mirror of
https://github.com/langgenius/dify.git
synced 2026-06-26 14:51:13 +08:00
735 lines
24 KiB
Plaintext
735 lines
24 KiB
Plaintext
# ------------------------------------------------------------------
|
|
# Essential defaults for Docker Compose deployments.
|
|
# Only include variables required for services to start.
|
|
# Do not add optional variables to this file.
|
|
#
|
|
# For a default deployment, copy this file to .env and run:
|
|
# docker compose up -d
|
|
#
|
|
# Optional and provider-specific variables live under docker/envs/.
|
|
# Copy an optional *.env.example file beside itself without the
|
|
# .example suffix when you need those advanced settings.
|
|
# Values in docker/.env take precedence over docker/envs/*.env files.
|
|
# ------------------------------------------------------------------
|
|
|
|
# Core service URLs
|
|
CONSOLE_API_URL=
|
|
SERVER_CONSOLE_API_URL=http://api:5001
|
|
CONSOLE_WEB_URL=
|
|
SERVICE_API_URL=
|
|
TRIGGER_URL=http://localhost
|
|
APP_API_URL=
|
|
APP_WEB_URL=
|
|
FILES_URL=
|
|
INTERNAL_FILES_URL=
|
|
ENDPOINT_URL_TEMPLATE=http://localhost/e/{hook_id}
|
|
NEXT_PUBLIC_SOCKET_URL=ws://localhost
|
|
|
|
# Runtime and security
|
|
LANG=C.UTF-8
|
|
LC_ALL=C.UTF-8
|
|
PYTHONIOENCODING=utf-8
|
|
UV_CACHE_DIR=/tmp/.uv-cache
|
|
# Leave empty to auto-generate a persistent key in the storage directory.
|
|
SECRET_KEY=
|
|
INIT_PASSWORD=
|
|
DEPLOY_ENV=PRODUCTION
|
|
CHECK_UPDATE_URL=https://updates.dify.ai
|
|
OPENAI_API_BASE=https://api.openai.com/v1
|
|
MIGRATION_ENABLED=true
|
|
FILES_ACCESS_TIMEOUT=300
|
|
# Remove `collaboration` from COMPOSE_PROFILES to stop the dedicated websocket service.
|
|
ENABLE_COLLABORATION_MODE=true
|
|
|
|
# Learn app feature toggle
|
|
ENABLE_LEARN_APP=true
|
|
|
|
# Logging and server workers
|
|
LOG_LEVEL=INFO
|
|
LOG_OUTPUT_FORMAT=text
|
|
LOG_FILE=/app/logs/server.log
|
|
LOG_FILE_MAX_SIZE=20
|
|
LOG_FILE_BACKUP_COUNT=5
|
|
LOG_DATEFORMAT=%Y-%m-%d %H:%M:%S
|
|
LOG_TZ=UTC
|
|
DEBUG=false
|
|
FLASK_DEBUG=false
|
|
ENABLE_REQUEST_LOGGING=False
|
|
DIFY_BIND_ADDRESS=0.0.0.0
|
|
DIFY_PORT=5001
|
|
SERVER_WORKER_AMOUNT=1
|
|
SERVER_WORKER_CLASS=gevent
|
|
SERVER_WORKER_CONNECTIONS=10
|
|
API_WEBSOCKET_WORKER_CLASS=geventwebsocket.gunicorn.workers.GeventWebSocketWorker
|
|
API_WEBSOCKET_WORKER_CONNECTIONS=1000
|
|
API_WEBSOCKET_GUNICORN_TIMEOUT=360
|
|
GUNICORN_TIMEOUT=360
|
|
CELERY_WORKER_CLASS=
|
|
CELERY_WORKER_AMOUNT=4
|
|
CELERY_AUTO_SCALE=false
|
|
CELERY_MAX_WORKERS=
|
|
CELERY_MIN_WORKERS=
|
|
COMPOSE_WORKER_HEALTHCHECK_DISABLED=true
|
|
COMPOSE_WORKER_HEALTHCHECK_INTERVAL=30s
|
|
COMPOSE_WORKER_HEALTHCHECK_TIMEOUT=30s
|
|
|
|
# Database
|
|
DB_TYPE=postgresql
|
|
DB_USERNAME=postgres
|
|
DB_PASSWORD=difyai123456
|
|
DB_HOST=db_postgres
|
|
DB_PORT=5432
|
|
DB_DATABASE=dify
|
|
SQLALCHEMY_POOL_SIZE=30
|
|
SQLALCHEMY_MAX_OVERFLOW=10
|
|
SQLALCHEMY_POOL_RECYCLE=3600
|
|
SQLALCHEMY_ECHO=false
|
|
SQLALCHEMY_POOL_PRE_PING=false
|
|
SQLALCHEMY_POOL_USE_LIFO=false
|
|
SQLALCHEMY_POOL_TIMEOUT=30
|
|
SQLALCHEMY_POOL_RESET_ON_RETURN=rollback
|
|
PGDATA=/var/lib/postgresql/data/pgdata
|
|
POSTGRES_MAX_CONNECTIONS=200
|
|
POSTGRES_SHARED_BUFFERS=128MB
|
|
POSTGRES_WORK_MEM=4MB
|
|
POSTGRES_MAINTENANCE_WORK_MEM=64MB
|
|
POSTGRES_EFFECTIVE_CACHE_SIZE=4096MB
|
|
POSTGRES_STATEMENT_TIMEOUT=0
