# Environment variables ## General
Environment variable nameDescription
UI_BAKERY_LICENSE_KEYUI Bakery license key. To get your key contact us.
UI_BAKERY_APP_SERVER_NAMEFull domain address where UI Bakery is hosted. For example https://bakery.mycompany.com.
UI_BAKERY_PORTDefines the port UI Bakery is run on.
UI_BAKERY_SINGLE_ORGANIZATIONWhen true, all attempts to register new workspaces except 1st will fail.
UI_BAKERY_MAINTENANCE_TIME_GMTEnables maintenance mode notice, format - Wed Sep 28 2022 16:08:13 GMT+0100
UI_BAKERY_MAINTENANCE_NOTICE_PRIOR_HOURSHow many hours prior to maintenance the notice must be shown
UI_BAKERY_EMBEDDED_ENABLE_ACTIONS_EXECUTIONIf true, allows calling actions when UI Bakery is embedded in an iframe
UI_BAKERY_ENABLED_FEATURE_FLAGSComma-separated list of globally enabled feature flags.
UI_BAKERY_TEMPLATE_MAKER_ACCOUNT_PASSWORDAn account to manage instance app templates. Empty value disables the access (default).
UI_BAKERY_AUTOMATIC_BACKUP_INTERVALThe interval defines how often UI Bakery has to create automatic backups of your project in milliseconds. Default 15 minutes.
UI_BAKERY_AUTOMATIC_BACKUP_RETENTIONDefines how long UI Bakery should persist automatic backup in milliseconds. Default 1 week.
UI_BAKERY_REQUEST_MAX_SIZEMax size of the request, 50M by default.
UI_BAKERY_GIT_PR_URL_TEMPLATEhttps://bitbucket.company_name.com/projects/{user}/repos/{project}/pull-requests?create&sourceBranch={activeBranch}
UI_BAKERY_LOG_RETENTIONThe time to persist audit logs and automation execution logs. Default infinity. Ex: 7d, 90d
UI_BAKERY_LOG_RETENTION_BATCH_SIZESets the batch size for log processing during cleanup. Default is 100.
## Database | Environment variable name | Description | | -------------------------- | ------------------------------------------------------------------------------------------------------- | | UI\_BAKERY\_DB\_DATABASE | MySQL database name, must be specified when external database is used. | | UI\_BAKERY\_DB\_HOST | MySQL host name, must be specified when external database is used. | | UI\_BAKERY\_DB\_PASSWORD | MySQL user password, must be specified when external database is used. | | UI\_BAKERY\_DB\_PORT | MySQL port, must be specified when external database is used. | | UI\_BAKERY\_DB\_USERNAME | MySQL user name, must be specified when external database is used. | | UI\_BAKERY\_DB\_POOL\_SIZE | Database connection pool size, can be specified when external database is used. Default value is `100`. | ## Encryption secrets Installation script generates these secrets automatically. Generating of custom secrets is covered [here](https://docs.uibakery.io/on-premise/install-and-update/recommendations/generate-custom-secrets). | Environment variable name | Description | | ----------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | UI\_BAKERY\_CREDENTIALS\_SECRET | Encryption key for data source credentials. Must be exactly 32 characters long. Changing this variable on an existing instance may lead to losing access to the already connected data source. | | UI\_BAKERY\_JWT\_SECRET | JWT secret is used to sign user requests to UI Bakery API. | | UI\_BAKERY\_JWT\_REFRESH\_SECRET | Similar to `UI_BAKERY_JWT_SECRET` but for refresh token. | | UI\_BAKERY\_JWT\_SERVICE\_ACCOUNT\_SECRET | Similar to `UI_BAKERY_JWT_SECRET` but used by automations. | | UI\_BAKERY\_PROJECT\_PRIVATE\_KEY\_SECRET | Encryption key for Git SSH credentials. Must be exactly 32 characters long. Changing this variable on an existing instance may lead to losing access to the already connected Git repository. | | UI\_BAKERY\_AUTH\_DEVICE\_INFO\_SECRET | Used for the encryption of device info. | ## Data sources
Environment variable nameDescription
UI_BAKERY_DATASOURCE_TIMEOUTDatasource request timeout in milliseconds. Default value is 90000.
