Environment variables reference¶
Note 1 : Some variable default values might change depending on the selected start mode (Docker or Developer), especially URL-related ones
Note 2 : Relative paths start from the executing service directory
| Name | Service | Description | Default value |
| BROKER_HOST | All services | Redis broker URL (must be the same across services) | redis://localhost:6379/0 |
| BROKER_PASSWORD | All services | Redis broker password | |
| BROKER_NAMESPACE | All services | Optional namespace to segment events in case the same database instance is shared by multiple platforms | |
| BROKER_TOPIC_MAXLEN | All services | Redis streams max length before getting truncated (See Capped Streams) | 10000 |
| BROKER_EMIT_MAXLEN | All services | Maximum size (in bytes) of emitted events | 100000 |
| PERMISSIONS_STORAGE_HOST | All services | MongoDB URL for permissions storage (must be the same for both workspaces & events) | mongodb://localhost:27017/permissions |
| OPENAPI_FILEPATH | All services | Requests & events validation swagger file path | ../specifications/swagger.yml |
| GATEWAY_API_HOST | api-gateway, workspaces | api-gateway internal URL for internal requests (i.e contact fetching) | http://localhost:3001/v2 |
| API_URL | console, pages, api-gateway, runtime | api-gateway public URL | http://studio.local.prisme.ai:3001/v2 |
| CONSOLE_URL | api-gateway, console, pages, runtime | Studio URL, used for emails, auth redirections & runtime variable {{global.studioUrl}} | http://studio.local.prisme.ai:3000 |
| PAGES_HOST | api-gateway, console, pages, runtime | Pages base domain starting with a '.', workspace slug will be prefixed as a subdomain. Used for pages builder, pages sign in redirection from api gateway, & runtime variable {{global.pagesUrl}} | .pages.local.prisme.ai:3100 |
| UPLOADS_MAX_SIZE | workspaces,api-gateway,runtime | Max upload size in bytes | 10000000 (10MB) |
| OIDC_PROVIDER_URL | api-gateway, pages, console, runtime | OIDC Authorization server URL. You don't need to define this OIDC variable if you intend to add another provider | API_URL env var, without any base path. |
| OIDC_STUDIO_CLIENT_ID | api-gateway, console | Studio OIDC client id | local-client-id |
| OIDC_STUDIO_CLIENT_SECRET | api-gateway | Studio OIDC client secret, only known by api-gateway | local-client-id |
| OIDC_CLIENT_REGISTRATION_TOKEN | api-gateway | Access token required for OIDC clients registration API | local-client-id |
| OIDC_WELL_KNOWN_URL | api-gateway | OIDC provider configuration discovery URL (only if it's an external provider) | |
| SESSION_COOKIES_MAX_AGE | api-gateway | Auth server session cookies expiration (in seconds) | 2592000 (1 month) |
| ACCESS_TOKENS_MAX_AGE | api-gateway | Session expiration, used for both anonymous & authenticated sessions (in seconds) | 2592000 (1 month) |
| JWKS_FILEPATH | api-gateway, runtime | JWKS file path for access token JWT signing. Also used for runtime fetch instruction with current user session | root jwks.json file |
| JWKS_URL | api-gateway | Defines the endpoint to call in order to retrieve the JWKS as part of our JWKS strategy. You might want to change this value using an internal api-gateway hostname if your are using our local provider (example: http://api-gateway/oidc/jwks). |
OIDC_PROVIDER_URL/oidc/jwks |
| SESSION_COOKIES_SIGN_SECRET | api-gateway | Session cookies signing secret | |
| PORT | console | Listening port number | 3000 |
| PORT | api-gateway | Listening port number | 3001 |
| GATEWAY_CONFIG_PATH | api-gateway | gateway.config.yml path | ../../gateway.config.yml |
| AUTH_PROVIDERS_CONFIG | api-gateway | authProviders.config.yml path | ../../authProviders.config.yml |
| INTERNAL_API_KEY | api-gateway, workspaces | API Key allowing internal services fetching events /sys/cleanup API | |
