mirror of
https://github.com/MODSetter/SurfSense.git
synced 2026-04-25 08:46:22 +02:00
227 lines
8.6 KiB
Text
227 lines
8.6 KiB
Text
# ==============================================================================
|
|
# SurfSense Docker Configuration
|
|
# ==============================================================================
|
|
# Only variables YOU need to set are in this file.
|
|
# Database, Redis, and internal service wiring are handled automatically.
|
|
# ==============================================================================
|
|
|
|
# SurfSense version (pin to a specific version like "0.0.13.1" or use "latest")
|
|
SURFSENSE_VERSION=latest
|
|
|
|
# ------------------------------------------------------------------------------
|
|
# Core Settings
|
|
# ------------------------------------------------------------------------------
|
|
|
|
# REQUIRED: Generate a secret key with: openssl rand -base64 32
|
|
SECRET_KEY=replace_me_with_a_random_string
|
|
|
|
# Auth type: LOCAL (email/password) or GOOGLE (OAuth)
|
|
AUTH_TYPE=LOCAL
|
|
|
|
# Allow new user registrations (TRUE or FALSE)
|
|
# REGISTRATION_ENABLED=TRUE
|
|
|
|
# Document parsing service: DOCLING, UNSTRUCTURED, or LLAMACLOUD
|
|
ETL_SERVICE=DOCLING
|
|
|
|
# Embedding model for vector search
|
|
# Local: sentence-transformers/all-MiniLM-L6-v2
|
|
# OpenAI: openai://text-embedding-ada-002 (set OPENAI_API_KEY below)
|
|
# Cohere: cohere://embed-english-light-v3.0 (set COHERE_API_KEY below)
|
|
EMBEDDING_MODEL=sentence-transformers/all-MiniLM-L6-v2
|
|
|
|
# ------------------------------------------------------------------------------
|
|
# Ports (change these to avoid host conflicts — everything auto-derives)
|
|
# ------------------------------------------------------------------------------
|
|
|
|
# BACKEND_PORT=8000
|
|
# FRONTEND_PORT=3000
|
|
# ELECTRIC_PORT=5133
|
|
# FLOWER_PORT=5555
|
|
|
|
# Frontend URL used by backend for CORS and OAuth redirects.
|
|
# Auto-derived from FRONTEND_PORT for localhost. (Set explicitly for reverse proxy)
|
|
# NEXT_FRONTEND_URL=http://localhost:3000
|
|
|
|
# Backend URL for OAuth callback redirects (set when behind a reverse proxy)
|
|
# BACKEND_URL=https://api.yourdomain.com
|
|
|
|
# ------------------------------------------------------------------------------
|
|
# Frontend URL Overrides (reverse proxy / custom domains)
|
|
# ------------------------------------------------------------------------------
|
|
# These are auto-derived from the port settings above for localhost deployments.
|
|
# You only need to set these explicitly when using a reverse proxy with real
|
|
# domains (e.g. Caddy, Nginx, Cloudflare Tunnel).
|
|
#
|
|
# NEXT_PUBLIC_FASTAPI_BACKEND_URL=https://api.yourdomain.com
|
|
# NEXT_PUBLIC_ELECTRIC_URL=https://electric.yourdomain.com
|
|
|
|
# ------------------------------------------------------------------------------
|
|
# Database (defaults work out of the box, change for security)
|
|
# ------------------------------------------------------------------------------
|
|
|
|
# DB_USER=surfsense
|
|
# DB_PASSWORD=surfsense
|
|
# DB_NAME=surfsense
|
|
# DB_HOST=db
|
|
# DB_PORT=5432
|
|
|
|
# SSL mode for database connections: disable, require, verify-ca, verify-full
|
