Environment Variables
Enviroment Variable | Description | Default Value |
---|---|---|
APP_SITE_URL | Site URL. e.g. https://example.com , https://example.com:8080 | |
MONGO_URI | URI to connect to MongoDB. | mongodb://localhost/growi |
PASSWORD_SEED | A password seed used by the password hash generator. | |
SECRET_TOKEN | A secret key for verifying the integrity of signed cookies. | |
SESSION_NAME | The name of the session ID cookie to set in the response by Express. | connect.sid |
FORCE_WIKI_MODE | Forces wiki mode. | undefined |
: undefined Publicity will be configured by the admin security page settings | ||
: public Forces all pages to become public | ||
: private Forces all pages to become private | ||
DISABLE_LINK_SHARING | Disable link sharing feature | false |
FORMAT_NODE_LOG | If false , Output server log as JSON. (Enabled only when NODE_ENV=production ) | true |
USER_UPPER_LIMIT | (TBD) | |
MIN_PASSWORD_LENGTH | Minimum password length that users can set. | 8 |
DEFAULT_EMAIL_PUBLISHED | Default setting for publishing new user email addresses. | true |
SSR_MAX_REVISION_BODY_LENGTH | Maximum number of characters for the body to be Server Side Rendered (SSR). Pages with a body length exceeding this value will no longer be SSR, but will still be rendered on the client side without any issues. | 3000 |
S2CMSG_PUBSUB_CONNECTIONS_LIMIT | Maximum number of connections for all clients that receive push messages. | 5000 |
S2CMSG_PUBSUB_CONNECTIONS_LIMIT_FOR_GUEST | Maximum number of connections for guest clients that receive push messages. | 2000 |
S2CMSG_PUBSUB_CONNECTIONS_LIMIT_FOR_ADMIN | Maximum number of connections for admin users in admin pages. (This is isolated from S2CMSG_PUBSUB_CONNECTIONS_LIMIT ) | 100 |
AUDIT_LOG_ENABLED | If true , the Audit Log feature is enabled | false |
ACTIVITY_EXPIRATION_SECONDS | Number of seconds to keep the audit log. Audit logs are automatically deleted after a set number of seconds have elapsed since they were created. | 2592000 |
AUDIT_LOG_ACTION_GROUP_SIZE | Size of action groups to be collected in the audit log (can be SMALL , MEDIUM , or LARGE ) | SMALL |
AUDIT_LOG_ADDITIONAL_ACTIONS | Add individual actions not included in the action group specified by AUDIT_LOG_ACTION_GROUP_SIZE , in CSV format (comma-separated string). | |
AUDIT_LOG_EXCLUDE_ACTIONS | Exclude individual actions in the action group specified by AUDIT_LOG_ACTION_GROUP_SIZE , in CSV format (comma-separated string). | |
TRUST_PROXY_BOOL | A boolean that can be set to the trust proxy settings for Express (opens new window) prioritized than TRUST_PROXY_CSV and TRUST_PROXY_HOPS . | |
TRUST_PROXY_CSV | A CSV value that can be set to the trust proxy settings for Express (opens new window) prioritized than TRUST_PROXY_HOPS . | |
TRUST_PROXY_HOPS | A number value that can be set to the trust proxy settings for Express (opens new window). | |
Option for file uploading | ||
FILE_UPLOAD | Attached files storage. | aws |
: aws Amazon Web Service S3 (needs AWS settings on Admin page) | ||
: gcs Google Cloud Storage (needs settings with environment variables) | ||
: mongodb MongoDB GridFS (Setting-less) | ||
: local Server's Local file system (Setting-less) | ||
: none Disable file uploading | ||
FILE_UPLOAD_DISABLED | If true , file uploading will be disabled. However, the files can be still viewed. | false |
MAX_FILE_SIZE | The maximum file size limit for uploads (bytes). | Infinity |
FILE_UPLOAD_TOTAL_LIMIT | Total capacity limit for uploads (bytes). | Infinity |
S3_OBJECT_ACL | Object ACL. (Reference: Canned ACL (opens new window)) Set private to disable. (Recommended) | public-read |
S3_LIFETIME_SEC_FOR_TEMPORARY_URL | Time to keep the cache of signed URLs (number of seconds) | 120 |
GCS_API_KEY_JSON_PATH | Path of the JSON file that contains service account key to authenticate to GCP API (opens new window) | |
GCS_BUCKET | Name of the GCS bucket | |
GCS_UPLOAD_NAMESPACE | Directory name to create in the bucket | |
GCS_LIFETIME_SEC_FOR_TEMPORARY_URL | Time to keep the cache of signed URLs (number of seconds) | 120 |
GCS_REFERENCE_FILE_WITH_RELAY_MODE | If true , the GROWI server sends the attachment data (relay mode). In the case of false (default value), the users download data from GCS directly by Signed URLs (opens new window) created by the server. | false |
GCS_USES_ONLY_ENV_VARS_FOR_SOME_OPTIONS | Prioritize env vars over values in DB for some GCS options. | false |
AZURE_TEANANT_ID | ID of the application's Microsoft Entra tenant. | |
AZURE_CLIENT_ID | ID of a Microsoft Entra application. | |
AZURE_CLIENT_SECRET | One of the application's client secrets. | |
AZURE_STORAGE_ACCOUNT_NAME | Storage Account Name | |