|
|
POSTGRES_IDLE_IN_TRANSACTION_SESSION_TIMEOUT=0
|
|
|
|
# Redis and Celery
|
|
REDIS_HOST=redis
|
|
REDIS_PORT=6379
|
|
REDIS_USERNAME=
|
|
REDIS_PASSWORD=difyai123456
|
|
REDIS_USE_SSL=false
|
|
REDIS_SSL_CERT_REQS=CERT_NONE
|
|
REDIS_SSL_CA_CERTS=
|
|
REDIS_SSL_CERTFILE=
|
|
REDIS_SSL_KEYFILE=
|
|
REDIS_DB=0
|
|
REDIS_KEY_PREFIX=
|
|
REDIS_MAX_CONNECTIONS=
|
|
REDIS_RETRY_RETRIES=3
|
|
REDIS_RETRY_BACKOFF_BASE=1.0
|
|
REDIS_RETRY_BACKOFF_CAP=10.0
|
|
REDIS_SOCKET_TIMEOUT=5.0
|
|
REDIS_SOCKET_CONNECT_TIMEOUT=5.0
|
|
REDIS_HEALTH_CHECK_INTERVAL=30
|
|
CELERY_BROKER_URL=redis://:difyai123456@redis:6379/1
|
|
CELERY_BACKEND=redis
|
|
BROKER_USE_SSL=false
|
|
CELERY_TASK_ANNOTATIONS=null
|
|
EVENT_BUS_REDIS_URL=
|
|
EVENT_BUS_REDIS_CHANNEL_TYPE=pubsub
|
|
EVENT_BUS_REDIS_USE_CLUSTERS=false
|
|
|
|
# Web and app limits
|
|
WEB_API_CORS_ALLOW_ORIGINS=*
|
|
CONSOLE_CORS_ALLOW_ORIGINS=*
|
|
COOKIE_DOMAIN=
|
|
NEXT_PUBLIC_COOKIE_DOMAIN=
|
|
NEXT_PUBLIC_BATCH_CONCURRENCY=5
|
|
API_SENTRY_DSN=
|
|
API_SENTRY_TRACES_SAMPLE_RATE=1.0
|
|
API_SENTRY_PROFILES_SAMPLE_RATE=1.0
|
|
WEB_SENTRY_DSN=
|
|
AMPLITUDE_API_KEY=
|
|
TEXT_GENERATION_TIMEOUT_MS=60000
|
|
CSP_WHITELIST=
|
|
ALLOW_EMBED=false
|
|
ALLOW_UNSAFE_DATA_SCHEME=false
|
|
TOP_K_MAX_VALUE=10
|
|
INDEXING_MAX_SEGMENTATION_TOKENS_LENGTH=4000
|
|
LOOP_NODE_MAX_COUNT=100
|
|
MAX_TOOLS_NUM=10
|
|
MAX_PARALLEL_LIMIT=10
|
|
MAX_ITERATIONS_NUM=99
|
|
MAX_TREE_DEPTH=50
|
|
ENABLE_WEBSITE_JINAREADER=true
|
|
ENABLE_WEBSITE_FIRECRAWL=true
|
|
ENABLE_WEBSITE_WATERCRAWL=true
|
|
NEXT_PUBLIC_ENABLE_SINGLE_DOLLAR_LATEX=false
|
|
# Enable preview features still in development (currently the /create and
|
|
# /refine slash commands in the "Go to Anything" command palette).
|
|
NEXT_PUBLIC_ENABLE_FEATURE_PREVIEW=false
|
|
ENABLE_AGENT_V2=false
|
|
EXPERIMENTAL_ENABLE_VINEXT=false
|
|
|
|
# Storage and default vector store
|
|
STORAGE_TYPE=opendal
|
|
OPENDAL_SCHEME=fs
|
|
OPENDAL_FS_ROOT=storage
|
|
VECTOR_STORE=weaviate
|
|
VECTOR_INDEX_NAME_PREFIX=Vector_index
|
|
WEAVIATE_ENDPOINT=http://weaviate:8080
|
|
WEAVIATE_API_KEY=WVF5YThaHlkYwhGUSmCRgsX3tD5ngdN8pkih
|
|
WEAVIATE_GRPC_ENDPOINT=grpc://weaviate:50051
|
|
WEAVIATE_TOKENIZATION=word
|
|
WEAVIATE_PERSISTENCE_DATA_PATH=/var/lib/weaviate
|
|
WEAVIATE_QUERY_DEFAULTS_LIMIT=25
|
|
WEAVIATE_AUTHENTICATION_ANONYMOUS_ACCESS_ENABLED=true
|
|
WEAVIATE_DEFAULT_VECTORIZER_MODULE=none
|
|
WEAVIATE_CLUSTER_HOSTNAME=node1
|
|
WEAVIATE_AUTHENTICATION_APIKEY_ENABLED=true
|
|
WEAVIATE_AUTHENTICATION_APIKEY_ALLOWED_KEYS=WVF5YThaHlkYwhGUSmCRgsX3tD5ngdN8pkih
|
|
WEAVIATE_AUTHENTICATION_APIKEY_USERS=hello@dify.ai
|
|
WEAVIATE_AUTHORIZATION_ADMINLIST_ENABLED=true
|
|
WEAVIATE_AUTHORIZATION_ADMINLIST_USERS=hello@dify.ai
|
|
WEAVIATE_DISABLE_TELEMETRY=false
|
|
WEAVIATE_ENABLE_TOKENIZER_GSE=false
|
|
WEAVIATE_ENABLE_TOKENIZER_KAGOME_JA=false
|
|
WEAVIATE_ENABLE_TOKENIZER_KAGOME_KR=false
|
|
|
|
# For OceanBase metadata database configuration, available when `DB_TYPE` is `oceanbase`.
|
|
# For OceanBase vector database configuration, available when `VECTOR_STORE` is `oceanbase`
|
|
# If you want to use OceanBase as both vector database and metadata database, you need to set both `DB_TYPE` and `VECTOR_STORE` to `oceanbase`, and set Database Configuration is the same as the vector database.
