Skip to main content
Activepieces is configured entirely through environment variables prefixed with AP_. All variables are defined in the source code at packages/server/common/src/lib/system-props.ts.
Environment variables are read from the .env file or passed directly to the container. The .env.example file in the repository shows the minimum required configuration.

Quick Reference

Download the example configuration: 
curl -O https://raw.githubusercontent.com/activepieces/activepieces/main/.env.example

Required Variables

These must be set for Activepieces to function:
AP_ENGINE_EXECUTABLE_PATH
string
required
Path to the workflow execution engineDefault: dist/packages/engine/main.jsExample:
AP_ENGINE_EXECUTABLE_PATH=dist/packages/engine/main.js
AP_ENCRYPTION_KEY
string
required
256-bit encryption key (32 hex characters) for encrypting sensitive dataGenerate:
openssl rand -hex 32
Changing this key will make existing encrypted data unreadable. Store it securely and never commit to version control.
AP_JWT_SECRET
string
required
Secret key for signing JWT authentication tokensGenerate:
openssl rand -hex 32
Changing this will invalidate all existing user sessions.
AP_FRONTEND_URL
string
required
Public URL where users access ActivepiecesExamples:
# Development
AP_FRONTEND_URL=http://localhost:8080

# Production
AP_FRONTEND_URL=https://activepieces.yourdomain.com

Database Configuration

PostgreSQL

AP_POSTGRES_DATABASE
string
default:"activepieces"
PostgreSQL database name
AP_POSTGRES_HOST
string
default:"postgres"
PostgreSQL server hostnameExamples:
# Docker Compose
AP_POSTGRES_HOST=postgres

# External server
AP_POSTGRES_HOST=db.example.com
AP_POSTGRES_PORT
number
default:"5432"
PostgreSQL server port
AP_POSTGRES_USERNAME
string
default:"postgres"
PostgreSQL username
AP_POSTGRES_PASSWORD
string
required
PostgreSQL password
Use a strong password for production deployments.
AP_POSTGRES_URL
string
PostgreSQL connection URL (alternative to individual settings)Format: postgresql://username:password@host:port/databaseExample:
AP_POSTGRES_URL=postgresql://user:pass@localhost:5432/activepieces?sslmode=require
If set, this overrides individual AP_POSTGRES_* variables.
AP_POSTGRES_USE_SSL
boolean
default:"false"
Enable SSL/TLS for PostgreSQL connection
AP_POSTGRES_USE_SSL=true
AP_POSTGRES_SSL_CA
string
Path to SSL CA certificate file
AP_POSTGRES_SSL_CA=/path/to/ca-certificate.crt
AP_POSTGRES_POOL_SIZE
number
default:"10"
PostgreSQL connection pool sizeRecommended: 10-20 for production
AP_POSTGRES_IDLE_TIMEOUT_MS
number
default:"30000"
Connection idle timeout in milliseconds
AP_DB_TYPE
enum
Database type (for advanced use cases)Options: postgres, sqlite
SQLite is for development only. Use PostgreSQL for production.

Redis Configuration

AP_REDIS_HOST
string
default:"redis"
Redis server hostname
AP_REDIS_PORT
number
default:"6379"
Redis server port
AP_REDIS_USER
string
Redis username (Redis 6+ ACL)
AP_REDIS_PASSWORD
string
Redis password
AP_REDIS_DB
number
default:"0"
Redis database number (0-15)
AP_REDIS_URL
string
Redis connection URL (alternative to individual settings)Format: redis://[username:password@]host:port/dbExample:
AP_REDIS_URL=redis://:password@redis:6379/0
AP_REDIS_USE_SSL
boolean
default:"false"
Enable SSL/TLS for Redis connection
AP_REDIS_SSL_CA_FILE
string
Path to SSL CA certificate file
AP_REDIS_TYPE
enum
default:"standalone"
Redis deployment typeOptions: standalone, sentinel

Redis Sentinel

AP_REDIS_SENTINEL_NAME
string
Sentinel master name
AP_REDIS_SENTINEL_HOSTS
string
Comma-separated list of sentinel hostsExample:
AP_REDIS_SENTINEL_HOSTS=sentinel1:26379,sentinel2:26379,sentinel3:26379
AP_REDIS_SENTINEL_ROLE
enum
Sentinel roleOptions: master, slave

Redis Job Retention

AP_REDIS_FAILED_JOB_RETENTION_DAYS
number
default:"7"
How many days to keep failed job data
AP_REDIS_FAILED_JOB_RETENTION_MAX_COUNT
number
default:"100"
Maximum number of failed jobs to retain

Application Configuration

Environment

AP_ENVIRONMENT
enum
default:"prod"
Application environmentOptions: prod, dev
# Production
AP_ENVIRONMENT=prod

# Development
AP_ENVIRONMENT=dev
AP_EDITION
enum
default:"ce"
Activepieces editionOptions: ce (Community Edition), ee (Enterprise Edition)

