LibreChat
Enhanced ChatGPT clone
Alternative to: chatgpt, perplexity, anthropic, claude, grok, gemini
LibreChat is the ultimate open-source app for all your AI conversations, fully customizable and compatible with any AI provider — all in one sleek interface
LibreChat Docker Compose example
Self-host LibreChat on your own server, homelab, or VPS starting from this Docker Compose example.
It runs LibreChat in Docker containers using the official ghcr.io/danny-avila/librechat:latest, mongo, getmeili/meilisearch:v1.12.3, ankane/pgvector:latest, ghcr.io/danny-avila/librechat-rag-api-dev-lite:latest images, with persistent volumes and automatic restarts preconfigured.
Review the environment variables and adjust them to your setup, save the file as compose.yml (or docker-compose.yml), and start the stack with docker compose up -d.
services:
api:
depends_on:
- mongodb
- rag_api
image: ghcr.io/danny-avila/librechat:latest
restart: unless-stopped
user: "1000:1000"
extra_hosts:
- "host.docker.internal:host-gateway"
environment:
- HOST=0.0.0.0
- NODE_ENV=production
- MONGO_URI=mongodb://mongodb:27017/LibreChat
- MEILI_HOST=http://meilisearch:7700
- RAG_PORT=8000
- RAG_API_URL=http://rag_api:8000
- HOST=localhost
- PORT=3080
- RAG_PORT=8000
- RAG_API_URL=http://rag_api:8000
- MONGO_URI=mongodb://127.0.0.1:27017/LibreChat
#The maximum number of connections in the connection pool. */
- MONGO_MAX_POOL_SIZE=
#The minimum number of connections in the connection pool. */
- MONGO_MIN_POOL_SIZE=
#The maximum number of connections that may be in the process of being established concurrently by the connection pool. */
- MONGO_MAX_CONNECTING=
#The maximum number of milliseconds that a connection can remain idle in the pool before being removed and closed. */
- MONGO_MAX_IDLE_TIME_MS=
#The maximum time in milliseconds that a thread can wait for a connection to become available. */
- MONGO_WAIT_QUEUE_TIMEOUT_MS=
# Set to false to disable automatic index creation for all models associated with this connection. */
- MONGO_AUTO_INDEX=
# Set to `false` to disable Mongoose automatically calling `createCollection()` on every model created on this connection. */
- MONGO_AUTO_CREATE=
- DOMAIN_CLIENT=http://localhost:3080
- DOMAIN_SERVER=http://localhost:3080
- NO_INDEX=true
# Use the address that is at most n number of hops away from the Express application.
# req.socket.remoteAddress is the first hop, and the rest are looked for in the X-Forwarded-For header from right to left.
# A value of 0 means that the first untrusted address would be req.socket.remoteAddress, i.e. there is no reverse proxy.
# Defaulted to 1.
- TRUST_PROXY=1
# Use when process console logs in cloud deployment like GCP/AWS
- CONSOLE_JSON=false
- DEBUG_LOGGING=true
- DEBUG_CONSOLE=false
- PROXY=
- ANTHROPIC_API_KEY=user_provided
- GOOGLE_KEY=user_provided
- OPENAI_API_KEY=user_provided
- DEBUG_OPENAI=false
- ASSISTANTS_API_KEY=user_provided
- DEBUG_PLUGINS=true
- CREDS_KEY=f34be427ebb29de8d88c107a71546019685ed8b241d8f2ed00c3df97ad2566f0
- CREDS_IV=e2341419ec3dd3d19b13a1a87fafcbfb
# Azure AI Search
#-----------------
- AZURE_AI_SEARCH_SERVICE_ENDPOINT=
- AZURE_AI_SEARCH_INDEX_NAME=
- AZURE_AI_SEARCH_API_KEY=
- AZURE_AI_SEARCH_API_VERSION=
- AZURE_AI_SEARCH_SEARCH_OPTION_QUERY_TYPE=
- AZURE_AI_SEARCH_SEARCH_OPTION_TOP=
- AZURE_AI_SEARCH_SEARCH_OPTION_SELECT=
# Flux
#-----------------
- FLUX_API_BASE_URL=https://api.us1.bfl.ai
# Google
#-----------------