|
# DB_SSLMODE=disable
|
|
|
|
# Full DATABASE_URL override — when set, takes precedence over the individual
|
|
# DB_USER / DB_PASSWORD / DB_NAME / DB_HOST / DB_PORT settings above.
|
|
# Use this for managed databases (AWS RDS, GCP Cloud SQL, Supabase, etc.)
|
|
# DATABASE_URL=postgresql+asyncpg://user:password@your-rds-host:5432/surfsense?sslmode=require
|
|
|
|
# ------------------------------------------------------------------------------
|
|
# Redis (defaults work out of the box)
|
|
# ------------------------------------------------------------------------------
|
|
# Full Redis URL override for Celery broker, result backend, and app cache.
|
|
# Use this for managed Redis (AWS ElastiCache, Redis Cloud, etc.)
|
|
# Supports auth: redis://:password@host:port/0
|
|
# Supports TLS: rediss://:password@host:6380/0
|
|
# REDIS_URL=redis://redis:6379/0
|
|
|
|
# ------------------------------------------------------------------------------
|
|
# Electric SQL (real-time sync credentials)
|
|
# ------------------------------------------------------------------------------
|
|
# These must match on the db, backend, and electric services.
|
|
# Change for security; defaults work out of the box.
|
|
|
|
# ELECTRIC_DB_USER=electric
|
|
# ELECTRIC_DB_PASSWORD=electric_password
|
|
# Full override for pointing Electric at an external database:
|
|
# ELECTRIC_DATABASE_URL=postgresql://electric:electric_password@db:5432/surfsense?sslmode=disable
|
|
|
|
# ------------------------------------------------------------------------------
|
|
# TTS & STT (Text-to-Speech / Speech-to-Text)
|
|
# ------------------------------------------------------------------------------
|
|
|
|
# Local Kokoro TTS (default) or LiteLLM provider
|
|
TTS_SERVICE=local/kokoro
|
|
# TTS_SERVICE_API_KEY=
|
|
# TTS_SERVICE_API_BASE=
|
|
|
|
# Local Faster-Whisper STT: local/MODEL_SIZE (tiny, base, small, medium, large-v3)
|
|
STT_SERVICE=local/base
|
|
# Or use LiteLLM: openai/whisper-1
|
|
# STT_SERVICE_API_KEY=
|
|
# STT_SERVICE_API_BASE=
|
|
|
|
# ------------------------------------------------------------------------------
|
|
# Rerankers (optional, disabled by default)
|
|
# ------------------------------------------------------------------------------
|
|
|
|
# RERANKERS_ENABLED=TRUE
|
|
# RERANKERS_MODEL_NAME=ms-marco-MiniLM-L-12-v2
|
|
# RERANKERS_MODEL_TYPE=flashrank
|
|
|
|
# ------------------------------------------------------------------------------
|
|
# Google OAuth (only if AUTH_TYPE=GOOGLE)
|
|
# ------------------------------------------------------------------------------
|
|
|
|
# GOOGLE_OAUTH_CLIENT_ID=
|
|
# GOOGLE_OAUTH_CLIENT_SECRET=
|
|
|
|
# ------------------------------------------------------------------------------
|
|
# Connector OAuth Keys (uncomment connectors you want to use)
|
|
# ------------------------------------------------------------------------------
|
|
|
|
# -- Google Connectors --
|
|
# GOOGLE_CALENDAR_REDIRECT_URI=http://localhost:8000/api/v1/auth/google/calendar/connector/callback
|
|
# GOOGLE_GMAIL_REDIRECT_URI=http://localhost:8000/api/v1/auth/google/gmail/connector/callback
|
|
# GOOGLE_DRIVE_REDIRECT_URI=http://localhost:8000/api/v1/auth/google/drive/connector/callback
|
