github
/
nocodb
mirror of https://github.com/nocodb/nocodb
1
0
Fork 0
Code Issues Releases Wiki Activity
Browse Source

chore : Group the env variables and remove the ones that are not nece… (#8977) 

* chore : Group the env variables and remove the ones that are not necessary.

* chore : Group the env variables and remove the ones that are not necessary.

* chore : Group the env variables and remove the ones that are not necessary.
pull/8981/head
navi 5 months ago committed by GitHub
parent
1fc030ea27
commit
e95eb204d3
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 126 additions and 86 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 212
      packages/noco-docs/docs/020.getting-started/050.self-hosted/020.environment-variables.md

212
packages/noco-docs/docs/020.getting-started/050.self-hosted/020.environment-variables.md
Unescape View File

@ -1,90 +1,130 @@
--- ---
title: 'Environment variables' title: 'Environment variables' description: 'Environment Variables for NocoDB!'
description: 'Environment Variables for NocoDB!' hide_table_of_contents: true
hide_table_of_contents: true
tags: ['Open Source'] tags: ['Open Source']
keywords : ['NocoDB environment variables', 'NocoDB env variables', 'NocoDB envs', 'NocoDB env'] keywords : ['NocoDB Environment Variables', 'NocoDB env variables', 'NocoDB envs', 'NocoDB .env']
--- ---
For **production** use cases, it is recommended to set at least the following environment variables: For production use cases, it is crucial to set all environment variables marked as **"Mandatory"** to ensure optimal performance, security, and functionality of NocoDB.
- `NC_DB`: Specifies the connection string for your database. See our example database URLs [here](https://github.com/nocodb/nocodb#docker). ## Database
- `NC_AUTH_JWT_SECRET`: Defines the secret key used for signing JSON Web Tokens (JWTs). This is crucial for ensuring the security and integrity of authentication tokens. | Variable | Mandatory | Description | If Not Set |
- `NC_PUBLIC_URL`: Sets the base URL used for constructing URLs in email templates, generating the Swagger documentation URL, and handling backend URL needs. By default, it infers the URL from the incoming request on the backend. If the server is behind a proxy, this may result in incorrect URLs. Setting this explicitly ensures consistency across the application. | -------- |-----------| ----------- | ---------- |
- `NC_REDIS_URL`: Provides the connection string for your Redis server. Redis is used for caching and improving performance, so setting this variable ensures NocoDB can connect to your Redis instance. | `NC_DB` | Yes | The primary database where all NocoDB metadata and data are stored. Example format: `pg://host.docker.internal:5432?u=username&p=password&d=database_name`. | A local SQLite database will be created in the root folder if `NC_DB` is not specified. |
| `NC_DB_JSON` | No | Allows setting the database connection using a valid [knex connection JSON string](https://knexjs.org/guide/#configuration-options) instead of `NC_DB`. | |
The following table lists all the environment variables that can be set to configure NocoDB: | `NC_DB_JSON_FILE` | No | A path to a knex connection JSON file can be used to specify the database connection, as an alternative to `NC_DB`. | |
| `DATABASE_URL` | No | A [JDBC URL string](https://jdbc.postgresql.org/documentation/use/#connecting-to-the-database) can be used for the database connection instead of `NC_DB`. | |
| Variable | Description | If absent | | `DATABASE_URL_FILE` | No | A path to a file containing a JDBC URL can be specified for the database connection as an alternative to `NC_DB`. | |
| -------- | ----------- |-----------------------------------------------------------------------------------------------------|