- GOOGLE_SEARCH_API_KEY=
- GOOGLE_CSE_ID=
# YOUTUBE
#-----------------
- YOUTUBE_API_KEY=
# SerpAPI
#-----------------
- SERPAPI_API_KEY=
# Stable Diffusion
#-----------------
- SD_WEBUI_URL=http://host.docker.internal:7860
# Tavily
#-----------------
- TAVILY_API_KEY=
# Traversaal
#-----------------
- TRAVERSAAL_API_KEY=
# WolframAlpha
#-----------------
- WOLFRAM_APP_ID=
# Zapier
#-----------------
- ZAPIER_NLA_API_KEY=
- SEARCH=true
- MEILI_NO_ANALYTICS=true
- MEILI_HOST=http://0.0.0.0:7700
- MEILI_MASTER_KEY=meili_master_key_secret
- STT_API_KEY=
- TTS_API_KEY=
- OPENAI_MODERATION=false
- OPENAI_MODERATION_API_KEY=
- BAN_VIOLATIONS=true
- BAN_DURATION=1000 * 60 * 60 * 2
- BAN_INTERVAL=20
- LOGIN_VIOLATION_SCORE=1
- REGISTRATION_VIOLATION_SCORE=1
- CONCURRENT_VIOLATION_SCORE=1
- MESSAGE_VIOLATION_SCORE=1
- NON_BROWSER_VIOLATION_SCORE=20
- TTS_VIOLATION_SCORE=0
- STT_VIOLATION_SCORE=0
- FORK_VIOLATION_SCORE=0
- IMPORT_VIOLATION_SCORE=0
- FILE_UPLOAD_VIOLATION_SCORE=0
- LOGIN_MAX=7
- LOGIN_WINDOW=5
- REGISTER_MAX=5
- REGISTER_WINDOW=60
- LIMIT_CONCURRENT_MESSAGES=true
- CONCURRENT_MESSAGE_MAX=2
- LIMIT_MESSAGE_IP=true
- MESSAGE_IP_MAX=40
- MESSAGE_IP_WINDOW=1
- LIMIT_MESSAGE_USER=false
- MESSAGE_USER_MAX=40
- MESSAGE_USER_WINDOW=1
- ILLEGAL_MODEL_REQ_SCORE=5
- ALLOW_EMAIL_LOGIN=true
- ALLOW_REGISTRATION=true
- ALLOW_SOCIAL_LOGIN=false
- ALLOW_SOCIAL_REGISTRATION=false
- ALLOW_PASSWORD_RESET=false
# ALLOW_ACCOUNT_DELETION=true # note: enabled by default if omitted/commented out
- ALLOW_UNVERIFIED_EMAIL_LOGIN=false
- SESSION_EXPIRY=1000 * 60 * 15
- REFRESH_TOKEN_EXPIRY=(1000 * 60 * 60 * 24) * 7
- JWT_SECRET=16f8c0ef4a5d391b26034086c628469d3f9f497f08163ab9b40137092f2909ef
- JWT_REFRESH_SECRET=eaa5191f2914e30b9387fd84e254e4ba6fc51b4654968a9b0803b456a54b8418
# Discord
- DISCORD_CLIENT_ID=
- DISCORD_CLIENT_SECRET=
- DISCORD_CALLBACK_URL=/oauth/discord/callback
# Facebook
- FACEBOOK_CLIENT_ID=
- FACEBOOK_CLIENT_SECRET=
- FACEBOOK_CALLBACK_URL=/oauth/facebook/callback
# GitHub
- GITHUB_CLIENT_ID=
- GITHUB_CLIENT_SECRET=
- GITHUB_CALLBACK_URL=/oauth/github/callback
# Google
- GOOGLE_CLIENT_ID=
- GOOGLE_CLIENT_SECRET=
- GOOGLE_CALLBACK_URL=/oauth/google/callback
# Apple
- APPLE_CLIENT_ID=
- APPLE_TEAM_ID=
- APPLE_KEY_ID=
- APPLE_PRIVATE_KEY_PATH=
- APPLE_CALLBACK_URL=/oauth/apple/callback
# OpenID
- OPENID_CLIENT_ID=
- OPENID_CLIENT_SECRET=
- OPENID_ISSUER=
- OPENID_SESSION_SECRET=
- OPENID_SCOPE="openid profile email"
- OPENID_CALLBACK_URL=/oauth/openid/callback
- OPENID_REQUIRED_ROLE=
- OPENID_REQUIRED_ROLE_TOKEN_KIND=
- OPENID_REQUIRED_ROLE_PARAMETER_PATH=
# Set to determine which user info property returned from OpenID Provider to store as the User's username
- OPENID_USERNAME_CLAIM=
# Set to determine which user info property returned from OpenID Provider to store as the User's name
- OPENID_NAME_CLAIM=
# Optional audience parameter for OpenID authorization requests
- OPENID_AUDIENCE=
- OPENID_BUTTON_LABEL=
- OPENID_IMAGE_URL=
# Set to true to automatically redirect to the OpenID provider when a user visits the login page
# This will bypass the login form completely for users, only use this if OpenID is your only authentication method
- OPENID_AUTO_REDIRECT=false
# Set to true to use PKCE (Proof Key for Code Exchange) for OpenID authentication
- OPENID_USE_PKCE=false
#Set to true to reuse openid tokens for authentication management instead of using the mongodb session and the custom refresh token.
