Environment Variables Settings

Many aspects of the functionality of Redash can be changed with settings. Settings are read by redash.settings from environment variables which (for most installs) can be set in /opt/redash/.env. When developing with Docker, create the .env file in the root directory.

The follow is a list of settings and what they control:

Name	Description	Default Value
REDASH_ADDITIONAL_DESTINATIONS	Comma-separated list of non-default alert destinations to be enabled
REDASH_ADDITIONAL_QUERY_RUNNERS	Comma-separated list of non-default query runners to be enabled
REDASH_ADHOC_QUERY_TIME_LIMIT	Time limit for adhoc queries (in seconds)	None
REDASH_ALERTS_DEFAULT_MAIL_BODY_TEMPLATE_FILE	HTML template used to format email alerts. Custom alert variables are supported. By convention, CSS is permitted within the <head> section.	templates/emails/alert.html
REDASH_ALERTS_DEFAULT_MAIL_SUBJECT_TEMPLATE	Subject used for email alert notifications. {state} and {alert_name} are the only available variables.	({state}) {alert_name}
REDASH_ALLOW_SCRIPTS_IN_USER_INPUT	Disable sanitization of text input, allowing full HTML	false
REDASH_AUTH_TYPE	May be either api_key or hmac. Implemented here	api_key
REDASH_BIGQUERY_HTTP_TIMEOUT	HTTP timeout for the BigQuery query runner	600
REDASH_BLOCKED_DOMAINS	Comma separated of email domains that cannot create user accounts	“qq.com”
REDASH_COOKIE_SECRET	Required. Used for various cryptographic features of the web server. Read more about how Redash uses secret keys here
REDASH_CORS_ACCESS_CONTROL_ALLOW_CREDENTIALS		false
REDASH_CORS_ACCESS_CONTROL_ALLOW_HEADERS		Content-Type
REDASH_CORS_ACCESS_CONTROL_ALLOW_ORIGIN
REDASH_CORS_ACCESS_CONTROL_REQUEST_METHOD		GET, POST, PUT
REDASH_DASHBOARD_REFRESH_INTERVALS	Comma-separated list of integer seconds that will be allowed for dashboard refresh	60,300,600,1800,3600,43200,86400
REDASH_DATABASE_URL	URL the Redash server and worker services will use to access the metadata database	postgresql://postgres
REDASH_DATE_FORMAT	Moment.js format to be used throughout the web application	DD/MM/YY
REDASH_DISABLED_QUERY_RUNNERS	Comma-separated list of query runners that will not appear in Redash
REDASH_DISABLE_PUBLIC_URLS	Whether to disable access to public URLs	“false”
REDASH_ENABLED_DESTINATIONS	Comma-separated list of alert destinations to be enabled (e.g. redash.destinations.email,redash.destinations.slack )	”,”.join(default_destinations)
REDASH_ENABLED_QUERY_RUNNERS	Comma-separated list of query runners to be enabled (e.g. redash.query_runner.pg,redash.query_runner.mysql)	”,”.join(default_query_runners)
REDASH_ENFORCE_CSRF	Enforce CSRF token validation on API requests. This is turned off by default to avoid breaking any existing deployments, but it is highly recommended to turn this toggle on to prevent CSRF attacks.	false
REDASH_ENFORCE_HTTPS	This is passed to Flask-Talisman	false
REDASH_EVENT_REPORTING_WEBHOOKS	Comma-separated list of webhook URLs that to which events will be forwarded
REDASH_FEATURE_ALLOW_CUSTOM_JS_VISUALIZATIONS	Enable the custom visualization option. This appears as a sub-type of “Chart” visualizations in the UI.	true
REDASH_FEATURE_AUTO_PUBLISH_NAMED_QUERIES	Automatically publish a new query after its name is changed from “New Query”	true
REDASH_FEATURE_DISABLE_REFRESH_QUERIES	Disable scheduled query execution	false
REDASH_FEATURE_SHOW_PERMISSIONS_CONTROL	Enable experimental multiple owners support	false
REDASH_FEATURE_SHOW_QUERY_RESULTS_COUNT	Disable/enable showing count of query results in status	true
REDASH_GOOGLE_CLIENT_ID	The client ID to use for Google Login, be sure to set a client secret as well
REDASH_GOOGLE_CLIENT_SECRET	The client secret to use for Google Login, be sure to set a client id as well
REDASH_HOST	The URL host used in emails sent to users (invites, alerts, notifications) etc.
REDASH_INVITATION_TOKEN_MAX_AGE	An integer number of seconds after which an invitation link will expire	60 _ 60 _ 24 * 7