| `NC_DB` | See our example database URLs [here](https://github.com/nocodb/nocodb#docker). | A local SQLite database is created in root folder if `NC_DB` is not set. | ## Authentication
| `NC_DB_JSON` | Can be used instead of `NC_DB` and value should be valid knex connection JSON string. | | | Variable | Mandatory | Description | If Not Set |
| `NC_DB_JSON_FILE` | Can be used instead of `NC_DB` and value should be a valid path to knex connection JSON file. | | | -------- |-----------| ----------- | ---------- |
| `DATABASE_URL` | Can be used instead of `NC_DB` and value should be a JDBC URL string. | | | `NC_AUTH_JWT_SECRET` | Yes | This JWT secret is utilized for generating authentication tokens and encrypting credentials for external databases. | A random secret will be generated automatically. |
| `DATABASE_URL_FILE` | Can be used instead of `NC_DB` and value should be a valid path to a JDBC URL file. | | | `NC_JWT_EXPIRES_IN` | No | Specifies the expiration time for JWT tokens. | Defaults to `10h`. |
| `NC_AUTH_JWT_SECRET` | JWT secret used for auth and storing other secrets. | A random secret is generated. | | `NC_GOOGLE_CLIENT_ID` | No | Google client ID required to activate Google authentication. | |
| `NC_PUBLIC_URL` | is the base URL for constructing URLs in email templates, generating the Swagger documentation URL, and handling backend URL requirements. Set it to your public-facing NocoDB URL for consistency across the application. | By default, it infers the URL from the incoming request on the backend. If the server is behind a proxy, this may result in incorrect URLs.| | `NC_GOOGLE_CLIENT_SECRET` | No | Google client secret required to activate Google authentication. | |
| `NC_ADMIN_EMAIL` | Super admin e-mail address. | | | `NC_ADMIN_EMAIL` | No | Super admin email address. This is useful in case you need to recover your username and password. | An initial prompt for email and password is required when accessing the UI for the first time. |
| `NC_ADMIN_PASSWORD` | Super admin password. The password should have at least 8 letters with one uppercase, one number and one special letter. Allowed special characters include `$&+,:;=?@#\|'.^*()%!_-"`. | | | `NC_ADMIN_PASSWORD` | No | Super admin password. Must be at least 8 characters long, including one uppercase letter, one number, and one special character from `$&+,:;=?@#'.^*()%!_-\"`. This is useful for username and password recovery. | |
| `PORT` | Network port NocoDB runs on. | Defaults to `8080`. | | `NC_DISABLE_EMAIL_AUTH` | No | Disables email and password-based authentication, intended for use when Google authentication variables are configured. | |
| `DB_QUERY_LIMIT_DEFAULT` | Pagination limit. | Defaults to `25`. |
| `DB_QUERY_LIMIT_GROUP_BY_GROUP` | Group per page limit. | Defaults to `10`. | ## Storage
| `DB_QUERY_LIMIT_GROUP_BY_RECORD` | Record per group limit. | Defaults to `10`. | | Variable | Mandatory | Description | If Not Set |
| `DB_QUERY_LIMIT_MAX` | Maximum allowed pagination limit. | Defaults to `1000`. | | -------- | --------- | ----------- | ---------- |
| `DB_QUERY_LIMIT_MIN` | Minimum allowed pagination limit. | Defaults to `1`. | | `NC_S3_BUCKET_NAME` | No | The name of the AWS S3 bucket used for the S3 storage plugin. | |
| `NC_TOOL_DIR` | App directory to keep metadata and app related files in. | Defaults to the current working directory. In docker, maps to `/usr/app/data/` for mounting volume. | | `NC_S3_REGION` | No | The AWS S3 region where the S3 storage plugin bucket is located. | |
| `NC_JWT_EXPIRES_IN` | JWT token expiry time | Defaults to `10h`. | | `NC_S3_ACCESS_KEY` | No | The AWS access key ID required for the S3 storage plugin. | |