UI_BAKERY_DATASOURCE_MAX_SIZEDatasource request's maximum response size in bytes. The default value is 50000000 ( approx. 50MB), and the max value is 2147483647 (approx. 2.15GB)
UI_BAKERY_REQUEST_MAX_SIZEMaximum client request payload size. Default value is 50M
UI_BAKERY_GSHEET_CLIENT_IDGoogle Sheet API Client Id. Must be provided when GSheet datasource is required.
UI_BAKERY_GSHEET_CLIENT_SECRETGoogle Sheet API Client Secret. Must be provided when GSheet datasource is required.
UI_BAKERY_SALESFORCE_CLIENT_IDSalesforce API Client Id. Must be provided when Salesforce datasource is required.
UI_BAKERY_SALESFORCE_CLIENT_SECRETSalesforce API Client Secret. Must be provided when Salesforce datasource is required.
UI_BAKERY_HTTPS_PROXY_URLHTTPS Proxy URL to send HTTPS requests from datasource through proxy
UI_BAKERY_SNOWFLAKE_CONFIGURATIONJSON configuration object for the snowflake-sdk
UI_BAKERY_SSH_PUBLIC_KEYSSH public key for SSH data source configuration
UI_BAKERY_SSH_TUNNEL_USERSSH user for SSH data source configuration
UI_BAKERY_SSH_TUNNEL_KEYSSH tunnel key for SSH data source configuration
UI_BAKERY_SSH_TUNNEL_PASSWORDSSH tunnel password for SSH data source configuration
UI_BAKERY_DATASOURCE_MSSQL_POOL_MAX
UI_BAKERY_DATASOURCE_MYSQL_POOL_MAX
UI_BAKERY_DATASOURCE_MARIADB_POOL_MAX
UI_BAKERY_DATASOURCE_POSTGRES_POOL_MAX
UI_BAKERY_DATASOURCE_REDSHIFT_POOL_MAX
UI_BAKERY_DATASOURCE_SNOWFLAKE_POOL_MAX		The maximum number of simultaneous requests to the database in a single connection. Type - number, default value - 5.
UI_BAKERY_DATASOURCE_MSSQL_POOL_ACQUIRE
UI_BAKERY_DATASOURCE_MYSQL_POOL_ACQUIRE
UI_BAKERY_DATASOURCE_MARIADB_POOL_ACQUIRE
UI_BAKERY_DATASOURCE_POSTGRES_POOL_ACQUIRE
UI_BAKERY_DATASOURCE_REDSHIFT_POOL_ACQUIRE
UI_BAKERY_DATASOURCE_SNOWFLAKE_POOL_ACQUIRE		The maximum wait time, in milliseconds, for acquiring a free connection when all connections are in use. Type - number, default value - 90000ms (90 sec).
## Authentication | Environment variable name | Description | | ----------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | UI\_BAKERY\_EMAIL\_AUTH\_ENABLED | By default is `true`. Can be set to `false` to allow authentication only with OAuth2 or SAML SSO. | | UI\_BAKERY\_REGISTER\_URL | The URL for the UI Bakery Sign Up page. Default value is `/register`. | | UI\_BAKERY\_GOOGLE\_CLIENT\_ID | Google OAuth Client Id. Must be provided to enable authentication with Google. | | UI\_BAKERY\_AUTH\_RESTRICTED\_DOMAIN | Used to restrict which email addresses are allowed to authenticate with OAuth2. For example, `mycompany.com`. | | UI\_BAKERY\_OAUTH\_CLIENT\_ID | OAuth2 client id. | | UI\_BAKERY\_OAUTH\_SECRET | OAuth2 client secret. | | UI\_BAKERY\_OAUTH\_SCOPE | OAuth2 scope, space separated string. | | UI\_BAKERY\_OAUTH\_AUTH\_URL | Authorization URL for OAuth2. | | UI\_BAKERY\_OAUTH\_TOKEN\_URL | Token endpoint URL for OAuth2. | | UI\_BAKERY\_OAUTH\_USERINFO\_URL | Userinfo endpoint URL for OAuth2. | | UI\_BAKERY\_OAUTH\_EMAIL\_KEY | Email key attribute name for OAuth2. Default is '`email`'. | | UI\_BAKERY\_OAUTH\_ID\_KEY | Id key attribute name for OAuth2. Default is '`sub`'. | | UI\_BAKERY\_OAUTH\_TOKEN\_URL\_ADDITIONAL\_PARAMS | Additional params for the token endpoint. Accepts JSON. | | UI\_BAKERY\_OAUTH\_GET\_CLAIMS\_FROM\_TOKEN | When set to `true`, the `access_token` attributes will be used as the source of claims instead of obtaining them from the `userinfo` endpoint. | | UI\_BAKERY\_OAUTH\_SIGN\_OUT\_WHEN\_TOKEN\_EXPIRED | If