# rustio-admin — environment template
# Copy to .env and adjust only what you need to change.
# Defaults below are SAFE FOR LOCAL DEVELOPMENT.
# ── Application ───────────────────────────────────────────────
# env_logger filter. Bump to "rustio_admin=debug" for framework
# internals, or "debug" for everything.
RUST_LOG=info
# Optional override for the embedded admin templates. Leave unset
# to use the framework defaults.
# RUSTIO_TEMPLATE_DIR=templates
# ── Database ──────────────────────────────────────────────────
# Components for a fresh local Postgres install. Override
# individually or set DATABASE_URL directly below.
DB_HOST=localhost
DB_PORT=5432
DB_USER=postgres
DB_PASSWORD=postgres # IMPORTANT: change in production
DB_NAME={{name}}_dev
# Composed connection string. rustio-admin reads this directly;
# the components above are substituted at .env load time.
DATABASE_URL=postgres://${DB_USER}:${DB_PASSWORD}@${DB_HOST}:${DB_PORT}/${DB_NAME}
# ── Security ──────────────────────────────────────────────────
# CSRF tokens, session cookies, and password hashing are managed
# by the framework — no shared secret to set here. Security
# headers (HSTS, X-Frame-Options, etc.) are wired in code via
# `middleware::security_headers`.
# ── Initial Admin Account ─────────────────────────────────────
# Admin users are created via the CLI, not env vars:
# rustio-admin-cli user create \
# --email admin@example.com \ # IMPORTANT: change in production
# --role administrator # CLI prompts for a password
# Minimum password length: 10 characters.
# ── Mail / Recovery ───────────────────────────────────────────
# The mailer is configured in code via `Admin::mailer(...)`.
# Default `LogMailer` writes reset emails to stdout —
# DEVELOPMENT ONLY. Production: wire `SmtpMailer` and call
# `Admin::recovery_policy(... .with_strict_mailer_required(true))`.
# ── Session / Recovery ────────────────────────────────────────
# Recovery tunables (token TTL, login throttle, re-auth window)
# live on the `RecoveryPolicy` trait. Defaults: 1h token TTL,
# 5 failures / 10 min → 15 min auto-lock, 15 min re-auth window.
# Override via `Admin::recovery_policy(...)` in code.