diff --git a/packages/noco-docs/docs/020.getting-started/050.self-hosted/020.environment-variables.md b/packages/noco-docs/docs/020.getting-started/050.self-hosted/020.environment-variables.md index 186a0f33cd..6943a3b60b 100644 --- a/packages/noco-docs/docs/020.getting-started/050.self-hosted/020.environment-variables.md +++ b/packages/noco-docs/docs/020.getting-started/050.self-hosted/020.environment-variables.md @@ -6,73 +6,74 @@ tags: ['Open Source'] keywords : ['NocoDB environment variables', 'NocoDB env variables', 'NocoDB envs', 'NocoDB env'] --- -For production use-cases, it is **recommended** to configure -- `NC_DB`, -- `NC_AUTH_JWT_SECRET`, -- `NC_PUBLIC_URL`, +For production use cases, it is **recommended** to set at least: + +- `NC_DB` +- `NC_AUTH_JWT_SECRET` +- `NC_PUBLIC_URL` - `NC_REDIS_URL` | Variable | Description | If absent | | -------- | ----------- | --------- | -| `NC_DB` | See our example database URLs [here](https://github.com/nocodb/nocodb#docker). | A local SQLite database will be created in root folder if `NC_DB` is not provided | -| `NC_DB_JSON` | Can be used instead of `NC_DB` and value should be valid knex connection JSON | | -| `NC_DB_JSON_FILE` | Can be used instead of `NC_DB` and value should be a valid path to knex connection JSON | | -| `DATABASE_URL` | Can be used instead of `NC_DB` and value should be in JDBC URL format | | -| `DATABASE_URL_FILE` | Can be used instead of `DATABASE_URL` and value should be a valid path to file containing JDBC URL format. | | -| `NC_AUTH_JWT_SECRET` | JWT secret used for auth and storing other secrets | A random secret will be generated | -| `PORT` | For setting app running port | `8080` | -| `DB_QUERY_LIMIT_DEFAULT` | Pagination limit | `25` | -| `DB_QUERY_LIMIT_GROUP_BY_GROUP` | Group per page limit | `10` | -| `DB_QUERY_LIMIT_GROUP_BY_RECORD` | Record per group limit | `10` | -| `DB_QUERY_LIMIT_MAX` | Maximum allowed pagination limit | `1000` | -| `DB_QUERY_LIMIT_MIN` | Minimum allowed pagination limit | `1` | -| `NC_TOOL_DIR` | App directory to keep metadata and app related files | Defaults to current working directory. In docker maps to `/usr/app/data/` for mounting volume. | -| `NC_PUBLIC_URL` | Used for sending Email invitations | Best guess from http request params | -| `NC_JWT_EXPIRES_IN` | JWT token expiry time | `10h` | -| `NC_CONNECT_TO_EXTERNAL_DB_DISABLED` | Disable Project creation with external database | | -| `NC_INVITE_ONLY_SIGNUP` | Removed since version 0.99.0 and now it's recommended to use [super admin settings menu](/account-settings/oss-specific-details#enable--disable-signup). Allow users to signup only via invite URL, value should be any non-empty string. | | -| `NUXT_PUBLIC_NC_BACKEND_URL` | Custom Backend URL | `http://localhost:8080` will be used | -| `NC_REQUEST_BODY_SIZE` | Request body size [limit](https://expressjs.com/en/resources/middleware/body-parser.html#limit) | `1048576` | -| `NC_EXPORT_MAX_TIMEOUT` | After `NC_EXPORT_MAX_TIMEOUT`, CSV gets downloaded in batches | Default value `5000` (in milliseconds) will be used | -| `NC_DISABLE_TELE` | Disable telemetry | | -| `NC_DASHBOARD_URL` | Custom dashboard URL path | `/dashboard` | -| `NC_GOOGLE_CLIENT_ID` | Google client ID to enable Google authentication | | -| `NC_GOOGLE_CLIENT_SECRET` | Google client secret to enable Google authentication | | -| `NC_MIGRATIONS_DISABLED` | Disable NocoDB migration | | -| `NC_MIN` | If set to any non-empty string the default splash screen (initial welcome animation) and matrix screensaver will disable | | -| `NC_SENTRY_DSN` | For Sentry monitoring | | -| `NC_REDIS_URL` | Custom Redis URL. Example: `redis://:authpassword@127.0.0.1:6380/4` | Meta data will be stored in memory | -| `NC_DISABLE_ERR_REPORT` | Disable error reporting | | -| `NC_DISABLE_CACHE` | To be used only while debugging. On setting this to `true` - meta data be fetched from db instead of redis/cache. | `false` | -| `NC_SMTP_FROM` | For