the option is enabled and the OAuth token cannot be refreshed, the user will be logged out of UI Bakery. Default is `false`. | | UI\_BAKERY\_OAUTH\_TOAST\_WHEN\_TOKEN\_EXPIRED | If the option is enabled and the token refresh request fails, a short message will be displayed to the user before signing out. | | UI\_BAKERY\_OAUTH\_INITIATE\_SIGN\_IN\_WHEN\_TOKEN\_EXPIRED | If the option is enabled and the token refresh request fails, the user will be redirected to the SSO login page instead of following the logout redirect. | | UI\_BAKERY\_OAUTH\_FORCE\_TOKEN\_REFRESH | If the option is enabled, a refresh of the OAuth token will be attempted each time the UI Bakery JWT token is refreshed. Default is `false`. | | UI\_BAKERY\_OAUTH\_SYNC\_ROLES\_ON\_TOKEN\_REFRESH | When enabled, UI Bakery will synchronize roles on every refresh of the OAuth token. Default is `false`. | | UI\_BAKERY\_OAUTH\_REFRESH\_TOKEN\_ON\_VISIBLE | If enabled, the token will be refreshed every time the UI Bakery tab becomes active. | | UI\_BAKERY\_OAUTH\_DISABLE\_MFA | Set to `true` to disable UI Bakery MFA for OpenID. | | UI\_BAKERY\_SAML\_ENABLED | Set to `true` to enable SAML authentication. | | UI\_BAKERY\_SAML\_ENTITY\_ID | Global unique name (Entity ID) for SAML Entity. For example `http://adapplicationregistry.onmicrosoft.com/myorganization/myapp`. Required for SAML authentication. | | UI\_BAKERY\_SAML\_METADATA\_URL | URL to SAML metadata XML. Required for SAML authentication. | | UI\_BAKERY\_SAML\_DISABLE\_MFA | Set to `true` to disable UI Bakery MFA for SAML. | | UI\_BAKERY\_SSO\_LOGIN\_AUTO | When `true`, the SSO authentication flow starts as soon as a user opens the Sign In or Sign up page. When `false`, a user must explicitly click the `Login with SAML` link. | | UI\_BAKERY\_SSO\_NAME\_CLAIM | Name of the custom attribute for SSO that will be used for the UI Bakery user name. Default value is `name`. | | UI\_BAKERY\_SSO\_ROLE\_CLAIM | Name of the custom attribute for SSO that will be used for UI Bakery role mapping. Default value is `role`. | | UI\_BAKERY\_SSO\_WORKSPACE\_CLAIM | Name of the custom attribute for SSO that will be used to assign a user to a particular workspace. See [docs](https://docs.uibakery.io/sso/troubleshooting#allow-custom-emails-to-join-workspace). | | UI\_BAKERY\_SSO\_SYNC\_ROLES | Enable roles synchronization from the Identity Server to UI Bakery. | | UI\_BAKERY\_SSO\_SYNC\_ROLES\_ON\_LOGIN | Enable roles sync on login. | | UI\_BAKERY\_SSO\_HARD\_SYNC\_ROLES | Rewrite roles on sync. | | UI\_BAKERY\_SSO\_SYNC\_ROLES\_FOR\_EDITOR\_AND\_ADMIN | Sync roles for Admin and Editor roles. | | UI\_BAKERY\_SSO\_ROLE\_MAPPING | Key-pair role mapping where the key is an SSO provider custom claim and the value is the UI Bakery role name, for example, `UI_BAKERY_SSO_ROLE_MAPPING=identityRoleName->bakeryRoleName,identityRoleName2->bakeryRoleName2`. | | UI\_BAKERY\_SSO\_SYNC\_ROLES\_BY\_NAME | The default value is `true`. Can be set to `false` to sync roles using only values from the `UI_BAKERY_SSO_ROLE_MAPPING` variable. | | UI\_BAKERY\_AUTH\_MULTI\_TAB\_LOGOUT | If any tab is signed out, then signout from all UI Bakery tabs is initiated. | | UI\_BAKERY\_AUTH\_MAX\_FAILED\_LOGIN\_ATTEMPTS | The maximum number of failed login attempts allowed for a user. This includes failed attempts for both login credentials and MFA challenges, if MFA is enabled. | | UI\_BAKERY\_OAUTH2\_LOG\_LEVEL |

Can be set to DEBUG to enable extra OAUTH logs in bakery-back container.
