOUNT_JSON_BASE64=your-google-service-account-json-base64-string
  244. # The Alibaba Cloud OSS configurations,
  245. # only available when STORAGE_TYPE is `aliyun-oss`
  246. ALIYUN_OSS_BUCKET_NAME=your-bucket-name
  247. ALIYUN_OSS_ACCESS_KEY=your-access-key
  248. ALIYUN_OSS_SECRET_KEY=your-secret-key
  249. ALIYUN_OSS_ENDPOINT=https://oss-ap-southeast-1-internal.aliyuncs.com
  250. ALIYUN_OSS_REGION=ap-southeast-1
  251. ALIYUN_OSS_AUTH_VERSION=v4
  252. # Don't start with '/'. OSS doesn't support leading slash in object names.
  253. ALIYUN_OSS_PATH=your-path
  254. # Tencent COS Configuration
  255. # The name of the Tencent COS bucket to use for storing files.
  256. TENCENT_COS_BUCKET_NAME=your-bucket-name
  257. # The secret key to use for authenticating with the Tencent COS service.
  258. TENCENT_COS_SECRET_KEY=your-secret-key
  259. # The secret id to use for authenticating with the Tencent COS service.
  260. TENCENT_COS_SECRET_ID=your-secret-id
  261. # The region of the Tencent COS service.
  262. TENCENT_COS_REGION=your-region
  263. # The scheme of the Tencent COS service.
  264. TENCENT_COS_SCHEME=your-scheme
  265. # Huawei OBS Configuration
  266. # The name of the Huawei OBS bucket to use for storing files.
  267. HUAWEI_OBS_BUCKET_NAME=your-bucket-name
  268. # The secret key to use for authenticating with the Huawei OBS service.
  269. HUAWEI_OBS_SECRET_KEY=your-secret-key
  270. # The access key to use for authenticating with the Huawei OBS service.
  271. HUAWEI_OBS_ACCESS_KEY=your-access-key
  272. # The server url of the HUAWEI OBS service.
  273. HUAWEI_OBS_SERVER=your-server-url
  274. # ------------------------------
  275. # Vector Database Configuration
  276. # ------------------------------
  277. # The type of vector store to use.
  278. # Supported values are `weaviate`, `qdrant`, `milvus`, `myscale`, `relyt`, `pgvector`, `chroma`, `opensearch`, `tidb_vector`, `oracle`, `tencent`, `elasticsearch`.
  279. VECTOR_STORE=weaviate
  280. # The Weaviate endpoint URL. Only available when VECTOR_STORE is `weaviate`.
  281. WEAVIATE_ENDPOINT=http://weaviate:8080
  282. # The Weaviate API key.
  283. WEAVIATE_API_KEY=WVF5YThaHlkYwhGUSmCRgsX3tD5ngdN8pkih
  284. # The Qdrant endpoint URL. Only available when VECTOR_STORE is `qdrant`.
  285. QDRANT_URL=http://qdrant:6333
  286. # The Qdrant API key.
  287. QDRANT_API_KEY=difyai123456
  288. # The Qdrant client timeout setting.
  289. QDRANT_CLIENT_TIMEOUT=20
  290. # The Qdrant client enable gRPC mode.
  291. QDRANT_GRPC_ENABLED=false
  292. # The Qdrant server gRPC mode PORT.
  293. QDRANT_GRPC_PORT=6334
  294. # Milvus configuration Only available when VECTOR_STORE is `milvus`.
  295. # The milvus uri.
  296. MILVUS_URI=http://127.0.0.1:19530
  297. # The milvus token.
  298. MILVUS_TOKEN=
  299. # The milvus username.
  300. MILVUS_USER=root
  301. # The milvus password.