| `NC_CONNECT_TO_EXTERNAL_DB_DISABLED` | Disable base creation on external databases. | | | `NC_S3_ACCESS_SECRET` | No | The AWS access secret associated with the S3 storage plugin. | |
| `NC_MINIMAL_DBS` | Create a new SQLite file for each base. All the SQLite database files are stored in the `nc_minimal_dbs` folder in the current working directory. Enabling this option automatically sets `NC_CONNECT_TO_EXTERNAL_DB_DISABLED`, i.e. disables base creation on external databases. | | | `NC_ATTACHMENT_FIELD_SIZE` | No | Maximum file size allowed for [attachments](/fields/field-types/custom-types/attachment/) in bytes. | Defaults to `20971520` (20 MiB). |
| `NC_INVITE_ONLY_SIGNUP` | Removed since version 0.99.0, and now it's recommended to use the [super admin settings menu](/account-settings/oss-specific-details#enable--disable-signup). Disable public signup and allow signup only via invitations. | | | `NC_MAX_ATTACHMENTS_ALLOWED` | No | Maximum number of attachments allowed per cell. | Defaults to `10`. |
| `NUXT_PUBLIC_NC_BACKEND_URL` | Custom backend URL. | Defaults to `http://localhost:8080`. | | `NC_SECURE_ATTACHMENTS` | No | Enables access to attachments only through pre-signed URLs. Set to `true` to activate; all other values are treated as `false`. ⚠ Note: Enabling this will make existing links inaccessible. | Defaults to `false`. |
| `NC_REQUEST_BODY_SIZE` | Request body size [limit](https://expressjs.com/en/resources/middleware/body-parser.html#limit) | Defaults to `1048576`. |
| `NC_EXPORT_MAX_TIMEOUT` | After `NC_EXPORT_MAX_TIMEOUT` (in milliseconds), CSV gets downloaded in batches. | Defaults to `5000` (5 seconds). | ## Email Notifications
| `NC_DASHBOARD_URL` | Custom dashboard URL path | Defaults to `/dashboard`. | - The following SMTP variables are used to send email notifications to users, e.g., invites.
| `NC_GOOGLE_CLIENT_ID` | Google client ID to enable Google authentication. | |
| `NC_GOOGLE_CLIENT_SECRET` | Google client secret to enable Google authentication. | | | Variable | Mandatory | Description | If Not Set |
| `NC_MIGRATIONS_DISABLED` | Disable NocoDB migrations. | | | -------- |-----------| ----------- | ---------- |
| `NC_MIN` | Disable default splash screen (initial welcome animation) and matrix screensaver. | | | `NC_SMTP_FROM` | Yes | The email address used as the sender for the SMTP plugin. | *SMTP plugin is disabled if this variable is not set.* |
| `NC_SENTRY_DSN` | Data Source Name (DSN) for Sentry monitoring. | | | `NC_SMTP_HOST` | Yes | The hostname of the email server for the SMTP plugin. | *SMTP plugin is disabled if this variable is not set.* |
| `NC_REDIS_URL` | Redis URL. Example: `redis://:authpassword@127.0.0.1:6380/4` | Meta data is stored in memory. | | `NC_SMTP_PORT` | Yes | The network port of the email server for the SMTP plugin. | *SMTP plugin is disabled if this variable is not set.* |
| `NC_DISABLE_CACHE` | Disable cache. To be used only while debugging. If `true`, meta data is fetched from database instead of redis/cache. | Defaults to `false`. | | `NC_SMTP_USERNAME` | Yes | The username for authentication with the SMTP plugin. | |
| `NC_DISABLE_ERR_REPORT` | Disable error reporting. | | | `NC_SMTP_PASSWORD` | Yes | The password for authentication with the SMTP plugin. | |
| `NC_DISABLE_TELE` | Disable telemetry. | | | `NC_SMTP_SECURE` | Yes | Enables secure authentication for the SMTP plugin. Set to `true` to enable; all other values are considered `false`. | |
| `NC_DISABLE_EMAIL_AUTH` | Disable authentication via e-mail and password. | Authentication via e-mail and password is enabled. | | `NC_SMTP_IGNORE_TLS` | Yes | Ignores TLS for the SMTP plugin. Set to `true` to ignore TLS; all other values are considered `false`. For more details, see [Nodemailer's SMTP documentation](https://nodemailer.com/smtp/). | |