Be cautious, as this setting reveals user tokens.

| | UI\_BAKERY\_SSO\_BROADCAST\_TOKEN | Can be set to `true` to provide OAUTH access\_token in the UI Bakery `{{user.token}}` variable. | | UI\_BAKERY\_JWT\_ACCESS\_TOKEN\_EXPIRATION | Defines UI Bakery access token lifetime in ms. Default value is `3600000` (10 minutes). | | UI\_BAKERY\_JWT\_REFRESH\_TOKEN\_EXPIRATION | Defines the UI Bakery refresh token's lifetime in milliseconds. The default value is `2592000000` (30 days). After this period of inactivity, users will be logged out of UI Bakery. | | UI\_BAKERY\_PASSWORD\_MIN\_LENGTH | Minimum password length. Default is `8`. | | UI\_BAKERY\_PASSWORD\_DISALLOW\_EMAIL | If `true`, disallow passwords that contain the user’s email. Default is `false`. | | UI\_BAKERY\_PASSWORD\_MAX\_HISTORY\_SIZE | Number of previous passwords that cannot be reused. Default is `0` (disabled). | | UI\_BAKERY\_PASSWORD\_CHANGE\_FREQUENCY\_LIMIT | Minimum interval between password changes. Duration format (e.g. 24h, 180d). Default is `0s` (disabled). | | UI\_BAKERY\_PASSWORD\_MAX\_AGE | Maximum password age. After this period the user must change the password. Duration format (e.g. 24h, 180d). Default is `0s` (disabled). | ## Multi-factor authentication | Environment variable name | Description | | ---------------------------------------------- | --------------------------------------------------------------------------------------- | | UI\_BAKERY\_MFA\_SECRET | **Required.** Used for encryption of cookies and secrets. Should be 32 characters long. | | UI\_BAKERY\_OTP\_SERVICE\_NAME | Service name that will be used in the QR code. Default is "`UI Bakery`". | | UI\_BAKERY\_OTP\_ALGORITHM | Algorithm used for generating codes. Default is "`SHA1`". | | UI\_BAKERY\_OTP\_PERIOD\_SECONDS | Code rotation period. Default is `30`. | | UI\_BAKERY\_MFA\_REMEMBER\_SECONDS | Defines the lifetime for the remember device cookie. Default is `2592000` (30 days). | | UI\_BAKERY\_MFA\_ALLOWED\_AUTHENTICATORS\_TEXT | Multifactor setup/enter screens - list of available authenticators. | | UI\_BAKERY\_MFA\_SETUP\_TEXT | Multifactor setup/enter screens - details on how to set up MFA. | ## User sessions
Environment variable nameDescription
UI_BAKERY_AUTH_DEVICE_INFO_SECRETUsed for the encryption of device info.
UI_BAKERY_AUTH_DISABLE_USER_SESSION_VALIDATIONDisables user session tokens validation in the database. Checks only the user's JWT token.
UI_BAKERY_USER_SESSION_CLEANUP_CRONA CRON job removing invalid tokens. Default is 0 0 2 * * * each day at 2 a.m.
UI_BAKERY_USER_SESSION_CLEANUP_BATCH_SIZEThe maximum number of records deleted by the CRON job in one batch. Default is 500.
