143 lines
6 KiB
Text
143 lines
6 KiB
Text
|
# =============================================================================
|
||
|
|
# Dify - Environment Configuration
|
||
|
|
# =============================================================================
|
||
|
|
# Copy this file to .env and adjust values for your deployment.
|
||
|
|
# cp .env.example .env
|
||
|
|
# The actual .env is deployed by Dockhand — do NOT commit it.
|
||
|
|
#
|
||
|
|
# To start:
|
||
|
|
# docker compose up -d
|
||
|
|
# Public URL (behind SWAG): https://dify.ld50.xyz
|
||
|
|
# =============================================================================
|
||
|
|
|
||
|
|
# ---------------------------------------------------------------------------
|
||
|
|
# Database (PostgreSQL)
|
||
|
|
# ---------------------------------------------------------------------------
|
||
|
|
DB_USERNAME=dify
|
||
|
|
DB_PASSWORD=your-secure-password-here
|
||
|
|
DB_DATABASE=dify
|
||
|
|
|
||
|
|
# ---------------------------------------------------------------------------
|
||
|
|
# Cache / Queue (Redis)
|
||
|
|
# ---------------------------------------------------------------------------
|
||
|
|
REDIS_PASSWORD=your-secure-password-here
|
||
|
|
|
||
|
|
# ---------------------------------------------------------------------------
|
||
|
|
# Security
|
||
|
|
# ---------------------------------------------------------------------------
|
||
|
|
# Generate a strong SECRET_KEY: openssl rand -base64 42
|
||
|
|
SECRET_KEY=change-me-to-a-random-generated-key
|
||
|
|
INIT_PASSWORD=change-me-on-first-login
|
||
|
|
|
||
|
|
# ---------------------------------------------------------------------------
|
||
|
|
# LLM Provider (Venice.ai — OpenAI-compatible)
|
||
|
|
# ---------------------------------------------------------------------------
|
||
|
|
# Dify supports any OpenAI-compatible API. Configure your provider here.
|
||
|
|
# Venice.ai is used as the default. Set your Venice API key below.
|
||
|
|
VENICE_API_KEY=your-venice-api-key-here
|
||
|
|
VENICE_API_BASE=https://api.venice.ai/api/v1
|
||
|
|
|
||
|
|
# ---------------------------------------------------------------------------
|
||
|
|
# Embeddings Provider (Voyage AI for Weaviate)
|
||
|
|
# ---------------------------------------------------------------------------
|
||
|
|
# Weaviate's text2vec-voyageai module reads VOYAGEAI_APIKEY at container start.
|
||
|
|
# We map this from VOYAGEAI_API_KEY in docker-compose for readability.
|
||
|
|
VOYAGEAI_API_KEY=your-voyageai-api-key-here
|
||
|
|
|
||
|
|
# ---------------------------------------------------------------------------
|
||
|
|
# Sandbox (secure code execution)
|
||
|
|
# ---------------------------------------------------------------------------
|
||
|
|
SANDBOX_API_KEY=your-sandbox-api-key-here
|
||
|
|
SANDBOX_GIN_MODE=release
|
||
|
|
SANDBOX_WORKER_TIMEOUT=15
|
||
|
|
SANDBOX_ENABLE_NETWORK=true
|
||
|
|
|
||
|
|
# ---------------------------------------------------------------------------
|
||
|
|
# Plugin Daemon
|
||
|
|
# ---------------------------------------------------------------------------
|
||
|
|
PLUGIN_DAEMON_KEY=change-me-to-a-random-generated-key
|
||
|
|
PLUGIN_DIFY_INNER_API_KEY=change-me-to-a-random-generated-key
|
||
|
|
PLUGIN_DAEMON_TIMEOUT=600.0
|
||
|
|
PLUGIN_MAX_PACKAGE_SIZE=52428800
|
||
|
|
PLUGIN_DEBUGGING_PORT=5003
|
||
|
|
EXPOSE_PLUGIN_DEBUGGING_HOST=localhost
|
||
|
|
FORCE_VERIFYING_SIGNATURE=false
|
||
|
|
|
||
|
|
# ---------------------------------------------------------------------------
|
||
|
|
# Exposed Ports
|
||
|
|
# ---------------------------------------------------------------------------
|
||
|
|
