Skip to main content

Code executor environment variables

Code executor environment variables available for use with Self-hosted Retool deployments. You should only set these environment variables on containers running tryretool/code-executor-service images.

NODE_ENV

Should always be set to production.

NODE_ENV=production

NODE_OPTIONS

Used to specify the maximum heap size for the JavaScript v8 engine. Set to --max_old_space_size=1024.

NODE_OPTIONS="--max_old_space_size=1024"

SANDBOX_MOUNT_DIR

Used to configure where files will be mounted into the sandbox. Defaults to /tmp.

SANDBOX_MOUNT_DIR="/tmp"

SANDBOX_MAX_FILE_DESCRIPTORS

Used to configure the amount of file descriptors within a single sandbox. Defaults to 256.

SANDBOX_MAX_FILE_DESCRIPTORS=256

CONTAINER_UNPRIVILEGED_MODE

Available on self-hosted Retool versions 3.33.30+ and later.

Used to run the code executor service in an unprivileged mode, and removes any sandboxing of user code. Defaults to false.

The Code executor service uses nsjail to sandbox code execution. nsjail requires privileged container access. If your deployment framework does not support privileged access, e.g. in a ECS Fargate deployment, set CONTAINER_UNPRIVILEGED_MODE to true. Note: without sandboxing, use of custom JS libraries and custom Python libraries is not allowed.

This environment variable is also used to disable default security configs for link-local address to prevent EC2 metadata leaks, which is done by running the following startup commands that require elevated privileges:

iptables-legacy -A OUTPUT -d 169.254.0.0/16 -m owner --uid-owner retool_user -j DROP
iptables-legacy -A OUTPUT -d 192.168.0.0/16 -m owner --uid-owner retool_user -j DROP

WORKFLOW_MONITOR_PROCESS_ENABLED

Used to limit the memory and CPUs available to a workflow while running. If enabled, WORKFLOW_MEMORY_LIMIT_MBS and WORKFLOW_CPU_LIMIT can be set. Defaults to false.

WORKFLOW_MONITOR_PROCESS_ENABLED=false

WORKFLOW_MEMORY_LIMIT_MBS

If WORKFLOW_MONITOR_PROCESS_ENABLED is set to true, this variable governs the memory available to a workflow while running. Defaults to 2147 (2 GB).

WORKFLOW_MEMORY_LIMIT_MBS=2147

WORKFLOW_CPU_LIMIT

If WORKFLOW_MONITOR_PROCESS_ENABLED is set to true, this variable governs the CPUs available to a workflow while running. Defaults to 1.

WORKFLOW_CPU_LIMIT=1