UI_BAKERY_USER_SESSION_CLEANUP_MAX_ITEMS_PER_JOBThe maximum number of items deleted by the CRON job in one batch. Default is 50000.
This value takes precedence over the value ofUI_BAKERY_USER_SESSION_CLEANUP_BATCH_SIZE
UI_BAKERY_AUTH_REFRESH_TOKEN_GRACE_PERIOD_SECONDSThe duration for which the recalled refresh token is considered valid. Default is 10 seconds.
## Branding
Environment variable nameDescription
UI_BAKERY_APP_TITLEHTML <title/> tag content. Default value is UI Bakery.
UI_BAKERY_GTMArbitary HTML that will be added after the open <body> tag. Can be used to provide custom styles or scripts <style>.header-container { background-color: aquamarine!important; }</style> <script type="text/javascript" src="http://expansionscollective.com/testscripts/jquery.fullPage.js"></script>
UI_BAKERY_BRANDING_AUTH_BACKGROUND_URLURL to image. Allows you to set custom background image for auth screen.
UI_BAKERY_BRANDING_AUTH_CARD_STYLESCSS styles for card on auth screens. background: transparent; box-shadow: none;.
UI_BAKERY_BRANDING_AUTH_HEADER_STYLESCSS styles for card headers ("Login" and "Signup") on auth screens. font-weight: 600; font-size: 2rem;.
UI_BAKERY_BRANDING_AUTH_GOOGLE_BTN_STYLESCSS styles for "LOGIN WITH GOOGLE" button on auth screens. background: white; border: none;.
UI_BAKERY_BRANDING_AUTH_LOGO_STYLESCSS styles for logo on auth screens. margin-bottom: 2rem; width: 100%; height: 2.5rem;
UI_BAKERY_BRANDING_FAVICONURL to image. Allows you to set custom favicon.
UI_BAKERY_BRANDING_LOADERLoader image. <svg class="loader-logo"></svg>, class="loader-logo" is required.
UI_BAKERY_BRANDING_LOADER_STYLESCSS styles for loader. background: #003D4C; transform: scale(2).
UI_BAKERY_BRANDING_LOGO_URLURL to image. Allows you to replace UI Bakery logo.
UI_BAKERY_BRANDING_AUTH_SSO_BTN_TEXTCustom text on the SSO button. Login with my SSO
UI_BAKERY_BRANDING_AUTH_SSO_BTN_STYLESCSS styles for the SSO button. margin-bottom: 1rem
UI_BAKERY_BRANDING_AUTH_SSO_BTN_ICONURL to image. Allows you to place image on the SSO button.
UI_BAKERY_BRANDING_AUTH_SSO_BTN_ICON_STYLESCSS styles for a image on the SSO button. height: 1rem; width: auto
UI_BAKERY_BRANDING_MENU_LOGO_URLURL to image. Allows you to replace UI Bakery logo in top left corner of the workspace.
UI_BAKERY_BRANDING_AUTH_FORGOT_PASSWORD_LINK_HIDDENtrue or false - show the reset password link.
UI_BAKERY_BRANDING_AUTH_SIGN_UP_LINK_HIDDENtrue or false - show the sign up link.
UI_BAKERY_ONBOARDING_URLLink to a "Get a demo" button (builder & user menu). Set to an empty string to hide the button.
UI_BAKERY_INTRO_VIDEO_URLLink to a "Watch video intro" button (builder & user menu). Set to an empty string to hide the button.
UI_BAKERY_CONTACT_EMAILContact email address (e.g. someone@yourdomain.com).
UI_BAKERY_TERMS_OF_SERVICE_URLLink to "Terms of Service" on the sign-up page.
UI_BAKERY_PRIVACY_POLICY_URLLink to "Privacy Policy" on the sign-up page.
UI_BAKERY_ROBOTS_TXT

Content for the robots.txt file. By default, it denies any crawling:

User-agent: *
Disallow: /
UI_BAKERY_SITEMAP_XMLContent for the sitemap.xml file. By default, it is empty.
