Skip to content

Configuration Reference

Complete reference for RustChat configuration options.

Environment Variables

All configuration is done via environment variables with the RUSTCHAT_ prefix.

Core Settings

VariableRequiredDefaultDescription
RUSTCHAT_ENVIRONMENTNoproductionRuntime mode: development or production
RUSTCHAT_SITE_URLYes-Public URL of your RustChat instance
RUSTCHAT_JWT_SECRETYes-Secret key for JWT signing (min 32 chars)
RUSTCHAT_JWT_ISSUERYes-JWT issuer claim
RUSTCHAT_JWT_AUDIENCEYes-JWT audience claim
RUSTCHAT_ENCRYPTION_KEYYes-32-byte key for sensitive data encryption

Database

VariableRequiredDefaultDescription
RUSTCHAT_DATABASE_URLYes-PostgreSQL connection string

Example:

bash
RUSTCHAT_DATABASE_URL=postgres://user:password@localhost:5432/rustchat

Redis

VariableRequiredDefaultDescription
RUSTCHAT_REDIS_URLYes-Redis connection string

Example:

bash
RUSTCHAT_REDIS_URL=redis://localhost:6379/

File Storage (S3-compatible)

VariableRequiredDefaultDescription
RUSTCHAT_S3_ENDPOINTYes-S3 endpoint URL
RUSTCHAT_S3_BUCKETYes-S3 bucket name
RUSTCHAT_S3_ACCESS_KEYYes-S3 access key
RUSTCHAT_S3_SECRET_KEYYes-S3 secret key
RUSTCHAT_S3_REGIONNous-east-1S3 region
RUSTCHAT_S3_PUBLIC_ENDPOINTNo-Public endpoint used when file URLs must be rewritten for clients

CORS

VariableRequiredDefaultDescription
RUSTCHAT_CORS_ALLOWED_ORIGINSProduction-Comma-separated allowed origins
RUSTCHAT_ALLOW_DEV_CORSNofalseDanger: enables permissive CORS (*). Only for local development.

Example:

bash
RUSTCHAT_CORS_ALLOWED_ORIGINS=https://chat.example.com,https://app.example.com

Cross-origin requests are denied by default. For local development you must either set RUSTCHAT_ALLOW_DEV_CORS=true (never in production) or configure RUSTCHAT_CORS_ALLOWED_ORIGINS with the exact origins your frontend uses (e.g. http://localhost:8080,http://localhost:5173).

Email (SMTP)

VariableRequiredDefaultDescription
RUSTCHAT_SMTP_HOSTNo-SMTP server hostname
RUSTCHAT_SMTP_PORTNo587SMTP server port
RUSTCHAT_SMTP_USERNo-SMTP username
RUSTCHAT_SMTP_PASSWORDNo-SMTP password
RUSTCHAT_SMTP_FROMNo-From address for emails
RUSTCHAT_SMTP_TLSNotrueUse TLS for SMTP

Push Notifications

VariableRequiredDefaultDescription
RUSTCHAT_PUSH_PROXY_URLNo-URL of push proxy service

Security

VariableRequiredDefaultDescription
RUSTCHAT_SECURITY_OAUTH_TOKEN_DELIVERYNocookieOAuth token delivery. Only cookie is accepted.
RUSTCHAT_SECURITY_RATE_LIMIT_ENABLEDNotrueEnable rate limiting
RUSTCHAT_SECURITY_RATE_LIMIT_AUTH_PER_MINUTENo10Auth endpoint rate limit
RUSTCHAT_SECURITY_RATE_LIMIT_WS_PER_MINUTENo30WebSocket rate limit

Logging

VariableRequiredDefaultDescription
RUST_LOGNoinfoLog level (error, warn, info, debug, trace)
RUSTCHAT_LOG_FORMATNojsonLog format: json or pretty

Production Configuration

For production deployments, ensure:

bash
# Environment
RUSTCHAT_ENVIRONMENT=production

# Security
RUSTCHAT_JWT_SECRET=<long-random-string-min-32-chars>
RUSTCHAT_ENCRYPTION_KEY=<32-byte-key>
RUSTCHAT_CORS_ALLOWED_ORIGINS=https://your-domain.com

# Security hardening
RUSTCHAT_SECURITY_OAUTH_TOKEN_DELIVERY=cookie
RUSTCHAT_SECURITY_RATE_LIMIT_ENABLED=true

Docker Compose Example

See Installation Guide for complete Docker Compose configuration.

Configuration Validation

The backend validates configuration at startup and will fail fast with clear error messages if required variables are missing or invalid.


For security best practices: See Security Guide

RustChat Documentation