SMTP plugin - Email sender address | | -| `NC_SMTP_HOST` | For SMTP plugin - SMTP host value | | -| `NC_SMTP_PORT` | For SMTP plugin - SMTP port value | | -| `NC_SMTP_USERNAME` | For SMTP plugin (Optional) - SMTP username value for authentication | | -| `NC_SMTP_PASSWORD` | For SMTP plugin (Optional) - SMTP password value for authentication | | -| `NC_SMTP_SECURE` | For SMTP plugin (Optional) - To enable secure set value as `true` any other value treated as false | | -| `NC_SMTP_IGNORE_TLS` | For SMTP plugin (Optional) - To ignore tls set value as `true` any other value treated as false. For more info visit https://nodemailer.com/smtp/ | | -| `NC_S3_BUCKET_NAME` | For S3 storage plugin - AWS S3 bucket name | | -| `NC_S3_REGION` | For S3 storage plugin - AWS S3 region | | -| `NC_S3_ACCESS_KEY` | For S3 storage plugin - AWS access key credential for accessing resource | | -| `NC_S3_ACCESS_SECRET` | For S3 storage plugin - AWS access secret credential for accessing resource | | -| `NC_ATTACHMENT_FIELD_SIZE` | For setting the attachment field size(in Bytes) | Defaults to 20MB | -| `NC_MAX_ATTACHMENTS_ALLOWED` | Maximum Number of attachments per cell | | -| `NC_ADMIN_EMAIL` | For updating/creating super admin with provided email and password | | -| `NC_ADMIN_PASSWORD` | For updating/creating super admin with provided email and password. Your password should have at least 8 letters with one uppercase, one number and one special letter. Allowed special characters include `$&+,:;=?@#\|'.^*()%!_-"`. ) | | -| `NODE_OPTIONS` | For passing Node.js [options](https://nodejs.org/api/cli.html#node_optionsoptions) to instance | | -| `NC_MINIMAL_DBS` | Create a new SQLite file for each project. All the db files are stored in `nc_minimal_dbs` folder in current working directory. (This option restricts project creation on external sources) | | -| `NC_DISABLE_AUDIT` | Disable Audit Log | `false` | -| `NC_AUTOMATION_LOG_LEVEL` | Possible Values: `OFF`, `ERROR`, `ALL`. See [Webhooks](/automation/webhook/create-webhook#call-log) for details. | `OFF` | -| `NC_SECURE_ATTACHMENTS` | Allow accessing attachments only through presigned urls. To enable set value as `true` any other value treated as false. (⚠ this will make existing links inaccessible ⚠) | `false` | -| `NC_ATTACHMENT_EXPIRE_SECONDS` | How many seconds before expiring presigned attachment urls. (Attachments will expire in at least set seconds and at most 10mins after set time) | 7200 (2 hours) | -| `NC_ALLOW_LOCAL_HOOKS` | To enable set value as `true` any other value treated as false. (⚠ this will allow webhooks to call local links which can raise security issues ⚠) | `false` | -| `NC_SANITIZE_COLUMN_NAME` | Sanitize the column name during column creation. To enable set value as `true` any other value treated as false. | `true` | -| `LITESTREAM_S3_ENDPOINT` | URL of an S3-compatible object storage service endpoint like `s3.eu-central-1.amazonaws.com`. | *Litestream replication is disabled if this variable is not set.* | -| `LITESTREAM_S3_BUCKET` | Name of the S3-compatible object storage bucket to store the Litestream replication in. | *Litestream replication is disabled if this variable is not set.* | -| `LITESTREAM_S3_PATH` | Directory path to use within the Litestream replication bucket. | Defaults to `nocodb`. | -| `LITESTREAM_S3_ACCESS_KEY_ID` | Litestream authentication key for the S3 replica. | *Litestream replication is disabled if this variable is not set.* | -| `LITESTREAM_S3_SECRET_ACCESS_KEY` | Litestream authentication key for the S3 replica. | *Litestream replication is disabled if this variable is not set.