1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
# Crates Docs MCP Server Configuration Example
#
# =============================================================================
# Hot Reload Support Notes
# =============================================================================
#
# Marker explanation:
# - ✅ Supports hot reload: configuration changes take effect automatically without server restart
# - ❌ Does not support hot reload: configuration changes require server restart to take effect
#
# Configuration that supports hot reload:
# - logging section: all fields
# - auth/oauth/api_key section: all fields
# - cache section: TTL-related fields (default_ttl, crate_docs_ttl_secs, item_docs_ttl_secs, search_results_ttl_secs)
# - performance section: rate_limit_per_second, concurrent_request_limit, enable_metrics, enable_response_compression
#
# Configuration that does not support hot reload:
# - server section: all fields (involves listening socket and transport layer initialization)
# - cache section: cache_type, memory_size, redis_url, key_prefix (cache backend initialization parameters)
# - performance section: http_client_*, cache_max_size, cache_default_ttl_secs, metrics_port
#
# After modifying the configuration file, the system will automatically detect changes and apply hot-reloadable configuration items.
# =============================================================================
# [server] Server Configuration ❌ Does not support hot reload
# =============================================================================
# Warning: The following configuration changes require server restart to take effect
#
[]
# Server name
= "crates-docs"
# Server version (defaults to version in Cargo.toml)
# version = "0.5.3"
# Server description
= "High-performance Rust crate documentation query MCP server"
# Listen host
# For container deployment, use 0.0.0.0 to expose service externally; for local use only, change back to 127.0.0.1
= "0.0.0.0"
# Listen port
= 8080
# Transport mode: stdio, http, sse, hybrid
= "hybrid"
# Enable SSE support
= true
# Enable OAuth authentication
= false
# Maximum concurrent connections
= 100
# Request timeout (seconds)
= 30
# Response timeout (seconds)
= 60
# Security configuration
# Allowed hosts list (Host header validation)
# For container/reverse proxy deployment, add actual domain names or service names as needed
= ["localhost", "127.0.0.1", "0.0.0.0"]
# Allowed origins list (CORS)
# Development environment can use wildcard patterns; production environment should specify exact domain names
# Example: allowed_origins = ["https://your-domain.com"]
# Note: Using "*" will allow all origins, which poses security risks
= ["http://localhost:*"]
# =============================================================================
# [cache] Cache Configuration - Partial hot reload support
# =============================================================================
#
# ✅ Hot reload supported fields:
# default_ttl, crate_docs_ttl_secs, item_docs_ttl_secs, search_results_ttl_secs
#
# ❌ Hot reload not supported fields (require restart):
# cache_type, memory_size, redis_url, key_prefix
#
[]
# Cache type: memory, redis ❌ Does not support hot reload
= "memory"
# Memory cache size (number of entries) ❌ Does not support hot reload
= 1000
# Redis connection URL (used only when cache_type = "redis") ❌ Does not support hot reload
# redis_url = "redis://localhost:6379"
# Default cache TTL (seconds) ✅ Supports hot reload
= 3600
# Crate docs cache TTL (seconds), default 1 hour ✅ Supports hot reload
= 3600
# Item docs cache TTL (seconds), default 30 minutes ✅ Supports hot reload
= 1800
# Search results cache TTL (seconds), default 5 minutes ✅ Supports hot reload
= 300
# =============================================================================
# [oauth] OAuth Configuration ✅ Fully supports hot reload
# =============================================================================
#
# All fields support runtime hot reload, take effect immediately after modification (no restart needed)
#
[]
# Enable OAuth ✅ Supports hot reload
= false
# OAuth client ID ✅ Supports hot reload
# client_id = "your-client-id"
# OAuth client secret ✅ Supports hot reload
# client_secret = "your-client-secret"
# Redirect URI ✅ Supports hot reload
# redirect_uri = "http://localhost:8080/oauth/callback"
# Authorization endpoint ✅ Supports hot reload
# authorization_endpoint = "https://provider.com/oauth/authorize"
# Token endpoint ✅ Supports hot reload
# token_endpoint = "https://provider.com/oauth/token"
# Authorization scopes ✅ Supports hot reload
= ["openid", "profile", "email"]
# OAuth provider: Custom, GitHub, Google, Keycloak ✅ Supports hot reload
= "Custom"
# GitHub OAuth example configuration
# [oauth]
# enabled = true
# client_id = "github-client-id"
# client_secret = "github-client-secret"
# redirect_uri = "http://localhost:8080/oauth/callback"
# authorization_endpoint = "https://github.com/login/oauth/authorize"
# token_endpoint = "https://github.com/login/oauth/access_token"
# scopes = ["read:user", "user:email"]
# provider = "GitHub"
# Google OAuth example configuration
# [oauth]
# enabled = true
# client_id = "google-client-id"
# client_secret = "google-client-secret"
# redirect_uri = "http://localhost:8080/oauth/callback"
# authorization_endpoint = "https://accounts.google.com/o/oauth2/v2/auth"
# token_endpoint = "https://oauth2.googleapis.com/token"
# scopes = ["openid", "https://www.googleapis.com/auth/userinfo.profile", "https://www.googleapis.com/auth/userinfo.email"]
# provider = "Google"
# Keycloak