AxumKit

Appearance

Environment Variables

Complete list of all environment variables used by AxumKit. Variables marked Required will cause a panic at startup if missing.

Server (axumkit-server)

General

VariableRequiredDefaultDescription
ENVIRONMENTNoSet to dev or development for dev mode
HOSTYesServer bind address (e.g., 0.0.0.0)
PORTYesServer bind port (e.g., 8000)

Authentication & Sessions

VariableRequiredDefaultDescription
TOTP_SECRETYesSecret for TOTP backup code hashing
AUTH_SESSION_MAX_LIFETIME_HOURSYesAbsolute session expiration (hours)
AUTH_SESSION_SLIDING_TTL_HOURSYesActivity-based TTL extension (hours)
AUTH_SESSION_REFRESH_THRESHOLDYesTTL refresh threshold (0-100%)
AUTH_EMAIL_VERIFICATION_TOKEN_EXPIRE_TIMENo1Email verification token TTL (minutes)
AUTH_PASSWORD_RESET_TOKEN_EXPIRE_TIMENo15Password reset token TTL (minutes)
AUTH_EMAIL_CHANGE_TOKEN_EXPIRE_TIMENo15Email change token TTL (minutes)
OAUTH_PENDING_SIGNUP_TTL_MINUTESNo10OAuth pending signup TTL (minutes)

PostgreSQL Write (Primary)

VariableRequiredDefaultDescription
POSTGRES_WRITE_HOSTYesPrimary DB host
POSTGRES_WRITE_PORTYesPrimary DB port
POSTGRES_WRITE_NAMEYesPrimary DB name
POSTGRES_WRITE_USERYesPrimary DB user
POSTGRES_WRITE_PASSWORDYesPrimary DB password
POSTGRES_WRITE_MAX_CONNECTIONNo100Max connection pool size
POSTGRES_WRITE_MIN_CONNECTIONNo10Min connection pool size

PostgreSQL Read (Replica)

VariableRequiredDefaultDescription
POSTGRES_READ_HOSTYesReplica DB host
POSTGRES_READ_PORTYesReplica DB port
POSTGRES_READ_NAMEYesReplica DB name
POSTGRES_READ_USERYesReplica DB user
POSTGRES_READ_PASSWORDYesReplica DB password
POSTGRES_READ_MAX_CONNECTIONNo100Max connection pool size
POSTGRES_READ_MIN_CONNECTIONNo10Min connection pool size

Redis

VariableRequiredDefaultDescription
REDIS_SESSION_HOSTNoredis-sessionSession Redis host
REDIS_SESSION_PORTNo6379Session Redis port
REDIS_CACHE_HOSTNoredis-cacheCache Redis host
REDIS_CACHE_PORTNo6379Cache Redis port
REDIS_CACHE_TTLNo3600Cache TTL in seconds

Google OAuth

VariableRequiredDefaultDescription
GOOGLE_CLIENT_IDYesGoogle OAuth client ID
GOOGLE_CLIENT_SECRETYesGoogle OAuth client secret
GOOGLE_REDIRECT_URIYesGoogle OAuth callback URL

GitHub OAuth

VariableRequiredDefaultDescription
GITHUB_CLIENT_IDYesGitHub OAuth client ID
GITHUB_CLIENT_SECRETYesGitHub OAuth client secret
GITHUB_REDIRECT_URIYesGitHub OAuth callback URL

Cloudflare R2

VariableRequiredDefaultDescription
R2_ENDPOINTYesR2 S3-compatible endpoint
R2_REGIONYesR2 region
R2_PUBLIC_DOMAINYesPublic URL for R2 assets
R2_BUCKET_NAMEYesR2 bucket name
R2_ACCESS_KEY_IDYesR2 access key
R2_SECRET_ACCESS_KEYYesR2 secret key

Cloudflare Turnstile

VariableRequiredDefaultDescription
TURNSTILE_SECRET_KEYYesTurnstile verification secret

SeaweedFS

VariableRequiredDefaultDescription
SEAWEEDFS_ENDPOINTYesSeaweedFS filer endpoint

NATS

VariableRequiredDefaultDescription
NATS_URLNonats://localhost:4222NATS server URL

MeiliSearch

VariableRequiredDefaultDescription
MEILISEARCH_HOSTNohttp://localhost:7700MeiliSearch URL
MEILISEARCH_API_KEYNoMeiliSearch API key

CORS

VariableRequiredDefaultDescription
CORS_ALLOWED_ORIGINSNo[]Comma-separated allowed origins
CORS_ALLOWED_HEADERSNo[]Comma-separated allowed headers
CORS_MAX_AGENoCORS preflight cache duration (seconds)

Cookies

VariableRequiredDefaultDescription
COOKIE_DOMAINNoCookie domain (e.g., .example.com)

Stability Layer

VariableRequiredDefaultDescription
STABILITY_CONCURRENCY_LIMITNo500Max concurrent requests
STABILITY_BUFFER_SIZENo1024Request queue buffer size
STABILITY_TIMEOUT_SECSNo30Per-request timeout (seconds)

Worker (axumkit-worker)

SMTP

VariableRequiredDefaultDescription
SMTP_HOSTYesSMTP server host
SMTP_PORTNo587SMTP server port
SMTP_USERYesSMTP username
SMTP_PASSWORDYesSMTP password
SMTP_TLSNotrueEnable TLS for SMTP
EMAILS_FROM_EMAILYesSender email address
EMAILS_FROM_NAMENoSevenWikiSender display name

Frontend

VariableRequiredDefaultDescription
FRONTEND_HOSTYesFrontend base URL
PROJECT_NAMEYesProject name (used in emails)
FRONTEND_PATH_VERIFY_EMAILYesPath for email verification page
FRONTEND_PATH_RESET_PASSWORDYesPath for password reset page
FRONTEND_PATH_CONFIRM_EMAIL_CHANGEYesPath for email change confirmation

Database (Write Only)

VariableRequiredDefaultDescription
POSTGRES_WRITE_HOSTYesPrimary DB host
POSTGRES_WRITE_PORTYesPrimary DB port
POSTGRES_WRITE_NAMEYesPrimary DB name
POSTGRES_WRITE_USERYesPrimary DB user
POSTGRES_WRITE_PASSWORDYesPrimary DB password
POSTGRES_WRITE_MAX_CONNECTIONNo10Max connection pool size
POSTGRES_WRITE_MIN_CONNECTIONNo2Min connection pool size

Other Services

VariableRequiredDefaultDescription
NATS_URLNonats://localhost:4222NATS server URL
MEILISEARCH_HOSTNohttp://localhost:7700MeiliSearch URL
MEILISEARCH_API_KEYNoMeiliSearch API key
REDIS_CACHE_HOSTNo127.0.0.1Cache Redis host
REDIS_CACHE_PORTNo6380Cache Redis port
SEAWEEDFS_ENDPOINTYesSeaweedFS filer endpoint
R2_ENDPOINTYesR2 endpoint
R2_REGIONNoautoR2 region
R2_ACCESS_KEY_IDYesR2 access key
R2_SECRET_ACCESS_KEYYesR2 secret key
R2_BUCKET_NAMEYesR2 bucket name
R2_PUBLIC_DOMAINYesPublic URL for R2 assets
CRON_TIMEZONENoUTCTimezone for cron schedules

Released under the MIT License.

Copyright 2025-present AxumKit Contributors