Many of these settings (image, storage, and security/user options) can also be
changed at runtime from the in-app Settings page by an admin user. Values
saved there take precedence over the corresponding environment variables.
The application can be configured using environment variables. Set them when starting the Docker container or in your docker-compose.yml when using Docker Compose.
Variable Description Default ORIGINPublic hostname of your application.Required for cookies to work correctly. http://localhost:3000TZTimezone for the application. UTCPORTPort the application listens on. 3000
Variable Description Default USER_ALLOW_REGISTRATIONAllow new users to register.When disabled, only existing users can log in unless an SSO provider overrides it. trueUSER_APPROVAL_REQUIREDRequire admin approval before a user can sign in. trueUSER_ALLOW_GUEST_UPLOADSAllow unauthenticated users to upload images without an account. falseUSER_ALLOW_UNAUTHENTICATED_ACCESSAllow unauthenticated users to access public routes such as the explore page. trueUSER_REQUIRE_AUTH_FOR_MEDIA_SHARESRequire visitors to be signed in to open shared images. falseUSER_REQUIRE_AUTH_FOR_COLLECTION_SHARESRequire visitors to be signed in to open shared collections. falseUSER_PASSWORD_MIN_LENGTHMinimum password length for user accounts. 6USER_PASSWORD_REQUIREMENTSBitmask of password requirements: 1 (numbers), 2 (lowercase), 4 (uppercase), 8 (special characters).Sum the values to combine. 15
Variable Description Default IMAGE_MAX_SIZEMaximum upload size.Use a k or M suffix 15MIMAGE_CHUNK_SIZEChunk size for chunked uploads.Use a k or M suffix, between 1M and 25M 2MIMAGE_STRIP_EXIF_METADATAStrip EXIF metadata from uploaded images. trueIMAGE_ALLOW_ONLY_PUBLIC_IMAGESForce all uploaded images to public.Visibility cannot be changed. falseIMAGE_COMPRESSION_QUALITYJPEG compression quality for uploaded images.1 to 100, where higher is better quality 80IMAGE_ENABLE_DEDUPLICATIONDetect and handle duplicate images during upload. trueIMAGE_FORCE_FORMAT_CONVERSIONConvert all uploaded images to a single format.Uses the format set in IMAGE_TARGET_FORMAT. falseIMAGE_TARGET_FORMATTarget format for conversion: webp, avif, jpeg.Applies when IMAGE_FORCE_FORMAT_CONVERSION is enabled. webpIMAGE_CONVERT_ANIMATED_IMAGESAlso convert animated images (GIFs) to the target format.Applies when format conversion is enabled. false
Variable Description Default SHARE_ENABLE_URL_SHORTENINGGenerate short URLs for shared images. trueSHARE_SHORT_URL_LENGTHNumber of characters in generated short codes.Clamped between 4 and 32. 8
See the Storage Providers reference for full setup details.
Variable Description Default STORAGE_PROVIDERStorage backend to use: local, smb, s3. local
Variable Description Default SMB_HOSTSMB host to connect to.Required for SMB. nullSMB_SHARESMB share to use.Required for SMB. nullSMB_WORKGROUPSMB workgroup. workgroupSMB_USERNAMESMB username.Required for SMB. nullSMB_PASSWORDSMB password.Required for SMB. null
Variable Description Default AMAZON_S3_REGIONAWS region of your bucket.Required for Amazon S3, optional for custom providers (defaults to auto) nullAMAZON_S3_BUCKETName of your S3 bucket.Required for S3. nullAMAZON_S3_ACCESS_KEY_IDAWS access key ID.Required unless IAM role is used. nullAMAZON_S3_SECRET_ACCESS_KEYAWS secret access key.Required unless IAM role is used. nullAMAZON_S3_USE_IAM_ROLEAuthenticate with the instance’s IAM role instead of static keys.Amazon S3 only, ignored when a custom endpoint is set falseAMAZON_S3_ENDPOINTCustom endpoint URL for S3-compatible services.Optional, enables custom-provider mode when set nullAMAZON_S3_USE_CUSTOM_PROVIDEREnable for S3-compatible services. falseAMAZON_S3_FORCE_PATH_STYLEForce path-style URLs.For S3-compatible services. false
Variable Description Default REQUIRE_SSLRequire SSL/HTTPS connections.Affects authentication when enabled. falseOAUTH_VERIFY_SSLVerify SSL certificates for OAuth/OIDC provider endpoints.Set to false for development with self-signed certs. true
These variables create the first admin user automatically on initial startup. See First User Setup for details.
Variable Description Default ADMIN_USERNAMEUsername for the first admin user.Used only when ADMIN_EMAIL is set. adminADMIN_EMAILEmail for the first admin user.Triggers admin creation on first startup. nullADMIN_PASSWORDPassword for the first admin user.Required when ADMIN_EMAIL is set. null
