Announcing the Appwrite OSS Fund, Learn More! 🤑
Docs

Environment Variables

Appwrite environment variables allow you to edit your server setup configuration and customize it. You can easily change the environment variables by changing them when running Appwrite using Docker CLI or Docker Compose.

Updating your Appwrite environment variables requires you to edit your Appwrite .env file. Your Docker files should be located inside the "appwrite" folder at the location where you first run the Appwrite installation script. It's recommended to use the .env file as a central point for updating your Appwrite configuration rather than changing them directly in your docker-compose.yml file.

After editing your docker-compose.yml or .env files, you will need to restart your Appwrite stack by running the following compose command in your terminal:

docker-compose up -d

All Options:

General

Name Description
_APP_ENV

Set your server running environment. By default, the var is set to 'development'. When deploying to production, change it to: 'production'.

_APP_LOCALE

Set your Appwrite's locale. By default, the locale is set to 'en'.

_APP_OPTIONS_ABUSE

Allows you to disable abuse checks and API rate limiting. By default, set to 'enabled'. To cancel the abuse checking, set to 'disabled'. It is not recommended to disable this check-in a production environment.

_APP_OPTIONS_FORCE_HTTPS

Allows you to force HTTPS connection to your API. This feature redirects any HTTP call to HTTPS and adds the 'Strict-Transport-Security' header to all HTTP responses. By default, set to 'enabled'. To disable, set to 'disabled'. This feature will work only when your ports are set to default 80 and 443.

_APP_OPENSSL_KEY_V1

This is your server private secret key that is used to encrypt all sensitive data on your server. Appwrite server encrypts all secret data on your server like webhooks, HTTP passwords, user sessions, and storage files. The var is not set by default, if you wish to take advantage of Appwrite encryption capabilities you should change it and make sure to keep it a secret and have a backup for it.

_APP_DOMAIN

Your Appwrite domain address. When setting a public suffix domain, Appwrite will attempt to issue a valid SSL certificate automatically. When used with a dev domain, Appwrite will assign a self-signed SSL certificate. The default value is 'localhost'.

_APP_DOMAIN_TARGET

A DNS A record hostname to serve as a CNAME target for your Appwrite custom domains. You can use the same value as used for the Appwrite '_APP_DOMAIN' variable. The default value is 'localhost'.

_APP_CONSOLE_WHITELIST_ROOT

version >= 0.8.0

This option allows you to disable the creation of new users on the Appwrite console. When enabled only 1 user will be able to use the registration form. New users can be added by inviting them to your project. By default this option is enabled.

_APP_CONSOLE_WHITELIST_EMAILS

This option allows you to limit creation of new users on the Appwrite console. This option is very useful for small teams or sole developers. To enable it, pass a list of allowed email addresses separated by a comma.

_APP_CONSOLE_WHITELIST_IPS

This last option allows you to limit creation of users in Appwrite console for users sharing the same set of IP addresses. This option is very useful for team working with a VPN service or a company IP.\n\nTo enable/activate this option, pass a list of allowed IP addresses separated by a comma.

_APP_SYSTEM_EMAIL_NAME

version >= 0.7.0

This is the sender name value that will appear on email messages sent to developers from the Appwrite console. The default value is: 'Appwrite'. You can use url encoded strings for spaces and special chars.

_APP_SYSTEM_EMAIL_ADDRESS

version >= 0.7.0

This is the sender email address that will appear on email messages sent to developers from the Appwrite console. The default value is 'team@appwrite.io'. You should choose an email address that is allowed to be used from your SMTP server to avoid the server email ending in the users' SPAM folders.

_APP_SYSTEM_RESPONSE_FORMAT

version >= 0.7.0

Use this environment variable to set the default Appwrite HTTP response format to support an older version of Appwrite. This option is useful to overcome breaking changes between versions. You can also use the X-Appwrite-Response-Format HTTP request header to overwrite the response for a specific request. This variable accepts any valid Appwrite version. To use the current version format, leave the value of the variable empty.

_APP_SYSTEM_SECURITY_EMAIL_ADDRESS

version >= 0.7.0

This is the email address used to issue SSL certificates for custom domains or the user agent in your webhooks payload.

_APP_USAGE_STATS

version >= 0.7.0

This variable allows you to disable the collection and displaying of usage stats. This value is set to 'enabled' by default, to disable the usage stats set the value to 'disabled'. When disabled, it's recommended to turn off the Worker Usage, Influxdb and Telegraf containers for better resource usage.

