AppConfig

sqlpage::app_config

Struct AppConfig 

Source 
pub struct AppConfig {
Show 36 fields
    pub database_url: String,
    pub database_password: Option<String>,
    pub max_database_pool_connections: Option<u32>,
    pub database_connection_idle_timeout_seconds: Option<f64>,
    pub database_connection_max_lifetime_seconds: Option<f64>,
    pub sqlite_extensions: Vec<String>,
    pub listen_on: Option<SocketAddr>,
    pub port: Option<u16>,
    pub unix_socket: Option<PathBuf>,
    pub database_connection_retries: u32,
    pub database_connection_acquire_timeout_seconds: f64,
    pub web_root: PathBuf,
    pub configuration_directory: PathBuf,
    pub allow_exec: bool,
    pub max_uploaded_file_size: usize,
    pub oidc_issuer_url: Option<IssuerUrl>,
    pub oidc_client_id: String,
    pub oidc_client_secret: Option<String>,
    pub oidc_scopes: String,
    pub oidc_protected_paths: Vec<String>,
    pub oidc_public_paths: Vec<String>,
    pub oidc_additional_trusted_audiences: Option<Vec<String>>,
    pub https_domain: Option<String>,
    pub host: Option<String>,
    pub https_certificate_email: Option<String>,
    pub https_certificate_cache_dir: PathBuf,
    pub https_acme_directory_url: String,
    pub environment: DevOrProd,
    pub site_prefix: String,
    pub max_pending_rows: usize,
    pub compress_responses: bool,
    pub content_security_policy: ContentSecurityPolicyTemplate,
    pub system_root_ca_certificates: bool,
    pub max_recursion_depth: u8,
    pub markdown_allow_dangerous_html: bool,
    pub markdown_allow_dangerous_protocol: bool,

}

Fields§

§database_url: String§database_password: Option<String>

A separate field for the database password. If set, this will override any password specified in the database_url.

§max_database_pool_connections: Option<u32>§database_connection_idle_timeout_seconds: Option<f64>§database_connection_max_lifetime_seconds: Option<f64>§sqlite_extensions: Vec<String>§listen_on: Option<SocketAddr>§port: Option<u16>§unix_socket: Option<PathBuf>§database_connection_retries: u32

Number of times to retry connecting to the database after a failure when the server starts up. Retries will happen every 5 seconds. The default is 6 retries, which means the server will wait up to 30 seconds for the database to become available.

§database_connection_acquire_timeout_seconds: f64

Maximum number of seconds to wait before giving up when acquiring a database connection from the pool. The default is 10 seconds.

§web_root: PathBuf

The directory where the .sql files are located. Defaults to the current directory.

§configuration_directory: PathBuf

The directory where the sqlpage configuration file is located. Defaults to ./sqlpage.

§allow_exec: bool

Set to true to allow the sqlpage.exec function to be used in SQL queries. This should be enabled only if you trust the users writing SQL queries, since it gives them the ability to execute arbitrary shell commands on the server.

§max_uploaded_file_size: usize

Maximum size of uploaded files in bytes. The default is 10MiB (10 * 1024 * 1024 bytes)

§oidc_issuer_url: Option<IssuerUrl>

The base URL of the OpenID Connect provider. Required when enabling Single Sign-On through an OIDC provider.

§oidc_client_id: String

The client ID assigned to SQLPage when registering with the OIDC provider. Defaults to sqlpage.

§oidc_client_secret: Option<String>

The client secret for authenticating SQLPage to the OIDC provider. Required when enabling Single Sign-On through an OIDC provider.

§oidc_scopes: String

Space-separated list of scopes to request during OIDC authentication. Defaults to “openid email profile”

§oidc_protected_paths: Vec<String>

Defines a list of path prefixes that should be protected by OIDC authentication. By default, all paths are protected. If you specify a list of prefixes, only requests whose path starts with one of the prefixes will require authentication. For example, if you set this to ["/private"], then requests to /private/some_page.sql will require authentication, but requests to /index.sql will not. NOTE: OIDC_PUBLIC_PATHS takes precedence over OIDC_PROTECTED_PATHS. For example, if you have ["/private"] on the protected_paths like before, but also ["/private/public"] on the public_paths, then /private requires authentication, but /private/public requires not authentication. You cannot make a path inside a public path private again. So expanding the previous example, if you now add /private/public/private_again, then this path will still be accessible.

§oidc_public_paths: Vec<String>

Defines path prefixes to exclude from OIDC authentication. By default, no paths are excluded. Paths matching these prefixes will not require authentication. For example, if set to ["/public"], requests to /public/some_page.sql will not require authentication, but requests to /index.sql will still require it. To make /protected/public.sql public while protecting its containing directory, set oidc_public_paths to ["/protected/public.sql"] and oidc_protected_paths to ["/protected"]. Be aware that any path starting with /protected/public.sql (e.g., /protected/public.sql.backup) will also become public.

