Skip to main content
Version: 2.3.0

Environment variables

Both the ToolJet server and client requires some environment variables to start running.

If you have any questions feel free to join our Slack Community or send us an email at [email protected].

ToolJet server

ToolJet host ( required )

variabledescription
TOOLJET_HOSTthe public URL of ToolJet client ( eg: https://app.tooljet.com )

Lockbox configuration ( required )

ToolJet server uses lockbox to encrypt datasource credentials. You should set the environment variable LOCKBOX_MASTER_KEY with a 32 byte hexadecimal string.

Application Secret ( required )

ToolJet server uses a secure 64 byte hexadecimal string to encrypt session cookies. You should set the environment variable SECRET_KEY_BASE.

tip

If you have openssl installed, you can run the following commands to generate the value for LOCKBOX_MASTER_KEY and SECRET_KEY_BASE.

For LOCKBOX_MASTER_KEY use openssl rand -hex 32 For SECRET_KEY_BASE use openssl rand -hex 64

Database configuration ( required )

ToolJet server uses PostgreSQL as the database.

variabledescription
PG_HOSTpostgres database host
PG_DBname of the database
PG_USERusername
PG_PASSpassword
PG_PORTport
tip

If you are using docker-compose setup, you can set PG_HOST as postgres which will be DNS resolved by docker

info

If you intend to use the DB connection url and if the connection does not support ssl. Please use the below format using the variable DATABASE_URL. postgres://username:password@hostname:port/database_name?sslmode=disable

Disable database and extension creation (optional)

ToolJet by default tries to create database based on PG_DB variable set and additionally my try to create postgres extensions. This requires the postgres user to have CREATEDB permission. If this cannot be granted you can disable this behaviour by setting PG_DB_OWNER as false and will have to manually run them.

Check for updates ( optional )

Self-hosted version of ToolJet pings our server to fetch the latest product updates every 24 hours. You can disable this by setting the value of CHECK_FOR_UPDATES environment variable to 0. This feature is enabled by default.

Comment feature enable ( optional )

Use this environment variable to enable/disable the feature that allows you to add comments on the canvas.

variablevalue
COMMENT_FEATURE_ENABLEtrue or false

Multiplayer feature enable ( optional )

Use this environment variable to enable/disable the feature that allows users to collaboratively work on the canvas.

variablevalue
ENABLE_MULTIPLAYER_EDITINGtrue or false

Marketplace

Marketplace feature enable ( optional )

Use this environment variable to enable/disable the feature that allows users to use the marketplace.

variablevalue
ENABLE_MARKETPLACE_FEATUREtrue or false

Enable Marketplace plugin developement mode ( optional )

Use this environment variable to enable/disable the developement mode that allows developers to build the plugin.

variablevalue
ENABLE_MARKETPLACE_DEV_MODEtrue or false

User Session Expiry Time (Optional)

variabledescription
USER_SESSION_EXPIRYThis variable controls the user session expiry time. By default, the session expires after 2 days. The variable expects the value in minutes. ex: USER_SESSION_EXPIRY = 120 which is 2 hours

Enable ToolJet Database ( optional )

variabledescription
ENABLE_TOOLJET_DBtrue or false
TOOLJET_DBDefault value is tooljet_db
TOOLJET_DB_HOSTdatabase host
TOOLJET_DB_USERdatabase username
TOOLJET_DB_PASSdatabase password
TOOLJET_DB_PORTdatabase port
PGRST_JWT_SECRETJWT token client provided for authentication
PGRST_HOSTpostgrest database host

Use ENABLE_TOOLJET_DB to enable/disable the feature that allows users to work with inbuilt data store to build apps with. Inorder to set it up, follow the instructions here.

tip

When this feature is enabled, the database name provided for TOOLJET_DB will be utilized to create a new database during server boot process in all of our production deploy setups. Incase you want to trigger it manually, use the command npm run db:create on ToolJet server.

info

If you intend to use the DB connection url and if the connection does not support ssl. Please use the below format using the variable TOOLJET_DB_URL. postgres://username:password@hostname:port/database_name?sslmode=disable

Server Host ( optional )

You can specify a different server for backend if it is hosted on another server.

variablevalue
SERVER_HOSTConfigure a hostname for the server as a proxy pass. If no value is set, it defaults to server.

Disable Multi-Workspace ( optional )

If you want to disable Multi-Workspace feature, set the environment variable DISABLE_MULTI_WORKSPACE to true.

If you want to hide account setup link from admin in manage user page, set the environment variable HIDE_ACCOUNT_SETUP_LINK to true, please make sure you have configured SMTP to receive welcome mail for users. Valid only if DISABLE_MULTI_WORKSPACE is not true.

Disabling signups ( optional )

Sign up is enabled only if Multi-Workspace is enabled. If you want to restrict the signups and allow new users only by invitations, set the environment variable DISABLE_SIGNUPS to true.

tip

You will still be able to see the signup page but won't be able to successfully submit the form.

Serve client as a server end-point ( optional )

By default, the SERVE_CLIENT variable will be unset and the server will serve the client at its / end-point. You can set SERVE_CLIENT to false to disable this behaviour.

