rcman - Rust Config Manager
A generic, framework-agnostic Rust library for managing application settings with backup/restore, sub-settings, and credential management.
Quick Links
Features
| Feature | Description |
|---|---|
| Settings Management | Load/save with rich schema metadata for UI rendering |
| Sub-Settings | Per-entity configs (e.g., one JSON per remote) |
| Backup & Restore | Encrypted ZIP backups with AES-256 |
| Secret Settings | Auto-routes secrets to OS keychain |
| Env Var Overrides | Override settings via environment variables (Docker/K8s) |
| Atomic Writes | Crash-safe file writes (temp file + rename) |
| Cross-Platform | Pure Rust - Windows, macOS, Linux, Android |
Installation
[]
= "0.1"
Feature Flags
| Feature | Description | Default? |
|---|---|---|
json |
JSON storage | â |
backup |
Backup/restore (zip) | â |
derive |
#[derive(SettingsSchema)] macro |
â |
keychain |
OS keychain support | â |
encrypted-file |
AES-256 encrypted file | â |
full |
All features | â |
Examples:
# Default (settings + backup)
= "0.1"
# Minimal (just settings, no backup)
= { = "0.1", = false, = ["json"] }
# With OS keychain support
= { = "0.1", = ["keychain"] }
# Everything
= { = "0.1", = ["full"] }
Quick Start
use ;
// Initialize with fluent builder API
let manager = builder
.config_dir
.with_credentials // Enable automatic secret storage
.with_env_prefix // Enable env var overrides (MYAPP_UI_THEME=dark)
.with_sub_settings // Per-entity config
.build?;
Core Concepts
1. Settings Schema with Builder Pattern
Define settings using the clean builder API:
use ;
Available Constructors
| Constructor | Description |
|---|---|
text(label, default) |
Text input |
password(label, default) |
Password input |
number(label, default) |
Number input |
toggle(label, default) |
Boolean toggle |
select(label, default, options) |
Dropdown |
color(label, default) |
Color picker |
path(label, default) |
File path |
info(label, default) |
Read-only |
Chainable Setters
.description() .min() .max() .step() .placeholder() .category() .order() .requires_restart() .advanced() .disabled() .secret() .pattern() .pattern_error()
Using the Derive Macro (Recommended)
Instead of implementing SettingsSchema manually, use the derive macro:
= { = "0.1", = ["derive"] }
use DeriveSettingsSchema;
use ;
Available field attributes:
label,description,categorymin,max,step(for numbers)options((...))(for selects)secret,advanced,requires_restart,skip
2. Sub-Settings
Per-entity configuration files (e.g., one config per "remote"):
use ;
use json;
// Register sub-settings via builder
let manager = builder
.with_sub_settings // Multi-file mode
.with_sub_settings // Single-file mode
.build?;
// Access sub-settings
let remotes = manager.sub_settings?;
// CRUD operations
remotes.set?;
let gdrive_config = remotes.?;
let all_remotes = remotes.list?;
remotes.delete?;
Storage Modes:
| Mode | Files Created | Use Case |
|---|---|---|
| Multi-file (default) | remotes/gdrive.json, remotes/s3.json |
Large configs, many entities |
| Single-file | backends.json |
Small collections, simpler file structure |
3. Secret Settings (Automatic Keychain Storage)
Settings marked with .secret() are automatically stored in the OS keychain:
// In schema
"api.key" => password
.secret,
// Usage - automatically routes to keychain!
manager.?;
// â Stored in OS keychain, NOT in settings.json
Backends:
- macOS: Keychain
- Windows: Credential Manager
- Linux: Secret Service (via libsecret)
- Fallback: Encrypted file with Argon2id + AES-256-GCM
4. Backup & Restore
Create, analyze, and restore encrypted backups using the builder pattern:
use ;
// Create backup with builder pattern
let backup_path = manager.backup
.create
?;
// Analyze a backup before restoring (inspect contents, check encryption)
let analysis = manager.backup.analyze?;
println!;
println!;
println!;
if !analysis.warnings.is_empty
// Restore with builder pattern
manager.backup
.restore
?;
5. Default Value Behavior
When you save a setting that equals its default, rcman removes it from storage:
- Regular settings: Removed from JSON file
- Secret settings: Removed from keychain
This keeps files minimal and allows changing defaults in code to auto-apply to users.
# Save non-default value
manager.?;
// Save default value (removed from storage)
manager.?; // "light" is default
// Or use reset_setting() to explicitly reset
manager.?;
6. Environment Variable Overrides
Override settings via environment variables for Docker/Kubernetes deployments:
// Enable with prefix
let config = builder
.with_env_prefix
.build;
Format: {PREFIX}_{CATEGORY}_{KEY} (all uppercase)
| Setting Key | Environment Variable |
|---|---|
ui.theme |
MYAPP_UI_THEME=dark |
core.port |
MYAPP_CORE_PORT=9090 |
general.debug |
MYAPP_GENERAL_DEBUG=true |
Priority: Env Var > Stored Value > Default
Type Parsing:
true/falseâ boolean- Numbers â i64/f64
- JSON â parsed as JSON
- Everything else â string
UI Detection:
let settings = manager.?;
for in settings
Note: Secret settings (stored in keychain) are NOT affected by env var overrides by default. To enable, use
.env_overrides_secrets(true):builder .with_env_prefix .env_overrides_secrets // Allow MYAPP_API_KEY to override keychain .build
Architecture
rcman/
âââ config/
â âââ types.rs # SettingsConfig + Builder
â âââ schema.rs # SettingMetadata + Builder, settings! macro
âââ credentials/
â âââ keychain.rs # OS keychain backend
â âââ encrypted.rs # AES-256-GCM file backend
â âââ memory.rs # Testing backend
âââ backup/
â âââ operations.rs # Create backups
â âââ restore.rs # Restore backups
â âââ archive.rs # Zip utilities
âââ manager.rs # Main SettingsManager
âââ storage.rs # StorageBackend trait
âââ sub_settings.rs # Per-entity configs
Performance
rcman is designed for efficiency:
- In-Memory Caching: Settings are cached after first load, eliminating redundant disk I/O
- Defaults Cache: Default values are cached to avoid repeated schema lookups
- Sync I/O: Simple, blocking file operations using
std::fs(no runtime overhead) - Smart Writes: Only writes to disk when values actually change
- Zero-Copy Reads: Uses
RwLockfor concurrent read access without cloning
Benchmarks (typical desktop app with 50 settings):
- First load: ~2ms (disk read + parse)
- Cached load: ~50Ξs (memory access)
- Save setting: ~1-3ms (validation + disk write)
Error Handling
All operations return typed errors:
use ;
match manager.
License
MIT