# VARIABLE = val# More information: https://langfuse.com/docs/deployment/self-host # When adding additional environment variables, the schema in "/src/env.mjs" # should be updated accordingly. # Prisma # https://www.prisma.io/docs/reference/database-reference/connection-urls#env # DATABASE_URL supports pooled connections, but then you need to set DIRECT_URL DATABASE_URL=postgresql://vasceannie:squirtle123456@192.168.50.210:5432/sandbox?schema=pgce27jc2uf9rmy DIRECT_URL=postgresql://vasceannie:squirtle123456@192.168.50.210:5432/sandbox?schema=pgce27jc2uf9rmy # SHADOW_DATABASE_URL= # optional, set to true to disable automated database migrations on Docker start # LANGFUSE_AUTO_POSTGRES_MIGRATION_DISABLED= # Next Auth # NEXTAUTH_URL does not need to be set when deploying on Vercel NEXTAUTH_URL=http://fuse.lab # For each of these, you can generate a new secret on the command line with: # openssl rand -base64 32 NEXTAUTH_SECRET=xYoFVQKTvS1MJroEB4YtaV+4KqdfgjbgeXI/2AxEcjM= # https://next-auth.js.org/configuration/options#secret SALT=dba1604d7203e28d9f66220b675b623a11fb2adb19b6bdf780cc7ffb4dc19647 # salt used to hash api keys # API level encryption for sensitive data # Must be 256 bits, 64 string characters in hex format, generate via: openssl rand -hex 32 ENCRYPTION_KEY=5d6e52ef4eebcb3428c9bc9ee91166af80879ad526c193e85349e8ed6c7cec7e # Use CSP headers to enforce HTTPS, optional LANGFUSE_CSP_ENFORCE_HTTPS=false # Configure base path for self-hosting, optional # Note: You need to build the docker image with the base path set and cannot use the pre-built docker image if you set this. # NEXT_PUBLIC_BASE_PATH="/app" # Docker only, optional # PORT=3000 # HOSTNAME=localhost # Opentelemetry, optional OTEL_EXPORTER_OTLP_ENDPOINT="http://otel-collector:4318" OTEL_SERVICE_NAME="langfuse" # Default role for users who sign up, optional, can be org or org+project # LANGFUSE_DEFAULT_ORG_ID= # LANGFUSE_DEFAULT_ORG_ROLE= # LANGFUSE_DEFAULT_PROJECT_ID= # LANGFUSE_DEFAULT_PROJECT_ROLE= # Logging, optional # LANGFUSE_LOG_LEVEL=info # LANGFUSE_LOG_FORMAT=text # Enable experimental features, optional LANGFUSE_ENABLE_EXPERIMENTAL_FEATURES=true # Auth, optional configuration # AUTH_DOMAINS_WITH_SSO_ENFORCEMENT=domain1.com,domain2.com # AUTH_IGNORE_ACCOUNT_FIELDS=foo,bar # AUTH_DISABLE_USERNAME_PASSWORD=true # AUTH_DISABLE_SIGNUP=true # AUTH_SESSION_MAX_AGE=43200 # 30 days in minutes (default) # SSO, each group is optional # AUTH_GOOGLE_CLIENT_ID= # AUTH_GOOGLE_CLIENT_SECRET= # AUTH_GOOGLE_ALLOW_ACCOUNT_LINKING=false # AUTH_GOOGLE_ALLOWED_DOMAINS=langfuse.com,google.com # optional allowlist of workspace domains that can sign in via Google # AUTH_GOOGLE_CLIENT_AUTH_METHOD= # AUTH_GOOGLE_CHECKS= # AUTH_GITHUB_CLIENT_ID= # AUTH_GITHUB_CLIENT_SECRET= # AUTH_GITHUB_ALLOW_ACCOUNT_LINKING=false # AUTH_GITHUB_CLIENT_AUTH_METHOD= # AUTH_GITHUB_CHECKS= # AUTH_GITHUB_ENTERPRISE_CLIENT_ID= # AUTH_GITHUB_ENTERPRISE_CLIENT_SECRET= # AUTH_GITHUB_ENTERPRISE_BASE_URL= # AUTH_GITHUB_ENTERPRISE_ALLOW_ACCOUNT_LINKING=false # AUTH_GITHUB_ENTERPRISE_CLIENT_AUTH_METHOD= # AUTH_GITHUB_ENTERPRISE_CHECKS= # AUTH_GITLAB_CLIENT_ID= # AUTH_GITLAB_CLIENT_SECRET= # AUTH_GITLAB_ALLOW_ACCOUNT_LINKING=false # AUTH_GITLAB_ISSUER= # AUTH_GITLAB_CLIENT_AUTH_METHOD= # AUTH_GITLAB_CHECKS= # AUTH_GITLAB_URL= # AUTH_AZURE_AD_CLIENT_ID= # AUTH_AZURE_AD_CLIENT_SECRET= # AUTH_AZURE_AD_TENANT_ID= # AUTH_AZURE_AD_ALLOW_ACCOUNT_LINKING=false # AUTH_AZURE_AD_CLIENT_AUTH_METHOD= # AUTH_AZURE_AD_CHECKS= # AUTH_OKTA_CLIENT_ID= # AUTH_OKTA_CLIENT_SECRET= # AUTH_OKTA_ISSUER= # AUTH_OKTA_ALLOW_ACCOUNT_LINKING=false # AUTH_OKTA_CLIENT_AUTH_METHOD= # AUTH_OKTA_CHECKS= # AUTH_AUTH0_CLIENT_ID= # AUTH_AUTH0_CLIENT_SECRET= # AUTH_AUTH0_ISSUER= # AUTH_AUTH0_ALLOW_ACCOUNT_LINKING=false # AUTH_AUTH0_CLIENT_AUTH_METHOD= # AUTH_AUTH0_CHECKS= # AUTH_COGNITO_CLIENT_ID= # AUTH_COGNITO_CLIENT_SECRET= # AUTH_COGNITO_ISSUER= # AUTH_COGNITO_ALLOW_ACCOUNT_LINKING=false # AUTH_COGNITO_CLIENT_AUTH_METHOD= # AUTH_COGNITO_CHECKS= # AUTH_KEYCLOAK_CLIENT_ID= # AUTH_KEYCLOAK_CLIENT_SECRET= # AUTH_KEYCLOAK_ISSUER= # AUTH_KEYCLOAK_ALLOW_ACCOUNT_LINKING=false # AUTH_KEYCLOAK_CLIENT_AUTH_METHOD= # AUTH_KEYCLOAK_CHECKS= # AUTH_KEYCLOAK_NAME= # AUTH_WORKOS_CLIENT_ID= # AUTH_WORKOS_CLIENT_SECRET= # AUTH_WORKOS_ALLOW_ACCOUNT_LINKING=false # AUTH_WORKOS_ORGANIZATION_ID= # AUTH_WORKOS_CONNECTION_ID= # AUTH_CUSTOM_CLIENT_ID= # AUTH_CUSTOM_CLIENT_SECRET= # AUTH_CUSTOM_ISSUER= # AUTH_CUSTOM_NAME=Milk # AUTH_CUSTOM_SCOPE="openid email profile" # optional # # AUTH_CUSTOM_CLIENT_AUTH_METHOD="client_secret_basic" # optional # AUTH_CUSTOM_ALLOW_ACCOUNT_LINKING=true # AUTH_CUSTOM_ID_TOKEN=false # optional, default is true # AUTH_CUSTOM_CLIENT_AUTH_METHOD= # AUTH_CUSTOM_CHECKS= # AUTH_JUMPCLOUD_CLIENT_ID= # AUTH_JUMPCLOUD_CLIENT_SECRET= # AUTH_JUMPCLOUD_ISSUER= # AUTH_JUMPCLOUD_ALLOW_ACCOUNT_LINKING= # AUTH_JUMPCLOUD_CLIENT_AUTH_METHOD= # AUTH_JUMPCLOUD_CHECKS= # AUTH_JUMPCLOUD_SCOPE= # Transactional email, optional # Defines the email address to use as the from address. # EMAIL_FROM_ADDRESS= # Defines the connection url for smtp server. # SMTP_CONNECTION_URL= # S3 Batch Exports LANGFUSE_S3_BATCH_EXPORT_ENABLED=true LANGFUSE_S3_BATCH_EXPORT_BUCKET=langfuse LANGFUSE_S3_BATCH_EXPORT_ACCESS_KEY_ID=root LANGFUSE_S3_BATCH_EXPORT_SECRET_ACCESS_KEY=squirtle123 LANGFUSE_S3_BATCH_EXPORT_REGION=us-east-1 LANGFUSE_S3_BATCH_EXPORT_ENDPOINT=http://minio:9000 LANGFUSE_S3_BATCH_EXPORT_PREFIX=exports/ LANGFUSE_S3_BATCH_EXPORT_FORCE_PATH_STYLE=true # S3 Media Exports LANGFUSE_S3_MEDIA_UPLOAD_ENABLED=true LANGFUSE_S3_MEDIA_UPLOAD_BUCKET=langfuse