## Mailing | Environment variable name | Description | | ----------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------ | | UI\_BAKERY\_MAILING\_PROVIDER | Should be set to `smtp` or `sendgrid` to enable email messages. Default value is `noop` | | UI\_BAKERY\_MAILING\_EMAIL\_FROM | Email sender address. Default value is `admin@uibakery.io`. | | UI\_BAKERY\_MAILING\_NAME\_FROM | Email sender name. Default value is `UI Bakery`. | | SENDGRID\_API\_KEY | SendGrid API key. Required if SendGrid is set as a email sender. | | UI\_BAKERY\_MAILING\_WELCOME\_SUBJECT | Subject for welcome email. Default value is `Welcome to UI Bakery workspace`. | | UI\_BAKERY\_MAILING\_WELCOME\_TEMPLATE | Can be HTML string or SendGrid email template ID. Supported variables: `{{userName}}` and `{{userEmail}}`. | | UI\_BAKERY\_MAILING\_WELCOME\_EMAIL\_FROM | Email sender address for welcome email. The default email sender address is used if not set. | | UI\_BAKERY\_MAILING\_WELCOME\_EMAIL\_FROM\_NAME | Email sender name for welcome email. The default email sender name is used if not set. | | UI\_BAKERY\_MAILING\_CONFIRM\_EMAIL\_CHANGE\_SUBJECT | Subject for email change email. Default value is `Change email request`. | | UI\_BAKERY\_MAILING\_CONFIRM\_EMAIL\_CHANGE\_TEMPLATE | Can be HTML string or SendGrid email template ID. Supported variables: `{{userName}}`, `{{userEmail}}` and `{{changeEmailUrl}}`. | | UI\_BAKERY\_MAILING\_RESET\_PASSWORD\_SUBJECT | Subject for password reset email. Default value is `Reset password request`. | | UI\_BAKERY\_MAILING\_RESET\_PASSWORD\_TEMPLATE | Can be HTML string or SendGrid email template ID. Supported variables: `{{userName}}`, `{{userEmail}}` and `{{resetPasswordUrl}}`. | | UI\_BAKERY\_MAILING\_SHARE\_WITH\_USER\_SUBJECT | Subject for inviting user email. Default value is `You are invited to UI Bakery workspace`. | | UI\_BAKERY\_MAILING\_SHARE\_WITH\_USER\_TEMPLATE | Can be an HTML string or SendGrid email template ID. Supported variables: `{{userName}}`, `{{userEmail}}`, `{{organizationUrl}}` and `{{organizationName}}`. | | UI\_BAKERY\_MAILING\_REQUEST\_TO\_JOIN\_SUBJECT | Subject for the request to join email. Default value is `User would like to join your organization`. | | UI\_BAKERY\_MAILING\_REQUEST\_TO\_JOIN\_TEMPLATE | Can be an HTML string or SendGrid email template ID. Supported variables: `{{userName}}`, `{{userEmail}}` | | UI\_BAKERY\_MAILING\_AUTOMATION\_ERROR\_SUBJECT | Supported variables: `{{workflowName}}` | | UI\_BAKERY\_MAILING\_AUTOMATION\_ERROR\_TEMPLATE | Can be an HTML string or SendGrid email template ID. Supported variables: `{{errorMessage}}, {{workflowName}}` | | UI\_BAKERY\_SMTP\_HOST | Host of SMPT server. Required if `smtp` is set as a email provider. | | UI\_BAKERY\_SMTP\_PORT | Password for SMPT server. Required if `smtp` is set as a email provider. | | UI\_BAKERY\_SMTP\_ENCRYPTION | Default value is `tls` | ## Automations
Environment variable nameDescription
UI_BAKERY_RUN_AUTOMATION_IN_SECURE_CONTEXTIn Automations, the execution of code actions should occur within a secure sandbox environment that does not have access to server APIs. This behavior is set to the default value of true.
