# Full list of environment variables that can be used with BookStack. # Selectively copy these to your '.env' file as required. # Each option is shown with it's default value. # Do not copy this whole file to use as your '.env' file. # The details here only serve as a quick reference. # Please refer to the BookStack documentation for full details: # https://www.bookstackapp.com/docs/ # Application environment # Can be 'production', 'development', 'testing' or 'demo' APP_ENV=production # Enable debug mode # Shows advanced debug information and errors. # CAN EXPOSE OTHER VARIABLES, LEAVE DISABLED APP_DEBUG=false # Application key # Used for encryption where needed. # Run `php artisan key:generate` to generate a valid key. APP_KEY=SomeRandomString # Application URL # This must be the root URL that you want to host BookStack on. # All URL's in BookStack will be generated using this value. APP_URL=https://example.com # Application default language # The default language choice to show. # May be overridden by user-preference or visitor browser settings. APP_LANG=en # Auto-detect language for public visitors. # Uses browser-sent headers to infer a language. # APP_LANG will be used if such a header is not provided. APP_AUTO_LANG_PUBLIC=true # Application timezone # Used where dates are displayed such as on exported content. # Valid timezone values can be found here: https://www.php.net/manual/en/timezones.php APP_TIMEZONE=UTC # Application theme # Used to specific a themes/ folder where BookStack UI # overrides can be made. Defaults to disabled. APP_THEME=false # Trusted proxies # Used to indicate trust of systems that proxy to the application so # certain header values (Such as "X-Forwarded-For") can be used from the # incoming proxy request to provide origin detail. # Set to an IP address, or multiple comma seperated IP addresses. # Can alternatively be set to "*" to trust all proxy addresses. APP_PROXIES=null # Database details # Host can contain a port (localhost:3306) or a separate DB_PORT option can be used. DB_HOST=localhost DB_PORT=3306 DB_DATABASE=database_database DB_USERNAME=database_username DB_PASSWORD=database_user_password # MySQL specific connection options # Path to Certificate Authority (CA) certificate file for your MySQL instance. # When this option is used host name identity verification will be performed # which checks the hostname, used by the client, against names within the # certificate itself (Common Name or Subject Alternative Name). MYSQL_ATTR_SSL_CA="/path/to/ca.pem" # Mail configuration # Refer to https://www.bookstackapp.com/docs/admin/email-webhooks/#email-configuration MAIL_DRIVER=smtp MAIL_FROM=bookstack@example.com MAIL_FROM_NAME=BookStack MAIL_HOST=localhost MAIL_PORT=587 MAIL_USERNAME=null MAIL_PASSWORD=null MAIL_ENCRYPTION=null MAIL_VERIFY_SSL=true MAIL_SENDMAIL_COMMAND="/usr/sbin/sendmail -bs" # Cache & Session driver to use # Can be 'file', 'database', 'memcached' or 'redis' CACHE_DRIVER=file SESSION_DRIVER=file # Session configuration SESSION_LIFETIME=120 SESSION_COOKIE_NAME=bookstack_session SESSION_SECURE_COOKIE=false # Cache key prefix # Can be used to prevent conflicts multiple BookStack instances use the same store. CACHE_PREFIX=bookstack # Memcached server configuration # If using a UNIX socket path for the host, set the port to 0 # This follows the following