| USERS_STORAGE_HOST | api-gateway | MongoDB URL for users storage | mongodb://localhost:27017/users |
| SESSIONS_STORAGE_HOST | api-gateway | Redis URL for sessions storage | redis://localhost:6379/0 |
| SESSIONS_STORAGE_PASSWORD | api-gateway | Redis password for sessions storage | |
| PASSWORD_VALIDATION_REGEXP | api-gateway | Password validation regular expression | .{8,32} |
| EMAIL_VALIDATION_ENABLED | api-gateway | Enable email validation on signup | true |
| WORKSPACES_API_URL | api-gateway | prismeai-workspaces internal URL | http://workspaces:3002 |
| EVENTS_API_URL | api-gateway | prismeai-events internal URL | http://events:3004 |
| RUNTIME_API_URL | api-gateway | prismeai-runtime internal URL | http://runtime:3003 |
| X_FORWARDED_HEADERS | api-gateway | Add X-Forwarded-* headers on proxied requests | yes |
| SUPER_ADMIN_EMAILS | api-gateway | List of users emails which should have access to every workspaces. Each email should be separated with a comma. Example: john.doe@foo.com,admin@bar.ai |
None |
| PORT | events | Listening port number | 3004 |
| EVENTS_STORAGE_ES_HOST | events | Elasticsearch URL for events persistance | http://localhost:9200 |
| EVENTS_STORAGE_ES_USER | events | Elasticsearch user for events persistance | |
| EVENTS_STORAGE_ES_PASSWORD | events | Elasticsearch password for events persistance | |
| EVENTS_TOPICS_CACHE_HOST | events | Redis URL for event userTopics persistance. | BROKER_HOST variable |
| EVENTS_TOPICS_CACHE_PASSWORD | events | Redis password for event userTopics persistance. | |
| EVENTS_BUFFER_FLUSH_AT | events | Persists events in the data lake each N events | 128 |
| EVENTS_BUFFER_HIGH_WATERMARK | events | Stops listening for new events to be persisted when N events are already waiting to be persisted | 256 |
| EVENTS_BUFFER_FLUSH_EVERY | events | Persists events every N milliseconds even if EVENTS_BUFFER_FLUSH_AT has not been reached | 5000 |
| EVENTS_RETENTION_DAYS | events | Number of days events are kept inside the data lake before being removed | 180 |
| EVENTS_SCHEDULED_DELETION_DAYS | events | Number of days events are kept inside the data lake after deleting their workspace | 90 |
| SOCKETIO_REDIS_HOST | events | Redis host for socket.io redis adapter | Same as BROKER_HOST env var |
| SOCKETIO_REDIS_PASSWORD | events | Redis password for socket.io redis adapter | Same as BROKER_PASSWORD env var |
| SOCKETIO_COOKIE_MAX_AGE | events | Socket.io cookie maxAge | Default value from 'cookie' NodeJS module |
| EVENTS_STORAGE_ES_BULK_REFRESH | events | Enable Elastic "refresh" option when bulk inserting events (might induce overhead) | no |
| WORKSPACES_STORAGE_TYPE | runtime & workspaces | Workspaces storage driver (FILESYSTEM | S3_LIKE | AZURE_BLOB). Must be the same instance for both runtime & workspaces. | FILESYSTEM |
| WORKSPACES_STORAGE_FILESYSTEM_DIRPATH | runtime & workspaces | Workspaces filesystem storage : directory path | ../../data/models/ |
| UPLOADS_STORAGE_FILESYSTEM_DIRPATH | runtime & workspaces | Uploads filesystem storage : directory path | ../../data/models/ |
| WORKSPACES_STORAGE_S3_LIKE_ACCESS_KEY | runtime & workspaces | Workspaces s3 like storage : access key | |
| WORKSPACES_STORAGE_S3_LIKE_SECRET_KEY | runtime & workspaces | Workspaces s3 like storage : secret key | |
| WORKSPACES_STORAGE_S3_LIKE_BASE_URL | runtime & workspaces | Workspaces s3 like storage : base download url. If omitted, workspaces API will be used as proxy | |
| WORKSPACES_STORAGE_S3_LIKE_ENDPOINT | runtime & workspaces | Workspaces s3 like storage : endpoint | |
| WORKSPACES_STORAGE_S3_LIKE_BUCKET_NAME | runtime & workspaces | Workspaces s3 like storage : bucket name | |
| WORKSPACES_STORAGE_S3_LIKE_REGION | runtime & workspaces | Workspaces s3 like storage : region | |
| UPLOADS_STORAGE_S3_LIKE_ACCESS_KEY | runtime & workspaces | Uploads s3 like storage : access key | |