Execution

AP_EXECUTION_MODE
enum
default:"UNSANDBOXED"
Code execution mode for workflowsOptions:
  • SANDBOX_CODE_ONLY: Sandboxed execution using isolated-vm (128MB limit)
  • UNSANDBOXED: Direct Node.js execution (development only)
# Production (recommended)
AP_EXECUTION_MODE=SANDBOX_CODE_ONLY

# Development only
AP_EXECUTION_MODE=UNSANDBOXED
Use SANDBOX_CODE_ONLY in production to prevent malicious code execution.
AP_SANDBOX_MEMORY_LIMIT
number
default:"128"
Memory limit in MB for sandboxed code executionRange: 64-512 MB
AP_SANDBOX_PROPAGATED_ENV_VARS
string
Comma-separated environment variables to pass to sandboxExample:
AP_SANDBOX_PROPAGATED_ENV_VARS=NODE_ENV,DEBUG,CUSTOM_VAR

Timeouts

AP_FLOW_TIMEOUT_SECONDS
number
default:"600"
Maximum workflow execution time in secondsDefault: 10 minutes
AP_WEBHOOK_TIMEOUT_SECONDS
number
default:"30"
Webhook request timeout in seconds
AP_TRIGGER_TIMEOUT_SECONDS
number
Trigger execution timeout in seconds
AP_TRIGGER_HOOKS_TIMEOUT_SECONDS
number
Trigger hook timeout in seconds
AP_TRIGGER_DEFAULT_POLL_INTERVAL
number
default:"5"
Default polling interval in minutes for scheduled triggers

Limits

AP_MAX_FILE_SIZE_MB
number
default:"10"
Maximum file upload size in megabytes
AP_MAX_FLOW_RUN_LOG_SIZE_MB
number
default:"2"
Maximum size of flow run logs in megabytes
AP_MAX_CONCURRENT_JOBS_PER_PROJECT
number
Limit concurrent job execution per project

Data Retention

AP_EXECUTION_DATA_RETENTION_DAYS
number
Days to retain execution data before cleanupExample:
AP_EXECUTION_DATA_RETENTION_DAYS=30
AP_ISSUE_ARCHIVE_DAYS
number
Days before archiving flow issues
AP_PAUSED_FLOW_TIMEOUT_DAYS
number
Days before disabling paused flows

File Storage

AP_FILE_STORAGE_LOCATION
enum
File storage backendOptions: local, s3Default: local (uses /usr/src/app/cache)

S3 Configuration

AP_S3_BUCKET
string
S3 bucket name for file storage
AP_S3_ACCESS_KEY_ID
string
AWS access key ID
AP_S3_SECRET_ACCESS_KEY
string
AWS secret access key
AP_S3_REGION
string
AWS regionExample: us-east-1, eu-west-1
AP_S3_ENDPOINT
string
Custom S3 endpoint for S3-compatible servicesExamples:
# MinIO
AP_S3_ENDPOINT=http://minio:9000

# DigitalOcean Spaces
AP_S3_ENDPOINT=https://nyc3.digitaloceanspaces.com

# Cloudflare R2
AP_S3_ENDPOINT=https://<account_id>.r2.cloudflarestorage.com
AP_S3_USE_SIGNED_URLS
boolean
default:"false"
Use pre-signed URLs for S3 file access
AP_S3_USE_IRSA
boolean
default:"false"
Use IAM Roles for Service Accounts (EKS/Kubernetes)
When enabled, authentication uses pod IAM role instead of access keys.

Email (SMTP)

AP_SMTP_HOST
string
SMTP server hostname
AP_SMTP_PORT
number
default:"587"
SMTP server port
AP_SMTP_USERNAME
string
SMTP username
AP_SMTP_PASSWORD
string
SMTP password
AP_SMTP_SENDER_EMAIL
string
Email address for outgoing emailsExample: [email protected]
AP_SMTP_SENDER_NAME
string
Display name for outgoing emailsExample: Activepieces

Worker Configuration

AP_CONTAINER_TYPE
enum
default:"WORKER_AND_APP"
Container roleOptions:
  • WORKER_AND_APP: Run both API and workers (default)
  • APP: Run API server only
  • WORKER: Run workers only
Use separate containers for scaling. See Workers guide.
AP_WORKER_CONCURRENCY
number
Number of concurrent jobs per workerRecommended: 1-4 based on CPU cores
AP_WORKER_TOKEN
string
Authentication token for dedicated workers
AP_PLATFORM_ID_FOR_DEDICATED_WORKER
string
Platform ID for dedicated worker deployment
AP_PRE_WARM_CACHE
boolean
default:"false"
Pre-load pieces into memory on startup
AP_PM2_ENABLED
boolean
default:"false"
Enable PM2 process manager for clustering
AP_PM2_ENABLED=true

Security

AP_API_KEY
string
Optional API key for platform-level authentication
AP_CLIENT_REAL_IP_HEADER
string
HTTP header to extract real client IPExamples:
# Behind Cloudflare
AP_CLIENT_REAL_IP_HEADER=CF-Connecting-IP