* | -| `LITESTREAM_S3_SKIP_VERIFY` | Whether to disable TLS verification. This is useful when testing against a local node such as MinIO and you are using self-signed certificates. | Defaults to `false`. | +| `NC_DB` | See our example database URLs [here](https://github.com/nocodb/nocodb#docker). | A local SQLite database is created in root folder if `NC_DB` is not set. | +| `NC_DB_JSON` | Can be used instead of `NC_DB` and value should be valid knex connection JSON string. | | +| `NC_DB_JSON_FILE` | Can be used instead of `NC_DB` and value should be a valid path to knex connection JSON file. | | +| `DATABASE_URL` | Can be used instead of `NC_DB` and value should be a JDBC URL string. | | +| `DATABASE_URL_FILE` | Can be used instead of `NC_DB` and value should be a valid path to a JDBC URL file. | | +| `NC_AUTH_JWT_SECRET` | JWT secret used for auth and storing other secrets. | A random secret is generated. | +| `PORT` | Network port NocoDB runs on. | Defaults to `8080`. | +| `DB_QUERY_LIMIT_DEFAULT` | Pagination limit. | Defaults to `25`. | +| `DB_QUERY_LIMIT_GROUP_BY_GROUP` | Group per page limit. | Defaults to `10`. | +| `DB_QUERY_LIMIT_GROUP_BY_RECORD` | Record per group limit. | Defaults to `10`. | +| `DB_QUERY_LIMIT_MAX` | Maximum allowed pagination limit. | Defaults to `1000`. | +| `DB_QUERY_LIMIT_MIN` | Minimum allowed pagination limit. | Defaults to `1`. | +| `NC_TOOL_DIR` | App directory to keep metadata and app related files in. | Defaults to the current working directory. In docker, maps to `/usr/app/data/` for mounting volume. | +| `NC_PUBLIC_URL` | Used for sending E-mail invitations. | Best guess from HTTP request params. | +| `NC_JWT_EXPIRES_IN` | JWT token expiry time | Defaults to `10h`. | +| `NC_CONNECT_TO_EXTERNAL_DB_DISABLED` | Disable project creation with external database. | | +| `NC_INVITE_ONLY_SIGNUP` | Removed since version 0.99.0 and now it's recommended to use the [super admin settings menu](/account-settings/oss-specific-details#enable--disable-signup). Disable public signup and allow signup only via invitations. | | +| `NUXT_PUBLIC_NC_BACKEND_URL` | Custom backend URL. | Defaults to `http://localhost:8080`. | +| `NC_REQUEST_BODY_SIZE` | Request body size [limit](https://expressjs.com/en/resources/middleware/body-parser.html#limit) | Defaults to `1048576`. | +| `NC_EXPORT_MAX_TIMEOUT` | After `NC_EXPORT_MAX_TIMEOUT` (in milliseconds), CSV gets downloaded in batches. | Defaults to `5000` (5 seconds). | +| `NC_DISABLE_TELE` | Disable telemetry. | | +| `NC_DASHBOARD_URL` | Custom dashboard URL path | Defaults to `/dashboard`. | +| `NC_GOOGLE_CLIENT_ID` | Google client ID to enable Google authentication. | | +| `NC_GOOGLE_CLIENT_SECRET` | Google client secret to enable Google authentication. | | +| `NC_MIGRATIONS_DISABLED` | Disable NocoDB migrations. | | +| `NC_MIN` | Disable default splash screen (initial welcome animation) and matrix screensaver. | | +| `NC_SENTRY_DSN` | Data Source Name (DSN) for Sentry monitoring. | | +| `NC_REDIS_URL` | Redis URL. Example: `redis://:authpassword@127.0.0.1:6380/4` | Meta data is stored in memory. | +| `NC_DISABLE_ERR_REPORT` | Disable error reporting. | | +| `NC_DISABLE_CACHE` | Disable cache. To be used only while debugging. If `true`, meta data is fetched from database instead of redis/cache. | Defaults to `false`. | +| `NC_SMTP_FROM` | E-mail sender address for SMTP plugin. | *SMTP plugin is disabled if this variable is not set.* | +| `NC_SMTP_HOST` | E-mail server hostname for SMTP plugin. | *SMTP plugin is disabled if this variable is not set.* | +| `NC_SMTP_PORT` | E-mail server network for SMTP plugin. | *SMTP plugin is disabled if this variable is not set.