|
|
|
# -- Notion --
|
|
# NOTION_CLIENT_ID=
|
|
# NOTION_CLIENT_SECRET=
|
|
# NOTION_REDIRECT_URI=http://localhost:8000/api/v1/auth/notion/connector/callback
|
|
|
|
# -- Slack --
|
|
# SLACK_CLIENT_ID=
|
|
# SLACK_CLIENT_SECRET=
|
|
# SLACK_REDIRECT_URI=http://localhost:8000/api/v1/auth/slack/connector/callback
|
|
|
|
# -- Discord --
|
|
# DISCORD_CLIENT_ID=
|
|
# DISCORD_CLIENT_SECRET=
|
|
# DISCORD_REDIRECT_URI=http://localhost:8000/api/v1/auth/discord/connector/callback
|
|
# DISCORD_BOT_TOKEN=
|
|
|
|
# -- Atlassian (Jira & Confluence) --
|
|
# ATLASSIAN_CLIENT_ID=
|
|
# ATLASSIAN_CLIENT_SECRET=
|
|
# JIRA_REDIRECT_URI=http://localhost:8000/api/v1/auth/jira/connector/callback
|
|
# CONFLUENCE_REDIRECT_URI=http://localhost:8000/api/v1/auth/confluence/connector/callback
|
|
|
|
# -- Linear --
|
|
# LINEAR_CLIENT_ID=
|
|
# LINEAR_CLIENT_SECRET=
|
|
# LINEAR_REDIRECT_URI=http://localhost:8000/api/v1/auth/linear/connector/callback
|
|
|
|
# -- ClickUp --
|
|
# CLICKUP_CLIENT_ID=
|
|
# CLICKUP_CLIENT_SECRET=
|
|
# CLICKUP_REDIRECT_URI=http://localhost:8000/api/v1/auth/clickup/connector/callback
|
|
|
|
# -- Airtable --
|
|
# AIRTABLE_CLIENT_ID=
|
|
# AIRTABLE_CLIENT_SECRET=
|
|
# AIRTABLE_REDIRECT_URI=http://localhost:8000/api/v1/auth/airtable/connector/callback
|
|
|
|
# -- Microsoft Teams --
|
|
# TEAMS_CLIENT_ID=
|
|
# TEAMS_CLIENT_SECRET=
|
|
# TEAMS_REDIRECT_URI=http://localhost:8000/api/v1/auth/teams/connector/callback
|
|
|
|
# -- Composio --
|
|
# COMPOSIO_API_KEY=
|
|
# COMPOSIO_ENABLED=TRUE
|
|
# COMPOSIO_REDIRECT_URI=http://localhost:8000/api/v1/auth/composio/connector/callback
|
|
|
|
# ------------------------------------------------------------------------------
|
|
# External API Keys (optional)
|
|
# ------------------------------------------------------------------------------
|
|
|
|
# Firecrawl (web scraping)
|
|
# FIRECRAWL_API_KEY=
|
|
|
|
# Unstructured (if ETL_SERVICE=UNSTRUCTURED)
|
|
# UNSTRUCTURED_API_KEY=
|
|
|
|
# LlamaCloud (if ETL_SERVICE=LLAMACLOUD)
|
|
# LLAMA_CLOUD_API_KEY=
|
|
|
|
# ------------------------------------------------------------------------------
|
|
# Observability (optional)
|
|
# ------------------------------------------------------------------------------
|
|
|
|
# LANGSMITH_TRACING=true
|
|
# LANGSMITH_ENDPOINT=https://api.smith.langchain.com
|
|
# LANGSMITH_API_KEY=
|
|
# LANGSMITH_PROJECT=surfsense
|
|
|
|
# ------------------------------------------------------------------------------
|
|
# Advanced (optional)
|
|
# ------------------------------------------------------------------------------
|
|
|
|
# Periodic connector sync interval (default: 5m)
|
|
# SCHEDULE_CHECKER_INTERVAL=5m
|
|
|
|
# JWT token lifetimes
|
|
# ACCESS_TOKEN_LIFETIME_SECONDS=86400
|
|
# REFRESH_TOKEN_LIFETIME_SECONDS=1209600
|
|
|
|
# Pages limit per user for ETL (default: unlimited)
|
|
# PAGES_LIMIT=500
|
|
|
|
# Connector indexing lock TTL in seconds (default: 28800 = 8 hours)
|
|
# CONNECTOR_INDEXING_LOCK_TTL_SECONDS=28800
|
|
|
|
# Residential proxy for web crawling
|
|
# RESIDENTIAL_PROXY_USERNAME=
|
|
# RESIDENTIAL_PROXY_PASSWORD=
|
|
# RESIDENTIAL_PROXY_HOSTNAME=
|
|
# RESIDENTIAL_PROXY_LOCATION=
|
|
# RESIDENTIAL_PROXY_TYPE=1
|