_APP_LOGGING_PROVIDER

version >= 0.12.0

This variable allows you to enable logging errors to 3rd party providers. This value is empty by default, to enable the logger set the value to one of 'sentry', 'raygun', 'appsignal', 'logowl'

_APP_LOGGING_CONFIG

version >= 0.12.0

This variable configures authentication to 3rd party error logging providers. If using Sentry, this should be 'SENTRY_API_KEY;SENTRY_APP_ID'. If using Raygun, this should be Raygun API key. If using AppSignal, this should be AppSignal API key. If using LogOwl, this should be LogOwl Service Ticket.

_APP_USAGE_AGGREGATION_INTERVAL

version >= 0.10.0

Interval value containing the number of seconds that the Appwrite usage process should wait before aggregating stats and syncing it to mariadb from InfluxDB. The default value is 30 seconds.

_APP_WORKER_PER_CORE

version >= 0.13.0

Internal Worker per core for the API, Realtime and Executor containers. Can be configured to optimize performance.

Redis

Appwrite uses a Redis server for managing cache, queues and scheduled tasks. The Redis env vars are used to allow Appwrite server to connect to the Redis container.

Name Description
_APP_REDIS_HOST

Redis server hostname address. Default value is: 'redis'.

_APP_REDIS_PORT

Redis server TCP port. Default value is: '6379'.

_APP_REDIS_USER

version >= 0.7

Redis server user. This is an optional variable. Default value is an empty string.

_APP_REDIS_PASS

version >= 0.7

Redis server password. This is an optional variable. Default value is an empty string.

MariaDB

Appwrite is using a MariaDB server for managing persistent database data. The MariaDB env vars are used to allow Appwrite server to connect to the MariaDB container.

Name Description
_APP_DB_HOST

MariaDB server host name address. Default value is: 'mariadb'.

_APP_DB_PORT

MariaDB server TCP port. Default value is: '3306'.

_APP_DB_SCHEMA

MariaDB server database schema. Default value is: 'appwrite'.

_APP_DB_USER

MariaDB server user name. Default value is: 'user'.

_APP_DB_PASS

MariaDB server user password. Default value is: 'password'.

_APP_DB_ROOT_PASS

MariaDB server root password. Default value is: 'rootsecretpassword'.

InfluxDB

Appwrite uses an InfluxDB server for managing time-series data and server stats. The InfluxDB env vars are used to allow Appwrite server to connect to the InfluxDB container.

Name Description
_APP_INFLUXDB_HOST

InfluxDB server host name address. Default value is: 'influxdb'.

_APP_INFLUXDB_PORT

InfluxDB server TCP port. Default value is: '8086'.

StatsD

Appwrite uses a StatsD server for aggregating and sending stats data over a fast UDP connection. The StatsD env vars are used to allow Appwrite server to connect to the StatsD container.

Name Description
_APP_STATSD_HOST

StatsD server host name address. Default value is: 'telegraf'.

_APP_STATSD_PORT

StatsD server TCP port. Default value is: '8125'.

SMTP

Appwrite is using an SMTP server for emailing your projects users and server admins. The SMTP env vars are used to allow Appwrite server to connect to the SMTP container.\n\nIf running in production, it might be easier to use a 3rd party SMTP server as it might be a little more difficult to set up a production SMTP server that will not send all your emails into your user's SPAM folder.

Name Description
_APP_SMTP_HOST

SMTP server host name address. Use an empty string to disable all mail sending from the server. The default value for this variable is an empty string

_APP_SMTP_PORT

SMTP server TCP port. Empty by default.

_APP_SMTP_SECURE

SMTP secure connection protocol. Empty by default, change to 'tls' if running on a secure connection.

_APP_SMTP_USERNAME

SMTP server user name. Empty by default.

_APP_SMTP_PASSWORD

SMTP server user password. Empty by default.

Storage

Name Description
_APP_STORAGE_LIMIT

version >= 0.7.0

Maximum file size allowed for file upload. The default value is 30MB. You should pass your size limit value in bytes.

_APP_STORAGE_PREVIEW_LIMIT

version >= 0.13.4

Maximum file size allowed for file image preview. The default value is 20MB. You should pass your size limit value in bytes.

_APP_STORAGE_ANTIVIRUS

This variable allows you to disable the internal anti-virus scans. This value is set to 'disabled' by default, to enable the scans set the value to 'enabled'. Before enabling, you must add the ClamAV service and depend on it on main Appwrite service.