OAuth example configuration
# [oauth]
# enabled = true
# client_id = "keycloak-client-id"
# client_secret = "keycloak-client-secret"
# redirect_uri = "http://localhost:8080/oauth/callback"
# authorization_endpoint = "https://keycloak.example.com/realms/myrealm/protocol/openid-connect/auth"
# token_endpoint = "https://keycloak.example.com/realms/myrealm/protocol/openid-connect/token"
# scopes = ["openid", "profile", "email"]
# provider = "Keycloak"
# =============================================================================
# [api_key] API Key Authentication Configuration ✅ Fully supports hot reload
# =============================================================================
#
# Note: Requires api-key feature to use this functionality
# All fields support runtime hot reload, take effect immediately after modification (no restart needed)
#
# [api_key]
# # Enable API Key authentication ✅ Supports hot reload
# enabled = true
# # List of valid API Key hashes (Argon2 PHC format) ✅ Supports hot reload
# # Do not store plaintext keys in configuration file; use `crates-docs generate-api-key`
# # to generate a one-time plaintext key, and save the output hash here
# keys = ["$argon2id$v=19$m=47104,t=1,p=1$replace$with_generated_hash"]
# # API Key header name ✅ Supports hot reload
# header_name = "X-API-Key"
# # API Key query parameter name (not recommended, lower security) ✅ Supports hot reload
# query_param_name = "api_key"
# # Allow API Key via query parameter (default false) ✅ Supports hot reload
# allow_query_param = false
# # API Key prefix (for generating and validating structured keys) ✅ Supports hot reload
# key_prefix = "sk"
# =============================================================================
# [logging] Logging Configuration ✅ Fully supports hot reload
# =============================================================================
#
# All fields support runtime hot reload, take effect immediately after modification (no restart needed)
#
[]
# Log level: trace, debug, info, warn, error ✅ Supports hot reload
= "info"
# Log file path (effective when enable_file = true) ✅ Supports hot reload
= "./logs/crates-docs.log"
# Enable console logging ✅ Supports hot reload
= true
# Enable file logging (default false, console output only) ✅ Supports hot reload
= false
# Maximum log file size (MB) ✅ Supports hot reload
= 100
# Number of log files to retain ✅ Supports hot reload
= 10
# =============================================================================
# [performance] Performance Configuration - Partial hot reload support
# =============================================================================
#
# ✅ Hot reload supported fields:
# rate_limit_per_second, concurrent_request_limit, enable_metrics, enable_response_compression
#
# ❌ Hot reload not supported fields (require restart):
# http_client_*, cache_max_size, cache_default_ttl_secs, metrics_port
#
[]
# HTTP client connection pool size ❌ Does not support hot reload
= 10
# HTTP client pool idle timeout (seconds) ❌ Does not support hot reload
= 90
# HTTP client connection timeout (seconds) ❌ Does not support hot reload
= 10
# HTTP client request timeout (seconds) ❌ Does not support hot reload
= 30
# HTTP client read timeout (seconds) ❌ Does not support hot reload
= 30
# HTTP client max retry attempts ❌ Does not support hot reload
= 3
# HTTP client retry initial delay (milliseconds) ❌ Does not support hot reload
= 100
# HTTP client retry max delay (milliseconds) ❌ Does not support hot reload
= 10000
# Cache maximum size (number of entries) ❌ Does not support hot reload
= 1000
# Cache default TTL (seconds) ❌ Does not support hot reload
= 3600
# Request rate limit (requests per second) ✅ Supports hot reload
= 100
# Concurrent request limit ✅ Supports hot reload
= 50
# Enable response compression ✅ Supports hot reload
= true
# Enable Prometheus metrics collection ✅ Supports hot reload
= true
# Metrics server port (0 means use server port) ❌ Does not support hot reload
= 0
# ============================================================================
# Environment Variable Configuration (for Docker deployment)
# ============================================================================
#
# The following environment variables can override settings in the configuration file.
# Priority: Environment variables > CLI configuration file > Default values
#
# API Key authentication environment variables:
# CRATES_DOCS_API_KEY_ENABLED=true # Enable API Key authentication
# CRATES_DOCS_API_KEYS=$argon2id$...,$argon2id$... # API Key hash list (comma-separated)
# CRATES_DOCS_API_KEY_HEADER=X-API-Key # API Key header name
# CRATES_DOCS_API_KEY_QUERY_PARAM_NAME=api_key # API Key query parameter name
# CRATES_DOCS_API_KEY_ALLOW_QUERY=false # Allow query parameter passing
# CRATES_DOCS_API_KEY_PREFIX=sk # API Key prefix
#
# First generate key:
# crates-docs generate-api-key --prefix sk
#
# Docker deployment example:
# docker run -d \
# -p 8080:8080 \
# -e CRATES_DOCS_API_KEY_ENABLED=true \
# -e CRATES_DOCS_API_KEYS='$argon2id$...generated_hash...' \
# crates-docs:latest
#
# Docker Compose example:
# services:
# crates-docs:
# image: crates-docs:latest
# ports:
# - "8080:8080"
# environment:
# - CRATES_DOCS_API_KEY_ENABLED=true
# - CRATES_DOCS_API_KEYS=$argon2id$...generated_hash...
# - CRATES_DOCS_HOST=0.0.0.0
# - CRATES_DOCS_PORT=8080
#
# CLI parameter example:
# crates-docs serve \
# --enable-api-key \
# --api-keys '$argon2id$...generated_hash...' \
# --api-key-header "X-API-Key"
#
# ============================================================================