  302. MILVUS_PASSWORD=Milvus
  303. # MyScale configuration, only available when VECTOR_STORE is `myscale`
  304. # For multi-language support, please set MYSCALE_FTS_PARAMS with referring to:
  305. # https://myscale.com/docs/en/text-search/#understanding-fts-index-parameters
  306. MYSCALE_HOST=myscale
  307. MYSCALE_PORT=8123
  308. MYSCALE_USER=default
  309. MYSCALE_PASSWORD=
  310. MYSCALE_DATABASE=dify
  311. MYSCALE_FTS_PARAMS=
  312. # pgvector configurations, only available when VECTOR_STORE is `pgvecto-rs or pgvector`
  313. PGVECTOR_HOST=pgvector
  314. PGVECTOR_PORT=5432
  315. PGVECTOR_USER=postgres
  316. PGVECTOR_PASSWORD=difyai123456
  317. PGVECTOR_DATABASE=dify
  318. # TiDB vector configurations, only available when VECTOR_STORE is `tidb`
  319. TIDB_VECTOR_HOST=tidb
  320. TIDB_VECTOR_PORT=4000
  321. TIDB_VECTOR_USER=xxx.root
  322. TIDB_VECTOR_PASSWORD=xxxxxx
  323. TIDB_VECTOR_DATABASE=dify
  324. # Chroma configuration, only available when VECTOR_STORE is `chroma`
  325. CHROMA_HOST=127.0.0.1
  326. CHROMA_PORT=8000
  327. CHROMA_TENANT=default_tenant
  328. CHROMA_DATABASE=default_database
  329. CHROMA_AUTH_PROVIDER=chromadb.auth.token_authn.TokenAuthClientProvider
  330. CHROMA_AUTH_CREDENTIALS=xxxxxx
  331. # Oracle configuration, only available when VECTOR_STORE is `oracle`
  332. ORACLE_HOST=oracle
  333. ORACLE_PORT=1521
  334. ORACLE_USER=dify
  335. ORACLE_PASSWORD=dify
  336. ORACLE_DATABASE=FREEPDB1
  337. # relyt configurations, only available when VECTOR_STORE is `relyt`
  338. RELYT_HOST=db
  339. RELYT_PORT=5432
  340. RELYT_USER=postgres
  341. RELYT_PASSWORD=difyai123456
  342. RELYT_DATABASE=postgres
  343. # open search configuration, only available when VECTOR_STORE is `opensearch`
  344. OPENSEARCH_HOST=opensearch
  345. OPENSEARCH_PORT=9200
  346. OPENSEARCH_USER=admin
  347. OPENSEARCH_PASSWORD=admin
  348. OPENSEARCH_SECURE=true
  349. # tencent vector configurations, only available when VECTOR_STORE is `tencent`
  350. TENCENT_VECTOR_DB_URL=http://127.0.0.1
  351. TENCENT_VECTOR_DB_API_KEY=dify
  352. TENCENT_VECTOR_DB_TIMEOUT=30
  353. TENCENT_VECTOR_DB_USERNAME=dify
  354. TENCENT_VECTOR_DB_DATABASE=dify
  355. TENCENT_VECTOR_DB_SHARD=1
  356. TENCENT_VECTOR_DB_REPLICAS=2
  357. # ElasticSearch configuration, only available when VECTOR_STORE is `elasticsearch`
  358. ELASTICSEARCH_HOST=0.0.0.0
  359. ELASTICSEARCH_PORT=9200
  360. ELASTICSEARCH_USERNAME=elastic
  361. ELASTICSEARCH_PASSWORD=elastic
  362. # ------------------------------
  363. # Knowledge Configuration
  364. # ------------------------------
  365. # Upload file size limit, default 15M.
  366. UPLOAD_FILE_SIZE_LIMIT=15
  367. # The maximum number of files that can be uploaded at a time, default 5.
  368. UPLOAD_FILE_BATCH_LIMIT=5
  369. # ETl type, support: `dify`, `Unstructured`
  370. # `dify` Dify's proprietary file extraction scheme
  371. # `Unstructured` Unstructured.io file extraction scheme
  372. ETL_TYPE=dify
  373. # Unstructured API path, needs to be configured when ETL_TYPE is Unstructured.
  374. # For example: http://unstructured:8000/general/v0/general
  375. UNSTRUCTURED_API_URL=
  376. # ------------------------------
  377. # Multi-modal Configuration
  378. # ------------------------------
  379. # The format of the image sent when the multi-modal model is input,
  380. # the default is base64, optional url.
  381. # The delay of the call in url mode will be lower than that in base64 mode.
  382. # It is generally recommended to use the more compatible base64 mode.
  383. # If configured as url, you need to configure FILES_URL as an externally accessible address so that the multi-modal model can access the image.
  384. MULTIMODAL_SEND_IMAGE_FORMAT=base64
  385. # Upload image file size limit, default 10M.
  386. UPLOAD_IMAGE_FILE_SIZE_LIMIT=10
  387. # ------------------------------
  388. # Sentry Configuration
  389. # Used for application monitoring and error log tracking.
  390. # ------------------------------
  391. # API Service Sentry DSN address, default is empty, when empty,
  392. # all monitoring information is not reported to Sentry.