| `NC_DISABLE_AUDIT` | Disable audit log. | Defaults to `false`. |
| `NC_SMTP_FROM` | E-mail sender address for SMTP plugin. | *SMTP plugin is disabled if this variable is not set.* | ## Backend
| `NC_SMTP_HOST` | E-mail server hostname for SMTP plugin. | *SMTP plugin is disabled if this variable is not set.* | | Variable | Mandatory | Description | If Not Set |
| `NC_SMTP_PORT` | E-mail server network for SMTP plugin. | *SMTP plugin is disabled if this variable is not set.* | | -------- | --------- | ----------- | ---------- |
| `NC_SMTP_USERNAME` | Username for authentication in SMTP plugin. | | | `PORT` | No | Specifies the network port on which NocoDB will run. | Defaults to `8080`. |
| `NC_SMTP_PASSWORD` | Password for authentication in SMTP plugin. | | | `NODE_OPTIONS` | No | Node.js [options](https://nodejs.org/api/cli.html#node_optionsoptions) to pass to the instance. | |
| `NC_SMTP_SECURE` | Enable secure authentication in SMTP plugin. Set to `true` to enable, any other value is treated as `false`. | |
| `NC_SMTP_IGNORE_TLS` | Ignore TLS in SMTP plugin. Set to `true` to ignore TLS, any other value is treated as `false`. For more information, visit [Nodemailer's SMTP documentation](https://nodemailer.com/smtp/). | | ## Frontend
| `NC_S3_BUCKET_NAME` | AWS S3 bucket name for S3 storage plugin. | | | Variable | Mandatory | Description | If Not Set |
| `NC_S3_REGION` | AWS S3 region for S3 storage plugin. | | | -------- | --------- | ----------- | ---------- |
| `NC_S3_ACCESS_KEY` | AWS access key ID for S3 storage plugin. | | | `NC_PUBLIC_URL` | No | This is the base URL used for constructing URLs in email templates, generating the Swagger documentation URL, and handling backend URL requirements. It should be set to your public-facing NocoDB URL to ensure consistency across the application. | By default, it infers the URL from the incoming request on the backend. If the server is behind a proxy, this may result in incorrect URLs. |
| `NC_S3_ACCESS_SECRET` | AWS access secret for S3 storage plugin. | | | `NC_DASHBOARD_URL` | No | Defines a custom dashboard URL path. | Defaults to `/dashboard`. |
| `NC_ATTACHMENT_FIELD_SIZE` | Maximum file size for [attachments](/fields/field-types/custom-types/attachment/) in bytes. | Defaults to `20971520` (20 MiB). | | `NUXT_PUBLIC_NC_BACKEND_URL` | No | Specifies a custom backend URL. | Defaults to `http://localhost:8080`. |
| `NC_MAX_ATTACHMENTS_ALLOWED` | Maximum number of attachments per cell. | Defaults to `10`. |
| `NC_SECURE_ATTACHMENTS` | Allow accessing attachments only through pre-signed URLs. Set to `true` to enable, any other value is treated as `false`. (⚠ this will make existing links inaccessible ⚠) | Defaults to `false`. | ## Cache
| `NC_ATTACHMENT_EXPIRE_SECONDS` | Number of seconds after which pre-signed attachment URLs will begin to expire. The URLs will expire after `NC_ATTACHMENT_EXPIRE_SECONDS` plus 10 minutes at the very latest. | Defaults to `7200` (2 hours). | | Variable | Mandatory | Description | If Not Set |
| `NC_AUTOMATION_LOG_LEVEL` | Possible Values: `OFF`, `ERROR`, `ALL`. See [Webhooks](/automation/webhook/create-webhook#call-log) for details. | Defaults to `OFF`. | | -------- |-----------| ----------- | ---------- |
| `NC_ALLOW_LOCAL_HOOKS` | ⚠ Allow webhooks to call local links, which can raise security issues. ⚠ Set to `true` to enable, any other value is treated as `false` | Defaults to `false`. | | `NC_REDIS_URL` | Yes | Specifies the Redis URL used for caching. Example format: `redis://:authpassword@127.0.0.1:6380/4` | Meta data is stored in memory. |
