Skip to content

Environment Variables

AxumKit supports two env layouts:

  • Root .env for host cargo run.
  • Concern-grouped .envs/* files for Docker Compose.

The current standard database keys are POSTGRES_HOST, POSTGRES_PORT, POSTGRES_NAME, POSTGRES_USER, and POSTGRES_PASSWORD. The example/local/test envs default to direct postgres:5432; production should use pgdog:6432 when PgDog is enabled.

Server (server)

Required

VariableDescription
HOSTServer bind host
PORTServer bind port
TOTP_SECRETSecret for TOTP backup code hashing
AUTH_SESSION_MAX_LIFETIME_HOURSAbsolute session lifetime in hours
AUTH_SESSION_SLIDING_TTL_HOURSSliding session TTL in hours
AUTH_SESSION_REFRESH_THRESHOLDSession refresh threshold percentage
GOOGLE_CLIENT_IDGoogle OAuth client ID
GOOGLE_CLIENT_SECRETGoogle OAuth client secret
GOOGLE_REDIRECT_URIGoogle OAuth redirect URI
GITHUB_CLIENT_IDGitHub OAuth client ID
GITHUB_CLIENT_SECRETGitHub OAuth client secret
GITHUB_REDIRECT_URIGitHub OAuth redirect URI
R2_ENDPOINTR2-compatible S3 endpoint
R2_REGIONR2 region
R2_ACCESS_KEY_IDR2 access key
R2_SECRET_ACCESS_KEYR2 secret key
R2_ASSETS_PUBLIC_DOMAINPublic domain for asset URLs
R2_ASSETS_BUCKET_NAMEAssets bucket name
TURNSTILE_SECRET_KEYCloudflare Turnstile secret
POSTGRES_HOSTDB or PgDog host
POSTGRES_PORTDB or PgDog port
POSTGRES_NAMEDB name
POSTGRES_USERDB user
POSTGRES_PASSWORDDB password

Optional

VariableDefaultDescription
ENVIRONMENTprodSet dev, development, or test for non-production contexts
AUTH_EMAIL_VERIFICATION_TOKEN_EXPIRE_TIME1Minutes
AUTH_PASSWORD_RESET_TOKEN_EXPIRE_TIME15Minutes
AUTH_EMAIL_CHANGE_TOKEN_EXPIRE_TIME15Minutes
OAUTH_PENDING_SIGNUP_TTL_MINUTES10Minutes
POSTGRES_MAX_CONNECTION30DB max pool size
POSTGRES_MIN_CONNECTION5DB min pool size
REDIS_SESSION_HOSTredis-sessionSession Redis host
REDIS_SESSION_PORT6379Session Redis port
REDIS_CACHE_HOSTredis-cacheCache Redis host
REDIS_CACHE_PORT6379Cache Redis port
REDIS_CACHE_TTL3600Cache TTL seconds
NATS_URLnats://localhost:4222NATS URL
MEILISEARCH_HOSThttp://localhost:7700MeiliSearch URL
MEILISEARCH_API_KEYemptyMeiliSearch API key
MEDIA_PROCESSOR_URLhttp://127.0.0.1:6701smol-media-processor URL
MEDIA_PROCESSOR_TIMEOUT_SECS30Image processing timeout seconds
CORS_ALLOWED_ORIGINSemptyComma-separated origins
CORS_ALLOWED_HEADERSemptyComma-separated headers
CORS_MAX_AGEemptyCORS max-age seconds
COOKIE_DOMAINemptyCookie domain
STABILITY_CONCURRENCY_LIMIT500Stability concurrency limit
STABILITY_BUFFER_SIZE1024Stability queue size
STABILITY_TIMEOUT_SECS30Stability timeout seconds

Worker (worker)

Required

VariableDescription
SMTP_HOSTSMTP server host
SMTP_USERSMTP username
SMTP_PASSWORDSMTP password
EMAILS_FROM_EMAILSender email
FRONTEND_HOSTFrontend base URL
PROJECT_NAMEProject name
FRONTEND_PATH_VERIFY_EMAILVerify-email path
FRONTEND_PATH_RESET_PASSWORDReset-password path
FRONTEND_PATH_CONFIRM_EMAIL_CHANGEConfirm-email-change path
POSTGRES_HOSTDB host
POSTGRES_PORTDB port
POSTGRES_NAMEDB name
POSTGRES_USERDB user
POSTGRES_PASSWORDDB password
R2_ENDPOINTR2-compatible S3 endpoint
R2_ACCESS_KEY_IDR2 access key
R2_SECRET_ACCESS_KEYR2 secret key
R2_ASSETS_BUCKET_NAMEAssets bucket name
R2_ASSETS_PUBLIC_DOMAINPublic domain for asset URLs

Optional

VariableDefaultDescription
SMTP_PORT587SMTP port
SMTP_TLStrueEnable TLS
EMAILS_FROM_NAMEAxumKitSender display name
MEILISEARCH_HOSThttp://localhost:7700MeiliSearch URL
MEILISEARCH_API_KEYemptyMeiliSearch API key
NATS_URLnats://localhost:4222NATS URL
REDIS_CACHE_HOST127.0.0.1Cache Redis host
REDIS_CACHE_PORT6380Cache Redis port
REDIS_LOCK_HOST127.0.0.1Worker lock Redis host
REDIS_LOCK_PORT6381Worker lock Redis port
MEDIA_PROCESSOR_URLhttp://127.0.0.1:6701smol-media-processor URL
MEDIA_PROCESSOR_TIMEOUT_SECS30Image processing timeout seconds
POSTGRES_MAX_CONNECTION10DB max pool size
POSTGRES_MIN_CONNECTION2DB min pool size
R2_REGIONautoR2 region
CRON_TIMEZONEUTCCron timezone

Released under the MIT License.