  393. # If not set, Sentry error reporting will be disabled.
  394. API_SENTRY_DSN=
  395. # API Service The reporting ratio of Sentry events, if it is 0.01, it is 1%.
  396. API_SENTRY_TRACES_SAMPLE_RATE=1.0
  397. # API Service The reporting ratio of Sentry profiles, if it is 0.01, it is 1%.
  398. API_SENTRY_PROFILES_SAMPLE_RATE=1.0
  399. # Web Service Sentry DSN address, default is empty, when empty,
  400. # all monitoring information is not reported to Sentry.
  401. # If not set, Sentry error reporting will be disabled.
  402. WEB_SENTRY_DSN=
  403. # ------------------------------
  404. # Notion Integration Configuration
  405. # Variables can be obtained by applying for Notion integration: https://www.notion.so/my-integrations
  406. # ------------------------------
  407. # Configure as "public" or "internal".
  408. # Since Notion's OAuth redirect URL only supports HTTPS,
  409. # if deploying locally, please use Notion's internal integration.
  410. NOTION_INTEGRATION_TYPE=public
  411. # Notion OAuth client secret (used for public integration type)
  412. NOTION_CLIENT_SECRET=
  413. # Notion OAuth client id (used for public integration type)
  414. NOTION_CLIENT_ID=
  415. # Notion internal integration secret.
  416. # If the value of NOTION_INTEGRATION_TYPE is "internal",
  417. # you need to configure this variable.
  418. NOTION_INTERNAL_SECRET=
  419. # ------------------------------
  420. # Mail related configuration
  421. # ------------------------------
  422. # Mail type, support: resend, smtp
  423. MAIL_TYPE=resend
  424. # Default send from email address, if not specified
  425. MAIL_DEFAULT_SEND_FROM=
  426. # API-Key for the Resend email provider, used when MAIL_TYPE is `resend`.
  427. RESEND_API_KEY=your-resend-api-key
  428. # SMTP server configuration, used when MAIL_TYPE is `smtp`
  429. SMTP_SERVER=
  430. SMTP_PORT=465
  431. SMTP_USERNAME=
  432. SMTP_PASSWORD=
  433. SMTP_USE_TLS=true
  434. SMTP_OPPORTUNISTIC_TLS=false
  435. # ------------------------------
  436. # Others Configuration
  437. # ------------------------------
  438. # Maximum length of segmentation tokens for indexing
  439. INDEXING_MAX_SEGMENTATION_TOKENS_LENGTH=1000
  440. # Member invitation link valid time (hours),
  441. # Default: 72.
  442. INVITE_EXPIRY_HOURS=72
  443. # Reset password token valid time (hours),
  444. # Default: 24.
  445. RESET_PASSWORD_TOKEN_EXPIRY_HOURS=24
  446. # The sandbox service endpoint.
  447. CODE_EXECUTION_ENDPOINT=http://sandbox:8194
  448. CODE_MAX_NUMBER=9223372036854775807
  449. CODE_MIN_NUMBER=-9223372036854775808
  450. CODE_MAX_DEPTH=5
  451. CODE_MAX_PRECISION=20
  452. CODE_MAX_STRING_LENGTH=80000
  453. TEMPLATE_TRANSFORM_MAX_LENGTH=80000
  454. CODE_MAX_STRING_ARRAY_LENGTH=30
  455. CODE_MAX_OBJECT_ARRAY_LENGTH=30
  456. CODE_MAX_NUMBER_ARRAY_LENGTH=1000
  457. # SSRF Proxy server HTTP URL
  458. SSRF_PROXY_HTTP_URL=http://ssrf_proxy:3128
  459. # SSRF Proxy server HTTPS URL
  460. SSRF_PROXY_HTTPS_URL=http://ssrf_proxy:3128
  461. # ------------------------------
  462. # Environment Variables for db Service
  463. # ------------------------------
  464. PGUSER=${DB_USERNAME}
  465. # The password for the default postgres user.
  466. POSTGRES_PASSWORD=${DB_PASSWORD}
  467. # The name of the default postgres database.