| UPLOADS_STORAGE_S3_LIKE_SECRET_KEY | runtime & workspaces | Uploads s3 like storage : secret key | |
| UPLOADS_STORAGE_S3_LIKE_BASE_URL | runtime & workspaces | Uploads s3 like storage : base url | |
| UPLOADS_STORAGE_S3_LIKE_ENDPOINT | runtime & workspaces | Uploads s3 like storage : endpoint | |
| UPLOADS_STORAGE_S3_LIKE_BUCKET_NAME | runtime & workspaces | Uploads s3 like storage : bucket name | |
| UPLOADS_STORAGE_S3_LIKE_REGION | runtime & workspaces | Uploads s3 like storage : region | |
| WORKSPACES_STORAGE_AZURE_BLOB_CONTAINER | runtime & workspaces | Workspaces Azure Blob container name | models |
| WORKSPACES_STORAGE_AZURE_BLOB_CONNECTION_STRING | runtime & workspaces | Workspaces Azure Blob connection string | models |
| UPLOADS_STORAGE_AZURE_BLOB_CONTAINER | runtime & workspaces | Uploads Azure Blob container name | models |
| UPLOADS_STORAGE_AZURE_BLOB_CONNECTION_STRING | runtime & workspaces | Uploads Azure Blob connection string | |
| UPLOADS_STORAGE_AZURE_BLOB_BASE_URL | runtime & workspaces | Base public download url for uploads azure blob container : If omitted, workspaces API will be used as proxy | |
| PORT | runtime | Listening port number | 3003 |
| CONTEXTS_CACHE_HOST | runtime | Redis URL for contexts persistance. | redis://localhost:6379/0 |
| CONTEXTS_CACHE_PASSWORD | runtime | Redis password for contexts persistance. | |
| MAXIMUM_SUCCESSIVE_CALLS | runtime | Maximum number of automation execution for the same correlation id (i.e initiated by the same webhook or external event) | 20 |
| CONTEXT_RUN_EXPIRE_TIME | runtime | Run context expiration time in seconds. | 60 |
| CONTEXT_UNAUTHENTICATED_SESSION_EXPIRE_TIME | runtime | Session context expiration time in seconds for unauthenticated sessions | 60*60 (1 hour) |
| ADDITIONAL_GLOBAL_VARS_* | runtime | Additional variables that will be available from global context (ADDITIONAL_GLOBAL_VARS_apiUrl will be available as {{global.apiUrl}}). | None |
| WORKSPACE_CONFIG_{{workspaceSlug}}_{{variableName}} | runtime | Additional variables that will be available for a specific workspace. (WORKSPACE_CONFIG_knowledge-manager_secretApiKey will be available at {{config.secretApiKey}} within the automations of the knowledge-manager workspace). |
None |
| APP_CONFIG_{{appSlug}}_{{variableName}} | runtime | Additional variables that will be available for a specific app.
(APP_CONFIG_MailSender_mailApiKey will be available as {{config.mailApiKey}} within the automations of an instance of the MailSender app). Useful if you want to publish your app without compromising a secret. |
None |
| PORT | workspaces | Listening port number | 3002 |
| UPLOADS_STORAGE_TYPE | workspaces | Uploads storage driver (FILESYSTEM | S3_LIKE). Must be the same instance for workspaces. | FILESYSTEM |
| UPLOADS_STORAGE_FILESYSTEM_DIRPATH | workspaces | Uploads filesystem storage : directory path | ../../data/uploads |
| UPLOADS_STORAGE_S3_LIKE_ACCESS_KEY | workspaces | Uploads s3 like storage : access key | |
| UPLOADS_STORAGE_S3_LIKE_SECRET_KEY | workspaces | Uploads s3 like storage : secret key | |
| UPLOADS_STORAGE_S3_LIKE_BASE_URL | workspaces | Uploads s3 like storage : base url | |
| UPLOADS_STORAGE_S3_LIKE_ENDPOINT | workspaces | Uploads s3 like storage : endpoint | |
| UPLOADS_STORAGE_S3_LIKE_BUCKET_NAME | workspaces | Uploads s3 like storage : bucket name | |
| UPLOADS_STORAGE_S3_LIKE_REGION | workspaces | Uploads s3 like storage : region | |
| UPLOADS_FILESYSTEM_DOWNLOAD_URL | workspaces | Base download URL for files uploaded to filesystem driver | Upload/Get request URL |
| UPLOADS_ALLOWED_MIMETYPES | workspaces | Allowed upload MIME types, comma-separated | image/*,text/*,video/*,audio/*,application/* |
| UPLOADS_DEFAULT_VISIBILITY | workspaces | If not explicitly set in API request, default uploads visibility | public |