chat-ui/.env

# Use .env.local to change these variables
# DO NOT EDIT THIS FILE WITH SENSITIVE DATA

### MongoDB ###
MONGODB_URL=#your mongodb URL here, use chat-ui-db image if you don't want to set this
MONGODB_DB_NAME=chat-ui
MONGODB_DIRECT_CONNECTION=false


### Endpoints config ###
HF_API_ROOT=https://api-inference.huggingface.co/models
# HF_TOKEN is used for a lot of things, not only for inference but also fetching tokenizers, etc.
# We recommend using an HF_TOKEN even if you use a local endpoint.
HF_TOKEN= #get it from https://huggingface.co/settings/token
# API Keys for providers, you will need to specify models in the MODELS section but these keys can be kept secret
OPENAI_API_KEY=#your openai api key here
ANTHROPIC_API_KEY=#your anthropic api key here
CLOUDFLARE_ACCOUNT_ID=#your cloudflare account id here
CLOUDFLARE_API_TOKEN=#your cloudflare api token here
COHERE_API_TOKEN=#your cohere api token here
GOOGLE_GENAI_API_KEY=#your google genai api token here


### Models ###
## Models can support many different endpoints, check the documentation for more details
MODELS=`[
    {
      "name": "NousResearch/Hermes-3-Llama-3.1-8B",
      "description": "Nous Research's latest Hermes 3 release in 8B size.",
      "promptExamples": [
        {
          "title": "Write an email from bullet list",
          "prompt": "As a restaurant owner, write a professional email to the supplier to get these products every week: \n\n- Wine (x10)\n- Eggs (x24)\n- Bread (x12)"
        }, {
          "title": "Code a snake game",
          "prompt": "Code a basic snake game in python, give explanations for each step."
        }, {
          "title": "Assist in a task",
          "prompt": "How do I make a delicious lemon cheesecake?"
        }
      ]
    }
]`
## Text Embedding Models used for websearch
# Default is a model that runs locally on CPU.
TEXT_EMBEDDING_MODELS = `[
  {
    "name": "Xenova/gte-small",
    "displayName": "Xenova/gte-small",
    "description": "Local embedding model running on the server.",
    "chunkCharLength": 512,
    "endpoints": [
      { "type": "transformersjs" }
    ]
  }
]`

## Removed models, useful for migrating conversations
# { name: string, displayName?: string, id?: string, transferTo?: string }`
OLD_MODELS=`[]`

## Task model
# name of the model used for tasks such as summarizing title, creating query, etc.
# if not set, the first model in MODELS will be used
TASK_MODEL=


### Authentication ###
# Parameters to enable open id login
OPENID_CONFIG=`{
  "PROVIDER_URL": "",
  "CLIENT_ID": "",
  "CLIENT_SECRET": "",
  "SCOPES": "",
  "NAME_CLAIM": ""
}`
MESSAGES_BEFORE_LOGIN=# how many messages a user can send in a conversation before having to login. set to 0 to force login right away
# if it's defined, only these emails will be allowed to use login
ALLOWED_USER_EMAILS=`[]` 
# valid alternative redirect URLs for OAuth, used for HuggingChat apps
ALTERNATIVE_REDIRECT_URLS=`[]` 
### Cookies
# name of the cookie used to store the session
COOKIE_NAME=hf-chat
# specify secure behaviour for cookies 
COOKIE_SAMESITE=# can be "lax", "strict", "none" or left empty
COOKIE_SECURE=# set to true to only allow cookies over https


### Websearch ###
## API Keys used to activate search with web functionality. websearch is disabled if none are defined. choose one of the following:
YDC_API_KEY=#your docs.you.com api key here
SERPER_API_KEY=#your serper.dev api key here
SERPAPI_KEY=#your serpapi key here
SERPSTACK_API_KEY=#your serpstack api key here
SEARCHAPI_KEY=#your searchapi api key here
USE_LOCAL_WEBSEARCH=#set to true to parse google results yourself, overrides other API keys
SEARXNG_QUERY_URL=# where '<query>' will be replaced with query keywords see https://docs.searxng.org/dev/search_api.html eg https://searxng.yourdomain.com/search?q=<query>&engines=duckduckgo,google&format=json
BING_SUBSCRIPTION_KEY=#your key
## Websearch configuration
PLAYWRIGHT_ADBLOCKER=true
WEBSEARCH_ALLOWLIST=`[]` # if it's defined, allow websites from only this list.
WEBSEARCH_BLOCKLIST=`[]` # if it's defined, block websites from this list.
WEBSEARCH_JAVASCRIPT=true # CPU usage reduces by 60% on average by disabling javascript. Enable to improve website compatibility
WEBSEARCH_TIMEOUT = 3500 # in milliseconds, determines how long to wait to load a page before timing out
ENABLE_LOCAL_FETCH=false #set to true to allow fetches on the local network. /!\ Only enable this if you have the proper firewall rules to prevent SSRF attacks and understand the implications.