  468. POSTGRES_DB=${DB_DATABASE}
  469. # postgres data directory
  470. PGDATA=/var/lib/postgresql/data/pgdata
  471. # ------------------------------
  472. # Environment Variables for sandbox Service
  473. # ------------------------------
  474. # The API key for the sandbox service
  475. SANDBOX_API_KEY=dify-sandbox
  476. # The mode in which the Gin framework runs
  477. SANDBOX_GIN_MODE=release
  478. # The timeout for the worker in seconds
  479. SANDBOX_WORKER_TIMEOUT=15
  480. # Enable network for the sandbox service
  481. SANDBOX_ENABLE_NETWORK=true
  482. # HTTP proxy URL for SSRF protection
  483. SANDBOX_HTTP_PROXY=http://ssrf_proxy:3128
  484. # HTTPS proxy URL for SSRF protection
  485. SANDBOX_HTTPS_PROXY=http://ssrf_proxy:3128
  486. # The port on which the sandbox service runs
  487. SANDBOX_PORT=8194
  488. # ------------------------------
  489. # Environment Variables for weaviate Service
  490. # (only used when VECTOR_STORE is weaviate)
  491. # ------------------------------
  492. WEAVIATE_PERSISTENCE_DATA_PATH='/var/lib/weaviate'
  493. WEAVIATE_QUERY_DEFAULTS_LIMIT=25
  494. WEAVIATE_AUTHENTICATION_ANONYMOUS_ACCESS_ENABLED=true
  495. WEAVIATE_DEFAULT_VECTORIZER_MODULE=none
  496. WEAVIATE_CLUSTER_HOSTNAME=node1
  497. WEAVIATE_AUTHENTICATION_APIKEY_ENABLED=true
  498. WEAVIATE_AUTHENTICATION_APIKEY_ALLOWED_KEYS=WVF5YThaHlkYwhGUSmCRgsX3tD5ngdN8pkih
  499. WEAVIATE_AUTHENTICATION_APIKEY_USERS=hello@dify.ai
  500. WEAVIATE_AUTHORIZATION_ADMINLIST_ENABLED=true
  501. WEAVIATE_AUTHORIZATION_ADMINLIST_USERS=hello@dify.ai
  502. # ------------------------------
  503. # Environment Variables for Chroma
  504. # (only used when VECTOR_STORE is chroma)
  505. # ------------------------------
  506. # Authentication credentials for Chroma server
  507. CHROMA_SERVER_AUTHN_CREDENTIALS=difyai123456
  508. # Authentication provider for Chroma server
  509. CHROMA_SERVER_AUTHN_PROVIDER=chromadb.auth.token_authn.TokenAuthenticationServerProvider
  510. # Persistence setting for Chroma server
  511. CHROMA_IS_PERSISTENT=TRUE
  512. # ------------------------------
  513. # Environment Variables for Oracle Service
  514. # (only used when VECTOR_STORE is Oracle)
  515. # ------------------------------
  516. ORACLE_PWD=Dify123456
  517. ORACLE_CHARACTERSET=AL32UTF8
  518. # ------------------------------
  519. # Environment Variables for milvus Service
  520. # (only used when VECTOR_STORE is milvus)
  521. # ------------------------------
  522. # ETCD configuration for auto compaction mode
  523. ETCD_AUTO_COMPACTION_MODE=revision
  524. # ETCD configuration for auto compaction retention in terms of number of revisions
  525. ETCD_AUTO_COMPACTION_RETENTION=1000
  526. # ETCD configuration for backend quota in bytes
  527. ETCD_QUOTA_BACKEND_BYTES=4294967296
  528. # ETCD configuration for the number of changes before triggering a snapshot
  529. ETCD_SNAPSHOT_COUNT=50000
  530. # MinIO access key for authentication
  531. MINIO_ACCESS_KEY=minioadmin
  532. # MinIO secret key for authentication
  533. MINIO_SECRET_KEY=minioadmin
  534. # ETCD service endpoints
  535. ETCD_ENDPOINTS=etcd:2379
  536. # MinIO service address
  537. MINIO_ADDRESS=minio:9000
  538. # Enable or disable security authorization
  539. MILVUS_AUTHORIZATION_ENABLED=true
  540. # ------------------------------
  541. # Environment Variables for pgvector / pgvector-rs Service
  542. # (only used when VECTOR_STORE is pgvector / pgvector-rs)
  543. # ------------------------------
  544. PGVECTOR_PGUSER=postgres
  545. # The password for the default postgres user.
  546. PGVECTOR_POSTGRES_PASSWORD=difyai123456
  547. # The name of the default postgres database.
