Environments

Common Variables

CONSOLE_API_URL

The backend URL of the console API, used to concatenate the authorization callback. If empty, it is the same domain. Example: https://api.console.dify.ai

CONSOLE_WEB_URL

The front-end URL of the console web, used to concatenate some front-end addresses and for CORS configuration use. If empty, it is the same domain. Example: https://console.dify.ai

SERVICE_API_URL

Service API Url, used to display Service API Base Url to the front-end. If empty, it is the same domain. Example: https://api.dify.ai

APP_API_URL

WebApp API backend Url, used to declare the back-end URL for the front-end API. If empty, it is the same domain. Example: https://app.dify.ai

APP_WEB_URL

WebApp Url, used to display WebAPP API Base Url to the front-end. If empty, it is the same domain. Example: https://api.app.dify.ai

FILES_URL

File preview or download URL prefix, used to display the file preview or download URL to the front-end or as a multi-modal model input; In order to prevent others from forging, the image preview URL is signed and has a 5-minute expiration time.

Server

MODE

Startup mode, only available when starting with docker, not effective when starting from source code.

api
Start API Server.
worker
Start asynchronous queue worker.

DEBUG

Debug mode, default is false. It is recommended to turn on this configuration for local development to prevent some problems caused by monkey patch.

FLASK_DEBUG

Flask debug mode, it can output trace information at the interface when turned on, which is convenient for debugging.

SECRET_KEY

A key used to securely sign session cookies and encrypt sensitive information in the database.

This variable needs to be set when starting for the first time.

You can use openssl rand -base64 42 to generate a strong key.

DEPLOY_ENV

Deployment environment.

PRODUCTION (default)
Production environment.
TESTING
Testing environment. There will be a distinct color label on the front-end page, indicating that this environment is a testing environment.

LOG_LEVEL

Log output level, default is INFO.

It is recommended to set it to ERROR for production.

MIGRATION_ENABLED

When set to true, the database migration will be automatically executed when the container starts, only available when starting with docker, not effective when starting from source code.

You need to manually execute flask db upgrade in the api directory when starting from source code.

CHECK_UPDATE_URL

Whether to enable the version check policy. If set to false, https://updates.dify.ai will not be called for version check.

Since the version interface based on CloudFlare Worker cannot be directly accessed in China at present, setting this variable to empty can shield this interface call.

OPENAI_API_BASE

Used to change the OpenAI base address, default is https://api.openai.com/v1.

When OpenAI cannot be accessed in China, replace it with a domestic mirror address, or when a local model provides OpenAI compatible API, it can be replaced.

Only effective when starting with docker image or docker-compose.

DIFY_BIND_ADDRESS
API service binding address, default: 0.0.0.0, i.e., all addresses can be accessed.
DIFY_PORT
API service binding port number, default 5001.
SERVER_WORKER_AMOUNT
The number of API server workers, i.e., the number of gevent workers. Formula: number of cpu cores x 2 + 1
Reference: https://docs.gunicorn.org/en/stable/design.html#how-many-workers
SERVER_WORKER_CLASS
Defaults to gevent. If using windows, it can be switched to sync or solo.
GUNICORN_TIMEOUT
Request handling timeout. The default is 200, it is recommended to set it to 360 to support a longer sse connection time.
CELERY_WORKER_CLASS
Similar to SERVER_WORKER_CLASS. Default is gevent. If using windows, it can be switched to sync or solo.
CELERY_WORKER_AMOUNT
The number of Celery workers. The default is 1, and can be set as needed.

Database Configuration

The database uses PostgreSQL. Please use the public schema.

DB_USERNAME: username
DB_PASSWORD: password
DB_HOST: database host
DB_PORT: database port number, default is 5432
DB_DATABASE: database name
SQLALCHEMY_POOL_SIZE: The size of the database connection pool. The default is 30 connections, which can be appropriately increased.
SQLALCHEMY_POOL_RECYCLE: Database connection pool recycling time, the default is 3600 seconds.
SQLALCHEMY_ECHO: Whether to print SQL, default is false.