| `NC_SANITIZE_COLUMN_NAME` | Sanitize the column name during column creation. Set to `true` to enable, any other value is treated as `false` | Defaults to `true`. |
| `NODE_OPTIONS` | Node.js [options](https://nodejs.org/api/cli.html#node_optionsoptions) to pass to instance. | | ## Product Configuration
| `LITESTREAM_S3_ENDPOINT` | URL of an S3-compatible object storage service endpoint for [Litestream](https://litestream.io/) replication of NocoDB's default SQLite database. Example: `s3.eu-central-1.amazonaws.com` | Defaults to [AWS S3](https://aws.amazon.com/s3/). | | Variable | Mandatory | Description | If Not Set |
| `LITESTREAM_S3_REGION` | AWS region of the Litestream replication object storage bucket. Note that `LITESTREAM_S3_ENDPOINT` takes precedence if configured (the endpoint URL includes the region). | Defaults to the [default region configured in AWS](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-plan-region.html). | | -------- | --------- | ----------- | ---------- |
| `LITESTREAM_S3_BUCKET` | Name of the object storage bucket to store the Litestream replication in. | *Litestream replication is disabled if this variable is not set.* | | `DB_QUERY_LIMIT_DEFAULT` | No | Default pagination limit for data tables. | Defaults to `25`. |
| `LITESTREAM_S3_PATH` | Directory path to use within the Litestream replication object storage bucket. | Defaults to `nocodb`. | | `DB_QUERY_LIMIT_GROUP_BY_GROUP` | No | Number of groups per page. | Defaults to `10`. |
| `LITESTREAM_S3_ACCESS_KEY_ID` | Authentication key ID for the Litestream replication object storage bucket. | *Litestream replication is disabled if this variable is not set.* | | `DB_QUERY_LIMIT_GROUP_BY_RECORD` | No | Number of records per group. | Defaults to `10`. |
| `LITESTREAM_S3_SECRET_ACCESS_KEY` | Authentication secret for the Litestream replication object storage bucket. | *Litestream replication is disabled if this variable is not set.* | | `DB_QUERY_LIMIT_MAX` | No | Maximum allowable pagination limit. | Defaults to `1000`. |
| `LITESTREAM_S3_SKIP_VERIFY` | Whether to disable TLS verification for the Litestream replication object storage service. This is useful when testing against a local node such as MinIO and you are using self-signed certificates. | Defaults to `false`. | | `DB_QUERY_LIMIT_MIN` | No | Minimum allowable pagination limit. | Defaults to `1`. |
| `LITESTREAM_RETENTION` | Amount of time Litestream snapshot and WAL files are kept. After the retention period, a new snapshot is created and the old one is removed. WAL files that exist before the oldest snapshot will also be removed. | Defaults to `1440h` (60 days). | | `NC_CONNECT_TO_EXTERNAL_DB_DISABLED` | No | Disables the ability to create bases on external databases. | |
| `LITESTREAM_RETENTION_CHECK_INTERVAL` | Frequency in which Litestream will check if retention needs to be enforced. | Defaults to `72h` (3 days). | | `NC_INVITE_ONLY_SIGNUP` | No | Disables public signup; signup is possible only via invitations. Integrated into the [super admin settings menu](/account-settings/oss-specific-details#enable--disable-signup) as of version 0.99.0. | |
| `LITESTREAM_SNAPSHOT_INTERVAL` | Frequency in which new Litestream snapshots are created. A higher frequency reduces the time to restore since newer snapshots will have fewer WAL frames to apply. Retention still applies to these snapshots. | Defaults to `24h` (1 day). | | `NC_REQUEST_BODY_SIZE` | No | Maximum size of the request body, based on [ExpressJS limits](https://expressjs.com/en/resources/middleware/body-parser.html#limit). | Defaults to `1048576` (approximately 1 MB). |
