Configuration
Precedence
Section titled “Precedence”Configuration is layered (highest priority first):
- CLI flags —
--port 3000 - Environment variables —
RUSTYFILE_PORT=3000 - Config file —
config.toml - Compiled defaults
All options
Section titled “All options”| Option | CLI Flag | Env Var | Default | Description |
|---|---|---|---|---|
| host | --host | RUSTYFILE_HOST | 0.0.0.0 | Bind address |
| port | --port | RUSTYFILE_PORT | 8080 | Listen port |
| root | --root | RUSTYFILE_ROOT | ./data | Filesystem root to serve |
| data_dir | --data-dir | RUSTYFILE_DATA_DIR | ./rustyfile-data | Database and persistent data |
| cache_dir | --cache-dir | RUSTYFILE_CACHE_DIR | {data_dir}/cache | Thumbnails, HLS segments, TUS temp files |
| log_level | --log-level | RUSTYFILE_LOG_LEVEL | info | debug, info, warn, error |
| log_format | --log-format | RUSTYFILE_LOG_FORMAT | pretty | pretty or json |
| jwt_expiry_hours | --jwt-expiry-hours | RUSTYFILE_JWT_EXPIRY_HOURS | 2 | JWT token lifetime in hours |
| min_password_length | --min-password-length | RUSTYFILE_MIN_PASSWORD_LENGTH | 10 | Minimum password length |
| max_password_length | --max-password-length | RUSTYFILE_MAX_PASSWORD_LENGTH | 128 | Maximum password length (Argon2 DoS guard) |
| setup_timeout_minutes | --setup-timeout-minutes | RUSTYFILE_SETUP_TIMEOUT_MINUTES | 5 | First-run setup window duration |
| cors_origins | --cors-origins | RUSTYFILE_CORS_ORIGINS | same-origin | Comma-separated allowed origins, or * for any |
| max_upload_bytes | --max-upload-bytes | RUSTYFILE_MAX_UPLOAD_BYTES | 52428800 | Non-TUS upload body limit (50 MB) |
| max_listing_items | --max-listing-items | RUSTYFILE_MAX_LISTING_ITEMS | 10000 | Max items returned in directory listing |
| trusted_proxies | --trusted-proxies | RUSTYFILE_TRUSTED_PROXIES | 127.0.0.1 | Comma-separated IPs for X-Forwarded-For |
| tus_expiry_hours | --tus-expiry-hours | RUSTYFILE_TUS_EXPIRY_HOURS | 24 | Hours before incomplete uploads are purged |
| secure_cookie | --secure-cookie | RUSTYFILE_SECURE_COOKIE | true | Set Secure flag on auth cookies (requires HTTPS) |
| blocked_upload_extensions | --blocked-upload-extensions | RUSTYFILE_BLOCKED_UPLOAD_EXTENSIONS | .php,.sh,.exe,... | Comma-separated blocked file extensions for uploads |
| api_rate_limit | --api-rate-limit | RUSTYFILE_API_RATE_LIMIT | 60 | Max API requests per IP per minute (search, thumbnails, HLS) |
Config file
Section titled “Config file”host = "0.0.0.0"port = 8080root = "/srv/files"data_dir = "/var/lib/rustyfile"log_level = "info"log_format = "json"jwt_expiry_hours = 8cors_origins = "https://files.example.com"secure_cookie = trueRUSTYFILE_ROOT=/srv/filesRUSTYFILE_PORT=8080RUSTYFILE_DATA_DIR=/var/lib/rustyfileRUSTYFILE_LOG_FORMAT=jsonRUSTYFILE_JWT_EXPIRY_HOURS=8Place the config file as config.toml in the working directory where RustyFile is launched.
Directory layout
Section titled “Directory layout”{data_dir}/├── rustyfile.db # SQLite database└── cache/ ├── thumbs/ # Image thumbnail cache ├── hls/ # HLS segment cache └── uploads/ # In-progress TUS uploads