Environment Variables

Activepieces is configured entirely through environment variables prefixed with AP_. All variables are defined in the source code at packages/server/common/src/lib/system-props.ts.

Environment variables are read from the .env file or passed directly to the container. The .env.example file in the repository shows the minimum required configuration.

Quick Reference

Download the example configuration:

curl -O https://raw.githubusercontent.com/activepieces/activepieces/main/.env.example

Required Variables

These must be set for Activepieces to function:

AP_ENGINE_EXECUTABLE_PATH

string

required

Path to the workflow execution engineDefault: dist/packages/engine/main.jsExample:

AP_ENGINE_EXECUTABLE_PATH=dist/packages/engine/main.js

AP_ENCRYPTION_KEY

string

required

256-bit encryption key (32 hex characters) for encrypting sensitive dataGenerate:

openssl rand -hex 32

Changing this key will make existing encrypted data unreadable. Store it securely and never commit to version control.

AP_JWT_SECRET

string

required

Secret key for signing JWT authentication tokensGenerate:

openssl rand -hex 32

Changing this will invalidate all existing user sessions.

AP_FRONTEND_URL

string

required

Public URL where users access ActivepiecesExamples:

# Development
AP_FRONTEND_URL=http://localhost:8080

# Production
AP_FRONTEND_URL=https://activepieces.yourdomain.com

Database Configuration

PostgreSQL

AP_POSTGRES_DATABASE

string

default:"activepieces"

PostgreSQL database name

AP_POSTGRES_HOST

string

default:"postgres"

PostgreSQL server hostnameExamples:

# Docker Compose
AP_POSTGRES_HOST=postgres

# External server
AP_POSTGRES_HOST=db.example.com

AP_POSTGRES_PORT

number

default:"5432"

PostgreSQL server port

AP_POSTGRES_USERNAME

string

default:"postgres"

PostgreSQL username

AP_POSTGRES_PASSWORD

string

required

PostgreSQL password

Use a strong password for production deployments.

AP_POSTGRES_URL

string

PostgreSQL connection URL (alternative to individual settings)Format: postgresql://username:password@host:port/databaseExample:

AP_POSTGRES_URL=postgresql://user:pass@localhost:5432/activepieces?sslmode=require

If set, this overrides individual AP_POSTGRES_* variables.

AP_POSTGRES_USE_SSL

boolean

default:"false"

Enable SSL/TLS for PostgreSQL connection

AP_POSTGRES_USE_SSL=true

AP_POSTGRES_SSL_CA

string

Path to SSL CA certificate file

AP_POSTGRES_SSL_CA=/path/to/ca-certificate.crt

AP_POSTGRES_POOL_SIZE

number

default:"10"

PostgreSQL connection pool sizeRecommended: 10-20 for production

AP_POSTGRES_IDLE_TIMEOUT_MS

number

default:"30000"

Connection idle timeout in milliseconds

AP_DB_TYPE

enum

Database type (for advanced use cases)Options: postgres, sqlite

SQLite is for development only. Use PostgreSQL for production.

Redis Configuration

AP_REDIS_HOST

string

default:"redis"

Redis server hostname

AP_REDIS_PORT

number

default:"6379"

Redis server port

AP_REDIS_USER

string

Redis username (Redis 6+ ACL)

AP_REDIS_PASSWORD

string

Redis password

AP_REDIS_DB

number

default:"0"

Redis database number (0-15)

AP_REDIS_URL

string

Redis connection URL (alternative to individual settings)Format: redis://[username:password@]host:port/dbExample:

AP_REDIS_URL=redis://:password@redis:6379/0

AP_REDIS_USE_SSL

boolean

default:"false"

Enable SSL/TLS for Redis connection

AP_REDIS_SSL_CA_FILE

string

Path to SSL CA certificate file

AP_REDIS_TYPE

enum

default:"standalone"

Redis deployment typeOptions: standalone, sentinel

Redis Sentinel

AP_REDIS_SENTINEL_NAME

string

Sentinel master name

AP_REDIS_SENTINEL_HOSTS

string

Comma-separated list of sentinel hostsExample:

AP_REDIS_SENTINEL_HOSTS=sentinel1:26379,sentinel2:26379,sentinel3:26379

AP_REDIS_SENTINEL_ROLE

enum

Sentinel roleOptions: master, slave

Redis Job Retention

AP_REDIS_FAILED_JOB_RETENTION_DAYS

number

default:"7"

How many days to keep failed job data

AP_REDIS_FAILED_JOB_RETENTION_MAX_COUNT

number

default:"100"

Maximum number of failed jobs to retain

Application Configuration

Environment

AP_ENVIRONMENT

enum

default:"prod"

Application environmentOptions: prod, dev

# Production
AP_ENVIRONMENT=prod

# Development
AP_ENVIRONMENT=dev

AP_EDITION

enum

default:"ce"

Activepieces editionOptions: ce (Community Edition), ee (Enterprise Edition)

Execution

AP_EXECUTION_MODE

enum

default:"UNSANDBOXED"

Code execution mode for workflowsOptions:

SANDBOX_CODE_ONLY: Sandboxed execution using isolated-vm (128MB limit)
UNSANDBOXED: Direct Node.js execution (development only)

# Production (recommended)
AP_EXECUTION_MODE=SANDBOX_CODE_ONLY

# Development only
AP_EXECUTION_MODE=UNSANDBOXED

Use SANDBOX_CODE_ONLY in production to prevent malicious code execution.

AP_SANDBOX_MEMORY_LIMIT

number

default:"128"

Memory limit in MB for sandboxed code executionRange: 64-512 MB

AP_SANDBOX_PROPAGATED_ENV_VARS

string

Comma-separated environment variables to pass to sandboxExample:

AP_SANDBOX_PROPAGATED_ENV_VARS=NODE_ENV,DEBUG,CUSTOM_VAR

Timeouts

AP_FLOW_TIMEOUT_SECONDS

number

default:"600"

Maximum workflow execution time in secondsDefault: 10 minutes

AP_WEBHOOK_TIMEOUT_SECONDS

number

default:"30"

Webhook request timeout in seconds

AP_TRIGGER_TIMEOUT_SECONDS

number

Trigger execution timeout in seconds

AP_TRIGGER_HOOKS_TIMEOUT_SECONDS

number

Trigger hook timeout in seconds

AP_TRIGGER_DEFAULT_POLL_INTERVAL

number

default:"5"

Default polling interval in minutes for scheduled triggers

Limits

AP_MAX_FILE_SIZE_MB

number

default:"10"

Maximum file upload size in megabytes

AP_MAX_FLOW_RUN_LOG_SIZE_MB

number

default:"2"

Maximum size of flow run logs in megabytes

AP_MAX_CONCURRENT_JOBS_PER_PROJECT

number

Limit concurrent job execution per project

Data Retention

AP_EXECUTION_DATA_RETENTION_DAYS

number

Days to retain execution data before cleanupExample:

AP_EXECUTION_DATA_RETENTION_DAYS=30

AP_ISSUE_ARCHIVE_DAYS

number

Days before archiving flow issues

AP_PAUSED_FLOW_TIMEOUT_DAYS

number

Days before disabling paused flows

File Storage

AP_FILE_STORAGE_LOCATION

enum

File storage backendOptions: local, s3Default: local (uses /usr/src/app/cache)

S3 Configuration

AP_S3_BUCKET

string

S3 bucket name for file storage

AP_S3_ACCESS_KEY_ID

string

AWS access key ID

AP_S3_SECRET_ACCESS_KEY

string

AWS secret access key

AP_S3_REGION

string

AWS regionExample: us-east-1, eu-west-1

AP_S3_ENDPOINT

string

Custom S3 endpoint for S3-compatible servicesExamples:

# MinIO
AP_S3_ENDPOINT=http://minio:9000

# DigitalOcean Spaces
AP_S3_ENDPOINT=https://nyc3.digitaloceanspaces.com

# Cloudflare R2
AP_S3_ENDPOINT=https://<account_id>.r2.cloudflarestorage.com

AP_S3_USE_SIGNED_URLS

boolean

default:"false"

Use pre-signed URLs for S3 file access

AP_S3_USE_IRSA

boolean

default:"false"

Use IAM Roles for Service Accounts (EKS/Kubernetes)

When enabled, authentication uses pod IAM role instead of access keys.

