Skip to main content

Storage database environment variables

Reference documentation of environment variables for the postgres service and database.

Storage database environment variables available for use with Self-hosted Retool deployments.

Only configure environment variables when needed. You can configure many environment variables from your organization's Settings rather than directly editing your deployment's configuration file.

You must restart your instance after setting any variables for them to take effect.

DATABASE_MIGRATIONS_TIMEOUT_SECONDS

number

The timeout, in seconds, for database migrations. If the migration takes longer than this time, the migration fails. Consider setting a higher value if you're upgrading to another major version of Self-hosted Retool or the upgrade includes changes from multiple minor versions.

Example
DATABASE_MIGRATIONS_TIMEOUT_SECONDS=1000

ENCRYPTION_KEY

string

The encryption key used to encrypt data stored in the PostgreSQL database (e.g., database credentials, SSH keys, etc). If you change this key, you will lose access to all resources that were created before the change.

Example
ENCRYPTION_KEY=key

POSTGRES_CUSTOM_SSL_CA_FILE_NAME

string

The custom SSL CA file name for the PostgreSQL connection. This is required when configuring Google Cloud SQL as the database to use instead of Retool's PostgreSQL database.

Example
POSTGRES_CUSTOM_SSL_CA_FILE_NAME=ca.pem

POSTGRES_CUSTOM_SSL_CERT_PATH

string

The custom SSL certificate path for the PostgreSQL connection. This is required when configuring Google Cloud SQL as the database to use instead of Retool's PostgreSQL database.

Example
POSTGRES_CUSTOM_SSL_CERT_PATH=/path/to/cert

POSTGRES_CUSTOM_SSL_KEY_FILE_NAME

string

The custom SSL key file name for the PostgreSQL connection. This is required when configuring Google Cloud SQL as the database to use instead of Retool's PostgreSQL database.

Example
POSTGRES_CUSTOM_SSL_KEY_FILE_NAME=client-key.pem

POSTGRES_SSL_ENABLED

boolean

Whether to enable SSL for the PostgreSQL connection.

Example
POSTGRES_SSL_ENABLED=true

POSTGRES_SSL_REJECT_UNAUTHORIZED

boolean

Whether to reject unauthorized SSL certificates for the PostgreSQL connection if POSTGRES_SSL_ENABLED is true.

Default value is true.

Example
POSTGRES_SSL_REJECT_UNAUTHORIZED=true

USE_GCM_ENCRYPTION

boolean

Whether to use AES-192-GCM authenticated encryption method instead of AES-192-CBC. If set to true, you must also set ENCRYPTION_KEY.

Default value is false.

Example
USE_GCM_ENCRYPTION=true