forked from langgenius/dify-plugin-daemon
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy path.env.example
More file actions
206 lines (171 loc) · 7.02 KB
/
.env.example
File metadata and controls
206 lines (171 loc) · 7.02 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
SERVER_HOST=0.0.0.0
SERVER_PORT=5002
SERVER_KEY=lYkiYYT6owG+71oLerGzA7GXCgOT++6ovaezWAjpCjf+Sjc3ZtU+qUEi
GIN_MODE=release
PLATFORM=local
DIFY_INNER_API_KEY="QaHbTe77CtuXmsfyhR7+vRjI/+XbV1AaFy691iy+kGDv2Jvy0/eAh8Y1"
DIFY_INNER_API_URL=http://127.0.0.1:5001
PLUGIN_REMOTE_INSTALLING_ENABLED=true
PLUGIN_REMOTE_INSTALLING_HOST=127.0.0.1
PLUGIN_REMOTE_INSTALLING_PORT=5003
# s3 credentials
S3_USE_AWS=true
S3_USE_AWS_MANAGED_IAM=false
S3_ENDPOINT=
S3_USE_PATH_STYLE=true
AWS_ACCESS_KEY=
AWS_SECRET_KEY=
AWS_REGION=
# tencent cos credentials
TENCENT_COS_SECRET_KEY=
TENCENT_COS_SECRET_ID=
TENCENT_COS_REGION=
# aliyun oss credentials
ALIYUN_OSS_REGION=
ALIYUN_OSS_ENDPOINT=
ALIYUN_OSS_ACCESS_KEY_ID=
ALIYUN_OSS_ACCESS_KEY_SECRET=
ALIYUN_OSS_AUTH_VERSION=v4
ALIYUN_OSS_PATH=
ALIYUN_OSS_CLOUDBOX_ID=
# azure blob storage credentials
AZURE_BLOB_STORAGE_CONTAINER_NAME=
AZURE_BLOB_STORAGE_CONNECTION_STRING=
# volcengine tos
VOLCENGINE_TOS_ENDPOINT=
VOLCENGINE_TOS_ACCESS_KEY=
VOLCENGINE_TOS_SECRET_KEY=
VOLCENGINE_TOS_REGION=
# gcs storage credentials base64 string
GCS_CREDENTIALS=
# huawei obs credentials
HUAWEI_OBS_ACCESS_KEY=
HUAWEI_OBS_SECRET_KEY=
HUAWEI_OBS_SERVER=
HUAWEI_OBS_PATH_STYLE=false
# services storage
# https://github.com/langgenius/dify-cloud-kit/blob/main/oss/factory/factory.go
PLUGIN_STORAGE_TYPE=local
PLUGIN_STORAGE_OSS_BUCKET=
PLUGIN_STORAGE_LOCAL_ROOT=./storage
# where the plugin finally installed
PLUGIN_INSTALLED_PATH=plugin
# where the plugin finally running and working
PLUGIN_WORKING_PATH=cwd
# persistence storage
PERSISTENCE_STORAGE_PATH=persistence
PERSISTENCE_STORAGE_MAX_SIZE=104857600
# plugin webhook
PLUGIN_WEBHOOK_ENABLED=true
# routine pool
ROUTINE_POOL_SIZE=1024
# redis
REDIS_HOST=127.0.0.1
REDIS_PORT=6379
REDIS_PASSWORD=difyai123456
REDIS_DB=0
REDIS_USE_SSL=false
# SSL configuration for Redis (when REDIS_USE_SSL=true)
REDIS_SSL_CERT_REQS=CERT_NONE
# REDIS_SSL_CERT_REQS controls how server certificates are verified:
# - CERT_NONE: Skips all certificate verification (insecure, sets InsecureSkipVerify=true)
# Use only in development/testing environments. This is the default in this example file.
# - CERT_OPTIONAL: Requires valid certificate verification (same as CERT_REQUIRED for client-side TLS)
# CERT_OPTIONAL is treated as CERT_REQUIRED because servers almost always present
# certificates, and the client's choice is whether to validate them or not
# Uses system's default CA certificates if REDIS_SSL_CA_CERTS is not provided
# - CERT_REQUIRED: Requires valid certificate verification (most secure, sets InsecureSkipVerify=false)
# Recommended for production environments
# IMPORTANT: REDIS_SSL_CA_CERTS must be provided, otherwise the application will fail to start
# - Empty string: Behaves like CERT_OPTIONAL (secure, enables verification, but allows system CA certificates)
# This is the default when REDIS_SSL_CERT_REQS is not set
REDIS_SSL_CA_CERTS=
# Path to the CA certificate file for SSL verification, e.g. /path/to/ca.crt
# REQUIRED when REDIS_SSL_CERT_REQS=CERT_REQUIRED
# Optional for CERT_OPTIONAL (uses system's default CA certificates if not provided)
# Ignored when REDIS_SSL_CERT_REQS=CERT_NONE
# Whether to use Redis Sentinel mode.
# If set to true, the application will automatically discover and connect to the master node through Sentinel.
REDIS_USE_SENTINEL=false