_APP_STORAGE_ANTIVIRUS_HOST

version >= 0.7.0

ClamAV server host name address. Default value is: 'clamav'.

_APP_STORAGE_ANTIVIRUS_PORT

version >= 0.7.0

ClamAV server TCP port. Default value is: '3310'.

_APP_STORAGE_DEVICE

version >= 0.13.0

Select default storage device. The default value is 'Local'. List of supported adapters are 'Local', 'S3', 'DOSpaces', 'Backblaze', 'Linode' and 'Wasabi'.

_APP_STORAGE_S3_ACCESS_KEY

version >= 0.13.0

AWS S3 storage access key. Required when the storage adapter is set to S3. You can get your access key from your AWS console

_APP_STORAGE_S3_SECRET

version >= 0.13.0

AWS S3 storage secret key. Required when the storage adapter is set to S3. You can get your secret key from your AWS console.

_APP_STORAGE_S3_REGION

version >= 0.13.0

AWS S3 storage region. Required when storage adapter is set to S3. You can find your region info for your bucket from AWS console.

_APP_STORAGE_S3_BUCKET

version >= 0.13.0

AWS S3 storage bucket. Required when storage adapter is set to S3. You can create buckets in your AWS console.

_APP_STORAGE_DO_SPACES_ACCESS_KEY

version >= 0.13.0

DigitalOcean spaces access key. Required when the storage adapter is set to DOSpaces. You can get your access key from your DigitalOcean console.

_APP_STORAGE_DO_SPACES_SECRET

version >= 0.13.0

DigitalOcean spaces secret key. Required when the storage adapter is set to DOSpaces. You can get your secret key from your DigitalOcean console.

_APP_STORAGE_DO_SPACES_REGION

version >= 0.13.0

DigitalOcean spaces region. Required when storage adapter is set to DOSpaces. You can find your region info for your space from DigitalOcean console.

_APP_STORAGE_DO_SPACES_BUCKET

version >= 0.13.0

DigitalOcean spaces bucket. Required when storage adapter is set to DOSpaces. You can create spaces in your DigitalOcean console.

_APP_STORAGE_BACKBLAZE_ACCESS_KEY

version >= 0.14.2

Backblaze access key. Required when the storage adapter is set to Backblaze. Your Backblaze keyID will be your access key. You can get your keyID from your Backblaze console.

_APP_STORAGE_BACKBLAZE_SECRET

version >= 0.14.2

Backblaze secret key. Required when the storage adapter is set to Backblaze. Your Backblaze applicationKey will be your secret key. You can get your applicationKey from your Backblaze console.

_APP_STORAGE_BACKBLAZE_REGION

version >= 0.14.2

Backblaze region. Required when storage adapter is set to Backblaze. You can find your region info from your Backblaze console.

_APP_STORAGE_BACKBLAZE_BUCKET

version >= 0.14.2

Backblaze bucket. Required when storage adapter is set to Backblaze. You can create your bucket from your Backblaze console.

_APP_STORAGE_LINODE_ACCESS_KEY

version >= 0.14.2

Linode object storage access key. Required when the storage adapter is set to Linode. You can get your access key from your Linode console.

_APP_STORAGE_LINODE_SECRET

version >= 0.14.2

Linode object storage secret key. Required when the storage adapter is set to Linode. You can get your secret key from your Linode console.

_APP_STORAGE_LINODE_REGION

version >= 0.14.2

Linode object storage region. Required when storage adapter is set to Linode. You can find your region info from your Linode console.

_APP_STORAGE_LINODE_BUCKET

version >= 0.14.2

Linode object storage bucket. Required when storage adapter is set to Linode. You can create buckets in your Linode console.

_APP_STORAGE_WASABI_ACCESS_KEY

version >= 0.14.2

Wasabi access key. Required when the storage adapter is set to Wasabi. You can get your access key from your Wasabi console.

_APP_STORAGE_WASABI_SECRET

version >= 0.14.2

Wasabi secret key. Required when the storage adapter is set to Wasabi. You can get your secret key from your Wasabi console.

_APP_STORAGE_WASABI_REGION

version >= 0.14.2

Wasabi region. Required when storage adapter is set to Wasabi. You can find your region info from your Wasabi console.

_APP_STORAGE_WASABI_BUCKET

version >= 0.14.2

Wasabi bucket. Required when storage adapter is set to Wasabi. You can create buckets in your Wasabi console.