- OPENID_REUSE_TOKENS=
#By default, signing key verification results are cached in order to prevent excessive HTTP requests to the JWKS endpoint.
#If a signing key matching the kid is found, this will be cached and the next time this kid is requested the signing key will be served from the cache.
#Default is true.
- OPENID_JWKS_URL_CACHE_ENABLED=
- OPENID_JWKS_URL_CACHE_TIME=# 600000 ms eq to 10 minutes leave empty to disable caching
#Set to true to trigger token exchange flow to acquire access token for the userinfo endpoint.
- OPENID_ON_BEHALF_FLOW_FOR_USERINFO_REQUIRED=
- OPENID_ON_BEHALF_FLOW_USERINFO_SCOPE="user.read" # example for Scope Needed for Microsoft Graph API
# Set to true to use the OpenID Connect end session endpoint for logout
- OPENID_USE_END_SESSION_ENDPOINT=
# SAML
# Note: If OpenID is enabled, SAML authentication will be automatically disabled.
- SAML_ENTRY_POINT=
- SAML_ISSUER=
- SAML_CERT=
- SAML_CALLBACK_URL=/oauth/saml/callback
- SAML_SESSION_SECRET=
# Attribute mappings (optional)
- SAML_EMAIL_CLAIM=
- SAML_USERNAME_CLAIM=
- SAML_GIVEN_NAME_CLAIM=
- SAML_FAMILY_NAME_CLAIM=
- SAML_PICTURE_CLAIM=
- SAML_NAME_CLAIM=
# Logint buttion settings (optional)
- SAML_BUTTON_LABEL=
- SAML_IMAGE_URL=
# Enable Entra ID people search integration in permissions/sharing system
# When enabled, the people picker will search both local database and Entra ID
- USE_ENTRA_ID_FOR_PEOPLE_SEARCH=false
# When enabled, entra id groups owners will be considered as members of the group
- ENTRA_ID_INCLUDE_OWNERS_AS_MEMBERS=false
# Microsoft Graph API scopes needed for people/group search
# Default scopes provide access to user profiles and group memberships
- OPENID_GRAPH_SCOPES=User.Read,People.Read,GroupMember.Read.All
# LDAP
- LDAP_URL=
- LDAP_BIND_DN=
- LDAP_BIND_CREDENTIALS=
- LDAP_USER_SEARCH_BASE=
#LDAP_SEARCH_FILTER="mail="
- LDAP_CA_CERT_PATH=
- EMAIL_SERVICE=
- EMAIL_HOST=
- EMAIL_PORT=25
- EMAIL_ENCRYPTION=
- EMAIL_ENCRYPTION_HOSTNAME=
- EMAIL_ALLOW_SELFSIGNED=
- EMAIL_USERNAME=
- EMAIL_PASSWORD=
- EMAIL_FROM_NAME=
- EMAIL_FROM=noreply@librechat.ai
- FIREBASE_API_KEY=
- FIREBASE_AUTH_DOMAIN=
- FIREBASE_PROJECT_ID=
- FIREBASE_STORAGE_BUCKET=
- FIREBASE_MESSAGING_SENDER_ID=
- FIREBASE_APP_ID=
- AWS_ENDPOINT_URL=
- AWS_ACCESS_KEY_ID=
- AWS_SECRET_ACCESS_KEY=
- AWS_REGION=
- AWS_BUCKET_NAME=
- AZURE_STORAGE_CONNECTION_STRING=
- AZURE_STORAGE_PUBLIC_ACCESS=false
- AZURE_CONTAINER_NAME=files
- ALLOW_SHARED_LINKS=true
- ALLOW_SHARED_LINKS_PUBLIC=true
- APP_TITLE=LibreChat
# CUSTOM_FOOTER="My custom footer"
- HELP_AND_FAQ_URL=https://librechat.ai
#=====================================================#
# OpenWeather #
#=====================================================#
- OPENWEATHER_API_KEY=
volumes:
- ./librechat.yaml:/app/librechat.yaml:ro
- api_images:/app/client/public/images
- api_uploads:/app/uploads
- api_logs:/app/api/logs
mongodb:
image: mongo
restart: unless-stopped
user: "1000:1000"
volumes:
- mongo_db:/data/db
command: mongod --noauth
meilisearch:
image: getmeili/meilisearch:v1.12.3
restart: unless-stopped
user: "1000:1000"
environment:
- MEILI_HOST=http://0.0.0.0:7700
- MEILI_NO_ANALYTICS=true
- MEILI_MASTER_KEY=meili_master_key_secret
- MEILI_NO_ANALYTICS=true
- MEILI_MAX_INDEXING_MEMORY=500MB
- MEILI_MAX_INDEXING_THREADS=2