REDASH_JOB_EXPIRY_TIME	TTL in seconds for jobs placed in queue. If a job is not picked up by a worker within this TTL it will expire.	3600 * 12
REDASH_JWT_AUTH_ALGORITHMS		HS256,RS256,ES256
REDASH_JWT_AUTH_AUDIENCE
REDASH_JWT_AUTH_COOKIE_NAME
REDASH_JWT_AUTH_HEADER_NAME
REDASH_JWT_AUTH_ISSUER
REDASH_JWT_AUTH_PUBLIC_CERTS_URL	RSA public key in JSON Web Key (JWK) format for HTTP, or PEM for a FILE location
REDASH_JWT_LOGIN_ENABLED		false
REDASH_LDAP_BIND_DN_PASSWORD
REDASH_LDAP_BIND_DN		None
REDASH_LDAP_CUSTOM_USERNAME_PROMPT		LDAP/AD/SSO username:
REDASH_LDAP_DISPLAY_NAME_KEY		displayName
REDASH_LDAP_EMAIL_KEY		mail
REDASH_LDAP_LOGIN_ENABLED		false
REDASH_LDAP_SEARCH_DN		REDASH_SEARCH_DN
REDASH_LDAP_SEARCH_TEMPLATE		(cn=%(username)s)
REDASH_LDAP_URL		None
REDASH_LIMITER_STORAGE	Mapped directly to Flask-Limiter’s storage_uri.	REDIS_URL
REDASH_LOG_LEVEL	Logging messages which are less severe than level will be ignored. Read more about Python logging here	INFO
REDASH_MAIL_ASCII_ATTACHMENTS		false
REDASH_MAIL_DEFAULT_SENDER		None
REDASH_MAIL_MAX_EMAILS		None
REDASH_MAIL_PASSWORD		None
REDASH_MAIL_PORT		25
REDASH_MAIL_SERVER		localhost
REDASH_MAIL_USERNAME		None
REDASH_MAIL_USE_SSL		false
REDASH_MAIL_USE_TLS		false
REDASH_MULTI_ORG	Whether to enable multi-org mode. Note: Multi-org mode is not documented or supported at this time	false
REDASH_PASSWORD_LOGIN_ENABLED	Toggle to allow password login. Often disabled if Google Login, SAML, LDAP, or REMOTE_USER_LOGIN are enabled.	true
REDASH_PROXIES_COUNT	Passed to Werkzeug’s ProxyFix to make sure we get the right referral address even behind proxies like nginx.	1
REDASH_QUERY_REFRESH_INTERVALS	Comma-separated list of integer seconds that will be allowed for scheduled query refresh	60, 300, 600, 900, 1800, 3600, 7200, 10800, 14400, 18000, 21600, 25200, 28800, 32400, 36000, 39600, 43200, 86400, 604800, 1209600, 2592000
REDASH_QUERY_RESULTS_CLEANUP_COUNT	The number of results to cleanup during each call to cleanup_query_results	100
REDASH_QUERY_RESULTS_CLEANUP_ENABLED	Whether the job to cleanup unused query results should run automatically	true
REDASH_QUERY_RESULTS_CLEANUP_MAX_AGE	Integer number of days, past which a query result may be cleaned up if it is not referenced by another query.	7
REDASH_QUERY_RESULTS_EXPIRED_TTL_ENABLED	Enable the query result set default expired ttl.	false
REDASH_QUERY_RESULTS_EXPIRED_TTL	Default set query results expired ttl 86400 seconds.	86400
REDASH_REDIS_URL	URL Redash services will use to read and write to redis	“redis://localhost:6379/0”
REDASH_REMOTE_USER_HEADER	Name of header to use if REDASH_REMOTE_USER_LOGIN_ENABLED is true	X-Forwarded-Remote-User
REDASH_REMOTE_USER_LOGIN_ENABLED	Enables the use of an externally-provided and trusted remote user via an HTTP header. The “user” must be an email address. More details	false
REDASH_SAML_ENTITY_ID
REDASH_SAML_METADATA_URL
REDASH_SAML_NAMEID_FORMAT
REDASH_SCHEDULED_QUERY_TIME_LIMIT	Time limit for scheduled queries (in seconds)	None
REDASH_SCHEMAS_REFRESH_SCHEDULE	How often to refresh the data source schemas (in minutes)	30
REDASH_SCHEMAS_REFRESH_TIMEOUT	Time limit for refreshing the data source schemas (in seconds)	300
REDASH_SCHEMA_RUN_TABLE_SIZE_CALCULATIONS	Enable showing the size of each table in the schema browser.	false
REDASH_SENTRY_DSN
REDASH_STATIC_ASSETS_PATH	Directory that contains all front-end assets. Relative to the ./redash directory	”../client/dist/”
REDASH_STATSD_HOST	Host for STATSD daemon	127.0.0.1
REDASH_STATSD_PORT	Port for STATSD daemon	8125
REDASH_STATSD_PREFIX	Prefix for metrics sent to STATSD daemon	redash
REDASH_STATSD_USE_TAGS	Whether to use tags in StatsD metrics (InfluxDB’s format)	false
REDASH_THROTTLE_LOGIN_PATTERN	The Flask-Limiter string pattern used to rate limit requests to the /login route.	50/hour
REDASH_VERSION_CHECK	Toggle whether to periodically check if a newer version of Redash is available.	true
REDASH_WEB_WORKERS	How many processes will gunicorn spawn to handle web requests	4