# Nginx (internal app proxy container) host ports.
|
||
|
|
# Keep non-80/443 because SWAG usually owns 80/443 on the host.
|
||
|
|
EXPOSE_NGINX_PORT=8089
|
||
|
|
EXPOSE_NGINX_SSL_PORT=8443
|
||
|
|
|
||
|
|
# Plugin daemon debug port (only needed when debugging plugins externally)
|
||
|
|
EXPOSE_PLUGIN_DEBUGGING_PORT=5003
|
||
|
|
|
||
|
|
# ---------------------------------------------------------------------------
|
||
|
|
# URL Configuration
|
||
|
|
# ---------------------------------------------------------------------------
|
||
|
|
# Set these to match your public-facing URLs if behind a reverse proxy.
|
||
|
|
# These defaults work for direct LAN access.
|
||
|
|
CONSOLE_API_URL=https://dify.ld50.xyz
|
||
|
|
CONSOLE_WEB_URL=https://dify.ld50.xyz
|
||
|
|
SERVICE_API_URL=https://dify.ld50.xyz
|
||
|
|
APP_API_URL=https://dify.ld50.xyz
|
||
|
|
APP_WEB_URL=https://dify.ld50.xyz
|
||
|
|
FILES_URL=https://dify.ld50.xyz
|
||
|
|
# Internal Docker-network URL for service-to-service file fetches
|
||
|
|
INTERNAL_FILES_URL=http://dify-api:5001
|
||
|
|
NEXT_PUBLIC_SOCKET_URL=wss://dify.ld50.xyz
|
||
|
|
|
||
|
|
# ---------------------------------------------------------------------------
|
||
|
|
# Storage (upstream-aligned defaults)
|
||
|
|
# ---------------------------------------------------------------------------
|
||
|
|
# Keep these unless you have a reason to change storage backend behavior.
|
||
|
|
STORAGE_TYPE=opendal
|
||
|
|
STORAGE_LOCAL_PATH=storage
|
||
|
|
OPENDAL_SCHEME=fs
|
||
|
|
OPENDAL_ROOT=storage
|
||
|
|
|
||
|
|
# Init-permissions container chowns bind-mounted storage before API/worker start.
|
||
|
|
# 1001:1001 matches upstream Dify container user defaults.
|
||
|
|
DIFY_STORAGE_UID=1001
|
||
|
|
DIFY_STORAGE_GID=1001
|
||
|
|
|
||
|
|
# ---------------------------------------------------------------------------
|
||
|
|
# Vector Store (Weaviate)
|
||
|
|
# ---------------------------------------------------------------------------
|
||
|
|
VECTOR_STORE=weaviate
|
||
|
|
WEAVIATE_ENDPOINT=http://dify-weaviate:8080
|
||
|
|
WEAVIATE_API_KEY=WVF5YThaHlkYwhGUSmCRgsX3tD5ngdN8pkih
|
||
|
|
|
||
|
|
# Weaviate service tuning/auth defaults (must match compose service config)
|
||
|
|
WEAVIATE_PERSISTENCE_DATA_PATH=/var/lib/weaviate
|
||
|
|
WEAVIATE_QUERY_DEFAULTS_LIMIT=25
|
||
|
|
WEAVIATE_ENABLE_MODULES=text2vec-voyageai
|
||
|
|
WEAVIATE_DEFAULT_VECTORIZER_MODULE=text2vec-voyageai
|
||
|
|
WEAVIATE_CLUSTER_HOSTNAME=node1
|
||
|
|
WEAVIATE_AUTHENTICATION_ANONYMOUS_ACCESS_ENABLED=false
|
||
|
|
WEAVIATE_AUTHENTICATION_APIKEY_ENABLED=true
|
||
|
|
WEAVIATE_AUTHENTICATION_APIKEY_ALLOWED_KEYS=WVF5YThaHlkYwhGUSmCRgsX3tD5ngdN8pkih
|
||
|
|
WEAVIATE_AUTHENTICATION_APIKEY_USERS=hello@dify.ai
|
||
|
|
WEAVIATE_AUTHORIZATION_ADMINLIST_ENABLED=true
|
||
|
|
WEAVIATE_AUTHORIZATION_ADMINLIST_USERS=hello@dify.ai
|
||
|
|
WEAVIATE_DISABLE_TELEMETRY=false
|
||
|
|
WEAVIATE_ENABLE_TOKENIZER_GSE=false
|
||
|
|
WEAVIATE_ENABLE_TOKENIZER_KAGOME_JA=false
|
||
|
|
WEAVIATE_ENABLE_TOKENIZER_KAGOME_KR=false
|
||
|
|
|
||
|
|
# ---------------------------------------------------------------------------
|
||
|
|
# Logging
|
||
|
|
# ---------------------------------------------------------------------------
|
||
|
|
LOG_LEVEL=INFO
|
||
|
|
DEBUG=false
|
||
|
|
FLASK_DEBUG=false
|
||
|
|
|
||
|
|
# ---------------------------------------------------------------------------
|
||
|
|
# External Network (SWAG / reverse proxy)
|
||
|
|
# ---------------------------------------------------------------------------
|
||
|
|
# Dify nginx joins this pre-existing Docker network so SWAG can route traffic
|
||
|
|
# to service name `dify-nginx` on port 80.
|
||
|
|
NETWORKS_EXTERNAL_NAME=swag
|