Implementation:Langgenius Dify Env File Setup

Overview

Concrete tool for configuring a Dify Docker deployment by copying the .env.example template and customizing environment variables, provided by the Dify repository at docker/.env.example.

Description

The .env.example file in the docker/ directory contains over 600 environment variable definitions organized into clearly labeled sections. Each variable includes inline comments describing its purpose, supported values, and default. The file is consumed by docker-compose.yaml through Docker Compose variable interpolation.

The setup procedure copies this template to .env and customizes critical values such as:

• SECRET_KEY -- Cryptographic key for session signing and database encryption. Must be changed from the default for production.
• DB_USERNAME / DB_PASSWORD -- PostgreSQL (or MySQL) credentials used by both the API service and the worker.
• REDIS_HOST / REDIS_PASSWORD -- Redis connection parameters for caching and Celery broker.
• VECTOR_STORE -- Selects the vector database backend (default: weaviate). This value also drives the Docker Compose profile mechanism.

The x-shared-env YAML anchor in docker-compose.yaml references these variables with fallback defaults:

x-shared-env: &shared-api-worker-env
  SECRET_KEY: ${SECRET_KEY:-sk-9f73s3ljTXVcMT3Blb3ljTqtsKiGHXVcMT3BlbkFJLK7U}
  DB_USERNAME: ${DB_USERNAME:-postgres}
  DB_PASSWORD: ${DB_PASSWORD:-difyai123456}
  REDIS_HOST: ${REDIS_HOST:-redis}
  REDIS_PASSWORD: ${REDIS_PASSWORD:-difyai123456}
  VECTOR_STORE: ${VECTOR_STORE:-weaviate}

Usage

Use this implementation at the very start of a new Dify Docker deployment, before running docker compose up. Also revisit this file when upgrading Dify versions, using the dify-env-sync.sh script to merge new variables.

Code Reference

Source Location: docker/.env.example

Signature:

# Copy the template
cp docker/.env.example docker/.env

# Generate a secure SECRET_KEY
sed -i "s/SECRET_KEY=.*/SECRET_KEY=$(openssl rand -base64 42)/" docker/.env

Import statement: Not applicable (shell file, consumed by Docker Compose).

I/O Contract

Inputs

Outputs

Usage Examples

Basic setup (development):

cd docker
cp .env.example .env
# Use defaults -- suitable for local development
docker compose up -d

Production setup with custom secrets:

cd docker
cp .env.example .env

# Generate and set a secure secret key
SECRET_KEY=$(openssl rand -base64 42)
sed -i "s|SECRET_KEY=.*|SECRET_KEY=${SECRET_KEY}|" .env

# Set strong database password
sed -i "s|DB_PASSWORD=.*|DB_PASSWORD=MyStr0ngP@ssw0rd|" .env

# Set strong Redis password
sed -i "s|REDIS_PASSWORD=.*|REDIS_PASSWORD=R3d1sS3cure!|" .env

# Update Celery broker URL to match Redis password
sed -i "s|CELERY_BROKER_URL=.*|CELERY_BROKER_URL=redis://:R3d1sS3cure!@redis:6379/1|" .env

# Select qdrant as the vector store instead of weaviate
sed -i "s|VECTOR_STORE=.*|VECTOR_STORE=qdrant|" .env

docker compose up -d

Switching to MySQL as the metadata database:

# In .env, change the DB_TYPE and update COMPOSE_PROFILES
sed -i "s|DB_TYPE=.*|DB_TYPE=mysql|" .env
# COMPOSE_PROFILES automatically reflects: ${VECTOR_STORE:-weaviate},${DB_TYPE:-postgresql}
docker compose up -d

Related Pages

• Principle:Langgenius_Dify_Environment_Configuration
• Environment:Langgenius_Dify_Docker_Compose_Environment
• Environment:Langgenius_Dify_Credentials_And_Env_Vars
• Environment:Langgenius_Dify_Node_Frontend_Environment