Environment variables reference
Environment variables control or override certain functions and characteristics of Self-hosted Retool instances. Some Retool features require you to set environment variables, such as SSO or Source Control.
You should only configure environment variables when needed. You must restart your instance after setting any variables for them to take effect.
General
General environment variables available for use with Self-hosted Retool deployments.
BASE_DOMAIN
The full URL of your Retool deployment for user invitations and password resets. This also needs to be set if you dynamically set callback URLs on protected resources.
If unset, Retool attempts to determine the base domain automatically but cannot do so if your deployment is behind a proxy server.
BASE_DOMAIN=https://retool.example.com
CUSTOM_API_KEY
A Custom API key to override Retool-generated API keys. This doesn't apply to access tokens for embedding web apps, you still need to use the token generated in Retool.
CUSTOM_API_KEY=key_545567563
CUSTOM_RETOOL_SANDBOX_RESTRICTIONS
Only configure custom sandbox restrictions if you are comfortable with the security implications.
The JavaScript sandbox restrictions to allow. Specify space-separated values for multiple restrictions.
allow-downloads
: Allow downloadsallow-popups
: Allow pop-upsallow-modals
: Allow modals
If unset, no restrictions are allowed.
CUSTOM_RETOOL_SANDBOX_RESTRICTIONS=allow-downloads allow-modals
DEBUG
Whether to enable verbose logging for debugging purposes. Set DEBUG
to 1
to enable verbose logging.
DEBUG=1
DISABLE_IMAGE_PROXY
Disable the proxy used for public apps.
DISABLE_IMAGE_PROXY=true
DISABLE_INTERCOM
Requires Self-hosted Retool v2.72.28 or later.
Disable Retool's support widget in the frontend. See Retool Support guidelines to learn how to contact Retool.
DISABLE_INTERCOM=true
DISABLE_MEMORY_AND_CPU_USAGE_LOGGING
Disable logging of CPU and memory usage.
DISABLE_MEMORY_AND_CPU_USAGE_LOGGING=true
DISABLE_PUBLIC_PAGES
Disable public access of Retool apps. When set to true
, set DISABLE_IMAGE_PROXY
to true
as well to fully disable public access.
DISABLE_PUBLIC_PAGES=true
DISABLE_FORWARDABLE_COOKIE_DECODING
Requires Self-hosted Retool v2.90 or later.
Disable automatic cookie decoding when using forwardable cookies.
DISABLE_FORWARDABLE_COOKIE_DECODING=true