|
|
# seekdb is the lite version of OceanBase and shares the connection configuration with OceanBase.
|
|
OCEANBASE_VECTOR_HOST=oceanbase
|
|
OCEANBASE_VECTOR_PORT=2881
|
|
OCEANBASE_VECTOR_USER=root@test
|
|
OCEANBASE_VECTOR_PASSWORD=difyai123456
|
|
OCEANBASE_VECTOR_DATABASE=test
|
|
OCEANBASE_CLUSTER_NAME=difyai
|
|
OCEANBASE_MEMORY_LIMIT=6G
|
|
OCEANBASE_ENABLE_HYBRID_SEARCH=false
|
|
# For OceanBase vector database, built-in fulltext parsers are `ngram`, `beng`, `space`, `ngram2`, `ik`
|
|
# For OceanBase vector database, external fulltext parsers (require plugin installation) are `japanese_ftparser`, `thai_ftparser`
|
|
OCEANBASE_FULLTEXT_PARSER=ik
|
|
SEEKDB_MEMORY_LIMIT=2G
|
|
|
|
# The Qdrant endpoint URL. Only available when VECTOR_STORE is `qdrant`.
|
|
QDRANT_URL=http://qdrant:6333
|
|
QDRANT_API_KEY=difyai123456
|
|
QDRANT_CLIENT_TIMEOUT=20
|
|
QDRANT_GRPC_ENABLED=false
|
|
QDRANT_GRPC_PORT=6334
|
|
QDRANT_REPLICATION_FACTOR=1
|
|
|
|
# Milvus configuration. Only available when VECTOR_STORE is `milvus`.
|
|
# The milvus uri.
|
|
MILVUS_URI=http://host.docker.internal:19530
|
|
MILVUS_DATABASE=
|
|
MILVUS_TOKEN=
|
|
MILVUS_USER=
|
|
MILVUS_PASSWORD=
|
|
MILVUS_ENABLE_HYBRID_SEARCH=False
|
|
MILVUS_ANALYZER_PARAMS=
|
|
|
|
# MyScale configuration, only available when VECTOR_STORE is `myscale`
|
|
# For multi-language support, please set MYSCALE_FTS_PARAMS with referring to:
|
|
# https://myscale.com/docs/en/text-search/#understanding-fts-index-parameters
|
|
MYSCALE_HOST=myscale
|
|
MYSCALE_PORT=8123
|
|
MYSCALE_USER=default
|
|
MYSCALE_PASSWORD=
|
|
MYSCALE_DATABASE=dify
|
|
MYSCALE_FTS_PARAMS=
|
|
|
|
# Couchbase configurations, only available when VECTOR_STORE is `couchbase`
|
|
# The connection string must include hostname defined in the docker-compose file (couchbase-server in this case)
|
|
COUCHBASE_CONNECTION_STRING=couchbase://couchbase-server
|
|
COUCHBASE_USER=Administrator
|
|
COUCHBASE_PASSWORD=password
|
|
COUCHBASE_BUCKET_NAME=Embeddings
|
|
COUCHBASE_SCOPE_NAME=_default
|
|
|
|
# Hologres configurations, only available when VECTOR_STORE is `hologres`
|
|
# access_key_id is used as the PG username, access_key_secret is used as the PG password
|
|
HOLOGRES_HOST=
|
|
HOLOGRES_PORT=80
|
|
HOLOGRES_DATABASE=
|
|
HOLOGRES_ACCESS_KEY_ID=
|
|
HOLOGRES_ACCESS_KEY_SECRET=
|
|
HOLOGRES_SCHEMA=public
|
|
HOLOGRES_TOKENIZER=jieba
|
|
HOLOGRES_DISTANCE_METHOD=Cosine
|
|
HOLOGRES_BASE_QUANTIZATION_TYPE=rabitq
|
|
HOLOGRES_MAX_DEGREE=64
|
|
HOLOGRES_EF_CONSTRUCTION=400
|
|
|
|
# pgvector configurations, only available when VECTOR_STORE is `pgvector`
|
|
PGVECTOR_HOST=pgvector
|
|
PGVECTOR_PORT=5432
|
|
PGVECTOR_USER=postgres
|
|
PGVECTOR_PASSWORD=difyai123456
|
|
PGVECTOR_DATABASE=dify
|
|
PGVECTOR_MIN_CONNECTION=1
|
|
PGVECTOR_MAX_CONNECTION=5
|
|
PGVECTOR_PG_BIGM=false
|
|
PGVECTOR_PG_BIGM_VERSION=1.2-20240606
|
|
|
|
# vastbase configurations, only available when VECTOR_STORE is `vastbase`
|
|
VASTBASE_HOST=vastbase
|
|
VASTBASE_PORT=5432
|
|
VASTBASE_USER=dify
|
|
VASTBASE_PASSWORD=Difyai123456
|
|
VASTBASE_DATABASE=dify
|
|
VASTBASE_MIN_CONNECTION=1
|
|
VASTBASE_MAX_CONNECTION=5
|
|
|
|
# pgvecto-rs configurations, only available when VECTOR_STORE is `pgvecto-rs`
|
|
PGVECTO_RS_HOST=pgvecto-rs
|
|
PGVECTO_RS_PORT=5432
|
|
PGVECTO_RS_USER=postgres
|
|
PGVECTO_RS_PASSWORD=difyai123456
|
|
PGVECTO_RS_DATABASE=dify
|