format: HOST:PORT:WEIGHT # For multiple servers separate with a comma MEMCACHED_SERVERS=127.0.0.1:11211:100 # Redis server configuration # This follows the following format: HOST:PORT:DATABASE # or, if using a password: HOST:PORT:DATABASE:PASSWORD # For multiple servers separate with a comma. These will be clustered. REDIS_SERVERS=127.0.0.1:6379:0 # Queue driver to use # Can be 'sync', 'database' or 'redis' QUEUE_CONNECTION=sync # Storage system to use # Can be 'local', 'local_secure' or 's3' STORAGE_TYPE=local # Image storage system to use # Defaults to the value of STORAGE_TYPE if unset. # Accepts the same values as STORAGE_TYPE. STORAGE_IMAGE_TYPE=local # Attachment storage system to use # Defaults to the value of STORAGE_TYPE if unset. # Accepts the same values as STORAGE_TYPE although 'local' will be forced to 'local_secure'. STORAGE_ATTACHMENT_TYPE=local_secure # Amazon S3 storage configuration STORAGE_S3_KEY=your-s3-key STORAGE_S3_SECRET=your-s3-secret STORAGE_S3_BUCKET=s3-bucket-name STORAGE_S3_REGION=s3-bucket-region # S3 endpoint to use for storage calls # Only set this if using a non-Amazon s3-compatible service such as Minio STORAGE_S3_ENDPOINT=https://my-custom-s3-compatible.service.com:8001 # Storage URL prefix # Used as a base for any generated image urls. # An s3-format URL will be generated if not set. STORAGE_URL=false # Authentication method to use # Can be 'standard', 'ldap', 'saml2' or 'oidc' AUTH_METHOD=standard # Automatically initiate login via external auth system if it's the only auth method. # Works with saml2 or oidc auth methods. AUTH_AUTO_INITIATE=false # Social authentication configuration # All disabled by default. # Refer to https://www.bookstackapp.com/docs/admin/third-party-auth/ AZURE_APP_ID=false AZURE_APP_SECRET=false AZURE_TENANT=false AZURE_AUTO_REGISTER=false AZURE_AUTO_CONFIRM_EMAIL=false DISCORD_APP_ID=false DISCORD_APP_SECRET=false DISCORD_AUTO_REGISTER=false DISCORD_AUTO_CONFIRM_EMAIL=false FACEBOOK_APP_ID=false FACEBOOK_APP_SECRET=false FACEBOOK_AUTO_REGISTER=false FACEBOOK_AUTO_CONFIRM_EMAIL=false GITHUB_APP_ID=false GITHUB_APP_SECRET=false GITHUB_AUTO_REGISTER=false GITHUB_AUTO_CONFIRM_EMAIL=false GITLAB_APP_ID=false GITLAB_APP_SECRET=false GITLAB_BASE_URI=false GITLAB_AUTO_REGISTER=false GITLAB_AUTO_CONFIRM_EMAIL=false GOOGLE_APP_ID=false GOOGLE_APP_SECRET=false GOOGLE_SELECT_ACCOUNT=false GOOGLE_AUTO_REGISTER=false GOOGLE_AUTO_CONFIRM_EMAIL=false OKTA_BASE_URL=false OKTA_APP_ID=false OKTA_APP_SECRET=false OKTA_AUTO_REGISTER=false OKTA_AUTO_CONFIRM_EMAIL=false SLACK_APP_ID=false SLACK_APP_SECRET=false SLACK_AUTO_REGISTER=false SLACK_AUTO_CONFIRM_EMAIL=false TWITCH_APP_ID=false TWITCH_APP_SECRET=false TWITCH_AUTO_REGISTER=false TWITCH_AUTO_CONFIRM_EMAIL=false TWITTER_APP_ID=false TWITTER_APP_SECRET=false TWITTER_AUTO_REGISTER=false TWITTER_AUTO_CONFIRM_EMAIL=false # LDAP authentication configuration # Refer to https://www.bookstackapp.com/docs/admin/ldap-auth/ LDAP_SERVER=false LDAP_BASE_DN=false LDAP_DN=false LDAP_PASS=false LDAP_USER_FILTER=false LDAP_VERSION=false LDAP_START_TLS=false LDAP_TLS_INSECURE=false LDAP_ID_ATTRIBUTE=uid LDAP_EMAIL_ATTRIBUTE=mail LDAP_DISPLAY_NAME_ATTRIBUTE=cn LDAP_THUMBNAIL_ATTRIBUTE=null LDAP_FOLLOW_REFERRALS=true LDAP_DUMP_USER_DETAILS=false # LDAP group sync configuration # Refer to https://www.bookstackapp.com/docs/admin/ldap-auth/ LDAP_USER_TO_GROUPS=false LDAP_GROUP_ATTRIBUTE="memberOf" LDAP_REMOVE_FROM_GROUPS=false LDAP_DUMP_USER_GROUPS=false # SAML authentication configuration # Refer to https://www.bookstackapp.com/docs/admin/saml2-auth/ SAML2_NAME=SSO SAML2_EMAIL_ATTRIBUTE=email SAML2_DISPLAY_NAME_ATTRIBUTES=username SAML2_EXTERNAL_ID_ATTRIBUTE=null SAML2_IDP_ENTITYID=null SAML2_IDP_SSO=null SAML2_IDP_SLO=null SAML2_IDP_x509=null SAML2_ONELOGIN_OVERRIDES=null SAML2_DUMP_USER_DETAILS=false SAML2_AUTOLOAD_METADATA=false SAML2_IDP_AUTHNCONTEXT=true SAML2_SP_x509=null SAML2_SP_x509_KEY=null # SAML group sync configuration # Refer to https://www.bookstackapp.com/docs/admin/saml2-auth/ SAML2_USER_TO_GROUPS=false SAML2_GROUP_ATTRIBUTE=group SAML2_REMOVE_FROM_GROUPS=false # OpenID Connect authentication configuration # Refer to https://www.bookstackapp.com/docs/admin/oidc-auth/ OIDC_NAME=SSO OIDC_DISPLAY_NAME_CLAIMS=name OIDC_CLIENT_ID=null OIDC_CLIENT_SECRET=null OIDC_ISSUER=null OIDC_ISSUER_DISCOVER=false OIDC_PUBLIC_KEY=null OIDC_AUTH_ENDPOINT=null OIDC_TOKEN_ENDPOINT=null OIDC_ADDITIONAL_SCOPES=null OIDC_DUMP_USER_DETAILS=false OIDC_USER_TO_GROUPS=false OIDC_GROUPS_CLAIM=groups OIDC_REMOVE_FROM_GROUPS=false OIDC_EXTERNAL_ID_CLAIM=sub # Disable default third-party services such as Gravatar and Draw.IO # Service-specific options will override this option DISABLE_EXTERNAL_SERVICES=false # Use custom avatar service, Sets fetch URL # Possible placeholders: ${hash} ${size} ${email} # If set, Avatars will be fetched regardless of DISABLE_EXTERNAL_SERVICES option. # Example: AVATAR_URL=https://seccdn.libravatar.org/avatar/${hash}?s=${size}&d=identicon AVATAR_URL= # Enable diagrams.net integration # Can simply be true/false to enable/disable the integration. # Alternatively, It can be URL to the diagrams.net instance you want to use. # For URLs, The following URL parameters should be included: embed=1&proto=json&spin=1&configure=1 DRAWIO=true # Default item listing view # Used for public visitors and user's without a preference. # Can be 'list' or 'grid'. APP_VIEWS_BOOKS=list APP_VIEWS_BOOKSHELVES=grid APP_VIEWS_BOOKSHELF=grid # Use dark mode by default # Will be overriden by any user/session preference. APP_DEFAULT_DARK_MODE=false # Page revision limit # Number of page revisions to keep in the system before deleting old revisions. # If set to 'false' a limit will not be enforced. REVISION_LIMIT=100 # Recycle Bin Lifetime # The number of days that content will remain in the recycle bin before # being considered for auto-removal. It is not a guarantee that content will # be removed after this time. # Set to 0 for no recycle bin functionality. # Set to -1 for unlimited recycle bin lifetime. RECYCLE_BIN_LIFETIME=30 # File Upload Limit # Maximum file size, in megabytes, that can be uploaded to the system. FILE_UPLOAD_SIZE_LIMIT=50 # Export Page Size # Primarily used to determine page size of PDF exports. # Can be 'a4' or 'letter'. EXPORT_PAGE_SIZE=a4 # Set path to wkhtmltopdf binary for PDF generation. # Can be 'false' or a path path like: '/home/bins/wkhtmltopdf' # When false, BookStack will attempt to find a wkhtmltopdf in the application # root folder then fall back to the default dompdf renderer if no binary exists. # Only used if 'ALLOW_UNTRUSTED_SERVER_FETCHING=true' which disables security protections. WKHTMLTOPDF=false # Allow