§oidc_additional_trusted_audiences: Option<Vec<String>>

Additional trusted audiences for OIDC JWT tokens, beyond the client ID. By default (when None), all additional audiences are trusted for compatibility with providers that include multiple audience values (like ZITADEL, Azure AD, etc.). Set to an empty list to only allow the client ID as audience. Set to a specific list to only allow those specific additional audiences.

§https_domain: Option<String>

A domain name to use for the HTTPS server. If this is set, the server will perform all the necessary steps to set up an HTTPS server automatically. All you need to do is point your domain name to the server’s IP address.

It will listen on port 443 for HTTPS connections, and will automatically request a certificate from Let’s Encrypt using the ACME protocol (requesting a TLS-ALPN-01 challenge).

§host: Option<String>

The hostname where your application is publicly accessible (e.g., “myapp.example.com”). This is used for OIDC redirect URLs. If not set, https_domain will be used instead.

§https_certificate_email: Option<String>

The email address to use when requesting a certificate from Let’s Encrypt. Defaults to contact@<https_domain>.

§https_certificate_cache_dir: PathBuf

The directory to store the Let’s Encrypt certificate in. Defaults to ./sqlpage/https.

§https_acme_directory_url: String

URL to the ACME directory. Defaults to the Let’s Encrypt production directory.

§environment: DevOrProd

Whether we should run in development or production mode. Used to determine whether to show error messages to the user.

§site_prefix: String

Serve the website from a sub path. For example, if you set this to /sqlpage/, the website will be served from https://yourdomain.com/sqlpage/. Defaults to /. This is useful if you want to serve the website on the same domain as other content, and you are using a reverse proxy to route requests to the correct server.

§max_pending_rows: usize

Maximum number of messages that can be stored in memory before sending them to the client. This prevents a single request from using up all available memory.

§compress_responses: bool

Whether to compress the http response body when the client supports it.

§content_security_policy: ContentSecurityPolicyTemplate

Content-Security-Policy header to send to the client. If not set, a default policy allowing

  • scripts from the same origin,
  • script elements with the nonce="{{@csp_nonce}}" attribute,
§system_root_ca_certificates: bool

Whether sqlpage.fetch should load trusted certificates from the operating system’s certificate store By default, it loads Mozilla’s root certificates that are embedded in the SQLPage binary, or the ones pointed to by the SSL_CERT_FILE and SSL_CERT_DIR environment variables.

§max_recursion_depth: u8

Maximum depth of recursion allowed in the run_sql function.

§markdown_allow_dangerous_html: bool§markdown_allow_dangerous_protocol: bool

Implementations§

Trait Implementations§

Source§

impl Clone for AppConfig

Source§

fn clone(&self) -> AppConfig

Returns a duplicate of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl Debug for AppConfig

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl<'de> Deserialize<'de> for AppConfig

Source§

fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error>
where __D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer. Read more
Source§

impl MarkdownConfig for AppConfig

Source§

fn allow_dangerous_html(&self) -> bool

Source§

fn allow_dangerous_protocol(&self) -> bool

Source§

impl PartialEq for AppConfig

Source§

fn eq(&self, other: &AppConfig) -> bool

Tests for self and other values to be equal, and is used by ==.
1.0.0 · Source§

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.
Source§

impl RoutingConfig for AppConfig

Source§

fn prefix(&self) -> &str

Source§

impl TryFrom<&AppConfig> for OidcConfig

Source§

type Error = Option<&'static str>

The type returned in the event of a conversion error.
Source§

fn try_from(config: &AppConfig) -> Result<Self, Self::Error>

Performs the conversion.
Source§

impl StructuralPartialEq for AppConfig

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<'a, T, E> AsTaggedExplicit<'a, E> for T
where T: 'a,

Source§

fn explicit(self, class: Class, tag: u32) -> TaggedParser<'a, Explicit, Self, E>

Source§

impl<'a, T, E> AsTaggedImplicit<'a, E> for T
where T: 'a,

Source§

fn implicit( self, class: Class, constructed: bool, tag: u32, ) -> TaggedParser<'a, Implicit, Self, E>

Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<T> DynClone for T
where T: Clone,

Source§

fn __clone_box(&self, _: Private) -> *mut ()

Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T> Instrument for T

Source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
Source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> IntoEither for T

Source§

fn into_either(self, into_left: bool) -> Either<Self, Self>

Converts self into a Left variant of Either<Self, Self> if into_left is true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
where F: FnOnce(&Self) -> bool,

Converts self into a Left variant of Either<Self, Self> if into_left(&self) returns true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

Source§

fn vzip(self) -> V

Source§

impl<T> WithSubscriber for T

Source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

impl<T> DeserializeOwned for T
where T: for<'de> Deserialize<'de>,

Source§

impl<T> ErasedDestructor for T
where T: 'static,