Functions

Name Description
_APP_FUNCTIONS_SIZE_LIMIT

version >= 0.13.0

The maximum size deployment in bytes. The default value is 30MB.

_APP_FUNCTIONS_TIMEOUT

version >= 0.7.0

The maximum number of seconds allowed as a timeout value when creating a new function. The default value is 900 seconds.

_APP_FUNCTIONS_BUILD_TIMEOUT

version >= 0.13.0

The maximum number of seconds allowed as a timeout value when building a new function. The default value is 900 seconds.

_APP_FUNCTIONS_CONTAINERS

version >= 0.7.0

The maximum number of containers Appwrite is allowed to keep alive in the background for function environments. Running containers allow faster execution time as there is no need to recreate each container every time a function gets executed. The default value is 10.

_APP_FUNCTIONS_CPUS

version >= 0.7.0

The maximum number of CPU core a single cloud function is allowed to use. Please note that setting a value higher than available cores will result in a function error, which might result in an error. The default value is empty. When it's empty, CPU limit will be disabled.

_APP_FUNCTIONS_MEMORY

version >= 0.7.0

The maximum amount of memory a single cloud function is allowed to use in megabytes. The default value is empty. When it's empty, memory limit will be disabled.

_APP_FUNCTIONS_MEMORY_SWAP

version >= 0.7.0

The maximum amount of swap memory a single cloud function is allowed to use in megabytes. The default value is empty. When it's empty, swap memory limit will be disabled.

_APP_FUNCTIONS_RUNTIMES

version >= 0.8.0

This option allows you to limit the available environments for cloud functions. This option is very useful for low-cost servers to safe disk space.

To enable/activate this option, pass a list of allowed environments separated by a comma.

Currently, supported environments are: node-14.5, node-15.5, node-16.0, node-17.0, php-8.0, php-8.1, ruby-3.0, ruby-3.1, python-3.8, python-3.9, python-3.10, deno-1.12, deno-1.13, deno-1.14, dart-2.12, dart-2.13, dart-2.14, dart-2.15, dart-2.16, dotnet-3.1, dotnet-6.0, java-8.0, java-11.0, java-17.0, swift-5.5, kotlin-1.6, cpp-17.0

_APP_EXECUTOR_SECRET

version >= 0.13.0

The secret key used by Appwrite to communicate with the function executor. Make sure to change this!

_APP_EXECUTOR_HOST

version >= 0.13.0

The host used by Appwrite to communicate with the function executor!

_APP_EXECUTOR_RUNTIME_NETWORK

version >= 0.13.0

Deprecated with 0.14.0, use 'OPEN_RUNTIMES_NETWORK' instead!

_APP_FUNCTIONS_ENVS

version >= 0.7.0

Deprecated with 0.8.0, use '_APP_FUNCTIONS_RUNTIMES' instead!

_APP_FUNCTIONS_INACTIVE_THRESHOLD

version >= 0.13.0

The minimum time a function can be inactive before it's container is shutdown and put to sleep. The default value is 60 seconds

DOCKERHUB_PULL_USERNAME

version >= 0.10.0

The username for hub.docker.com. This variable is used to pull images from hub.docker.com.

DOCKERHUB_PULL_PASSWORD

version >= 0.10.0

The password for hub.docker.com. This variable is used to pull images from hub.docker.com.

DOCKERHUB_PULL_EMAIL

version >= 0.10.0

The email for hub.docker.com. This variable is used to pull images from hub.docker.com.

OPEN_RUNTIMES_NETWORK

version >= 0.13.0

The docker network used for communication between the executor and runtimes. Change this if you have altered the default network names.

Maintenance

Name Description
_APP_MAINTENANCE_INTERVAL

version >= 0.7.0

Interval value containing the number of seconds that the Appwrite maintenance process should wait before executing system cleanups and optimizations. The default value is 86400 seconds (1 day).

_APP_MAINTENANCE_RETENTION_EXECUTION

version >= 0.7.0

The maximum duration (in seconds) upto which to retain execution logs. The default value is 1209600 seconds (14 days).

_APP_MAINTENANCE_RETENTION_AUDIT

version >= 0.7.0

IThe maximum duration (in seconds) upto which to retain audit logs. The default value is 1209600 seconds (14 days).

_APP_MAINTENANCE_RETENTION_ABUSE

version >= 0.7.0

The maximum duration (in seconds) upto which to retain abuse logs. The default value is 86400 seconds (1 day).