# List of Redis Sentinel nodes. If Sentinel mode is enabled, provide at least one Sentinel IP and port.
# Format: `<sentinel1_ip>:<sentinel1_port>,<sentinel2_ip>:<sentinel2_port>,<sentinel3_ip>:<sentinel3_port>`
REDIS_SENTINELS=
REDIS_SENTINEL_SERVICE_NAME=
REDIS_SENTINEL_USERNAME=
REDIS_SENTINEL_PASSWORD=
REDIS_SENTINEL_SOCKET_TIMEOUT=0.1
DB_TYPE=postgresql
DB_USERNAME=postgres
DB_PASSWORD=difyai123456
DB_HOST=localhost
DB_PORT=5432
DB_DATABASE=dify_plugin
# Specifies the SSL mode for the database connection.
# Possible values include 'disable', 'require', 'verify-ca', and 'verify-full'.
# 'disable' means SSL is not used for the connection.
DB_SSL_MODE=disable
# database connection pool settings
DB_MAX_IDLE_CONNS=10
DB_MAX_OPEN_CONNS=30
DB_CONN_MAX_LIFETIME=3600
# DB_EXTRAS in GORM format
DB_EXTRAS=
DB_CHARSET=
DIFY_INVOCATION_CONNECTION_IDLE_TIMEOUT=120
MAX_PLUGIN_PACKAGE_SIZE=52428800
# dify serverless connector
DIFY_PLUGIN_SERVERLESS_CONNECTOR_URL=http://127.0.0.1:5004
DIFY_PLUGIN_SERVERLESS_CONNECTOR_API_KEY=HeRFb6yrzAy5vUSlJWK2lUl36mpkaRycv4witbQpucXacgXg7G9a8gVL
# python interpreter, if you are using local runtime, you should set this path to your python interpreter path
# otherwise, it should be /usr/bin/python3
# PYTHON_INTERPRETER_PATH=/usr/bin/python3
# uv path, if you are using local runtime, you should set this path to your local uv path
# otherwise, it will use `from uv._find_uv import find_uv_bin; print(find_uv_bin())`
# UV_PATH=
# python environment init timeout, if the python environment init process is not finished within this time, it will be killed
PYTHON_ENV_INIT_TIMEOUT=120
# log settings
# LOG_OUTPUT_FORMAT: text or json
LOG_OUTPUT_FORMAT=text
# pprof enabled, for debugging
PPROF_ENABLED=false
# OpenTelemetry
ENABLE_OTEL=false
OTLP_TRACE_ENDPOINT=
OTLP_METRIC_ENDPOINT=
OTLP_BASE_ENDPOINT=http://localhost:4318
OTEL_API_KEY=
OTEL_EXPORTER_OTLP_PROTOCOL=http/protobuf
OTEL_EXPORTER_TYPE=otlp
OTEL_SAMPLING_RATE=1.0
OTEL_BATCH_EXPORT_SCHEDULE_DELAY=5000
OTEL_MAX_QUEUE_SIZE=2048
OTEL_MAX_EXPORT_BATCH_SIZE=512
OTEL_METRIC_EXPORT_INTERVAL=60000
OTEL_BATCH_EXPORT_TIMEOUT=10000
OTEL_METRIC_EXPORT_TIMEOUT=30000
# FORCE_VERIFYING_SIGNATURE, for security, you should set this to true, pls be sure you know what you are doing
# if want to install plugin without verifying signature, set this to false
FORCE_VERIFYING_SIGNATURE=true
# Enable or disable third-party signature verification for plugins
# Set to "true" to allow verification using additional public keys specified in THIRD_PARTY_SIGNATURE_VERIFICATION_PUBLIC_KEYS
THIRD_PARTY_SIGNATURE_VERIFICATION_ENABLED=false
# A comma-separated list of file paths to public keys in addition to the official public key for signature verification
THIRD_PARTY_SIGNATURE_VERIFICATION_PUBLIC_KEYS=
# Enforce signature verification for plugins claiming Langgenius authorship
# Set to "false" to allow installation of unsigned plugins claiming to be from Langgenius (security risk)
# Community and partner plugins that don't claim Langgenius authorship are not affected
ENFORCE_LANGGENIUS_PLUGIN_SIGNATURES=true
# proxy settings, example: HTTP_PROXY=http://host.docker.internal:7890
HTTP_PROXY=
HTTPS_PROXY=
# plugin stdio buffer size(local runtime, will be deprecated in future version)
PLUGIN_STDIO_BUFFER_SIZE=1024
PLUGIN_STDIO_MAX_BUFFER_SIZE=5242880
# plugin runtime buffer size(serverless & local runtime)
PLUGIN_RUNTIME_BUFFER_SIZE=1024
PLUGIN_RUNTIME_MAX_BUFFER_SIZE=5242880
# dify backwards invocation write timeout in milliseconds
DIFY_BACKWARDS_INVOCATION_WRITE_TIMEOUT=5000
# dify backwards invocation read timeout in milliseconds
DIFY_BACKWARDS_INVOCATION_READ_TIMEOUT=240000