Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/Mintplex-Labs/anything-llm/llms.txt

Use this file to discover all available pages before exploring further.

AnythingLLM is configured entirely through environment variables, making it straightforward to deploy and manage in any environment — Docker, bare-metal, or cloud. The canonical template lives at docker/.env.example in the repository. Copy it to docker/.env, uncomment the variables you need, and restart the container to apply changes. Most variables are optional and fall back to sensible defaults; only the ones relevant to your chosen LLM provider, embedding engine, and vector database are required.
Changes to environment variables require a container (or process) restart before they take effect. The .env file is read once at startup.

Core Server

SERVER_PORT
number
default:"3001"
The port the AnythingLLM API server listens on inside the container.
STORAGE_DIR
string
default:"/app/server/storage"
Absolute path to the persistent storage directory where workspaces, uploaded documents, and the built-in vector database are written. Mount this path as a Docker volume to persist data across container restarts.
UID
string
default:"1000"
Unix user ID that the container process runs as. Adjust to match the owner of your mounted storage volume.
GID
string
default:"1000"
Unix group ID that the container process runs as.
COLLECTOR_PORT
number
default:"8888"
Port that the document collector micro-service listens on. Only change this if the default conflicts with another service.
COLLECTOR_ALLOW_ANY_IP
string
Set to "true" to allow the collector to scrape content from private / local IP addresses (e.g., 192.168.x.x). Disabled by default for security.
JWT_SECRET
string
required
A random string (≥ 12 chars) used to sign session tokens. Required when AUTH_TOKEN is set. Generate with openssl rand -hex 32.
JWT_EXPIRY
string
default:"30d"
How long a login session token remains valid. Accepts the ms format — e.g., "30d", "12h", "7d".
SIG_KEY
string
Passphrase used to sign sensitive payloads. Generate a random string of at least 32 characters.
SIG_SALT
string
Salt combined with SIG_KEY for payload signing. Generate a random string of at least 32 characters.

Authentication

AUTH_TOKEN
string
A global password that protects the entire AnythingLLM instance. When set, every API request and UI login requires this value. Recommended for any internet-facing deployment.
SIMPLE_SSO_ENABLED
string
Set to 1 to enable the Simple SSO passthrough, which lets a trusted upstream service pre-authenticate users and inject a signed token into the AnythingLLM session.
SIMPLE_SSO_NO_LOGIN
string
Set to 1 to skip the AnythingLLM login screen entirely, relying on the upstream SSO provider for authentication.
SIMPLE_SSO_NO_LOGIN_REDIRECT
string
Optional URL to redirect unauthenticated users to when SIMPLE_SSO_NO_LOGIN is enabled — e.g., https://your-custom-login-url.com.
These variables enforce a password policy for multi-user mode. All are optional; the default is an 8-character minimum.
VariablePurpose
PASSWORDMINCHARMinimum password length (default 8)
PASSWORDMAXCHARMaximum password length (default 250)
PASSWORDLOWERCASEMinimum number of lowercase letters
PASSWORDUPPERCASEMinimum number of uppercase letters
PASSWORDNUMERICMinimum number of digits
PASSWORDSYMBOLMinimum number of symbols
PASSWORDREQUIREMENTSMinimum number of the above rules that must be satisfied

LLM Selection

LLM_PROVIDER
string
default:"openai"
Selects which LLM backend AnythingLLM uses. Must match one of the supported provider identifiers. See LLM Providers for the full list.Common values: openai, anthropic, gemini, azure, ollama, lmstudio, localai, mistral, groq, cohere, bedrock, togetherai, openrouter, perplexity, fireworksai, deepseek, xai, novita, sambanova, nvidia-nim, litellm, generic-openai, and more.
A few examples of the provider-specific keys that accompany LLM_PROVIDER:
ProviderRequired keys
openaiOPEN_AI_KEY, OPEN_MODEL_PREF
anthropicANTHROPIC_API_KEY, ANTHROPIC_MODEL_PREF
geminiGEMINI_API_KEY, GEMINI_LLM_MODEL_PREF
ollamaOLLAMA_BASE_PATH, OLLAMA_MODEL_PREF
azureAZURE_OPENAI_ENDPOINT, AZURE_OPENAI_KEY, AZURE_OPENAI_MODEL_PREF
groqGROQ_API_KEY, GROQ_MODEL_PREF
mistralMISTRAL_API_KEY, MISTRAL_MODEL_PREF
bedrockAWS_BEDROCK_LLM_REGION, AWS_BEDROCK_API_KEY, AWS_BEDROCK_LLM_MODEL_PREFERENCE
See LLM Providers for all supported providers and their full variable lists.

