#[non_exhaustive]pub struct ServerConfig {Show 23 fields
pub listen_addr: String,
pub listen_port: u16,
pub tls_cert_path: Option<PathBuf>,
pub tls_key_path: Option<PathBuf>,
pub tls_handshake_timeout: String,
pub max_concurrent_tls_handshakes: usize,
pub shutdown_timeout: String,
pub request_timeout: String,
pub allowed_origins: Vec<String>,
pub stdio_enabled: bool,
pub tool_rate_limit: Option<u32>,
pub tool_rate_limit_burst: Option<u32>,
pub extra_route_rate_limit: Option<u32>,
pub extra_route_rate_limit_burst: Option<u32>,
pub session_idle_timeout: String,
pub sse_keep_alive: String,
pub public_url: Option<String>,
pub compression_enabled: bool,
pub compression_min_size: u16,
pub max_concurrent_requests: Option<usize>,
pub admin_enabled: bool,
pub admin_role: String,
pub auth: Option<AuthConfig>,
}Expand description
Server listener configuration (reusable across MCP projects).
Fields (Non-exhaustive)§
This struct is marked as non-exhaustive
Struct { .. } syntax; cannot be matched against without a wildcard ..; and struct update syntax will not work.listen_addr: StringListen address (IP or hostname). Default: 127.0.0.1.
listen_port: u16Listen TCP port. Default: 8443.
tls_cert_path: Option<PathBuf>Path to the TLS certificate (PEM). Required for TLS/mTLS.
tls_key_path: Option<PathBuf>Path to the TLS private key (PEM). Required for TLS/mTLS.
tls_handshake_timeout: StringPer-handshake deadline on the TLS accept path, parsed via
humantime. Idle or slow-loris connections are dropped once it
elapses. Startup-only (not hot-reloadable); ignored unless TLS is
configured. Default: 10s.
max_concurrent_tls_handshakes: usizeCap on concurrently in-flight TLS handshakes. At saturation the
acceptor stops pulling new connections from the kernel backlog
(backpressure). Startup-only (not hot-reloadable); ignored unless
TLS is configured. Default: 256.
shutdown_timeout: StringGraceful shutdown timeout, parsed via humantime.
request_timeout: StringPer-request timeout, parsed via humantime.
allowed_origins: Vec<String>Allowed Origin header values for DNS rebinding protection (MCP spec). Requests with an Origin not in this list are rejected with 403. Requests without an Origin header are always allowed (non-browser).
stdio_enabled: boolAllow the stdio transport subcommand. Disabled by default because stdio mode bypasses auth, RBAC, TLS, and Origin validation.
tool_rate_limit: Option<u32>Maximum tool invocations per source IP per minute.
When set, enforced by the RBAC middleware on tools/call requests.
Protects against both abuse and runaway LLM loops.
tool_rate_limit_burst: Option<u32>Burst capacity for the tool rate limiter (bucket size; sustained
rate stays tool_rate_limit). Requires tool_rate_limit; must
be greater than zero.
extra_route_rate_limit: Option<u32>Maximum requests per source IP per minute on application routes
merged via McpServerConfig::with_extra_router (which bypass
auth/RBAC). Opt-in; must be greater than zero when set.
Keyed by the direct socket peer — no X-Forwarded-For
interpretation. Startup-only.
extra_route_rate_limit_burst: Option<u32>Burst capacity for the extra-route rate limiter (bucket size;
sustained rate stays extra_route_rate_limit). Requires
extra_route_rate_limit; must be greater than zero.
session_idle_timeout: StringIdle timeout for MCP sessions. Sessions with no activity for this duration are closed automatically. Default: 20 minutes.
sse_keep_alive: StringInterval for SSE keep-alive pings sent to the client. Prevents proxies and load balancers from killing idle connections. Default: 15 seconds.
public_url: Option<String>Externally reachable base URL (e.g. https://mcp.example.com).
When set, OAuth metadata endpoints advertise this URL instead of
the listen address. Required when the server binds to 0.0.0.0
behind a reverse proxy or inside a container.
compression_enabled: boolEnable gzip/br response compression for MCP responses.
compression_min_size: u16Minimum response size (bytes) before compression kicks in.
Only used when compression_enabled is true. Default: 1024.
max_concurrent_requests: Option<usize>Global cap on in-flight HTTP requests. When reached, excess requests receive 503 Service Unavailable (via load shedding).
admin_enabled: boolEnable /admin/* diagnostic endpoints.
admin_role: StringRBAC role required to access admin endpoints.
auth: Option<AuthConfig>Authentication configuration (API keys, mTLS, OAuth).