axum-conf
Production-ready web services with Axum — batteries included.
Build Kubernetes-native Rust services without the boilerplate. axum-conf gives you health probes, metrics, security headers, rate limiting, and more — all configured through simple TOML.
axum-conf
┌─────────────────────────────────────────────────────────┐
│ │
│ ┌─────────────┐ ┌──────────────┐ ┌─────────────┐ │
│ │ Config │──▶│ FluentRouter │──▶│ Middleware │ │
│ │ (TOML) │ │ Builder │ │ Stack │ │
│ └─────────────┘ └──────────────┘ └─────────────┘ │
│ │ │
│ ▼ │
│ ┌─────────────────────────────────────────────────┐ │
│ │ Production-Ready Server │ │
│ │ • Health probes • Metrics • Security headers │ │
│ │ • Rate limiting • CORS • Graceful shutdown│ │
│ └─────────────────────────────────────────────────┘ │
│ │
└─────────────────────────────────────────────────────────┘
Why axum-conf?
- Zero boilerplate: Get liveness probes, Prometheus metrics, and security headers without writing middleware
- Kubernetes-native: Built for container deployments with proper health checks and graceful shutdown
- Configuration-driven: Change behavior through TOML files, not code changes
Quick Start
1. Add to Cargo.toml:
[]
= "0.3"
= "0.8"
= { = "1", = ["full"] }
2. Create config/dev.toml:
[]
= 3000
= "1MiB"
3. Write src/main.rs:
use ;
use ;
async
async
4. Run:
RUST_ENV=dev
5. Test it:
What You Get
| Feature | What it does | Default |
|---|---|---|
| Health probes | /live and /ready endpoints for Kubernetes |
Enabled |
| Prometheus metrics | Request counts, latencies at /metrics |
Enabled |
| Request logging | Structured logs with UUIDv7 correlation IDs | Enabled |
| Rate limiting | Per-IP request throttling | 100 req/sec |
| Security headers | X-Frame-Options, X-Content-Type-Options | Enabled |
| Panic recovery | Catches panics, returns 500, keeps running | Enabled |
| Graceful shutdown | Handles SIGTERM, drains connections | 30s timeout |
| Compression | gzip, brotli, deflate, zstd | Available |
Cargo Features
Enable optional capabilities:
| Feature | What it adds |
|---|---|
postgres |
PostgreSQL connection pooling with sqlx |
keycloak |
OIDC/JWT authentication via Keycloak |
opentelemetry |
Distributed tracing with OTLP export |
basic-auth |
HTTP Basic Auth and API key authentication |
session |
Cookie-based session management |
# Example: Enable PostgreSQL and Keycloak
= { = "0.3", = ["postgres", "keycloak"] }
Configuration Example
# config/prod.toml
[]
= "0.0.0.0"
= 8080
= "32KiB"
= "30s"
= 1000
[]
= ["https://app.example.com"]
= ["GET", "POST", "PUT", "DELETE"]
[]
= "{{ DATABASE_URL }}"
= 10
[]
= "json"
Documentation
| Guide | Description |
|---|---|
| Getting Started | Build your first service step-by-step |
| Architecture | How axum-conf works under the hood |
| Configuration | |
| Overview | Configuration methods and philosophy |
| TOML Reference | Complete configuration schema |
| Environment Variables | Using {{ VAR }} substitution |
| Features | |
| PostgreSQL | Database integration guide |
| Keycloak/OIDC | Authentication setup |
| OpenTelemetry | Distributed tracing |
| Basic Auth | Simple authentication |
| Sessions | Session management |
| Middleware | |
| Overview | Middleware stack architecture |
| Security | Rate limiting, CORS, headers |
| Observability | Logging, metrics, tracing |
| Performance | Compression, timeouts, limits |
| Kubernetes | |
| Health Checks | Liveness and readiness probes |
| Graceful Shutdown | Proper pod termination |
| Deployment | Complete K8s manifests |
| Reference | |
| Troubleshooting | Common issues and solutions |
| API Docs | Rustdoc API reference |
Minimal Kubernetes Deployment
apiVersion: apps/v1
kind: Deployment
metadata:
name: my-service
spec:
template:
spec:
containers:
- name: app
image: my-service:latest
ports:
- containerPort: 8080
env:
- name: RUST_ENV
value: "prod"
livenessProbe:
httpGet:
path: /live
port: 8080
readinessProbe:
httpGet:
path: /ready
port: 8080
terminationGracePeriodSeconds: 35
License
MIT