| `LITESTREAM_SYNC_INTERVAL` | Frequency in which frames are pushed to the Litestream replica. Increasing this frequency can increase object storage costs significantly. | Defaults to `60s` (1 minute). | | `NC_EXPORT_MAX_TIMEOUT` | No | Sets a timeout in milliseconds for downloading CSVs in batches if not completed within this period. | Defaults to `5000` (5 seconds). |
| `LITESTREAM_AGE_PUBLIC_KEY` | [age](https://age-encryption.org/) public key generated by `age-keygen` (`age1...`) or SSH public key (`ssh-ed25519 AAAA...`, `ssh-rsa AAAA...`) used to encrypt the Litestream replication for. Refer to the relevant [Litestream documentation](https://litestream.io/reference/config/#encryption) for details. | *Litestream replication is unencrypted if this variable is not set.* | | `NC_ATTACHMENT_EXPIRE_SECONDS` | No | Time in seconds after which pre-signed URLs for attachments start to expire. The actual expiration will occur after this time plus an additional 10 minutes. | Defaults to `7200` (2 hours). |
| `LITESTREAM_AGE_SECRET_KEY` | [age](https://age-encryption.org/) secret key (`AGE-SECRET-KEY-1...`) used to encrypt the Litestream replication with. Refer to the relevant [Litestream documentation](https://litestream.io/reference/config/#encryption) for details. | *Litestream replication is unencrypted if this variable is not set.* | | `NC_ALLOW_LOCAL_HOOKS` | No | Allows webhooks to call local network links, posing potential security risks. Set to `true` to enable; all other values are considered `false`. | Defaults to `false`. |
| `AWS_ACCESS_KEY_ID` | ***Deprecated***. Please use `LITESTREAM_S3_ACCESS_KEY_ID` instead. | | | `NC_SANITIZE_COLUMN_NAME` | No | Enables sanitization of column names during their creation to prevent SQL injection and other security issues. | Defaults to `true`. |
| `AWS_SECRET_ACCESS_KEY` | ***Deprecated***. Please use `LITESTREAM_S3_SECRET_ACCESS_KEY` instead. | | | `NC_TOOL_DIR` | No | Specifies the directory to store metadata and app-related files. In Docker setups, this maps to `/usr/app/data/` for mounting volumes. | Defaults to the current working directory. |
| `AWS_BUCKET` | ***Deprecated***. Please use `LITESTREAM_S3_BUCKET` instead. | | | `NC_MINIMAL_DBS` | No | Creates a new SQLite file for each base. All SQLite database files are stored in the `nc_minimal_dbs` folder. Enabling this also disables base creation on external databases. | |
| `AWS_BUCKET_PATH` | ***Deprecated***. Please use `LITESTREAM_S3_PATH` instead. | | | `NC_MIGRATIONS_DISABLED` | No | Disables NocoDB migrations. | |
| `NC_DISABLE_AUDIT` | No | Disables the audit log feature. | Defaults to `false`. |
| `NC_AUTOMATION_LOG_LEVEL` | No | Configures logging levels for automation features. Possible values: `OFF`, `ERROR`, `ALL`. More details can be found under [Webhooks](/automation/webhook/create-webhook#call-log). | Defaults to `OFF`. |
## Logging & Monitoring
| Variable | Mandatory | Description | If Not Set |
| -------- | --------- | ----------- | ---------- |
| `NC_SENTRY_DSN` | No | Data Source Name (DSN) for integrating with Sentry for monitoring and error tracking. | |
## Debugging Only
| Variable | Mandatory | Description | If Not Set |
| -------- | --------- | ----------- | ---------- |
| `NC_DISABLE_CACHE` | No | Disables caching to force metadata fetching directly from the database instead of Redis/cache. Recommended only during debugging. | Defaults to `false`. |
## Telemetry
| Variable | Mandatory | Description | If Not Set |
| -------- | --------- | ----------- | ---------- |
| `NC_DISABLE_TELE` | No | Disables the telemetry to prevent sending anonymous usage data. Please keep it enabled to help us understand the usage of the product and the impact that any new breaking change can cause. | |
## Litestream
> Litestream is used **only** when `NC_DB` is set to SQLite. It backs up the SQLite database and stores it in S3.