Redis Configuration

This Redis configuration is used for caching and for pub/sub during conversation.

REDIS_HOST: Redis host
REDIS_PORT: Redis port, default is 6379
REDIS_DB: Redis Database, default is 0. Please use a different Database from Session Redis and Celery Broker.
REDIS_USERNAME: Redis username, default is empty
REDIS_PASSWORD: Redis password, default is empty. It is strongly recommended to set a password.
REDIS_USE_SSL: Whether to use SSL protocol for connection, default is false

Celery Configuration

CELERY_BROKER_URL

Format as follows:

redis://<redis_username>:<redis_password>@<redis_host>:<redis_port>/<redis_database>

Example: redis://:difyai123456@redis:6379/1

BROKER_USE_SSL
If set to true, use SSL protocol for connection, default is false

CORS Configuration

Used to set the front-end cross-domain access policy.

CONSOLE_CORS_ALLOW_ORIGINS
Console CORS cross-domain policy, default is *, that is, all domains can access.
WEB_API_CORS_ALLOW_ORIGINS
WebAPP CORS cross-domain policy, default is *, that is, all domains can access.

File Storage Configuration

Used to store uploaded data set files, team/tenant encryption keys, and other files.

STORAGE_TYPE
Type of storage facility
- local (default)
  Local file storage, if this option is selected, the following STORAGE_LOCAL_PATH configuration needs to be set.
- s3
  S3 object storage, if this option is selected, the following S3_ prefixed configurations need to be set.
- azure-blob
  Azure Blob object storage, if this option is selected, the following AZURE_BLOB_ prefixed configurations need to be set.
STORAGE_LOCAL_PATH
Default is storage, that is, it is stored in the storage directory of the current directory.
If you are deploying with docker or docker-compose, be sure to mount the /app/api/storage directory in both containers to the same local directory, otherwise, you may encounter file not found errors.
S3_ENDPOINT: S3 endpoint address
S3_BUCKET_NAME: S3 bucket name
S3_ACCESS_KEY: S3 Access Key
S3_SECRET_KEY: S3 Secret Key
S3_REGION: S3 region information, such as: us-east-1
AZURE_BLOB_ACCOUNT_NAME: your-account-name eg, 'difyai'
AZURE_BLOB_ACCOUNT_KEY: your-account-key eg, 'difyai'
AZURE_BLOB_CONTAINER_NAME: your-container-name eg, 'difyai-container'
AZURE_BLOB_ACCOUNT_URL: 'https://<your_account_name>.blob.core.windows.net'

Vector Database Configuration

VECTOR_STORE
- Available enumeration types include：
  - weaviate
  - qdrant
  - milvus
  - zilliz (share the same configuration as milvus)
  - pinecone (not yet open)
WEAVIATE_ENDPOINT
Weaviate endpoint address, such as: http://weaviate:8080.
WEAVIATE_API_KEY
The api-key credential used to connect to Weaviate.
WEAVIATE_BATCH_SIZE
The number of index Objects created in batches in Weaviate, default is 100.
Refer to this document: https://weaviate.io/developers/weaviate/manage-data/import#how-to-set-batch-parameters
WEAVIATE_GRPC_ENABLED
Whether to use the gRPC method to interact with Weaviate, performance will greatly increase when enabled, may not be usable locally, default is true.
QDRANT_URL
Qdrant endpoint address, such as: https://your-qdrant-cluster-url.qdrant.tech/
QDRANT_API_KEY
The api-key credential used to connect to Qdrant.
PINECONE_API_KEY
The api-key credential used to connect to Pinecone.
PINECONE_ENVIRONMENT
The environment where Pinecone is located, such as: us-east4-gcp
MILVUS_HOST
Milvus host configuration.
MILVUS_PORT
Milvus port configuration.
MILVUS_USER
Milvus user configuration, default is empty.
MILVUS_PASSWORD
Milvus password configuration, default is empty.
MILVUS_SECURE
Whether Milvus uses SSL connection, default is false.