## Public app configuration ##
PUBLIC_APP_GUEST_MESSAGE=# a message to the guest user. If not set, no message will be shown. Only used if you have authentication enabled.
PUBLIC_APP_NAME=ChatUI # name used as title throughout the app
PUBLIC_APP_ASSETS=chatui # used to find logos & favicons in static/$PUBLIC_APP_ASSETS
PUBLIC_APP_DESCRIPTION=# description used throughout the app
PUBLIC_APP_DATA_SHARING=# Set to 1 to enable an option in the user settings to share conversations with model authors
PUBLIC_APP_DISCLAIMER=# Set to 1 to show a disclaimer on login page
PUBLIC_APP_DISCLAIMER_MESSAGE=# Message to show on the login page
PUBLIC_ANNOUNCEMENT_BANNERS=`[
    {
    "title": "chat-ui is now open source!",
    "linkTitle": "check it out",
    "linkHref": "https://github.com/huggingface/chat-ui"
  }
]`
PUBLIC_SMOOTH_UPDATES=false # set to true to enable smoothing of messages client-side, can be CPU intensive
PUBLIC_ORIGIN=#https://huggingface.co
PUBLIC_SHARE_PREFIX=#https://hf.co/chat

# mostly huggingchat specific
PUBLIC_GOOGLE_ANALYTICS_ID=#G-XXXXXXXX / Leave empty to disable
PUBLIC_PLAUSIBLE_SCRIPT_URL=#/js/script.js / Leave empty to disable
PUBLIC_APPLE_APP_ID=#1234567890 / Leave empty to disable


### Feature Flags ###
LLM_SUMMARIZATION=true # generate conversation titles with LLMs
ENABLE_ASSISTANTS=false #set to true to enable assistants feature
ENABLE_ASSISTANTS_RAG=false # /!\ This will let users specify arbitrary URLs that the server will then request. Make sure you have the proper firewall rules in place. 
REQUIRE_FEATURED_ASSISTANTS=false # require featured assistants to show in the list
COMMUNITY_TOOLS=false # set to true to enable community tools
EXPOSE_API=true # make the /api routes available
ALLOW_IFRAME=true # Allow the app to be embedded in an iframe


### Tools ###
# Check out public config in `chart/env/prod.yaml` for more details
TOOLS=`[]` 

### Rate limits ### 
# See `src/lib/server/usageLimits.ts`
# {
#   conversations: number, # how many conversations
#   messages: number, # how many messages in a conversation
#   assistants: number, # how many assistants
#   messageLength: number, # how long can a message be before we cut it off
#   messagesPerMinute: number, # how many messages per minute
#   tools: number # how many tools
# }
USAGE_LIMITS=`{}`


### HuggingFace specific ###
# Let user authenticate with their HF token in the /api routes. This is only useful if you have OAuth configured with huggingface.
USE_HF_TOKEN_IN_API=false
## Feature flag & admin settings
# Used for setting early access & admin flags to users
HF_ORG_ADMIN=
HF_ORG_EARLY_ACCESS=
WEBHOOK_URL_REPORT_ASSISTANT=#provide slack webhook url to get notified for reports/feature requests



### Metrics ###
METRICS_ENABLED=false
METRICS_PORT=5565
LOG_LEVEL=info


### Parquet export ###
# Not in use anymore but useful to export conversations to a parquet file as a HuggingFace dataset
PARQUET_EXPORT_DATASET=
PARQUET_EXPORT_HF_TOKEN=
ADMIN_API_SECRET=# secret to admin API calls, like computing usage stats or exporting parquet data


### Docker build variables ### 
# These values cannot be updated at runtime
# They need to be passed when building the docker image
# See https://github.com/huggingface/chat-ui/main/.github/workflows/deploy-prod.yml#L44-L47
APP_BASE="" # base path of the app, e.g. /chat, left blank as default
PUBLIC_APP_COLOR=blue # can be any of tailwind colors: https://tailwindcss.com/docs/customizing-colors#default-color-palette
### Body size limit for SvelteKit https://svelte.dev/docs/kit/adapter-node#Environment-variables-BODY_SIZE_LIMIT
BODY_SIZE_LIMIT=15728640
PUBLIC_COMMIT_SHA=

### LEGACY parameters
HF_ACCESS_TOKEN=#LEGACY! Use HF_TOKEN instead
ALLOW_INSECURE_COOKIES=false # LEGACY! Use COOKIE_SECURE and COOKIE_SAMESITE instead
PARQUET_EXPORT_SECRET=#DEPRECATED, use ADMIN_API_SECRET instead
RATE_LIMIT= # /!\ DEPRECATED definition of messages per minute. Use USAGE_LIMITS.messagesPerMinute instead
OPENID_CLIENT_ID=
OPENID_CLIENT_SECRET=
OPENID_SCOPES="openid profile" # Add "email" for some providers like Google that do not provide preferred_username
OPENID_NAME_CLAIM="name" # Change to "username" for some providers that do not provide name
OPENID_PROVIDER_URL=https://huggingface.co # for Google, use https://accounts.google.com
OPENID_TOLERANCE=
OPENID_RESOURCE=