  548. PGVECTOR_POSTGRES_DB=dify
  549. # postgres data directory
  550. PGVECTOR_PGDATA=/var/lib/postgresql/data/pgdata
  551. # ------------------------------
  552. # Environment Variables for opensearch
  553. # (only used when VECTOR_STORE is opensearch)
  554. # ------------------------------
  555. OPENSEARCH_DISCOVERY_TYPE=single-node
  556. OPENSEARCH_BOOTSTRAP_MEMORY_LOCK=true
  557. OPENSEARCH_JAVA_OPTS_MIN=512m
  558. OPENSEARCH_JAVA_OPTS_MAX=1024m
  559. OPENSEARCH_INITIAL_ADMIN_PASSWORD=Qazwsxedc!@#123
  560. OPENSEARCH_MEMLOCK_SOFT=-1
  561. OPENSEARCH_MEMLOCK_HARD=-1
  562. OPENSEARCH_NOFILE_SOFT=65536
  563. OPENSEARCH_NOFILE_HARD=65536
  564. # ------------------------------
  565. # Environment Variables for Nginx reverse proxy
  566. # ------------------------------
  567. NGINX_SERVER_NAME=_
  568. NGINX_HTTPS_ENABLED=false
  569. # HTTP port
  570. NGINX_PORT=80
  571. # SSL settings are only applied when HTTPS_ENABLED is true
  572. NGINX_SSL_PORT=443
  573. # if HTTPS_ENABLED is true, you're required to add your own SSL certificates/keys to the `./nginx/ssl` directory
  574. # and modify the env vars below accordingly.
  575. NGINX_SSL_CERT_FILENAME=dify.crt
  576. NGINX_SSL_CERT_KEY_FILENAME=dify.key
  577. NGINX_SSL_PROTOCOLS=TLSv1.1 TLSv1.2 TLSv1.3
  578. # Nginx performance tuning
  579. NGINX_WORKER_PROCESSES=auto
  580. NGINX_CLIENT_MAX_BODY_SIZE=15M
  581. NGINX_KEEPALIVE_TIMEOUT=65
  582. # Proxy settings
  583. NGINX_PROXY_READ_TIMEOUT=3600s
  584. NGINX_PROXY_SEND_TIMEOUT=3600s
  585. # Set true to accept requests for /.well-known/acme-challenge/
  586. NGINX_ENABLE_CERTBOT_CHALLENGE=false
  587. # ------------------------------
  588. # Certbot Configuration
  589. # ------------------------------
  590. # Email address (required to get certificates from Let's Encrypt)
  591. CERTBOT_EMAIL=your_email@example.com
  592. # Domain name
  593. CERTBOT_DOMAIN=your_domain.com
  594. # certbot command options
  595. # i.e: --force-renewal --dry-run --test-cert --debug
  596. CERTBOT_OPTIONS=
  597. # ------------------------------
  598. # Environment Variables for SSRF Proxy
  599. # ------------------------------
  600. SSRF_HTTP_PORT=3128
  601. SSRF_COREDUMP_DIR=/var/spool/squid
  602. SSRF_REVERSE_PROXY_PORT=8194
  603. SSRF_SANDBOX_HOST=sandbox
  604. # ------------------------------
  605. # docker env var for specifying vector db type at startup
  606. # (based on the vector db type, the corresponding docker
  607. # compose profile will be used)
  608. # if you want to use unstructured, add ',unstructured' to the end
  609. # ------------------------------
  610. COMPOSE_PROFILES=${VECTOR_STORE:-weaviate}
  611. # ------------------------------
  612. # Docker Compose Service Expose Host Port Configurations
  613. # ------------------------------
  614. EXPOSE_NGINX_PORT=80
  615. EXPOSE_NGINX_SSL_PORT=443
  616. # ----------------------------------------------------------------------------
  617. # ModelProvider & Tool Position Configuration
  618. # Used to specify the model providers and tools that can be used in the app.
  619. # ----------------------------------------------------------------------------
  620. # Pin, include, and exclude tools
  621. # Use comma-separated values with no spaces between items.
  622. # Example: POSITION_TOOL_PINS=bing,google
  623. POSITION_TOOL_PINS=
  624. POSITION_TOOL_INCLUDES=
  625. POSITION_TOOL_EXCLUDES=
  626. # Pin, include, and exclude model providers
  627. # Use comma-separated values with no spaces between items.
  628. # Example: POSITION_PROVIDER_PINS=openai,openllm
  629. POSITION_PROVIDER_PINS=
  630. POSITION_PROVIDER_INCLUDES=
  631. POSITION_PROVIDER_EXCLUDES=