Embedding

EMBEDDING_ENGINE
string
default:"native"
Selects the embedding engine. Valid values include native, openai, azure, ollama, lmstudio, localai, cohere, voyageai, gemini, mistral, openrouter, lemonade, litellm, generic-openai.
EMBEDDING_MODEL_PREF
string
The specific model to use for embeddings. Defaults vary by engine — e.g., Xenova/all-MiniLM-L6-v2 for native, text-embedding-ada-002 for OpenAI.
EMBEDDING_MODEL_MAX_CHUNK_LENGTH
number
Maximum character length of a single text chunk passed to the embedding model. Tune this to match the model’s token limit. For example, 8192 is typical for Ollama embedding models.
EMBEDDING_BASE_PATH
string
Base URL for self-hosted embedding engines such as Ollama, LM Studio, LocalAI, Lemonade, or Generic OpenAI. Example: http://host.docker.internal:11434.
See Embedding Models for per-engine variable details.

Vector Database

VECTOR_DB
string
default:"lancedb"
Selects the vector database backend. Valid values: lancedb, chroma, chromacloud, pinecone, weaviate, qdrant, milvus, zilliz, pgvector, astra.
Each provider requires its own connection variables. See Vector Databases for the full breakdown.
ProviderKey variables
lancedb(none — built-in)
chromaCHROMA_ENDPOINT, CHROMA_API_HEADER, CHROMA_API_KEY
pineconePINECONE_API_KEY, PINECONE_INDEX
qdrantQDRANT_ENDPOINT, QDRANT_API_KEY
weaviateWEAVIATE_ENDPOINT, WEAVIATE_API_KEY
pgvectorPGVECTOR_CONNECTION_STRING
milvusMILVUS_ADDRESS, MILVUS_USERNAME, MILVUS_PASSWORD

Agent Service Keys

Agents can be equipped with web-search tools. Set the relevant API key for the search engine you want to use.
VariableSearch provider
AGENT_GSE_KEY + AGENT_GSE_CTXGoogle Programmable Search
AGENT_SEARCHAPI_API_KEYSearchApi.io
AGENT_SERPAPI_API_KEYSerpApi
AGENT_SERPER_DEV_KEYSerper.dev
AGENT_BING_SEARCH_API_KEYBing Search (Azure)
AGENT_BAIDU_SEARCH_API_KEYBaidu Search
AGENT_SERPLY_API_KEYSerply.io
AGENT_SEARXNG_API_URLSearXNG (self-hosted)
AGENT_TAVILY_API_KEYTavily
AGENT_EXA_API_KEYExa Search
AGENT_PERPLEXITY_API_KEYPerplexity Search
AGENT_CRW_API_KEY + AGENT_CRW_API_URLfastCRW
AGENT_MAX_TOOL_CALLS
number
default:"10"
Maximum number of tool calls an agent may chain within a single response. Prevents runaway recursive calls on lower-capability models.
AGENT_SKILL_RERANKER_ENABLED
string
default:"true"
When "true" (default), uses the native embedding reranker to select only the most relevant tools for each query — reducing token usage by up to 80 % when many tools or MCP servers are enabled. Set to "false" to disable.
AGENT_SKILL_RERANKER_TOP_N
number
default:"15"
Number of top-ranked tools retained after reranking.
AGENT_AUTO_APPROVED_SKILLS
string
Comma-separated list of skill names that are auto-approved and run without user confirmation. Example: create-pdf-file,create-word-file.
PROVIDER_DISABLE_NATIVE_TOOL_CALLING
string
Comma-separated list of provider names that should fall back to prompt-based (UnTooled) tool calling instead of native function calling. Example: generic-openai,litellm.

Audio / TTS / STT

WHISPER_PROVIDER
string
default:"local"
Transcription provider. "local" uses a bundled Whisper small model. "openai" delegates to the OpenAI hosted Whisper API (requires OPEN_AI_KEY).
STT_PROVIDER
string
default:"native"
Server-side speech-to-text provider for the chat UI microphone input. Options: native, openai, lemonade, deepgram, generic-openai, groq.
TTS_PROVIDER
string
default:"native"
Text-to-speech provider for voice responses. Options: native, openai, generic-openai, elevenlabs, kokoro.
Provider-specific TTS variables follow the pattern TTS_<PROVIDER>_*. For example, TTS_OPEN_AI_KEY, TTS_OPEN_AI_VOICE_MODEL, TTS_ELEVEN_LABS_KEY, TTS_ELEVEN_LABS_VOICE_MODEL.