LANGFUSE_S3_MEDIA_UPLOAD_ACCESS_KEY_ID=root LANGFUSE_S3_MEDIA_UPLOAD_SECRET_ACCESS_KEY=squirtle123 LANGFUSE_S3_MEDIA_UPLOAD_REGION=us-east-1 LANGFUSE_S3_MEDIA_UPLOAD_ENDPOINT=http://minio:9000 LANGFUSE_S3_MEDIA_UPLOAD_PREFIX=media/ LANGFUSE_S3_MEDIA_UPLOAD_FORCE_PATH_STYLE=true # S3 storage for events, optional, used to persist all incoming events LANGFUSE_S3_EVENT_UPLOAD_BUCKET=langfuse # Optional prefix to be used within the bucket. Must end with `/` if set LANGFUSE_S3_EVENT_UPLOAD_PREFIX=events/ # The following four options are optional and fallback to the normal SDK credential provider chain if omitted # See https://docs.aws.amazon.com/sdk-for-javascript/v3/developer-guide/setting-credentials-node.html LANGFUSE_S3_EVENT_UPLOAD_ENDPOINT=http://minio:9000 LANGFUSE_S3_EVENT_UPLOAD_REGION=us-east-1 LANGFUSE_S3_EVENT_UPLOAD_ACCESS_KEY_ID=root LANGFUSE_S3_EVENT_UPLOAD_SECRET_ACCESS_KEY=squirtle123 LANGFUSE_S3_EVENT_UPLOAD_FORCE_PATH_STYLE=true # Whether to use blob_storage_file_log table to manage blob storage events # Can be set to `false` if `event` entities are managed using lifecycle policies in the blob storage bucket. LANGFUSE_ENABLE_BLOB_STORAGE_FILE_LOG=true # Automated provisioning of default resources # LANGFUSE_INIT_ORG_ID=org-id # LANGFUSE_INIT_ORG_NAME=org-name # LANGFUSE_INIT_PROJECT_ID=project-id # LANGFUSE_INIT_PROJECT_NAME=project-name # LANGFUSE_INIT_PROJECT_PUBLIC_KEY=pk-1234567890 # LANGFUSE_INIT_PROJECT_SECRET_KEY=sk-1234567890 # LANGFUSE_INIT_USER_EMAIL=user@example.com # LANGFUSE_INIT_USER_NAME=User Name # LANGFUSE_INIT_USER_PASSWORD=password # Redis configuration # REDIS_HOST=192.168.50.210 # REDIS_PORT=6379 # REDIS_AUTH= # REDIS_USERNAME=default REDIS_CONNECTION_STRING=redis://192.168.50.210:6379/4 REDIS_ENABLE_AUTO_PIPELINING=true # Redis Cluster configuration (optional) # REDIS_CLUSTER_ENABLED=false # REDIS_CLUSTER_NODES=redis-node1:6379,redis-node2:6379,redis-node3:6379 # Redis Sentinel configuration (optional, cannot be enabled with cluster mode simultaneously) # REDIS_SENTINEL_ENABLED=false # REDIS_SENTINEL_NODES=sentinel1:26379,sentinel2:26379,sentinel3:26379 # REDIS_SENTINEL_MASTER_NAME=mymaster # REDIS_SENTINEL_USERNAME= # REDIS_SENTINEL_PASSWORD= # Cache configuration # LANGFUSE_CACHE_API_KEY_ENABLED= # LANGFUSE_CACHE_API_KEY_TTL_SECONDS= # LANGFUSE_CACHE_PROMPT_ENABLED= # LANGFUSE_CACHE_PROMPT_TTL_SECONDS= # Clickhouse configuration # CLICKHOUSE_URL= # CLICKHOUSE_CLUSTER_NAME=default # CLICKHOUSE_DB=default # CLICKHOUSE_USER= # CLICKHOUSE_PASSWORD= # CLICKHOUSE_CLUSTER_ENABLED=true # Ingestion configuration # LANGFUSE_INGESTION_QUEUE_DELAY_MS= # LANGFUSE_INGESTION_CLICKHOUSE_WRITE_BATCH_SIZE= # LANGFUSE_INGESTION_CLICKHOUSE_WRITE_INTERVAL_MS= # LANGFUSE_INGESTION_CLICKHOUSE_MAX_ATTEMPTS= ### START Enterprise