Knowledge Configuration

UPLOAD_FILE_SIZE_LIMIT:
Upload file size limit, default 15M.
UPLOAD_FILE_BATCH_LIMIT
The maximum number of files that can be uploaded at a time, default 5.
ETL_TYPE
Available enumeration types include:
- dify
  Dify's proprietary file extraction scheme
- Unstructured
  Unstructured.io file extraction scheme
UNSTRUCTURED_API_URL
Unstructured API path, needs to be configured when ETL_TYPE is Unstructured.
For example: http://unstructured:8000/general/v0/general

MULTIMODAL_SEND_IMAGE_FORMAT
The format of the image sent when the multi-modal model is input, the default is base64, optional url. The delay of the call in url mode will be lower than that in base64 mode. It is generally recommended to use the more compatible base64 mode. If configured as url, you need to configure FILES_URL as an externally accessible address so that the multi-modal model can access the image.
UPLOAD_IMAGE_FILE_SIZE_LIMIT
Upload image file size limit, default 10M.

Sentry Configuration

Used for application monitoring and error log tracking.

SENTRY_DSN
Sentry DSN address, default is empty, when empty, all monitoring information is not reported to Sentry.
SENTRY_TRACES_SAMPLE_RATE
The reporting ratio of Sentry events, if it is 0.01, it is 1%.
SENTRY_PROFILES_SAMPLE_RATE
The reporting ratio of Sentry profiles, if it is 0.01, it is 1%.

Notion Integration Configuration

Notion integration configuration variables can be obtained by applying for Notion integration: https://www.notion.so/my-integrations

NOTION_INTEGRATION_TYPE: Configure as "public" or "internal". Since Notion's OAuth redirect URL only supports HTTPS, if deploying locally, please use Notion's internal integration.
NOTION_CLIENT_SECRET: Notion OAuth client secret (used for public integration type)
NOTION_CLIENT_ID: OAuth client ID (used for public integration type)
NOTION_INTERNAL_SECRET: Notion internal integration secret. If the value of NOTION_INTEGRATION_TYPE is "internal", you need to configure this variable.

MAIL_TYPE
- resend
  - MAIL_DEFAULT_SEND_FROM The sender's email name, such as: no-reply no-reply@dify.ai, not mandatory.
  - RESEND_API_KEY API-Key for the Resend email provider, can be obtained from API-Key.
- smtp
  - SMTP_SERVER SMTP server address
  - SMTP_PORT SMTP server port number
  - SMTP_USERNAME SMTP username
  - SMTP_PASSWORD SMTP password
  - SMTP_USE_TLS Whether to use TLS, default is false
  - MAIL_DEFAULT_SEND_FROM The sender's email name, such as: no-reply no-reply@dify.ai, not mandatory.

Others

INVITE_EXPIRY_HOURS: Member invitation link valid time (hours), Default: 72.

Web Frontend

SENTRY_DSN

Sentry DSN address, default is empty, when empty, all monitoring information is not reported to Sentry.

Deprecated

CONSOLE_URL

⚠️ Modified in 0.3.8, will be deprecated in 0.4.9, replaced by: CONSOLE_API_URL and CONSOLE_WEB_URL.

Console URL, used to concatenate the authorization callback, console front-end address, and CORS configuration use. If empty, it is the same domain. Example: https://console.dify.ai.

API_URL

⚠️ Modified in 0.3.8, will be deprecated in 0.4.9, replaced by SERVICE_API_URL.

API URL, used to display Service API Base URL to the front-end. If empty, it is the same domain. Example: https://api.dify.ai

APP_URL

⚠️ Modified in 0.3.8, will be deprecated in 0.4.9, replaced by APP_API_URL and APP_WEB_URL.