- MEILI_EXPERIMENTAL_MAX_NUMBER_OF_BATCHED_TASKS=5
volumes:
- meili_v1123:/meili_data
vectordb:
image: ankane/pgvector:latest
environment:
POSTGRES_DB: "mydatabase"
POSTGRES_USER: "myuser"
POSTGRES_PASSWORD: "mypassword"
restart: unless-stopped
volumes:
- pgdata2:/var/lib/postgresql/data
rag_api:
image: ghcr.io/danny-avila/librechat-rag-api-dev-lite:latest
environment:
- DB_HOST=vectordb
- RAG_PORT=8000
- HOST=localhost
- PORT=3080
- RAG_PORT=8000
- RAG_API_URL=http://rag_api:8000
- MONGO_URI=mongodb://127.0.0.1:27017/LibreChat
#The maximum number of connections in the connection pool. */
- MONGO_MAX_POOL_SIZE=
#The minimum number of connections in the connection pool. */
- MONGO_MIN_POOL_SIZE=
#The maximum number of connections that may be in the process of being established concurrently by the connection pool. */
- MONGO_MAX_CONNECTING=
#The maximum number of milliseconds that a connection can remain idle in the pool before being removed and closed. */
- MONGO_MAX_IDLE_TIME_MS=
#The maximum time in milliseconds that a thread can wait for a connection to become available. */
- MONGO_WAIT_QUEUE_TIMEOUT_MS=
# Set to false to disable automatic index creation for all models associated with this connection. */
- MONGO_AUTO_INDEX=
# Set to `false` to disable Mongoose automatically calling `createCollection()` on every model created on this connection. */
- MONGO_AUTO_CREATE=
- DOMAIN_CLIENT=http://localhost:3080
- DOMAIN_SERVER=http://localhost:3080
- NO_INDEX=true
# Use the address that is at most n number of hops away from the Express application.
# req.socket.remoteAddress is the first hop, and the rest are looked for in the X-Forwarded-For header from right to left.
# A value of 0 means that the first untrusted address would be req.socket.remoteAddress, i.e. there is no reverse proxy.
# Defaulted to 1.
- TRUST_PROXY=1
# Use when process console logs in cloud deployment like GCP/AWS
- CONSOLE_JSON=false
- DEBUG_LOGGING=true
- DEBUG_CONSOLE=false
- PROXY=
- ANTHROPIC_API_KEY=user_provided
- GOOGLE_KEY=user_provided
- OPENAI_API_KEY=user_provided
- DEBUG_OPENAI=false
- ASSISTANTS_API_KEY=user_provided
- DEBUG_PLUGINS=true
- CREDS_KEY=f34be427ebb29de8d88c107a71546019685ed8b241d8f2ed00c3df97ad2566f0
- CREDS_IV=e2341419ec3dd3d19b13a1a87fafcbfb
# Azure AI Search
#-----------------
- AZURE_AI_SEARCH_SERVICE_ENDPOINT=
- AZURE_AI_SEARCH_INDEX_NAME=
- AZURE_AI_SEARCH_API_KEY=
- AZURE_AI_SEARCH_API_VERSION=
- AZURE_AI_SEARCH_SEARCH_OPTION_QUERY_TYPE=
- AZURE_AI_SEARCH_SEARCH_OPTION_TOP=
- AZURE_AI_SEARCH_SEARCH_OPTION_SELECT=
# Flux
#-----------------
- FLUX_API_BASE_URL=https://api.us1.bfl.ai
# Google
#-----------------
- GOOGLE_SEARCH_API_KEY=
- GOOGLE_CSE_ID=
# YOUTUBE
#-----------------
- YOUTUBE_API_KEY=
# SerpAPI
#-----------------
- SERPAPI_API_KEY=
# Stable Diffusion
#-----------------
- SD_WEBUI_URL=http://host.docker.internal:7860
# Tavily
#-----------------
- TAVILY_API_KEY=
# Traversaal
#-----------------
- TRAVERSAAL_API_KEY=
# WolframAlpha
#-----------------
- WOLFRAM_APP_ID=
# Zapier
#-----------------
- ZAPIER_NLA_API_KEY=
- SEARCH=true
- MEILI_NO_ANALYTICS=true
- MEILI_HOST=http://0.0.0.0:7700
- MEILI_MASTER_KEY=meili_master_key_secret
- STT_API_KEY=
- TTS_API_KEY=
- OPENAI_MODERATION=false
- OPENAI_MODERATION_API_KEY=
- BAN_VIOLATIONS=true
- BAN_DURATION=1000 * 60 * 60 * 2