Edition Configuration # Allowlisted users that can create new organizations, by default all users can create organizations # LANGFUSE_ALLOWED_ORGANIZATION_CREATORS=user1@langfuse.com,user2@langfuse.com # UI Customization Options # LANGFUSE_UI_API_HOST=https://api.example.com # LANGFUSE_UI_DOCUMENTATION_HREF=https://docs.example.com # LANGFUSE_UI_SUPPORT_HREF=https://support.example.com # LANGFUSE_UI_FEEDBACK_HREF=https://feedback.example.com # LANGFUSE_UI_LOGO_LIGHT_MODE_HREF=https://static.langfuse.com/langfuse-dev/example-logo-light-mode.png # LANGFUSE_UI_LOGO_DARK_MODE_HREF=https://static.langfuse.com/langfuse-dev/example-logo-dark-mode.png # LANGFUSE_UI_DEFAULT_MODEL_ADAPTER=Anthropic # OpenAI, Anthropic, Azure # LANGFUSE_UI_DEFAULT_BASE_URL_OPENAI=https://api.openai.com/v1 # LANGFUSE_UI_DEFAULT_BASE_URL_ANTHROPIC=https://api.anthropic.com # LANGFUSE_UI_DEFAULT_BASE_URL_AZURE_OPENAI=https://{instanceName}.openai.azure.com/openai/deployments # LANGFUSE_UI_VISIBLE_PRODUCT_MODULES= # LANGFUSE_UI_HIDDEN_PRODUCT_MODULES= ### END Enterprise Edition Configuration ### START Langfuse Cloud Config # Used for Langfuse Cloud deployments # Not recommended for self-hosted deployments as these are NOT COVERED BY SEMANTIC VERSIONING # NEXT_PUBLIC_LANGFUSE_CLOUD_REGION="US" # NEXTAUTH_COOKIE_DOMAIN=".langfuse.com" # LANGFUSE_TEAM_SLACK_WEBHOOK= # LANGFUSE_NEW_USER_SIGNUP_WEBHOOK= # Posthog (optional for analytics of web ui) # NEXT_PUBLIC_POSTHOG_HOST= # NEXT_PUBLIC_POSTHOG_KEY= # Sentry # NEXT_PUBLIC_LANGFUSE_TRACING_SAMPLE_RATE # NEXT_PUBLIC_SENTRY_DSN= # NEXT_SENTRY_ORG= # NEXT_SENTRY_PROJECT= # SENTRY_AUTH_TOKEN= # SENTRY_CSP_REPORT_URI= # Demo project that users can use to try the platform # NEXT_PUBLIC_DEMO_ORG_ID= # NEXT_PUBLIC_DEMO_PROJECT_ID= # Plain Chat # NEXT_PUBLIC_PLAIN_APP_ID= # PLAIN_AUTHENTICATION_SECRET= # PLAIN_API_KEY= # PLAIN_CARDS_API_TOKEN= # Admin API # ADMIN_API_KEY= # LANGFUSE_CACHE_MODEL_MATCH_ENABLED= # LANGFUSE_CACHE_MODEL_MATCH_TTL_SECONDS= # Rate limiting # LANGFUSE_RATE_LIMITS_ENABLED= # Free tier usage thresholds (Cloud deployments only) # Enable the queue consumer that monitors free tier usage (default: true, but requires cloud region) # QUEUE_CONSUMER_FREE_TIER_USAGE_THRESHOLD_QUEUE_IS_ENABLED=true # Enable enforcement: send emails and block orgs that exceed free tier limits (default: false) # LANGFUSE_FREE_TIER_USAGE_THRESHOLD_ENFORCEMENT_ENABLED=false # Optional BCC address for usage threshold emails (e.g., for CRM integration like HubSpot) # CLOUD_CRM_EMAIL= # Stripe # STRIPE_SECRET_KEY= # STRIPE_WEBHOOK_SIGNING_SECRET= # Betterstack Status Page # BETTERSTACK_UPTIME_API_KEY= # BETTERSTACK_UPTIME_STATUS_PAGE_ID= ### END Langfuse Cloud Config ### START Langfuse CI Config # LANGFUSE_INIT_ORG_CLOUD_PLAN= ### END Langfuse CI Configue