Email (SMTP)

AP_SMTP_HOST

string

SMTP server hostname

AP_SMTP_PORT

number

default:"587"

SMTP server port

AP_SMTP_USERNAME

string

SMTP username

AP_SMTP_PASSWORD

string

SMTP password

AP_SMTP_SENDER_EMAIL

string

Email address for outgoing emailsExample: noreply@yourdomain.com

AP_SMTP_SENDER_NAME

string

Display name for outgoing emailsExample: Activepieces

Worker Configuration

AP_CONTAINER_TYPE

enum

default:"WORKER_AND_APP"

Container roleOptions:

WORKER_AND_APP: Run both API and workers (default)
APP: Run API server only
WORKER: Run workers only

Use separate containers for scaling. See Workers guide.

AP_WORKER_CONCURRENCY

number

Number of concurrent jobs per workerRecommended: 1-4 based on CPU cores

AP_WORKER_TOKEN

string

Authentication token for dedicated workers

AP_PLATFORM_ID_FOR_DEDICATED_WORKER

string

Platform ID for dedicated worker deployment

AP_PRE_WARM_CACHE

boolean

default:"false"

Pre-load pieces into memory on startup

AP_PM2_ENABLED

boolean

default:"false"

Enable PM2 process manager for clustering

AP_PM2_ENABLED=true

Security

AP_API_KEY

string

Optional API key for platform-level authentication

AP_CLIENT_REAL_IP_HEADER

string

HTTP header to extract real client IPExamples:

# Behind Cloudflare
AP_CLIENT_REAL_IP_HEADER=CF-Connecting-IP

# Behind proxy
AP_CLIENT_REAL_IP_HEADER=X-Forwarded-For

AP_APP_WEBHOOK_SECRETS

string

Comma-separated webhook secrets

Rate Limiting

AP_API_RATE_LIMIT_AUTHN_ENABLED

boolean

default:"false"

Enable authentication rate limiting

AP_API_RATE_LIMIT_AUTHN_MAX

number

default:"100"

Maximum authentication requests per window

AP_API_RATE_LIMIT_AUTHN_WINDOW

number

default:"60"

Rate limit window in seconds

AP_PROJECT_RATE_LIMITER_ENABLED

boolean

default:"false"

Enable per-project rate limiting

Logging

AP_LOG_LEVEL

enum

default:"info"

Logging verbosityOptions: error, warn, info, debug, trace

AP_LOG_PRETTY

boolean

default:"false"

Enable pretty-printed logs (development)

# Development
AP_LOG_PRETTY=true

# Production (JSON logs)
AP_LOG_PRETTY=false

Telemetry & Monitoring

AP_TELEMETRY_ENABLED

boolean

default:"true"

Send anonymous usage telemetry to Activepieces

Helps improve the platform. No sensitive data is collected.

AP_OTEL_ENABLED

boolean

default:"false"

Enable OpenTelemetry instrumentation

OTEL_EXPORTER_OTLP_ENDPOINT

string

OpenTelemetry collector endpoint

OTEL_EXPORTER_OTLP_HEADERS

string

Headers for OTLP exporter

Advanced Configuration

AP_TEMPLATES_SOURCE_URL

string

URL for flow template repository

AP_PIECES_SOURCE

string

Custom pieces registry URL

AP_DEV_PIECES

boolean

default:"false"

Enable development pieces

AP_PIECES_SYNC_MODE

enum

Pieces synchronization mode

AP_ENABLE_FLOW_ON_PUBLISH

boolean

default:"true"

Automatically enable flows when published

AP_INTERNAL_URL

string

Internal service communication URL

AP_CONFIG_PATH

string

Path to custom configuration file

AP_QUEUE_UI_ENABLED

boolean

default:"false"