Other Settings

DISABLE_SWAGGER_DOCS
string
Set to "true" to disable the /api/docs Swagger endpoint. Recommended in production to reduce attack surface.
DISABLE_VIEW_CHAT_HISTORY
string
Set to 1 to prevent users from viewing historical chat sessions in the UI and through the frontend APIs.
WORKSPACE_DELETION_PROTECTION
string
Set to any non-empty value to block workspace deletion from the UI and APIs.
EMBED_REQUIRE_ALLOWLIST
string
Set to "true" so that public embed widgets with no domain allowlist configured reject all requests instead of answering from any origin.
MCP_NO_COOLDOWN
string
Set to "true" to disable the built-in cooldown timer between MCP tool invocations. Use with caution — this can cause infinite recursive calls with some model/provider combinations.
ENABLE_HTTPS
string
Set to "true" to run the server over HTTPS using the certificate and key paths below.
HTTPS_CERT_PATH
string
Relative or absolute path to the TLS certificate PEM file. Example: sslcert/cert.pem.
HTTPS_KEY_PATH
string
Relative or absolute path to the TLS private key PEM file. Example: sslcert/key.pem.
SCHEDULED_JOB_MAX_CONCURRENT
number
default:"1"
Maximum number of scheduled background jobs that may run concurrently. Increase when using a cloud LLM with high rate limits.
SCHEDULED_JOB_TIMEOUT_MS
number
default:"300000"
Maximum time in milliseconds a scheduled job can run before it is terminated (default 5 minutes).
DOCUMENT_SYNC_STALE_AFTER_MS
number
default:"604800000"
How long (in milliseconds) a watched document waits before the sync worker re-processes it. Default is 7 days; minimum is 1 hour (3 600 000 ms).
MEMORY_EXTRACTION_INTERVAL
string
default:"15m"
How often the memory-extraction background job runs. Accepts ms format strings such as 15m or 1h.
MEMORY_IDLE_THRESHOLD_MS
number
default:"1200000"
Minimum milliseconds of chat inactivity before the memory-extraction job fires. Set to 0 to disable the idle check.
TARGET_OCR_LANG
string
default:"eng"
Comma-separated Tesseract language codes used when parsing images and scanned PDFs. Example: eng,deu,fra. See the Tesseract data-files list for valid codes.
ANYTHINGLLM_CHROMIUM_ARGS
string
Extra Chromium launch flags for the built-in Puppeteer instance. Required on some Linux Docker hosts that cannot grant SYS_ADMIN capability. Example: --no-sandbox,--disable-setuid-sandbox.

Full .env Example

The snippet below reproduces the most commonly needed variables in one place. Copy it as a starting point and uncomment only the sections relevant to your deployment.
# ── Core ──────────────────────────────────────────────────────────────────────
SERVER_PORT=3001
STORAGE_DIR="/app/server/storage"
UID='1000'
GID='1000'

# SIG_KEY='passphrase'        # ≥ 32 chars, required for payload signing
# SIG_SALT='salt'             # ≥ 32 chars
# JWT_SECRET="my-random-str"  # ≥ 12 chars, required when AUTH_TOKEN is set
# JWT_EXPIRY="30d"

# ── Auth ──────────────────────────────────────────────────────────────────────
# AUTH_TOKEN="hunter2"          # Password for remote/cloud deployments

# ── LLM Provider ─────────────────────────────────────────────────────────────
# LLM_PROVIDER='openai'
# OPEN_AI_KEY=sk-...
# OPEN_MODEL_PREF='gpt-4o'

# LLM_PROVIDER='anthropic'
# ANTHROPIC_API_KEY=sk-ant-...
# ANTHROPIC_MODEL_PREF='claude-sonnet-4-6'

# LLM_PROVIDER='ollama'
# OLLAMA_BASE_PATH='http://host.docker.internal:11434'
# OLLAMA_MODEL_PREF='llama3'
# OLLAMA_MODEL_TOKEN_LIMIT=4096

# ── Embedding ─────────────────────────────────────────────────────────────────
# EMBEDDING_ENGINE='native'
# EMBEDDING_MODEL_PREF='Xenova/all-MiniLM-L6-v2'

# ── Vector Database ───────────────────────────────────────────────────────────
# VECTOR_DB="lancedb"           # Default — no further config needed

# ── Agents ────────────────────────────────────────────────────────────────────
# AGENT_EXA_API_KEY=
# AGENT_TAVILY_API_KEY=
# AGENT_MAX_TOOL_CALLS=10
# AGENT_SKILL_RERANKER_ENABLED="true"

# ── Security / Hardening ──────────────────────────────────────────────────────
# DISABLE_SWAGGER_DOCS="true"
# WORKSPACE_DELETION_PROTECTION=1
# EMBED_REQUIRE_ALLOWLIST="true"

Build docs developers (and LLMs) love