| Variable | Mandatory | Description | If Not Set |
| -------- | --------- | ----------- | ---------- |
| `LITESTREAM_S3_ENDPOINT` | No | URL of an S3-compatible object storage service endpoint for [Litestream](https://litestream.io/) replication of NocoDB's default SQLite database. Example: `s3.eu-central-1.amazonaws.com`. | Defaults to [AWS S3](https://aws.amazon.com/s3/). |
| `LITESTREAM_S3_REGION` | No | AWS region of the Litestream replication object storage bucket. Note that `LITESTREAM_S3_ENDPOINT` takes precedence if configured (the endpoint URL includes the region). | Defaults to the [default region configured in AWS](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-plan-region.html). |
| `LITESTREAM_S3_BUCKET` | No | Name of the object storage bucket to store the Litestream replication in. | *Litestream replication is disabled if this variable is not set.* |
| `LITESTREAM_S3_PATH` | No | Directory path to use within the Litestream replication object storage bucket. | Defaults to `nocodb`. |
| `LITESTREAM_S3_ACCESS_KEY_ID` | No | Authentication key ID for the Litestream replication object storage bucket. | *Litestream replication is disabled if this variable is not set.* |
| `LITESTREAM_S3_SECRET_ACCESS_KEY` | No | Authentication secret for the Litestream replication object storage bucket. | *Litestream replication is disabled if this variable is not set.* |
| `LITESTREAM_S3_SKIP_VERIFY` | No | Whether to disable TLS verification for the Litestream replication object storage service. Useful when testing against a local node such as MinIO and you are using self-signed certificates. | Defaults to `false`. |
| `LITESTREAM_RETENTION` | No | Amount of time Litestream snapshot and WAL files are kept. After the retention period, a new snapshot is created and the old one is removed. WAL files that exist before the oldest snapshot will also be removed. | Defaults to `1440h` (60 days). |
| `LITESTREAM_RETENTION_CHECK_INTERVAL` | No | Frequency in which Litestream will check if retention needs to be enforced. | Defaults to `72h` (3 days). |
| `LITESTREAM_SNAPSHOT_INTERVAL` | No | Frequency in which new Litestream snapshots are created. A higher frequency reduces the time to restore since newer snapshots will have fewer WAL frames to apply. Retention still applies to these snapshots. | Defaults to `24h` (1 day). |
| `LITESTREAM_SYNC_INTERVAL` | No | Frequency in which frames are pushed to the Litestream replica. Increasing this frequency can increase object storage costs significantly. | Defaults to `60s` (1 minute). |
| `LITESTREAM_AGE_PUBLIC_KEY` | No | [age](https://age-encryption.org/) public key generated by `age-keygen` (`age1...`) or SSH public key (`ssh-ed25519 AAAA...`, `ssh-rsa AAAA...`) used to encrypt the Litestream replication for. Refer to the relevant [Litestream documentation](https://litestream.io/reference/config/#encryption) for details. | *Litestream replication is unencrypted if this variable is not set.* |
| `LITESTREAM_AGE_SECRET_KEY` | No | [age](https://age-encryption.org/) secret key (`AGE-SECRET-KEY-1...`) used to encrypt the Litestream replication with. Refer to the relevant [Litestream documentation](https://litestream.io/reference/config/#encryption) for details. | *Litestream replication is unencrypted if this variable is not set.* |
| `AWS_ACCESS_KEY_ID` | No | ***Deprecated***. Please use `LITESTREAM_S3_ACCESS_KEY_ID` instead. | |
| `AWS_SECRET_ACCESS_KEY` | No | ***Deprecated***. Please use `LITESTREAM_S3_SECRET_ACCESS_KEY` instead. | |
| `AWS_BUCKET` | No | ***Deprecated***. Please use `LITESTREAM_S3_BUCKET` instead. | |
| `AWS_BUCKET_PATH` | No | ***Deprecated***. Please use `LITESTREAM_S3_PATH` instead. | |

Write Preview
Loading…
Cancel
Save