- BAN_INTERVAL=20
- LOGIN_VIOLATION_SCORE=1
- REGISTRATION_VIOLATION_SCORE=1
- CONCURRENT_VIOLATION_SCORE=1
- MESSAGE_VIOLATION_SCORE=1
- NON_BROWSER_VIOLATION_SCORE=20
- TTS_VIOLATION_SCORE=0
- STT_VIOLATION_SCORE=0
- FORK_VIOLATION_SCORE=0
- IMPORT_VIOLATION_SCORE=0
- FILE_UPLOAD_VIOLATION_SCORE=0
- LOGIN_MAX=7
- LOGIN_WINDOW=5
- REGISTER_MAX=5
- REGISTER_WINDOW=60
- LIMIT_CONCURRENT_MESSAGES=true
- CONCURRENT_MESSAGE_MAX=2
- LIMIT_MESSAGE_IP=true
- MESSAGE_IP_MAX=40
- MESSAGE_IP_WINDOW=1
- LIMIT_MESSAGE_USER=false
- MESSAGE_USER_MAX=40
- MESSAGE_USER_WINDOW=1
- ILLEGAL_MODEL_REQ_SCORE=5
- ALLOW_EMAIL_LOGIN=true
- ALLOW_REGISTRATION=true
- ALLOW_SOCIAL_LOGIN=false
- ALLOW_SOCIAL_REGISTRATION=false
- ALLOW_PASSWORD_RESET=false
# ALLOW_ACCOUNT_DELETION=true # note: enabled by default if omitted/commented out
- ALLOW_UNVERIFIED_EMAIL_LOGIN=false
- SESSION_EXPIRY=1000 * 60 * 15
- REFRESH_TOKEN_EXPIRY=(1000 * 60 * 60 * 24) * 7
- JWT_SECRET=16f8c0ef4a5d391b26034086c628469d3f9f497f08163ab9b40137092f2909ef
- JWT_REFRESH_SECRET=eaa5191f2914e30b9387fd84e254e4ba6fc51b4654968a9b0803b456a54b8418
# Discord
- DISCORD_CLIENT_ID=
- DISCORD_CLIENT_SECRET=
- DISCORD_CALLBACK_URL=/oauth/discord/callback
# Facebook
- FACEBOOK_CLIENT_ID=
- FACEBOOK_CLIENT_SECRET=
- FACEBOOK_CALLBACK_URL=/oauth/facebook/callback
# GitHub
- GITHUB_CLIENT_ID=
- GITHUB_CLIENT_SECRET=
- GITHUB_CALLBACK_URL=/oauth/github/callback
# Google
- GOOGLE_CLIENT_ID=
- GOOGLE_CLIENT_SECRET=
- GOOGLE_CALLBACK_URL=/oauth/google/callback
# Apple
- APPLE_CLIENT_ID=
- APPLE_TEAM_ID=
- APPLE_KEY_ID=
- APPLE_PRIVATE_KEY_PATH=
- APPLE_CALLBACK_URL=/oauth/apple/callback
# OpenID
- OPENID_CLIENT_ID=
- OPENID_CLIENT_SECRET=
- OPENID_ISSUER=
- OPENID_SESSION_SECRET=
- OPENID_SCOPE="openid profile email"
- OPENID_CALLBACK_URL=/oauth/openid/callback
- OPENID_REQUIRED_ROLE=
- OPENID_REQUIRED_ROLE_TOKEN_KIND=
- OPENID_REQUIRED_ROLE_PARAMETER_PATH=
# Set to determine which user info property returned from OpenID Provider to store as the User's username
- OPENID_USERNAME_CLAIM=
# Set to determine which user info property returned from OpenID Provider to store as the User's name
- OPENID_NAME_CLAIM=
# Optional audience parameter for OpenID authorization requests
- OPENID_AUDIENCE=
- OPENID_BUTTON_LABEL=
- OPENID_IMAGE_URL=
# Set to true to automatically redirect to the OpenID provider when a user visits the login page
# This will bypass the login form completely for users, only use this if OpenID is your only authentication method
- OPENID_AUTO_REDIRECT=false
# Set to true to use PKCE (Proof Key for Code Exchange) for OpenID authentication
- OPENID_USE_PKCE=false
#Set to true to reuse openid tokens for authentication management instead of using the mongodb session and the custom refresh token.
- OPENID_REUSE_TOKENS=
#By default, signing key verification results are cached in order to prevent excessive HTTP requests to the JWKS endpoint.
#If a signing key matching the kid is found, this will be cached and the next time this kid is requested the signing key will be served from the cache.
#Default is true.
- OPENID_JWKS_URL_CACHE_ENABLED=
- OPENID_JWKS_URL_CACHE_TIME=# 600000 ms eq to 10 minutes leave empty to disable caching
#Set to true to trigger token exchange flow to acquire access token for the userinfo endpoint.
