DATABASE_URL=postgresql+asyncpg://postgres:postgres@localhost:5432/surfsense #Celery Config CELERY_BROKER_URL=redis://localhost:6379/0 CELERY_RESULT_BACKEND=redis://localhost:6379/0 # Optional: isolate queues when sharing Redis with other apps CELERY_TASK_DEFAULT_QUEUE=surfsense # Redis for app-level features (heartbeats, podcast markers) # Defaults to CELERY_BROKER_URL when not set REDIS_APP_URL=redis://localhost:6379/0 # Optional: TTL in seconds for connector indexing lock key # CONNECTOR_INDEXING_LOCK_TTL_SECONDS=28800 # Platform Web Search (SearXNG) # Set this to enable built-in web search. Docker Compose sets it automatically. # Only uncomment if running the backend outside Docker (e.g. uvicorn on host). # SEARXNG_DEFAULT_HOST=http://localhost:8888 # Periodic task interval # # Run every minute (default) # SCHEDULE_CHECKER_INTERVAL=1m # # Run every 5 minutes # SCHEDULE_CHECKER_INTERVAL=5m # # Run every 10 minutes # SCHEDULE_CHECKER_INTERVAL=10m # # Run every hour # SCHEDULE_CHECKER_INTERVAL=1h # # Run every 2 hours # SCHEDULE_CHECKER_INTERVAL=2h SCHEDULE_CHECKER_INTERVAL=5m # How often the Stripe reconciliation beat task runs STRIPE_RECONCILIATION_INTERVAL=10m SECRET_KEY=SECRET # JWT Token Lifetimes (optional, defaults shown) # ACCESS_TOKEN_LIFETIME_SECONDS=86400 # 1 day # REFRESH_TOKEN_LIFETIME_SECONDS=1209600 # 2 weeks NEXT_FRONTEND_URL=http://localhost:3000 # Stripe Checkout for pay-as-you-go page packs # Configure STRIPE_PRICE_ID to point at your 1,000-page price in Stripe. # Pages granted per purchase = quantity * STRIPE_PAGES_PER_UNIT. STRIPE_SECRET_KEY=sk_test_... STRIPE_WEBHOOK_SECRET=whsec_... STRIPE_PRICE_ID=price_... STRIPE_PAGES_PER_UNIT=1000 # Set FALSE to disable new checkout session creation temporarily STRIPE_PAGE_BUYING_ENABLED=TRUE # Premium token purchases via Stripe (for premium-tier model usage) # Set TRUE to allow users to buy premium token packs ($1 per 1M tokens) STRIPE_TOKEN_BUYING_ENABLED=FALSE STRIPE_PREMIUM_TOKEN_PRICE_ID=price_... STRIPE_TOKENS_PER_UNIT=1000000 # Periodic Stripe safety net for purchases left in PENDING (minutes old) STRIPE_RECONCILIATION_LOOKBACK_MINUTES=10 # Max pending purchases to check per reconciliation run STRIPE_RECONCILIATION_BATCH_SIZE=100 # Backend URL for OAuth callbacks (optional, set when behind reverse proxy with HTTPS) # BACKEND_URL=https://api.yourdomain.com # Auth AUTH_TYPE=GOOGLE or LOCAL REGISTRATION_ENABLED=TRUE or FALSE # For Google Auth Only GOOGLE_OAUTH_CLIENT_ID=924507538m GOOGLE_OAUTH_CLIENT_SECRET=GOCSV GOOGLE_PICKER_API_KEY=your-google-picker-api-key # Google Connector Specific Configurations GOOGLE_CALENDAR_REDIRECT_URI=http://localhost:8000/api/v1/auth/google/calendar/connector/callback GOOGLE_GMAIL_REDIRECT_URI=http://localhost:8000/api/v1/auth/google/gmail/connector/callback GOOGLE_DRIVE_REDIRECT_URI=http://localhost:8000/api/v1/auth/google/drive/connector/callback # Aitable OAuth Configuration AIRTABLE_CLIENT_ID=your_airtable_client_id_here AIRTABLE_CLIENT_SECRET=your_airtable_client_secret_here AIRTABLE_REDIRECT_URI=http://localhost:8000/api/v1/auth/airtable/connector/callback # ClickUp OAuth Configuration