Skip to main content

Code executor environment variables

Code executor environment variables available for use with Self-hosted Retool deployments. You should only set these environment variables on containers running tryretool/code-executor-service images.

NODE_ENV

Should always be set to production.

NODE_ENV=production

NODE_OPTIONS

Used to specify the maximum heap size for the JavaScript v8 engine. Set to --max_old_space_size=1024.

NODE_OPTIONS="--max_old_space_size=1024"

SANDBOX_MOUNT_DIR

Used to configure where files will be mounted into the sandbox. Defaults to /tmp.

SANDBOX_MOUNT_DIR="/tmp"

SANDBOX_MAX_FILE_DESCRIPTORS

Used to configure the amount of file descriptors within a single sandbox. Defaults to 256.

SANDBOX_MAX_FILE_DESCRIPTORS=256

DISABLE_IPTABLES_SECURITY_CONFIGURATION

Available on self-hosted Retool versions 3.33 and later.

Used to disable default security configs for link-local address, which is done by running the following startup commands requiring elevated privileges:

iptables-legacy -A OUTPUT -d 169.254.0.0/16 -m owner --uid-owner retool_user -j DROP
iptables-legacy -A OUTPUT -d 192.168.0.0/16 -m owner --uid-owner retool_user -j DROP

Set to true if privileged access cannot be given to the container running Code executor service, e.g. in a ECS Fargate deployment. Defaults to false.

DISABLE_IPTABLES_SECURITY_CONFIGURATION=false

WORKFLOW_MONITOR_PROCESS_ENABLED

Used to limit the memory and CPUs available to a workflow while running. If enabled, WORKFLOW_MEMORY_LIMIT_MBS and WORKFLOW_CPU_LIMIT can be set. Defaults to false.

WORKFLOW_MONITOR_PROCESS_ENABLED=false

WORKFLOW_MEMORY_LIMIT_MBS

If WORKFLOW_MONITOR_PROCESS_ENABLED is set to true, this variable governs the memory available to a workflow while running. Defaults to 2147 (2 GB).

WORKFLOW_MEMORY_LIMIT_MBS=2147

WORKFLOW_CPU_LIMIT

If WORKFLOW_MONITOR_PROCESS_ENABLED is set to true, this variable governs the CPUs available to a workflow while running. Defaults to 1.

WORKFLOW_CPU_LIMIT=1