|
|
|
# analyticdb configurations, only available when VECTOR_STORE is `analyticdb`
|
|
ANALYTICDB_KEY_ID=your-ak
|
|
ANALYTICDB_KEY_SECRET=your-sk
|
|
ANALYTICDB_REGION_ID=cn-hangzhou
|
|
ANALYTICDB_INSTANCE_ID=gp-ab123456
|
|
ANALYTICDB_ACCOUNT=testaccount
|
|
ANALYTICDB_PASSWORD=testpassword
|
|
ANALYTICDB_NAMESPACE=dify
|
|
ANALYTICDB_NAMESPACE_PASSWORD=difypassword
|
|
ANALYTICDB_HOST=gp-test.aliyuncs.com
|
|
ANALYTICDB_PORT=5432
|
|
ANALYTICDB_MIN_CONNECTION=1
|
|
ANALYTICDB_MAX_CONNECTION=5
|
|
|
|
# TiDB vector configurations, only available when VECTOR_STORE is `tidb_vector`
|
|
TIDB_VECTOR_HOST=tidb
|
|
TIDB_VECTOR_PORT=4000
|
|
TIDB_VECTOR_USER=
|
|
TIDB_VECTOR_PASSWORD=
|
|
TIDB_VECTOR_DATABASE=dify
|
|
|
|
# Matrixone vector configurations.
|
|
MATRIXONE_HOST=matrixone
|
|
MATRIXONE_PORT=6001
|
|
MATRIXONE_USER=dump
|
|
MATRIXONE_PASSWORD=111
|
|
MATRIXONE_DATABASE=dify
|
|
|
|
# Tidb on qdrant configuration, only available when VECTOR_STORE is `tidb_on_qdrant`
|
|
TIDB_ON_QDRANT_URL=http://127.0.0.1
|
|
TIDB_ON_QDRANT_API_KEY=dify
|
|
TIDB_ON_QDRANT_CLIENT_TIMEOUT=20
|
|
TIDB_ON_QDRANT_GRPC_ENABLED=false
|
|
TIDB_ON_QDRANT_GRPC_PORT=6334
|
|
TIDB_PUBLIC_KEY=dify
|
|
TIDB_PRIVATE_KEY=dify
|
|
TIDB_API_URL=http://127.0.0.1
|
|
TIDB_IAM_API_URL=http://127.0.0.1
|
|
TIDB_REGION=regions/aws-us-east-1
|
|
TIDB_PROJECT_ID=dify
|
|
TIDB_SPEND_LIMIT=100
|
|
|
|
# Chroma configuration, only available when VECTOR_STORE is `chroma`
|
|
CHROMA_HOST=127.0.0.1
|
|
CHROMA_PORT=8000
|
|
CHROMA_TENANT=default_tenant
|
|
CHROMA_DATABASE=default_database
|
|
CHROMA_AUTH_PROVIDER=chromadb.auth.token_authn.TokenAuthClientProvider
|
|
CHROMA_AUTH_CREDENTIALS=
|
|
|
|
# Oracle configuration, only available when VECTOR_STORE is `oracle`
|
|
ORACLE_USER=dify
|
|
ORACLE_PASSWORD=dify
|
|
ORACLE_DSN=oracle:1521/FREEPDB1
|
|
ORACLE_CONFIG_DIR=/app/api/storage/wallet
|
|
ORACLE_WALLET_LOCATION=/app/api/storage/wallet
|
|
ORACLE_WALLET_PASSWORD=dify
|
|
ORACLE_IS_AUTONOMOUS=false
|
|
|
|
# AlibabaCloud MySQL configuration, only available when VECTOR_STORE is `alibabcloud_mysql`
|
|
ALIBABACLOUD_MYSQL_HOST=127.0.0.1
|
|
ALIBABACLOUD_MYSQL_PORT=3306
|
|
ALIBABACLOUD_MYSQL_USER=root
|
|
ALIBABACLOUD_MYSQL_PASSWORD=difyai123456
|
|
ALIBABACLOUD_MYSQL_DATABASE=dify
|
|
ALIBABACLOUD_MYSQL_MAX_CONNECTION=5
|
|
ALIBABACLOUD_MYSQL_HNSW_M=6
|
|
|
|
# relyt configurations, only available when VECTOR_STORE is `relyt`
|
|
RELYT_HOST=db
|
|
RELYT_PORT=5432
|
|
RELYT_USER=postgres
|
|
RELYT_PASSWORD=difyai123456
|
|
RELYT_DATABASE=postgres
|
|
|
|
# open search configuration, only available when VECTOR_STORE is `opensearch`
|
|
OPENSEARCH_HOST=opensearch
|
|
OPENSEARCH_PORT=9200
|
|
OPENSEARCH_SECURE=true
|
|
OPENSEARCH_VERIFY_CERTS=true
|
|
OPENSEARCH_AUTH_METHOD=basic
|
|
OPENSEARCH_USER=admin
|
|
OPENSEARCH_PASSWORD=admin
|
|
# If using AWS managed IAM, e.g. Managed Cluster or OpenSearch Serverless
|
|
OPENSEARCH_AWS_REGION=ap-southeast-1
|
|
OPENSEARCH_AWS_SERVICE=aoss
|
|
|
|
# tencent vector configurations, only available when VECTOR_STORE is `tencent`
|
|
TENCENT_VECTOR_DB_URL=http://127.0.0.1
|
|
TENCENT_VECTOR_DB_API_KEY=dify
|
|
TENCENT_VECTOR_DB_TIMEOUT=30
|
|
TENCENT_VECTOR_DB_USERNAME=dify
|
|
TENCENT_VECTOR_DB_DATABASE=dify
|
|
TENCENT_VECTOR_DB_SHARD=1
|
|
TENCENT_VECTOR_DB_REPLICAS=2
|
|
TENCENT_VECTOR_DB_ENABLE_HYBRID_SEARCH=false
|
|
|
|
