All settings are environment variables. With Docker Compose, set them in .env; the bundled compose file substitutes ${VAR} (with defaults) into the container. Only CSRF_SECRET is required: the app refuses to start in production without it.
| Variable | Description |
|---|
CSRF_SECRET | Random hex secret shared across workers. Generate with openssl rand -hex 32 (or python -c "import secrets; print(secrets.token_hex(32))"). |
| Variable | Description | Default |
|---|
LOCAL_LOG_DIR | Directory to search for local log files | /var/log |
MAIL_LOG_BASENAME | Base filename to glob (set maillog on RHEL/CentOS) | mail.log |
LOG_TIMEZONE | IANA timezone for display, e.g. America/New_York | uses log offset |
Log discovery globs <LOCAL_LOG_DIR>/<MAIL_LOG_BASENAME>* and handles any logrotate scheme automatically: numeric (mail.log.1, mail.log.2.gz), dateext (mail.log-20260611), and the plain compressed active log (mail.log.gz).
| Variable | Description | Default |
|---|
HOST_MOUNTED_REMOTES | Set true when the host manages SSHFS mounts | false |
REMOTE_MOUNT | Base directory for remote log mounts | /mnt/remote_logs |
REMOTE_SERVERS | Comma-separated remote server hostnames | mail-server-02 |
See Remote logs (SSHFS).
| Variable | Description | Default |
|---|
COMPANY_NAME | Branding name shown in the header | Postfix Insights |
SMTP_HOST / SMTP_PORT | SMTP server for emailed reports | localhost / 25 |
FROM_ADDRESS / FROM_NAME | Sender for emailed reports | do-not-reply@example.com |
ALLOWED_EMAIL_DOMAINS | Domains allowed to receive reports; unset = any | unset |
| Variable | Description | Default |
|---|
MAX_TOTAL_RESULTS | Stop search after this many entries | 1000 |
SEARCH_TIMEOUT | Overall search timeout (seconds) | 300 |
MAX_PROCESS_MEMORY_MB | Abort search when process RSS exceeds this (MB) | 512 |
HOST_PORT | Host port mapped to container 8080 | 8080 |