Serve client at subpath

If ToolJet is hosted on a domain subpath, you can set the environment variable SUB_PATH to support it. Please note the subpath is to be set with trailing / and is applicable only when the server is serving the frontend client.

SMTP configuration ( optional )

ToolJet uses SMTP services to send emails ( Eg: invitation email when you add new users to your workspace ).

variabledescription
DEFAULT_FROM_EMAILfrom email for the email fired by ToolJet
SMTP_USERNAMEusername
SMTP_PASSWORDpassword
SMTP_DOMAINdomain or host
SMTP_PORTport

Slack configuration ( optional )

If your ToolJet installation requires Slack as a data source, you need to create a Slack app and set the following environment variables:

variabledescription
SLACK_CLIENT_IDclient id of the slack app
SLACK_CLIENT_SECRETclient secret of the slack app

Google OAuth ( optional )

If your ToolJet installation needs access to data sources such as Google sheets, you need to create OAuth credentials from Google Cloud Console.

variabledescription
GOOGLE_CLIENT_IDclient id
GOOGLE_CLIENT_SECRETclient secret

Google maps configuration ( optional )

If your ToolJet installation requires Maps widget, you need to create an API key for Google Maps API.

variabledescription
GOOGLE_MAPS_API_KEYGoogle maps API key

APM VENDOR ( optional )

Specify application monitoring vendor. Currently supported values - sentry.

variabledescription
APM_VENDORApplication performance monitoring vendor

SENTRY DNS ( optional )

variabledescription
SENTRY_DNSDSN tells a Sentry SDK where to send events so the events are associated with the correct project

SENTRY DEBUG ( optional )

Prints logs for sentry.

variabledescription
SENTRY_DEBUGtrue or false. Default value is false

Server URL ( optional)

This is used to set up for CSP headers and put trace info to be used with APM vendors.

variabledescription
TOOLJET_SERVER_URLthe URL of ToolJet server ( eg: https://server.tooljet.com )

RELEASE VERSION ( optional)

Once set any APM provider that supports segregation with releases will track it.

NODE_EXTRA_CA_CERTS (optional)

Tooljet needs to be configured for custom CA certificate to be able to trust and establish connection over https. This requires you to configure an additional env var NODE_EXTRA_CA_CERTS to have absolute path to your CA certificates. This file named cert.pem needs to be in PEM format and can have more than one certificates.

variabledescription
NODE_EXTRA_CA_CERTSabsolute path to certificate PEM file ( eg: /ToolJet/ca/cert.pem )

Disable telemetry ( optional )

Pings our server to update the total user count every 24 hours. You can disable this by setting the value of DISABLE_TOOLJET_TELEMETRY environment variable to true. This feature is enabled by default.

Password Retry Limit (Optional)

The maximum retry limit of login password for a user is by default set to 5, account will be locked after 5 unsuccessful login attempts. Use the variables mentioned below to control this behavior:

variabledescription
DISABLE_PASSWORD_RETRY_LIMIT(true/false) To disable the password retry check, if value is true then no limits for password retry
PASSWORD_RETRY_LIMITTo change the default password retry limit (5)

SSO Configurations (Optional)

Configurations for instance level SSO. Valid only if DISABLE_MULTI_WORKSPACE is not true.

variabledescription
SSO_GOOGLE_OAUTH2_CLIENT_IDGoogle OAuth client id
SSO_GIT_OAUTH2_CLIENT_IDGitHub OAuth client id
SSO_GIT_OAUTH2_CLIENT_SECRETGitHub OAuth client secret
SSO_GIT_OAUTH2_HOSTGitHub OAuth host name if GitHub is self hosted
SSO_ACCEPTED_DOMAINScomma separated email domains that supports SSO authentication
SSO_DISABLE_SIGNUPSDisable user sign up if authenticated user does not exist

ToolJet client

Server URL ( optionally required )

This is required when client is built separately.

variabledescription
TOOLJET_SERVER_URLthe URL of ToolJet server ( eg: https://server.tooljet.com )

Server Port ( optional)

This could be used to for local development, it will set the server url like so: http://localhost:<TOOLJET_SERVER_PORT>

variabledescription
TOOLJET_SERVER_PORTthe port of ToolJet server ( eg: 3000 )

Asset path ( optionally required )

This is required when the assets for the client are to be loaded from elsewhere (eg: CDN). This can be an absolute path, or relative to main HTML file.

variabledescription
ASSET_PATHthe asset path for the website ( eg: https://app.tooljet.com/)

Serve client as a server end-point ( optional )

By default the client build will be done to be served with ToolJet server. If you intend to use client separately then can set SERVE_CLIENT to false.

PostgREST server (Optional)

variabledescription
PGRST_JWT_SECRETJWT token client provided for authentication
PGRST_DB_URIdatabase connection string for tooljet database
PGRST_LOG_LEVELinfo

If you intent to make changes in the above configuration. Please refer PostgREST configuration docs.

tip

If you have openssl installed, you can run the following command openssl rand -hex 32 to generate the value for PGRST_JWT_SECRET.

If this parameter is not specified then PostgREST refuses authentication requests.

info

Please make sure that DB_URI is given in the format postgrest://[USERNAME]:[PASSWORD]@[HOST]:[PORT]/[DATABASE]