- OPENID_ON_BEHALF_FLOW_FOR_USERINFO_REQUIRED=
- OPENID_ON_BEHALF_FLOW_USERINFO_SCOPE="user.read" # example for Scope Needed for Microsoft Graph API
# Set to true to use the OpenID Connect end session endpoint for logout
- OPENID_USE_END_SESSION_ENDPOINT=
# SAML
# Note: If OpenID is enabled, SAML authentication will be automatically disabled.
- SAML_ENTRY_POINT=
- SAML_ISSUER=
- SAML_CERT=
- SAML_CALLBACK_URL=/oauth/saml/callback
- SAML_SESSION_SECRET=
# Attribute mappings (optional)
- SAML_EMAIL_CLAIM=
- SAML_USERNAME_CLAIM=
- SAML_GIVEN_NAME_CLAIM=
- SAML_FAMILY_NAME_CLAIM=
- SAML_PICTURE_CLAIM=
- SAML_NAME_CLAIM=
# Logint buttion settings (optional)
- SAML_BUTTON_LABEL=
- SAML_IMAGE_URL=
# Enable Entra ID people search integration in permissions/sharing system
# When enabled, the people picker will search both local database and Entra ID
- USE_ENTRA_ID_FOR_PEOPLE_SEARCH=false
# When enabled, entra id groups owners will be considered as members of the group
- ENTRA_ID_INCLUDE_OWNERS_AS_MEMBERS=false
# Microsoft Graph API scopes needed for people/group search
# Default scopes provide access to user profiles and group memberships
- OPENID_GRAPH_SCOPES=User.Read,People.Read,GroupMember.Read.All
# LDAP
- LDAP_URL=
- LDAP_BIND_DN=
- LDAP_BIND_CREDENTIALS=
- LDAP_USER_SEARCH_BASE=
#LDAP_SEARCH_FILTER="mail="
- LDAP_CA_CERT_PATH=
- EMAIL_SERVICE=
- EMAIL_HOST=
- EMAIL_PORT=25
- EMAIL_ENCRYPTION=
- EMAIL_ENCRYPTION_HOSTNAME=
- EMAIL_ALLOW_SELFSIGNED=
- EMAIL_USERNAME=
- EMAIL_PASSWORD=
- EMAIL_FROM_NAME=
- EMAIL_FROM=noreply@librechat.ai
- FIREBASE_API_KEY=
- FIREBASE_AUTH_DOMAIN=
- FIREBASE_PROJECT_ID=
- FIREBASE_STORAGE_BUCKET=
- FIREBASE_MESSAGING_SENDER_ID=
- FIREBASE_APP_ID=
- AWS_ENDPOINT_URL=
- AWS_ACCESS_KEY_ID=
- AWS_SECRET_ACCESS_KEY=
- AWS_REGION=
- AWS_BUCKET_NAME=
- AZURE_STORAGE_CONNECTION_STRING=
- AZURE_STORAGE_PUBLIC_ACCESS=false
- AZURE_CONTAINER_NAME=files
- ALLOW_SHARED_LINKS=true
- ALLOW_SHARED_LINKS_PUBLIC=true
- APP_TITLE=LibreChat
# CUSTOM_FOOTER="My custom footer"
- HELP_AND_FAQ_URL=https://librechat.ai
#=====================================================#
# OpenWeather #
#=====================================================#
- OPENWEATHER_API_KEY=
restart: unless-stopped
depends_on:
- vectordb
volumes:
pgdata2:
meili_v1123:
api_images:
api_uploads:
api_logs:
mongo_db: Extra files
The Docker Compose configuration above bind-mounts the following file. Save it next to your compose.yml,
keeping the same relative path.
librechat.yaml
# For more information, see the Configuration Guide:
# https://www.librechat.ai/docs/configuration/librechat_yaml
# Example: https://github.com/danny-avila/LibreChat/blob/main/librechat.example.yaml
# Configuration version (required)
version: 1.2.1
# Cache settings: Set to true to enable caching
cache: true
# File storage configuration
# Single strategy for all file types (legacy format, still supported)
# fileStrategy: "s3"
# Granular file storage strategies (new format - recommended)
# Allows different storage strategies for different file types
# fileStrategy:
# avatar: "s3" # Storage for user/agent avatar images
# image: "firebase" # Storage for uploaded images in chats
# document: "local" # Storage for document uploads (PDFs, text files, etc.)
# Available strategies: "local", "s3", "firebase"
# If not specified, defaults to "local" for all file types
# You can mix and match strategies based on your needs:
# - Use S3 for avatars for fast global access
# - Use Firebase for images with automatic optimization
# - Use local storage for documents for privacy/compliance
# Custom interface configuration
interface:
customWelcome: 'Welcome to LibreChat! Enjoy your experience.'
