Environment Variables Settings

Many aspects of the functionality of DataReporter can be changed with settings. Settings are read by redash.settings from environment variables which (for most installs) can be set in /opt/redash/.env. When developing with Docker, create the .env file in the root directory.

The follow is a list of settings and what they control:

NameDescriptionDefault Value
REDASH_ADDITIONAL_DESTINATIONSComma-separated list of non-default alert destinations to be enabled
REDASH_ADDITIONAL_QUERY_RUNNERSComma-separated list of non-default query runners to be enabled
REDASH_ADHOC_QUERY_TIME_LIMITTime limit for adhoc queries (in seconds)None
REDASH_ALERTS_DEFAULT_MAIL_BODY_TEMPLATE_FILEHTML template used to format email alerts. Custom alert variables are supported. By convention, CSS is permitted within the <head> section.templates/emails/alert.html
REDASH_ALERTS_DEFAULT_MAIL_SUBJECT_TEMPLATESubject used for email alert notifications. {state} and {alert_name} are the only available variables.({state}) {alert_name}
REDASH_ALLOW_SCRIPTS_IN_USER_INPUTDisable sanitization of text input, allowing full HTMLfalse
REDASH_AUTH_TYPEMay be either api_key or hmac. Implemented hereapi_key
REDASH_BIGQUERY_HTTP_TIMEOUTHTTP timeout for the BigQuery query runner600
REDASH_BLOCKED_DOMAINSComma separated of email domains that cannot create user accounts”qq.com”
REDASH_COOKIE_SECRETRequired. Used for various cryptographic features of the web server. Read more about how DataReporter uses secret keys here
REDASH_CORS_ACCESS_CONTROL_ALLOW_CREDENTIALSfalse
REDASH_CORS_ACCESS_CONTROL_ALLOW_HEADERSContent-Type
REDASH_CORS_ACCESS_CONTROL_ALLOW_ORIGIN
REDASH_CORS_ACCESS_CONTROL_REQUEST_METHODGET, POST, PUT
REDASH_DASHBOARD_REFRESH_INTERVALSComma-separated list of integer seconds that will be allowed for dashboard refresh60,300,600,1800,3600,43200,86400
REDASH_DATABASE_URLURL the DataReporter server and worker services will use to access the metadata databasepostgresql://postgres
REDASH_DATE_FORMATMoment.js format to be used throughout the web applicationDD/MM/YY
REDASH_DISABLED_QUERY_RUNNERSComma-separated list of query runners that will not appear in DataReporter
REDASH_DISABLE_PUBLIC_URLSWhether to disable access to public URLs”false”
REDASH_ENABLED_DESTINATIONSComma-separated list of alert destinations to be enabled (e.g. redash.destinations.email,redash.destinations.slack )”,”.join(default_destinations)
REDASH_ENABLED_QUERY_RUNNERSComma-separated list of query runners to be enabled (e.g. redash.query_runner.pg,redash.query_runner.mysql)”,”.join(default_query_runners)
REDASH_ENFORCE_CSRFEnforce CSRF token validation on API requests. This is turned off by default to avoid breaking any existing deployments, but it is highly recommended to turn this toggle on to prevent CSRF attacks.false
REDASH_ENFORCE_HTTPSThis is passed to Flask-Talismanfalse
REDASH_EVENT_REPORTING_WEBHOOKSComma-separated list of webhook URLs that to which events will be forwarded
REDASH_FEATURE_ALLOW_CUSTOM_JS_VISUALIZATIONSEnable the custom visualization option. This appears as a sub-type of “Chart” visualizations in the UI.true
REDASH_FEATURE_AUTO_PUBLISH_NAMED_QUERIESAutomatically publish a new query after its name is changed from “New Query”true
REDASH_FEATURE_DISABLE_REFRESH_QUERIESDisable scheduled query executionfalse
REDASH_FEATURE_SHOW_PERMISSIONS_CONTROLEnable experimental multiple owners supportfalse
REDASH_FEATURE_SHOW_QUERY_RESULTS_COUNTDisable/enable showing count of query results in statustrue
REDASH_GOOGLE_OAUTH_SCHEME_OVERRIDEOverride the scheme used for Google OAuth. This is useful when running DataReporter behind a reverse proxy that terminates SSL.
REDASH_GOOGLE_CLIENT_IDThe client ID to use for Google Login, be sure to set a client secret as well
REDASH_GOOGLE_CLIENT_SECRETThe client secret to use for Google Login, be sure to set a client id as well
REDASH_HOSTThe URL host used in emails sent to users (invites, alerts, notifications) etc.