# ElasticSearch configuration, only available when VECTOR_STORE is `elasticsearch`
|
|
ELASTICSEARCH_HOST=0.0.0.0
|
|
ELASTICSEARCH_PORT=9200
|
|
ELASTICSEARCH_USERNAME=elastic
|
|
ELASTICSEARCH_PASSWORD=elastic
|
|
KIBANA_PORT=5601
|
|
|
|
# Using ElasticSearch Cloud Serverless, or not.
|
|
ELASTICSEARCH_USE_CLOUD=false
|
|
ELASTICSEARCH_CLOUD_URL=YOUR-ELASTICSEARCH_CLOUD_URL
|
|
ELASTICSEARCH_API_KEY=YOUR-ELASTICSEARCH_API_KEY
|
|
|
|
ELASTICSEARCH_VERIFY_CERTS=False
|
|
ELASTICSEARCH_CA_CERTS=
|
|
ELASTICSEARCH_REQUEST_TIMEOUT=100000
|
|
ELASTICSEARCH_RETRY_ON_TIMEOUT=True
|
|
ELASTICSEARCH_MAX_RETRIES=10
|
|
|
|
# baidu vector configurations, only available when VECTOR_STORE is `baidu`
|
|
BAIDU_VECTOR_DB_ENDPOINT=http://127.0.0.1:5287
|
|
BAIDU_VECTOR_DB_CONNECTION_TIMEOUT_MS=30000
|
|
BAIDU_VECTOR_DB_ACCOUNT=root
|
|
BAIDU_VECTOR_DB_API_KEY=dify
|
|
BAIDU_VECTOR_DB_DATABASE=dify
|
|
BAIDU_VECTOR_DB_SHARD=1
|
|
BAIDU_VECTOR_DB_REPLICAS=3
|
|
BAIDU_VECTOR_DB_INVERTED_INDEX_ANALYZER=DEFAULT_ANALYZER
|
|
BAIDU_VECTOR_DB_INVERTED_INDEX_PARSER_MODE=COARSE_MODE
|
|
BAIDU_VECTOR_DB_AUTO_BUILD_ROW_COUNT_INCREMENT=500
|
|
BAIDU_VECTOR_DB_AUTO_BUILD_ROW_COUNT_INCREMENT_RATIO=0.05
|
|
BAIDU_VECTOR_DB_REBUILD_INDEX_TIMEOUT_IN_SECONDS=300
|
|
|
|
# VikingDB configurations, only available when VECTOR_STORE is `vikingdb`
|
|
VIKINGDB_ACCESS_KEY=your-ak
|
|
VIKINGDB_SECRET_KEY=your-sk
|
|
VIKINGDB_REGION=cn-shanghai
|
|
VIKINGDB_HOST=api-vikingdb.xxx.volces.com
|
|
VIKINGDB_SCHEMA=http
|
|
VIKINGDB_CONNECTION_TIMEOUT=30
|
|
VIKINGDB_SOCKET_TIMEOUT=30
|
|
|
|
# Lindorm configuration, only available when VECTOR_STORE is `lindorm`
|
|
LINDORM_URL=http://localhost:30070
|
|
LINDORM_USERNAME=admin
|
|
LINDORM_PASSWORD=admin
|
|
LINDORM_USING_UGC=True
|
|
LINDORM_QUERY_TIMEOUT=1
|
|
|
|
# opengauss configurations, only available when VECTOR_STORE is `opengauss`
|
|
OPENGAUSS_HOST=opengauss
|
|
OPENGAUSS_PORT=6600
|
|
OPENGAUSS_USER=postgres
|
|
OPENGAUSS_PASSWORD=Dify@123
|
|
OPENGAUSS_DATABASE=dify
|
|
OPENGAUSS_MIN_CONNECTION=1
|
|
OPENGAUSS_MAX_CONNECTION=5
|
|
OPENGAUSS_ENABLE_PQ=false
|
|
|
|
# huawei cloud search service vector configurations, only available when VECTOR_STORE is `huawei_cloud`
|
|
HUAWEI_CLOUD_HOSTS=https://127.0.0.1:9200
|
|
HUAWEI_CLOUD_USER=admin
|
|
HUAWEI_CLOUD_PASSWORD=admin
|
|
|
|
# Upstash Vector configuration, only available when VECTOR_STORE is `upstash`
|
|
UPSTASH_VECTOR_URL=https://xxx-vector.upstash.io
|
|
UPSTASH_VECTOR_TOKEN=dify
|
|
|
|
# TableStore Vector configuration
|
|
# (only used when VECTOR_STORE is tablestore)
|
|
TABLESTORE_ENDPOINT=https://instance-name.cn-hangzhou.ots.aliyuncs.com
|
|
TABLESTORE_INSTANCE_NAME=instance-name
|
|
TABLESTORE_ACCESS_KEY_ID=xxx
|
|
TABLESTORE_ACCESS_KEY_SECRET=xxx
|
|
TABLESTORE_NORMALIZE_FULLTEXT_BM25_SCORE=false
|
|
|
|
# Clickzetta configuration, only available when VECTOR_STORE is `clickzetta`
|
|
CLICKZETTA_USERNAME=
|
|
CLICKZETTA_PASSWORD=
|
|
CLICKZETTA_INSTANCE=
|
|
CLICKZETTA_SERVICE=api.clickzetta.com
|
|
CLICKZETTA_WORKSPACE=quick_start
|
|
CLICKZETTA_VCLUSTER=default_ap
|
|
CLICKZETTA_SCHEMA=dify
|
|
CLICKZETTA_BATCH_SIZE=100
|
|
CLICKZETTA_ENABLE_INVERTED_INDEX=true
|
|
CLICKZETTA_ANALYZER_TYPE=chinese
|
|
CLICKZETTA_ANALYZER_MODE=smart
|
|
CLICKZETTA_VECTOR_DISTANCE_FUNCTION=cosine_distance
|
|
|
|
# InterSystems IRIS configuration, only available when VECTOR_STORE is `iris`
|