# Behind proxy
AP_CLIENT_REAL_IP_HEADER=X-Forwarded-For
AP_APP_WEBHOOK_SECRETS
string
Comma-separated webhook secrets

Rate Limiting

AP_API_RATE_LIMIT_AUTHN_ENABLED
boolean
default:"false"
Enable authentication rate limiting
AP_API_RATE_LIMIT_AUTHN_MAX
number
default:"100"
Maximum authentication requests per window
AP_API_RATE_LIMIT_AUTHN_WINDOW
number
default:"60"
Rate limit window in seconds
AP_PROJECT_RATE_LIMITER_ENABLED
boolean
default:"false"
Enable per-project rate limiting

Logging

AP_LOG_LEVEL
enum
default:"info"
Logging verbosityOptions: error, warn, info, debug, trace
AP_LOG_PRETTY
boolean
default:"false"
Enable pretty-printed logs (development)
# Development
AP_LOG_PRETTY=true

# Production (JSON logs)
AP_LOG_PRETTY=false

Telemetry & Monitoring

AP_TELEMETRY_ENABLED
boolean
default:"true"
Send anonymous usage telemetry to Activepieces
Helps improve the platform. No sensitive data is collected.
AP_OTEL_ENABLED
boolean
default:"false"
Enable OpenTelemetry instrumentation
OTEL_EXPORTER_OTLP_ENDPOINT
string
OpenTelemetry collector endpoint
OTEL_EXPORTER_OTLP_HEADERS
string
Headers for OTLP exporter

Advanced Configuration

AP_TEMPLATES_SOURCE_URL
string
URL for flow template repository
AP_PIECES_SOURCE
string
Custom pieces registry URL
AP_DEV_PIECES
boolean
default:"false"
Enable development pieces
AP_PIECES_SYNC_MODE
enum
Pieces synchronization mode
AP_ENABLE_FLOW_ON_PUBLISH
boolean
default:"true"
Automatically enable flows when published
AP_INTERNAL_URL
string
Internal service communication URL
AP_CONFIG_PATH
string
Path to custom configuration file
AP_QUEUE_UI_ENABLED
boolean
default:"false"
Enable BullMQ Board for queue monitoring
AP_QUEUE_UI_USERNAME
string
Username for queue UI
AP_QUEUE_UI_PASSWORD
string
Password for queue UI

Example Configurations

Development

.env
AP_ENGINE_EXECUTABLE_PATH=dist/packages/engine/main.js
AP_ENCRYPTION_KEY=0000000000000000000000000000000000000000000000000000000000000000
AP_JWT_SECRET=test_jwt_secret
AP_ENVIRONMENT=dev
AP_FRONTEND_URL=http://localhost:8080
AP_POSTGRES_DATABASE=activepieces
AP_POSTGRES_HOST=localhost
AP_POSTGRES_PORT=5432
AP_POSTGRES_USERNAME=postgres
AP_POSTGRES_PASSWORD=postgres
AP_REDIS_HOST=localhost
AP_REDIS_PORT=6379
AP_EXECUTION_MODE=UNSANDBOXED
AP_LOG_LEVEL=debug
AP_LOG_PRETTY=true
AP_TELEMETRY_ENABLED=false

Production

.env
AP_ENGINE_EXECUTABLE_PATH=dist/packages/engine/main.js
AP_ENCRYPTION_KEY=<generated-with-openssl-rand-hex-32>
AP_JWT_SECRET=<generated-with-openssl-rand-hex-32>
AP_ENVIRONMENT=prod
AP_FRONTEND_URL=https://activepieces.yourdomain.com

# Database
AP_POSTGRES_DATABASE=activepieces
AP_POSTGRES_HOST=postgres.yourdomain.com
AP_POSTGRES_PORT=5432
AP_POSTGRES_USERNAME=activepieces
AP_POSTGRES_PASSWORD=<strong-password>
AP_POSTGRES_USE_SSL=true
AP_POSTGRES_POOL_SIZE=20

# Redis
AP_REDIS_HOST=redis.yourdomain.com
AP_REDIS_PORT=6379
AP_REDIS_PASSWORD=<redis-password>
AP_REDIS_USE_SSL=true

# Execution
AP_EXECUTION_MODE=SANDBOX_CODE_ONLY
AP_FLOW_TIMEOUT_SECONDS=600
AP_WEBHOOK_TIMEOUT_SECONDS=30

# Storage
AP_FILE_STORAGE_LOCATION=s3
AP_S3_BUCKET=activepieces-files
AP_S3_ACCESS_KEY_ID=<aws-access-key>
AP_S3_SECRET_ACCESS_KEY=<aws-secret-key>
AP_S3_REGION=us-east-1

# Limits
AP_MAX_FILE_SIZE_MB=50
AP_EXECUTION_DATA_RETENTION_DAYS=90

# Logging
AP_LOG_LEVEL=info
AP_LOG_PRETTY=false

# Monitoring
AP_TELEMETRY_ENABLED=true
AP_OTEL_ENABLED=true
OTEL_EXPORTER_OTLP_ENDPOINT=http://otel-collector:4318

Next Steps

Database Setup

Configure PostgreSQL

Storage

Setup S3 file storage

Workers

Configure worker processes

Scaling

Scale your deployment

Build docs developers (and LLMs) love

Get started for freeTalk to us