REDASH_INVITATION_TOKEN_MAX_AGEAn integer number of seconds after which an invitation link will expire60 _ 60 _ 24 * 7
REDASH_JOB_EXPIRY_TIMETTL in seconds for jobs placed in queue. If a job is not picked up by a worker within this TTL it will expire.3600 * 12
REDASH_JWT_AUTH_ALGORITHMSHS256,RS256,ES256
REDASH_JWT_AUTH_AUDIENCE
REDASH_JWT_AUTH_COOKIE_NAME
REDASH_JWT_AUTH_HEADER_NAME
REDASH_JWT_AUTH_ISSUER
REDASH_JWT_AUTH_PUBLIC_CERTS_URLRSA public key in JSON Web Key (JWK) format for HTTP, or PEM for a FILE location
REDASH_JWT_LOGIN_ENABLEDfalse
REDASH_LDAP_BIND_DN_PASSWORD
REDASH_LDAP_BIND_DNNone
REDASH_LDAP_CUSTOM_USERNAME_PROMPTLDAP/AD/SSO username:
REDASH_LDAP_DISPLAY_NAME_KEYdisplayName
REDASH_LDAP_EMAIL_KEYmail
REDASH_LDAP_LOGIN_ENABLEDfalse
REDASH_LDAP_SEARCH_DNREDASH_SEARCH_DN
REDASH_LDAP_SEARCH_TEMPLATE(cn=%(username)s)
REDASH_LDAP_URLNone
REDASH_LIMITER_STORAGEMapped directly to Flask-Limiter’s storage_uri.REDIS_URL
REDASH_LOG_LEVELLogging messages which are less severe than level will be ignored. Read more about Python logging hereINFO
REDASH_MAIL_ASCII_ATTACHMENTSfalse
REDASH_MAIL_DEFAULT_SENDERNone
REDASH_MAIL_MAX_EMAILSNone
REDASH_MAIL_PASSWORDNone
REDASH_MAIL_PORT25
REDASH_MAIL_SERVERlocalhost
REDASH_MAIL_USERNAMENone
REDASH_MAIL_USE_SSLfalse
REDASH_MAIL_USE_TLSfalse
REDASH_MULTI_ORGWhether to enable multi-org mode. Note: Multi-org mode is not documented or supported at this timefalse
REDASH_PASSWORD_LOGIN_ENABLEDToggle to allow password login. Often disabled if Google Login, SAML, LDAP, or REMOTE_USER_LOGIN are enabled.true
REDASH_PROXIES_COUNTPassed to Werkzeug’s ProxyFix to make sure we get the right referral address even behind proxies like nginx.1
REDASH_QUERY_REFRESH_INTERVALSComma-separated list of integer seconds that will be allowed for scheduled query refresh60, 300, 600, 900, 1800, 3600, 7200, 10800, 14400, 18000, 21600, 25200, 28800, 32400, 36000, 39600, 43200, 86400, 604800, 1209600, 2592000
REDASH_QUERY_RESULTS_CLEANUP_COUNTThe number of results to cleanup during each call to cleanup_query_results100
REDASH_QUERY_RESULTS_CLEANUP_ENABLEDWhether the job to cleanup unused query results should run automaticallytrue
REDASH_QUERY_RESULTS_CLEANUP_MAX_AGEInteger number of days, past which a query result may be cleaned up if it is not referenced by another query.7
REDASH_QUERY_RESULTS_EXPIRED_TTL_ENABLEDEnable the query result set default expired ttl.false
REDASH_QUERY_RESULTS_EXPIRED_TTLDefault set query results expired ttl 86400 seconds.86400
REDASH_REDIS_URLURL DataReporter services will use to read and write to redis“redis://localhost:6379/0”
REDASH_REMOTE_USER_HEADERName of header to use if REDASH_REMOTE_USER_LOGIN_ENABLED is trueX-Forwarded-Remote-User
REDASH_REMOTE_USER_LOGIN_ENABLEDEnables the use of an externally-provided and trusted remote user via an HTTP header. The “user” must be an email address. More detailsfalse
REDASH_SAML_ENTITY_ID
REDASH_SAML_METADATA_URL
REDASH_SAML_NAMEID_FORMAT
REDASH_SCHEDULED_QUERY_TIME_LIMITTime limit for scheduled queries (in seconds)None
REDASH_SCHEMAS_REFRESH_SCHEDULEHow often to refresh the data source schemas (in minutes)30
REDASH_SCHEMAS_REFRESH_TIMEOUTTime limit for refreshing the data source schemas (in seconds)300
REDASH_SCHEMA_RUN_TABLE_SIZE_CALCULATIONSEnable showing the size of each table in the schema browser.false
REDASH_SENTRY_DSN
REDASH_STATIC_ASSETS_PATHDirectory that contains all front-end assets. Relative to the ./redash directory”../client/dist/”
REDASH_STATSD_HOSTHost for STATSD daemon127.0.0.1
REDASH_STATSD_PORTPort for STATSD daemon8125
REDASH_STATSD_PREFIXPrefix for metrics sent to STATSD daemonredash
REDASH_STATSD_USE_TAGSWhether to use tags in StatsD metrics (InfluxDB’s format)false
REDASH_THROTTLE_LOGIN_PATTERNThe Flask-Limiter string pattern used to rate limit requests to the /login route.50/hour
REDASH_VERSION_CHECKToggle whether to periodically check if a newer version of DataReporter is available.true
REDASH_WEB_WORKERSHow many processes will gunicorn spawn to handle web requests4
Edit this page on GitHub