|
IRIS_HOST=iris
|
|
IRIS_SUPER_SERVER_PORT=1972
|
|
IRIS_WEB_SERVER_PORT=52773
|
|
IRIS_USER=_SYSTEM
|
|
IRIS_PASSWORD=Dify@1234
|
|
IRIS_DATABASE=USER
|
|
IRIS_SCHEMA=dify
|
|
IRIS_CONNECTION_URL=
|
|
IRIS_MIN_CONNECTION=1
|
|
IRIS_MAX_CONNECTION=3
|
|
IRIS_TEXT_INDEX=true
|
|
IRIS_TEXT_INDEX_LANGUAGE=en
|
|
IRIS_TIMEZONE=UTC
|
|
|
|
# ------------------------------
|
|
# Knowledge Configuration
|
|
# ------------------------------
|
|
|
|
# Upload file size limit, default 15M.
|
|
UPLOAD_FILE_SIZE_LIMIT=15
|
|
|
|
# The maximum number of files that can be uploaded at a time, default 5.
|
|
UPLOAD_FILE_BATCH_LIMIT=5
|
|
|
|
# Comma-separated list of file extensions blocked from upload for security reasons.
|
|
# Extensions should be lowercase without dots (e.g., exe,bat,sh,dll).
|
|
# Empty by default to allow all file types.
|
|
# Recommended: exe,bat,cmd,com,scr,vbs,ps1,msi,dll
|
|
UPLOAD_FILE_EXTENSION_BLACKLIST=
|
|
|
|
# Maximum number of files allowed in a single chunk attachment, default 10.
|
|
SINGLE_CHUNK_ATTACHMENT_LIMIT=10
|
|
|
|
# Maximum number of files allowed in a image batch upload operation
|
|
IMAGE_FILE_BATCH_LIMIT=10
|
|
|
|
# Maximum allowed image file size for attachments in megabytes, default 2.
|
|
ATTACHMENT_IMAGE_FILE_SIZE_LIMIT=2
|
|
|
|
# Timeout for downloading image attachments in seconds, default 60.
|
|
ATTACHMENT_IMAGE_DOWNLOAD_TIMEOUT=60
|
|
|
|
|
|
# ETL type, support: `dify`, `Unstructured`
|
|
# `dify` Dify's proprietary file extraction scheme
|
|
# `Unstructured` Unstructured.io file extraction scheme
|
|
ETL_TYPE=dify
|
|
|
|
# Unstructured API path and API key, needs to be configured when ETL_TYPE is Unstructured
|
|
# Or using Unstructured for document extractor node for pptx.
|
|
# For example: http://unstructured:8000/general/v0/general
|
|
UNSTRUCTURED_API_URL=
|
|
UNSTRUCTURED_API_KEY=
|
|
SCARF_NO_ANALYTICS=true
|
|
|
|
# ------------------------------
|
|
# Model Configuration
|
|
# ------------------------------
|
|
|
|
# The maximum number of tokens allowed for prompt generation.
|
|
# This setting controls the upper limit of tokens that can be used by the LLM
|
|
# when generating a prompt in the prompt generation tool.
|
|
# Default: 512 tokens.
|
|
PROMPT_GENERATION_MAX_TOKENS=512
|
|
|
|
# The maximum number of tokens allowed for code generation.
|
|
# This setting controls the upper limit of tokens that can be used by the LLM
|
|
# when generating code in the code generation tool.
|
|
# Default: 1024 tokens.
|
|
CODE_GENERATION_MAX_TOKENS=1024
|
|
|
|
# Enable or disable plugin based token counting. If disabled, token counting will return 0.
|
|
# This can improve performance by skipping token counting operations.
|
|
# Default: false (disabled).
|
|
PLUGIN_BASED_TOKEN_COUNTING_ENABLED=false
|
|
|
|
# ------------------------------
|
|
# Multi-modal Configuration
|
|
# ------------------------------
|
|
|
|
# The format of the image/video/audio/document sent when the multi-modal model is input,
|
|
# the default is base64, optional url.
|
|
# The delay of the call in url mode will be lower than that in base64 mode.
|
|
# It is generally recommended to use the more compatible base64 mode.
|
|
# If configured as url, you need to configure FILES_URL as an externally accessible address so that the multi-modal model can access the image/video/audio/document.