AZURE_STORAGE_CONTAINER_NAME | Container Name | |
AZURE_LIFETIME_SEC_FOR_TEMPORARY_URL | Time to keep the cache of signed URLs (number of seconds) | 120 |
AZURE_REFERENCE_FILE_WITH_RELAY_MODE | If true , the GROWI server sends the attachment data (relay mode). In the case of false (default value), the users download data from Azure(Blob) directly by Shared Access Signatured URLs (opens new window) created by the server. | false |
AZURE_USES_ONLY_ENV_VARS_FOR_SOME_OPTIONS | Prioritize env vars over values in DB for some Azure(Blob) options. | false |
Option for full-text search | ||
ELASTICSEARCH_URI | URI to connect to Elasticsearch. | |
ELASTICSEARCH_VERSION | Elasticsearch major version that system connects to. (7 or 8 can be specified) | 8 |
ELASTICSEARCH_MAX_BODY_LENGTH_TO_INDEX | The maximum number of characters per page to create an index. Pages with a body length exceeding this value will not be indexed. | 100000 |
ELASTICSEARCH_REINDEX_BULK_SIZE | The number of page documents to process at once when reindexing | 100 |
ELASTICSEARCH_REINDEX_ON_BOOT | Recreate the index on system boot | false |
ELASTICSEARCH_REQUEST_TIMEOUT | Timeout for requests to the Elasticsearch server (msec) | 8000 |
ELASTICSEARCH_REJECT_UNAUTHORIZED | Turn off certificate verification when connecting with HTTPS schema. | false |
Option to integrate with external systems | ||
REDIS_URI | URI to connect to Redis (use it as a session store instead of MongoDB). | |
NCHAN_URI | URI to connect to Nginx Nchan (opens new window) server. | |
HACKMD_URI | URI to connect to HackMD(CodiMD) (opens new window) server. | |
This server must load the GROWI agent. Here's how to prepare it. | ||
HACKMD_URI_FOR_SERVER | URI to connect to HackMD(CodiMD) (opens new window) server from GROWI Express server. If not set, HACKMD_URI will be used. | |
PLANTUML_URI | URI to connect to PlantUML (opens new window) server. | |
DRAWIO_URI | URI to connect to diagrams.net(draw.io) (opens new window) server. | |
S2SMSG_PUBSUB_SERVER_TYPE | ||
: nchan Nginx Nchan (opens new window) | ||
: redis (Not implemented yet) | ||
S2SMSG_PUBSUB_NCHAN_PUBLISH_PATH | Publisher endpoint path for Nchan server | /pubsub |
S2SMSG_PUBSUB_NCHAN_SUBSCRIBE_PATH | Subscriber endpoint path for Nchan server | /pubsub |
S2SMSG_PUBSUB_NCHAN_CHANNEL_ID | The channel ID to connect to Nchan server | |
PROMSTER_ENABLED | Enable Promster (opens new window) server | false |
PROMSTER_PORT | The port to launch Promster server | 7788 |
SLACKBOT_TYPE | Type of Slack Bot to use when linking with Slack | |
SLACKBOT_WITHOUT_PROXY_SIGNING_SECRET | Signing Secret string used for Custom Bot without proxy environment | |
SLACKBOT_WITHOUT_PROXY_BOT_TOKEN | Bot Token string used for Custom Bot without proxy environment | |
SLACKBOT_WITH_PROXY_PROXY_URI | URI of slackbot-proxy server used for Custom Bot with proxy environment | |
SLACKBOT_WITH_PROXY_SALT_FOR_GTOP | Salt (for GROWI to Proxy) when generating tokens for the Official Bot or Custom Bot with proxy environment | gtop |
SLACKBOT_WITH_PROXY_SALT_FOR_PTOG | Salt (for GROWI to Proxy) when generating tokens for the Official Bot or Custom Bot with proxy environment | ptog |
Option (Overwritable in admin page) | ||
APP_SITE_URL_USES_ONLY_ENV_VARS | Prioritize env vars over values in DB for Site URL | false |
FILE_UPLOAD_USES_ONLY_ENV_VAR_FOR_FILE_UPLOAD_TYPE | Prioritize env var over value in DB for File Upload Type | false |
LOCAL_STRATEGY_ENABLED | Enable or disable ID/Pass login | |
LOCAL_STRATEGY_USES_ONLY_ENV_VARS_FOR_SOME_OPTIONS | Prioritize env vars over values in DB for some ID/Pass login options | false |
SAML_ENABLED | Enable or disable SAML | |
SAML_USES_ONLY_ENV_VARS_FOR_SOME_OPTIONS | Prioritize env vars over values in DB for some SAML options | false |
SAML_ENTRY_POINT | IdP entry point | |
SAML_ISSUER | Issuer string to supply to IdP | |
SAML_ATTR_MAPPING_ID | Attribute map for ID | |
SAML_ATTR_MAPPING_USERNAME | Attribute map for username | |
SAML_ATTR_MAPPING_MAIL | Attribute map for email | |
SAML_ATTR_MAPPING_FIRST_NAME | Attribute map for first name | |
SAML_ATTR_MAPPING_LAST_NAME | Attribute map for last name | |
SAML_CERT | PEM-encoded X.509 signing certificate string to validate the response from IdP | |
OAUTH_GOOGLE_CLIENT_ID | Google API client ID for OAuth login. | |
OAUTH_GOOGLE_CLIENT_SECRET | Google API client secret for OAuth login. | |
OAUTH_GITHUB_CLIENT_ID | GitHub API client ID for OAuth login. | |
OAUTH_GITHUB_CLIENT_SECRET | GitHub API client secret for OAuth login. | |
OAUTH_TWITTER_CONSUMER_KEY | Twitter consumer key(API key) for OAuth login. | |
OAUTH_TWITTER_CONSUMER_SECRET | Twitter consumer secret(API secret) for OAuth login. |