CLICKUP_CLIENT_ID=your_clickup_client_id_here CLICKUP_CLIENT_SECRET=your_clickup_client_secret_here CLICKUP_REDIRECT_URI=http://localhost:8000/api/v1/auth/clickup/connector/callback # Discord OAuth Configuration DISCORD_CLIENT_ID=your_discord_client_id_here DISCORD_CLIENT_SECRET=your_discord_client_secret_here DISCORD_REDIRECT_URI=http://localhost:8000/api/v1/auth/discord/connector/callback DISCORD_BOT_TOKEN=your_bot_token_from_developer_portal # Atlassian OAuth Configuration (Jira & Confluence) ATLASSIAN_CLIENT_ID=your_atlassian_client_id_here ATLASSIAN_CLIENT_SECRET=your_atlassian_client_secret_here JIRA_REDIRECT_URI=http://localhost:8000/api/v1/auth/jira/connector/callback CONFLUENCE_REDIRECT_URI=http://localhost:8000/api/v1/auth/confluence/connector/callback # Linear OAuth Configuration LINEAR_CLIENT_ID=your_linear_client_id_here LINEAR_CLIENT_SECRET=your_linear_client_secret_here LINEAR_REDIRECT_URI=http://localhost:8000/api/v1/auth/linear/connector/callback # Notion OAuth Configuration NOTION_CLIENT_ID=your_notion_client_id_here NOTION_CLIENT_SECRET=your_notion_client_secret_here NOTION_REDIRECT_URI=http://localhost:8000/api/v1/auth/notion/connector/callback # Slack OAuth Configuration SLACK_CLIENT_ID=your_slack_client_id_here SLACK_CLIENT_SECRET=your_slack_client_secret_here SLACK_REDIRECT_URI=http://localhost:8000/api/v1/auth/slack/connector/callback # Microsoft OAuth (Teams & OneDrive) MICROSOFT_CLIENT_ID=your_microsoft_client_id_here MICROSOFT_CLIENT_SECRET=your_microsoft_client_secret_here TEAMS_REDIRECT_URI=http://localhost:8000/api/v1/auth/teams/connector/callback ONEDRIVE_REDIRECT_URI=http://localhost:8000/api/v1/auth/onedrive/connector/callback # Dropbox Connector DROPBOX_APP_KEY=your_dropbox_app_key_here DROPBOX_APP_SECRET=your_dropbox_app_secret_here DROPBOX_REDIRECT_URI=http://localhost:8000/api/v1/auth/dropbox/connector/callback # Composio Connector # NOTE: Disable "Mask Connected Account Secrets" in Composio dashboard (Settings → Project Settings) for Google indexing to work. COMPOSIO_API_KEY=your_api_key_here COMPOSIO_ENABLED=TRUE COMPOSIO_REDIRECT_URI=http://localhost:8000/api/v1/auth/composio/connector/callback # Embedding Model # Examples: # # Get sentence transformers embeddings # embeddings = AutoEmbeddings.get_embeddings("sentence-transformers/all-MiniLM-L6-v2") # # Get OpenAI embeddings # embeddings = AutoEmbeddings.get_embeddings("openai://text-embedding-ada-002", api_key="...") # # Get Anthropic embeddings # embeddings = AutoEmbeddings.get_embeddings("anthropic://claude-v1", api_key="...") # # Get Cohere embeddings # embeddings = AutoEmbeddings.get_embeddings("cohere://embed-english-light-v3.0", api_key="...") EMBEDDING_MODEL=sentence-transformers/all-MiniLM-L6-v2 # Rerankers Config RERANKERS_ENABLED=TRUE or FALSE(Default: FALSE) RERANKERS_MODEL_NAME=ms-marco-MiniLM-L-12-v2 RERANKERS_MODEL_TYPE=flashrank # TTS_SERVICE=local/kokoro for local Kokoro TTS or # LiteLLM TTS Provider: https://docs.litellm.ai/docs/text_to_speech#supported-providers TTS_SERVICE=local/kokoro # Respective TTS Service API # TTS_SERVICE_API_KEY= # OPTIONAL: TTS Provider API Base # TTS_SERVICE_API_BASE= # STT Service Configuration # For local Faster-Whisper: local/MODEL_SIZE (tiny, base, small, medium, large-v3) STT_SERVICE=local/base # For LiteLLM STT Provider: https://docs.litellm.ai/docs/audio_transcription#supported-providers # STT_SERVICE=openai/whisper-1 # STT_SERVICE_API_KEY="" # STT_SERVICE_API_BASE= # Video presentation defaults # Maximum number of generated slides for a single video presentation. VIDEO_PRESENTATION_MAX_SLIDES=30 # Frames per second used for slide timing calculations. VIDEO_PRESENTATION_FPS=30 # Minimum duration per slide when audio is missing or very short. VIDEO_PRESENTATION_DEFAULT_DURATION_IN_FRAMES=300 # (Optional) Maximum pages limit per user for ETL services (default: `999999999` for unlimited in OSS version) PAGES_LIMIT=500 # Premium token quota per registered user (default: 5,000,000) # Applies only to models with billing_tier=premium in global_llm_config.yaml PREMIUM_TOKEN_LIMIT=5000000 # No-login (anonymous) mode — allows public users to chat without an account # Set TRUE to enable /free pages and anonymous chat API NOLOGIN_MODE_ENABLED=FALSE # Total tokens allowed per anonymous session before requiring account creation ANON_TOKEN_LIMIT=1000000 # Token count at which the UI shows a soft warning ANON_TOKEN_WARNING_THRESHOLD=800000 # Days before anonymous quota tracking expires in Redis ANON_TOKEN_QUOTA_TTL_DAYS=30 # Max document upload size for anonymous users (MB) ANON_MAX_UPLOAD_SIZE_MB=5 # Maximum tokens to reserve per LLM call for quota enforcement (safety cap) QUOTA_MAX_RESERVE_PER_CALL=8000 # Abuse prevention: max concurrent anonymous streams per IP (default: 2) ANON_MAX_CONCURRENT_STREAMS=2 # Number of chat requests per IP before Turnstile CAPTCHA is required (default: 5) ANON_CAPTCHA_REQUEST_THRESHOLD=5 # Cloudflare Turnstile CAPTCHA (https://dash.cloudflare.com/ -> Turnstile) # Set TURNSTILE_ENABLED=TRUE and provide keys to activate CAPTCHA for anonymous chat TURNSTILE_ENABLED=FALSE TURNSTILE_SECRET_KEY= # Residential Proxy Configuration (anonymous-proxies.net) # Used for web crawling, link previews, and YouTube transcript fetching to avoid IP bans. # Leave commented out to disable proxying. # RESIDENTIAL_PROXY_USERNAME=your_proxy_username # RESIDENTIAL_PROXY_PASSWORD=your_proxy_password # RESIDENTIAL_PROXY_HOSTNAME=rotating.dnsproxifier.com:31230 # RESIDENTIAL_PROXY_LOCATION= # RESIDENTIAL_PROXY_TYPE=1 FIRECRAWL_API_KEY=fcr-01J0000000000000000000000 # File Parser Service ETL_SERVICE=UNSTRUCTURED or LLAMACLOUD or DOCLING UNSTRUCTURED_API_KEY=Tpu3P0U8iy LLAMA_CLOUD_API_KEY=llx-nnn # Optional: Azure Document Intelligence accelerator (used when ETL_SERVICE=LLAMACLOUD) # AZURE_DI_ENDPOINT=https://your-resource.cognitiveservices.azure.com/ # AZURE_DI_KEY=your-key # Daytona Sandbox (isolated code execution) # DAYTONA_SANDBOX_ENABLED=FALSE # DAYTONA_API_KEY=your-daytona-api-key # DAYTONA_API_URL=https://app.daytona.io/api # DAYTONA_TARGET=us # DAYTONA_SNAPSHOT_ID= # OPTIONAL: Add these for LangSmith Observability LANGSMITH_TRACING=true LANGSMITH_ENDPOINT=https://api.smith.langchain.com LANGSMITH_API_KEY=lsv2_pt_..... LANGSMITH_PROJECT=surfsense