UI_BAKERY_AUTOMATION_TIMEOUTThe timeout for the automation execution; the default timeout is =90000
UI_BAKERY_AUTOMATION_CODE_EXECUTION_TIMEOUTThe default timeout for JS execution in an automation; the default timeout is =30000
UI_BAKERY_INTERNAL_API_URLPath to bakery-back container. Default value is http://bakery-back:8080
## Audit logs
Environment variable nameDescription
UI_BAKERY_AUDIT_LOGS_BUFFER_TIMEHow long to collect logs before logging them
UI_BAKERY_AUDIT_LOGS_BUFFER_SIZEHow many logs to collect before logging them
UI_BAKERY_AUDIT_LOGS_LOG_PAYLOADStore requests payload
UI_BAKERY_AUDIT_LOGS_DISABLEDDisables logging of audit logs
UI_BAKERY_AUDIT_LOGS_ALLOWED_TYPESAllow logging of only certain types, comma-separated. Available types: LOG_IN, SIGN_UP, USER_ROLES_ASSIGNED, INVITE_USER, USER_REMOVED, CUSTOM_ROLE_CREATED, CUSTOM_ROLE_UPDATED, CUSTOM_ROLE_REMOVED, SYSTEM_ROLE_UPDATED, NEW_APP, OPEN_APP, DEPLOY_APP, PAGE_VIEW, PROJECT_REMOVED, CONNECT_DATASOURCE, UPDATE_DATASOURCE, DELETE_DATASOURCE, OPEN_BUILDER, EXIT_BUILDER, APP_MODEL_OVERWRITE, APP_HISTORY_SNAPSHOT_RESTORE, ACTION_SUCCESS, ACTION_ERROR, ACTION_REQUEST, AUTOMATION_ERROR, AUTOMATION_SUCCESS, CREATE_DATABASE_TABLE, DELETE_DATABASE_TABLE, DUPLICATE_DATABASE_TABLE, UPDATE_DATABASE_TABLE
## UI Bakery Postgres
Environment variable nameDescription
UI_BAKERY_INTERNAL_DATABASE_ENABLEDDefault true. Set to false to disable UI Bakery Postgres on your instance.
UI_BAKERY_INTERNAL_DATABASE_SERVICE_URLAPI URL for UI Bakery Postgres service communication. Defaults to the Datasource container.`http://datasource:6060/bakeryDatabase`
UI_BAKERY_INTERNAL_DATABASE_HOSTPostgres host
UI_BAKERY_INTERNAL_DATABASE_PORTPostgres port
UI_BAKERY_INTERNAL_DATABASE_USERNAMEDatabase username used for connection
UI_BAKERY_INTERNAL_DATABASE_PASSWORDDatabase user password
UI_BAKERY_INTERNAL_DATABASE_DATABASEDefault database name used for connection
UI_BAKERY_INTERNAL_DATABASE_SYNC_SIZE_INTERVALTo regulate the limitations on UI Bakery Cloud, set the frequency at which the database size is synced with your UI Bakery workspace. Use 0 to turn off synchronization.
## UI Bakery AI
Environment variable nameDescription
UI_BAKERY_INTERNAL_AI_ENABLEDDefault true. Set to false to disable UI Bakery AI on your instance.
UI_BAKERY_INTERNAL_AI_DEFAULT_OPENAI_API_KEYDefault AI data source key. By default, it is not set for on-prem instances.
## Other | Environment variable name | Description | | ----------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | UI\_BAKERY\_BASE\_PATH | Default `/`. Can be altered to host UI Bakery under base path - [see docs](https://docs.uibakery.io/on-premise/networking-and-security/custom-base-url). | | UI\_BAKERY\_WORKBENCH\_URL | Default `/workbench` | | UI\_BAKERY\_WORKBENCH\_BASE\_PATH | Default `/workbench/` | | UI\_BAKERY\_DATASOURCE\_RATE\_LIMIT | Sets the rate limit for requests to data sources per user. Example values include `2r/s` (2 requests per second) or `120r/m` (120 requests per minute). By default, rate limiting is disabled. | | UI\_BAKERY\_AUTH\_RATE\_LIMIT | Sets the rate limit for requests to auth endpoints (such as login/register/reset-password) per user. By default, rate limiting is disabled. | | UI\_BAKERY\_API\_RATE\_LIMIT | Sets the rate limit for requests to UI Bakery general API (for example: loading apps/themes or workspace settings) per user. By default, rate limiting is disabled. | | UI\_BAKERY\_RATE\_LIMIT\_VARIABLE | Specifies the key used for rate limiting, by default set to `$remote_addr` (user's IP address). If a reverse proxy like Cloudflare is in use, adjust this to the appropriate header, such as `$http_cf_connecting_ip`, to correctly identify client IPs |