# Enable/disable file search as a chatarea selection (default: true)
# Note: This setting does not disable the Agents File Search Capability.
# To disable the Agents Capability, see the Agents Endpoint configuration instead.
fileSearch: true
# Privacy policy settings
privacyPolicy:
externalUrl: 'https://librechat.ai/privacy-policy'
openNewTab: true
# Terms of service
termsOfService:
externalUrl: 'https://librechat.ai/tos'
openNewTab: true
modalAcceptance: true
modalTitle: 'Terms of Service for LibreChat'
modalContent: |
# Terms and Conditions for LibreChat
*Effective Date: February 18, 2024*
Welcome to LibreChat, the informational website for the open-source AI chat platform, available at https://librechat.ai. These Terms of Service ("Terms") govern your use of our website and the services we offer. By accessing or using the Website, you agree to be bound by these Terms and our Privacy Policy, accessible at https://librechat.ai//privacy.
## 1. Ownership
Upon purchasing a package from LibreChat, you are granted the right to download and use the code for accessing an admin panel for LibreChat. While you own the downloaded code, you are expressly prohibited from reselling, redistributing, or otherwise transferring the code to third parties without explicit permission from LibreChat.
## 2. User Data
We collect personal data, such as your name, email address, and payment information, as described in our Privacy Policy. This information is collected to provide and improve our services, process transactions, and communicate with you.
## 3. Non-Personal Data Collection
The Website uses cookies to enhance user experience, analyze site usage, and facilitate certain functionalities. By using the Website, you consent to the use of cookies in accordance with our Privacy Policy.
## 4. Use of the Website
You agree to use the Website only for lawful purposes and in a manner that does not infringe the rights of, restrict, or inhibit anyone else's use and enjoyment of the Website. Prohibited behavior includes harassing or causing distress or inconvenience to any person, transmitting obscene or offensive content, or disrupting the normal flow of dialogue within the Website.
## 5. Governing Law
These Terms shall be governed by and construed in accordance with the laws of the United States, without giving effect to any principles of conflicts of law.
## 6. Changes to the Terms
We reserve the right to modify these Terms at any time. We will notify users of any changes by email. Your continued use of the Website after such changes have been notified will constitute your consent to such changes.
## 7. Contact Information
If you have any questions about these Terms, please contact us at contact@librechat.ai.
By using the Website, you acknowledge that you have read these Terms of Service and agree to be bound by them.
endpointsMenu: true
modelSelect: true
parameters: true
sidePanel: true
presets: true
prompts: true
bookmarks: true
multiConvo: true
agents: true
peoplePicker:
users: true
groups: true
roles: true
marketplace:
use: false
fileCitations: true
# Temporary chat retention period in hours (default: 720, min: 1, max: 8760)
# temporaryChatRetention: 1
# Example Cloudflare turnstile (optional)
#turnstile:
# siteKey: "your-site-key-here"
# options:
# language: "auto" # "auto" or an ISO 639-1 language code (e.g. en)
# size: "normal" # Options: "normal", "compact", "flexible", or "invisible"
# Example Registration Object Structure (optional)
#registration:
# socialLogins: ['github', 'google', 'discord', 'openid', 'facebook', 'apple', 'saml']
# allowedDomains:
# - "gmail.com"
# Example Balance settings
# balance:
# enabled: false
# startBalance: 20000
# autoRefillEnabled: false
# refillIntervalValue: 30
# refillIntervalUnit: 'days'
# refillAmount: 10000
# speech:
# tts:
# openai:
# url: ''
# apiKey: '${TTS_API_KEY}'
# model: ''
# voices: ['']
#
# stt:
# openai:
# url: ''
# apiKey: '${STT_API_KEY}'
# model: ''
# rateLimits:
# fileUploads:
# ipMax: 100
# ipWindowInMinutes: 60 # Rate limit window for file uploads per IP
# userMax: 50
# userWindowInMinutes: 60 # Rate limit window for file uploads per user
# conversationsImport:
# ipMax: 100
# ipWindowInMinutes: 60 # Rate limit window for conversation imports per IP
# userMax: 50
# userWindowInMinutes: 60 # Rate limit window for conversation imports per user
# Example Actions Object Structure
#actions:
# allowedDomains:
# - 'swapi.dev'
# - 'librechat.ai'
# - 'google.com'
# Example MCP Servers Object Structure
# mcpServers:
# everything:
# # type: sse # type can optionally be omitted
# url: http://localhost:3001/sse
# timeout: 60000 # 1 minute timeout for this server, this is the default timeout for MCP servers.
# puppeteer:
# type: stdio
# command: npx
# args:
# - -y
# - "@modelcontextprotocol/server-puppeteer"
# timeout: 300000 # 5 minutes timeout for this server
# filesystem:
# # type: stdio
# command: npx
# args:
# - -y
# - "@modelcontextprotocol/server-filesystem"
# - /home/user/LibreChat/
# iconPath: /home/user/LibreChat/client/public/assets/logo.svg
# mcp-obsidian:
# command: npx
# args:
# - -y
# - "mcp-obsidian"
# - /path/to/obsidian/vault
# Definition of custom endpoints
endpoints:
# assistants:
# disableBuilder: false # Disable Assistants Builder Interface by setting to `true`
# pollIntervalMs: 3000 # Polling interval for checking assistant updates
# timeoutMs: 180000 # Timeout for assistant operations
# # Should only be one or the other, either `supportedIds` or `excludedIds`
# supportedIds: ["asst_supportedAssistantId1", "asst_supportedAssistantId2"]
# # excludedIds: ["asst_excludedAssistantId"]
# # Only show assistants that the user created or that were created externally (e.g. in Assistants playground).
# # privateAssistants: false # Does not work with `supportedIds` or `excludedIds`
# # (optional) Models that support retrieval, will default to latest known OpenAI models that support the feature
# retrievalModels: ["gpt-4-turbo-preview"]
# # (optional) Assistant Capabilities available to all users. Omit the ones you wish to exclude. Defaults to list below.
# capabilities: ["code_interpreter", "retrieval", "actions", "tools", "image_vision"]
# agents:
# # (optional) Default recursion depth for agents, defaults to 25
# recursionLimit: 50
# # (optional) Max recursion depth for agents, defaults to 25
# maxRecursionLimit: 100
# # (optional) Disable the builder interface for agents
# disableBuilder: false
# # (optional) Maximum total citations to include in agent responses, defaults to 30
# maxCitations: 30
# # (optional) Maximum citations per file to include in agent responses, defaults to 7
# maxCitationsPerFile: 7
# # (optional) Minimum relevance score for sources to be included in responses, defaults to 0.45 (45% relevance threshold)
# # Set to 0.0 to show all sources (no filtering), or higher like 0.7 for stricter filtering
# minRelevanceScore: 0.45
# # (optional) Agent Capabilities available to all users. Omit the ones you wish to exclude. Defaults to list below.
# capabilities: ["execute_code", "file_search", "actions", "tools"]
# fileConfig:
# endpoints:
# assistants:
# fileLimit: 5
# fileSizeLimit: 10 # Maximum size for an individual file in MB
# totalSizeLimit: 50 # Maximum total size for all files in a single request in MB
# supportedMimeTypes:
# - "image/.*"
# - "application/pdf"
# openAI:
# disabled: true # Disables file uploading to the OpenAI endpoint
# default:
# totalSizeLimit: 20
# YourCustomEndpointName:
# fileLimit: 2
# fileSizeLimit: 5
# serverFileSizeLimit: 100 # Global server file size limit in MB
# avatarSizeLimit: 2 # Limit for user avatar image size in MB
# imageGeneration: # Image Gen settings, either percentage or px
# percentage: 100
# px: 1024
# # Client-side image resizing to prevent upload errors
# clientImageResize:
# enabled: false # Enable/disable client-side image resizing (default: false)
# maxWidth: 1900 # Maximum width for resized images (default: 1900)
# maxHeight: 1900 # Maximum height for resized images (default: 1900)
# quality: 0.92 # JPEG quality for compression (0.0-1.0, default: 0.92)
# # See the Custom Configuration Guide for more information on Assistants Config:
# # https://www.librechat.ai/docs/configuration/librechat_yaml/object_structure/assistants_endpoint
# Memory configuration for user memories
# memory:
# # (optional) Disable memory functionality
# disabled: false
# # (optional) Restrict memory keys to specific values to limit memory storage and improve consistency
# validKeys: ["preferences", "work_info", "personal_info", "skills", "interests", "context"]
# # (optional) Maximum token limit for memory storage (not yet implemented for token counting)
# tokenLimit: 10000
# # (optional) Enable personalization features (defaults to true if memory is configured)
# # When false, users will not see the Personalization tab in settings
# personalize: true
# # Memory agent configuration - either use an existing agent by ID or define inline
# agent:
# # Option 1: Use existing agent by ID
# id: "your-memory-agent-id"
# # Option 2: Define agent inline
# # provider: "openai"
# # model: "gpt-4o-mini"
# # instructions: "You are a memory management assistant. Store and manage user information accurately."
# # model_parameters:
# # temperature: 0.1 Prefer a managed setup? WinterFlow installs, configures, and updates LibreChat for you using this same Docker Compose configuration.