|
|
MULTIMODAL_SEND_FORMAT=base64
|
|
# Upload image file size limit, default 10M.
|
|
UPLOAD_IMAGE_FILE_SIZE_LIMIT=10
|
|
# Upload video file size limit, default 100M.
|
|
UPLOAD_VIDEO_FILE_SIZE_LIMIT=100
|
|
# Upload audio file size limit, default 50M.
|
|
UPLOAD_AUDIO_FILE_SIZE_LIMIT=50
|
|
|
|
# ------------------------------
|
|
# Sentry Configuration
|
|
# Used for application monitoring and error log tracking.
|
|
# ------------------------------
|
|
SENTRY_DSN=
|
|
|
|
# API Service Sentry DSN address, default is empty, when empty,
|
|
# all monitoring information is not reported to Sentry.
|
|
# If not set, Sentry error reporting will be disabled.
|
|
API_SENTRY_DSN=
|
|
# API Service The reporting ratio of Sentry events, if it is 0.01, it is 1%.
|
|
API_SENTRY_TRACES_SAMPLE_RATE=1.0
|
|
# API Service The reporting ratio of Sentry profiles, if it is 0.01, it is 1%.
|
|
API_SENTRY_PROFILES_SAMPLE_RATE=1.0
|
|
|
|
# Web Service Sentry DSN address, default is empty, when empty,
|
|
# all monitoring information is not reported to Sentry.
|
|
# If not set, Sentry error reporting will be disabled.
|
|
WEB_SENTRY_DSN=
|
|
|
|
# Plugin_daemon Service Sentry DSN address, default is empty, when empty,
|
|
# all monitoring information is not reported to Sentry.
|
|
# If not set, Sentry error reporting will be disabled.
|
|
PLUGIN_SENTRY_ENABLED=false
|
|
PLUGIN_SENTRY_DSN=
|
|
|
|
# ------------------------------
|
|
# Notion Integration Configuration
|
|
# Variables can be obtained by applying for Notion integration: https://www.notion.so/my-integrations
|
|
# ------------------------------
|
|
|
|
# Configure as "public" or "internal".
|
|
# Since Notion's OAuth redirect URL only supports HTTPS,
|
|
# if deploying locally, please use Notion's internal integration.
|
|
NOTION_INTEGRATION_TYPE=public
|
|
# Notion OAuth client secret (used for public integration type)
|
|
NOTION_CLIENT_SECRET=
|
|
# Notion OAuth client id (used for public integration type)
|
|
NOTION_CLIENT_ID=
|
|
# Notion internal integration secret.
|
|
# If the value of NOTION_INTEGRATION_TYPE is "internal",
|
|
# you need to configure this variable.
|
|
NOTION_INTERNAL_SECRET=
|
|
|
|
# ------------------------------
|
|
# Mail related configuration
|
|
# ------------------------------
|
|
|
|
# Mail type, support: resend, smtp, sendgrid
|
|
MAIL_TYPE=resend
|
|
|
|
# Default send from email address, if not specified
|
|
# If using SendGrid, use the 'from' field for authentication if necessary.
|
|
MAIL_DEFAULT_SEND_FROM=
|
|
|
|
# API-Key for the Resend email provider, used when MAIL_TYPE is `resend`.
|
|
RESEND_API_URL=https://api.resend.com
|
|
RESEND_API_KEY=your-resend-api-key
|
|
|
|
|
|
# SMTP server configuration, used when MAIL_TYPE is `smtp`
|
|
SMTP_SERVER=
|
|
SMTP_PORT=465
|
|
SMTP_USERNAME=
|
|
SMTP_PASSWORD=
|
|
SMTP_USE_TLS=true
|
|
SMTP_OPPORTUNISTIC_TLS=false
|
|
# Optional: override the local hostname used for SMTP HELO/EHLO
|
|
SMTP_LOCAL_HOSTNAME=
|
|
|
|
# Sendgid configuration
|
|
SENDGRID_API_KEY=
|
|
|
|
# ------------------------------
|
|
# Others Configuration
|
|
# ------------------------------
|
|
|
|
# Maximum length of segmentation tokens for indexing
|
|
INDEXING_MAX_SEGMENTATION_TOKENS_LENGTH=4000
|
|
|
|
# Maximum number of worker threads used for high-quality dataset indexing (1-10).
|
|
# Lower this value to reduce memory usage and avoid OOM/freezes during re-indexing.
|