* | +| `NC_SMTP_USERNAME` | User name for authentication in SMTP plugin. | | +| `NC_SMTP_PASSWORD` | User password for authentication in SMTP plugin. | | +| `NC_SMTP_SECURE` | Enable secure authentication in SMTP plugin. Set to `true` to enable, any other value is treated as `false`. | | +| `NC_SMTP_IGNORE_TLS` | Ignore TLS in SMTP plugin. Set to `true` to ignore TLS, any other value is treated as `false`. For more information, visit https://nodemailer.com/smtp/. | | +| `NC_S3_BUCKET_NAME` | AWS S3 bucket name for S3 storage plugin. | | +| `NC_S3_REGION` | AWS S3 region for S3 storage plugin. | | +| `NC_S3_ACCESS_KEY` | AWS access key ID for S3 storage plugin. | | +| `NC_S3_ACCESS_SECRET` | AWS access secret for S3 storage plugin. | | +| `NC_ATTACHMENT_FIELD_SIZE` | Attachment field size limit (in Bytes). | Defaults to 20MB. | +| `NC_MAX_ATTACHMENTS_ALLOWED` | Maximum number of attachments per cell. | | +| `NC_ADMIN_EMAIL` | Super admin e-mail address. | | +| `NC_ADMIN_PASSWORD` | Super admin password. The password should have at least 8 letters with one uppercase, one number and one special letter. Allowed special characters include `$&+,:;=?@#\|'.^*()%!_-"`. | | +| `NODE_OPTIONS` | Node.js [options](https://nodejs.org/api/cli.html#node_optionsoptions) to pass to instance. | | +| `NC_MINIMAL_DBS` | Create a new SQLite file for each project. All the SQLite database files are stored in the `nc_minimal_dbs` folder in the current working directory. This option restricts project creation on external sources. | | +| `NC_DISABLE_AUDIT` | Disable audit log. | Defaults to `false`. | +| `NC_AUTOMATION_LOG_LEVEL` | Possible Values: `OFF`, `ERROR`, `ALL`. See [Webhooks](/automation/webhook/create-webhook#call-log) for details. | Defaults to `OFF`. | +| `NC_SECURE_ATTACHMENTS` | Allow accessing attachments only through presigned URLs. Set to `true` to enable, any other value is treated as `false`. (⚠ this will make existing links inaccessible ⚠) | Defaults to `false`. | +| `NC_ATTACHMENT_EXPIRE_SECONDS` | Number of seconds after which pre-signed attachment URLs will begin to expire. The URLs will expire after `NC_ATTACHMENT_EXPIRE_SECONDS` plus 10 minutes at the very latest. | Defaults to `7200` (2 hours). | +| `NC_ALLOW_LOCAL_HOOKS` | ⚠ Allow webhooks to call local links which can raise security issues. ⚠ Set to `true` to enable, any other value is treated as `false` | Defaults to `false`. | +| `NC_SANITIZE_COLUMN_NAME` | Sanitize the column name during column creation. Set to `true` to enable, any other value is treated as `false` | Defaults to `true`. | +| `LITESTREAM_S3_ENDPOINT` | URL of an S3-compatible object storage service endpoint for [Litestream](https://litestream.io/) replication of NocoDB's default SQLite database. Example: `s3.eu-central-1.amazonaws.com` | *Litestream replication is disabled if this variable is not set.* | +| `LITESTREAM_S3_BUCKET` | Name of the object storage bucket to store the Litestream replication in. | *Litestream replication is disabled if this variable is not set.* | +| `LITESTREAM_S3_PATH` | Directory path to use within the Litestream replication object storage bucket. | Defaults to `nocodb`. | +| `LITESTREAM_S3_ACCESS_KEY_ID` | Authentication key ID for the Litestream replication object storage bucket. | *Litestream replication is disabled if this variable is not set.* | +| `LITESTREAM_S3_SECRET_ACCESS_KEY` | Authentication secret for the Litestream replication object storage bucket. | *Litestream replication is disabled if this variable is not set.* | +| `LITESTREAM_S3_SKIP_VERIFY` | Whether to disable TLS verification for the Litestream replication object storage service. This is useful when testing against a local node such as MinIO and you are using self-signed certificates. | Defaults to `false`. | | `LITESTREAM_RETENTION` | Amount of time Litestream snapshot and WAL files are kept. After the retention period, a new snapshot is created and the old one is removed. WAL files that exist before the oldest snapshot will also be removed. | Defaults to `1440h` (60 days). | | `LITESTREAM_RETENTION_CHECK_INTERVAL` | Frequency in which Litestream will check if retention needs to be enforced. | Defaults to `72h` (3 days). | | `LITESTREAM_SNAPSHOT_INTERVAL` | Frequency in which new Litestream snapshots are created. A higher frequency reduces the time to restore since newer snapshots will have fewer WAL frames to apply. Retention still applies to these snapshots. | Defaults to `24h` (1 day). |