Enable BullMQ Board for queue monitoring

AP_QUEUE_UI_USERNAME

string

Username for queue UI

AP_QUEUE_UI_PASSWORD

string

Password for queue UI

Example Configurations

Development

.env

AP_ENGINE_EXECUTABLE_PATH=dist/packages/engine/main.js
AP_ENCRYPTION_KEY=0000000000000000000000000000000000000000000000000000000000000000
AP_JWT_SECRET=test_jwt_secret
AP_ENVIRONMENT=dev
AP_FRONTEND_URL=http://localhost:8080
AP_POSTGRES_DATABASE=activepieces
AP_POSTGRES_HOST=localhost
AP_POSTGRES_PORT=5432
AP_POSTGRES_USERNAME=postgres
AP_POSTGRES_PASSWORD=postgres
AP_REDIS_HOST=localhost
AP_REDIS_PORT=6379
AP_EXECUTION_MODE=UNSANDBOXED
AP_LOG_LEVEL=debug
AP_LOG_PRETTY=true
AP_TELEMETRY_ENABLED=false

Production

.env

AP_ENGINE_EXECUTABLE_PATH=dist/packages/engine/main.js
AP_ENCRYPTION_KEY=<generated-with-openssl-rand-hex-32>
AP_JWT_SECRET=<generated-with-openssl-rand-hex-32>
AP_ENVIRONMENT=prod
AP_FRONTEND_URL=https://activepieces.yourdomain.com

# Database
AP_POSTGRES_DATABASE=activepieces
AP_POSTGRES_HOST=postgres.yourdomain.com
AP_POSTGRES_PORT=5432
AP_POSTGRES_USERNAME=activepieces
AP_POSTGRES_PASSWORD=<strong-password>
AP_POSTGRES_USE_SSL=true
AP_POSTGRES_POOL_SIZE=20

# Redis
AP_REDIS_HOST=redis.yourdomain.com
AP_REDIS_PORT=6379
AP_REDIS_PASSWORD=<redis-password>
AP_REDIS_USE_SSL=true

# Execution
AP_EXECUTION_MODE=SANDBOX_CODE_ONLY
AP_FLOW_TIMEOUT_SECONDS=600
AP_WEBHOOK_TIMEOUT_SECONDS=30

# Storage
AP_FILE_STORAGE_LOCATION=s3
AP_S3_BUCKET=activepieces-files
AP_S3_ACCESS_KEY_ID=<aws-access-key>
AP_S3_SECRET_ACCESS_KEY=<aws-secret-key>
AP_S3_REGION=us-east-1

# Limits
AP_MAX_FILE_SIZE_MB=50
AP_EXECUTION_DATA_RETENTION_DAYS=90

# Logging
AP_LOG_LEVEL=info
AP_LOG_PRETTY=false

# Monitoring
AP_TELEMETRY_ENABLED=true
AP_OTEL_ENABLED=true
OTEL_EXPORTER_OTLP_ENDPOINT=http://otel-collector:4318

Next Steps

Database Setup

Configure PostgreSQL

Storage

Setup S3 file storage

Workers

Configure worker processes

Scaling

Scale your deployment

Installation

Configuration

Architecture

Quick Reference

Required Variables

Database Configuration

PostgreSQL

Redis Configuration

Redis Sentinel

Redis Job Retention

Application Configuration

Environment

Execution

Timeouts

Limits

Data Retention

File Storage

S3 Configuration

Email (SMTP)

Worker Configuration

Security

Rate Limiting

Logging

Telemetry & Monitoring

Advanced Configuration

Example Configurations

Development

Production

Next Steps

Database Setup

Storage

Workers

Scaling

Installation

Configuration

Architecture

​Quick Reference

​Required Variables

​Database Configuration

​PostgreSQL

​Redis Configuration

​Redis Sentinel

​Redis Job Retention

​Application Configuration

​Environment

​Execution

​Timeouts

​Limits

​Data Retention

​File Storage

​S3 Configuration

​Email (SMTP)

​Worker Configuration

​Security

​Rate Limiting

​Logging

​Telemetry & Monitoring

​Advanced Configuration

​Example Configurations

​Development

​Production

​Next Steps

Database Setup

Storage

Workers

Scaling

Quick Reference

Required Variables

Database Configuration

PostgreSQL

Redis Configuration

Redis Sentinel

Redis Job Retention

Application Configuration

Environment

Execution

Timeouts

Limits

Data Retention

File Storage

S3 Configuration

Email (SMTP)

Worker Configuration

Security

Rate Limiting

Logging

Telemetry & Monitoring

Advanced Configuration

Example Configurations

Development

Production

Next Steps