|
INDEXING_MAX_WORKERS=2
|
|
# Enable indexing memory snapshots in logs for OOM diagnosis (True/False).
|
|
INDEXING_MEMORY_SNAPSHOT_ENABLED=False
|
|
|
|
# Member invitation link valid time (hours),
|
|
# Default: 72.
|
|
INVITE_EXPIRY_HOURS=72
|
|
|
|
# Reset password token valid time (minutes),
|
|
RESET_PASSWORD_TOKEN_EXPIRY_MINUTES=5
|
|
EMAIL_REGISTER_TOKEN_EXPIRY_MINUTES=5
|
|
CHANGE_EMAIL_TOKEN_EXPIRY_MINUTES=5
|
|
OWNER_TRANSFER_TOKEN_EXPIRY_MINUTES=5
|
|
|
|
# The sandbox service endpoint.
|
|
CODE_EXECUTION_ENDPOINT=http://sandbox:8194
|
|
CODE_EXECUTION_API_KEY=dify-sandbox
|
|
CODE_EXECUTION_SSL_VERIFY=True
|
|
CODE_EXECUTION_POOL_MAX_CONNECTIONS=100
|
|
CODE_EXECUTION_POOL_MAX_KEEPALIVE_CONNECTIONS=20
|
|
CODE_EXECUTION_POOL_KEEPALIVE_EXPIRY=5.0
|
|
CODE_EXECUTION_CONNECT_TIMEOUT=10
|
|
CODE_EXECUTION_READ_TIMEOUT=60
|
|
CODE_EXECUTION_WRITE_TIMEOUT=10
|
|
SANDBOX_API_KEY=dify-sandbox
|
|
SANDBOX_GIN_MODE=release
|
|
SANDBOX_WORKER_TIMEOUT=15
|
|
SANDBOX_ENABLE_NETWORK=true
|
|
SANDBOX_HTTP_PROXY=http://ssrf_proxy:3128
|
|
SANDBOX_HTTPS_PROXY=http://ssrf_proxy:3128
|
|
SANDBOX_PORT=8194
|
|
PIP_MIRROR_URL=
|
|
SSRF_PROXY_HTTP_URL=http://ssrf_proxy:3128
|
|
SSRF_PROXY_HTTPS_URL=http://ssrf_proxy:3128
|
|
SSRF_HTTP_PORT=3128
|
|
SSRF_COREDUMP_DIR=/var/spool/squid
|
|
SSRF_DEFAULT_TIME_OUT=5
|
|
SSRF_DEFAULT_CONNECT_TIME_OUT=5
|
|
SSRF_DEFAULT_READ_TIME_OUT=5
|
|
SSRF_DEFAULT_WRITE_TIME_OUT=5
|
|
SSRF_POOL_MAX_CONNECTIONS=100
|
|
SSRF_POOL_MAX_KEEPALIVE_CONNECTIONS=20
|
|
SSRF_POOL_KEEPALIVE_EXPIRY=5.0
|
|
|
|
# Plugin daemon
|
|
DB_PLUGIN_DATABASE=dify_plugin
|
|
EXPOSE_PLUGIN_DAEMON_PORT=5002
|
|
PLUGIN_DAEMON_PORT=5002
|
|
PLUGIN_DAEMON_KEY=lYkiYYT6owG+71oLerGzA7GXCgOT++6ovaezWAjpCjf+Sjc3ZtU+qUEi
|
|
PLUGIN_DAEMON_URL=http://plugin_daemon:5002
|
|
PLUGIN_MAX_PACKAGE_SIZE=52428800
|
|
PLUGIN_MODEL_SCHEMA_CACHE_TTL=3600
|
|
PLUGIN_PPROF_ENABLED=false
|
|
PLUGIN_DEBUGGING_HOST=0.0.0.0
|
|
PLUGIN_DEBUGGING_PORT=5003
|
|
EXPOSE_PLUGIN_DEBUGGING_HOST=localhost
|
|
EXPOSE_PLUGIN_DEBUGGING_PORT=5003
|
|
PLUGIN_DIFY_INNER_API_KEY=QaHbTe77CtuXmsfyhR7+vRjI/+XbV1AaFy691iy+kGDv2Jvy0/eAh8Y1
|
|
PLUGIN_DIFY_INNER_API_URL=http://api:5001
|
|
FORCE_VERIFYING_SIGNATURE=true
|
|
PLUGIN_STDIO_BUFFER_SIZE=1024
|
|
PLUGIN_STDIO_MAX_BUFFER_SIZE=5242880
|
|
PLUGIN_PYTHON_ENV_INIT_TIMEOUT=120
|
|
PLUGIN_MAX_EXECUTION_TIMEOUT=600
|
|
PLUGIN_STORAGE_TYPE=local
|
|
PLUGIN_STORAGE_LOCAL_ROOT=/app/storage
|
|
PLUGIN_WORKING_PATH=/app/storage/cwd
|
|
PLUGIN_INSTALLED_PATH=plugin
|
|
PLUGIN_PACKAGE_CACHE_PATH=plugin_packages
|
|
PLUGIN_MEDIA_CACHE_PATH=assets
|
|
PLUGIN_STORAGE_OSS_BUCKET=
|
|
PLUGIN_SENTRY_ENABLED=false
|
|
PLUGIN_SENTRY_DSN=
|
|
MARKETPLACE_ENABLED=true
|
|
MARKETPLACE_API_URL=https://marketplace.dify.ai
|
|
MARKETPLACE_URL=
|
|
|
|
# Nginx and Docker Compose
|
|
NGINX_SERVER_NAME=_
|
|
NGINX_HTTPS_ENABLED=false
|
|
NGINX_PORT=80
|
|
NGINX_SSL_PORT=443
|
|
NGINX_SSL_CERT_FILENAME=dify.crt
|
|
NGINX_SSL_CERT_KEY_FILENAME=dify.key
|
|
NGINX_SSL_PROTOCOLS=TLSv1.2 TLSv1.3
|
|
NGINX_WORKER_PROCESSES=auto
|
|
NGINX_CLIENT_MAX_BODY_SIZE=100M
|
|
NGINX_KEEPALIVE_TIMEOUT=65
|
|
NGINX_PROXY_READ_TIMEOUT=3600s
|
|
NGINX_PROXY_SEND_TIMEOUT=3600s
|
|
NGINX_ENABLE_CERTBOT_CHALLENGE=false
|
|
NGINX_SOCKET_IO_UPSTREAM=api_websocket:5001
|
|
EXPOSE_NGINX_PORT=80
|
|
EXPOSE_NGINX_SSL_PORT=443
|
|
COMPOSE_PROFILES=${VECTOR_STORE:-weaviate},${DB_TYPE:-postgresql},collaboration
|