production_mode bool Enables strict production startup guardrails.
default: false
latlng-server reads JSON or TOML from --config or LATLNG_CONFIG. Environment variables and explicit CLI flags override file values.
Print the full config reference, validate your config file before booting, or run the server directly. Validation is the same code path that loads configuration at startup.
latlng-server --print-config-reference
latlng-cli config-reference
latlng-server --config ./latlng.toml --check-config
latlng-cli config-validate ./latlng.toml
Set production_mode = true to convert security-sensitive warnings into startup failures. This catches disabled auth, static-bearer-only production auth, JWT/JWKS without issuer or audience checks, non-HTTPS JWKS URLs, wildcard CORS with auth, and weak follower replication credentials.
[storage]
type = "aof"
path = "./data/appendonly.aof" http_max_body_bytes = 10485760
http_request_timeout_ms = 30000
http_rate_limit_enabled = false production_mode bool Enables strict production startup guardrails.
default: false
listen_addr string HTTP listen address.
default: "127.0.0.1:7421"
capnp_enabled bool Enables the Cap'n Proto RPC and replication listener.
default: false
capnp_listen_addr string Cap'n Proto listen address.
default: "127.0.0.1:7422"
server_id string Stable server identity used in replication status.
default: "<generated uuid>"
storage storage_mode Storage backend. Use memory or aof with a path.
default: "memory"
read_only bool Rejects mutating commands when true.
default: false
command_timeouts map<string,float> Per-command timeout overrides in seconds.
default: {}
subscriber_queue_capacity usize Per-subscriber event queue capacity.
default: 4096
webhook_queue_path path|null SQLite webhook queue path. Defaults near the AOF or current directory.
default: null
webhook_timeout_ms u64 HTTP timeout for webhook deliveries.
default: 5000
webhook_concurrency_limit usize Maximum concurrent webhook delivery attempts.
default: 128
webhook_retry_count u32 Maximum webhook retry attempts before dead-lettering.
default: 8
webhook_retry_initial_backoff_ms u64 Initial webhook retry backoff.
default: 200
webhook_retry_max_backoff_ms u64 Maximum webhook retry backoff.
default: 30000
webhook_lease_ms u64 Webhook job lease duration.
default: 30000
native_executor_threads usize Native worker thread count for core operations.
default: <available CPU parallelism>
native_executor_queue_limit usize Native executor queue limit.
default: <native_executor_threads * 64>
aof_writer_queue_limit usize AOF writer queue limit.
default: 4096
aof_group_commit_delay_ms u64 Maximum AOF group commit delay.
default: 1
aof_group_commit_max_requests usize Maximum requests per AOF commit cycle.
default: 128
follow_host string|null Leader host for follower replication.
default: null
follow_port u16|null Leader Cap'n Proto port for follower replication.
default: null
replication_credential string|null Dedicated credential for replication streams.
default: null
replication_batch_size usize Maximum entries per replication stream response.
default: 512
replication_reconnect_backoff_ms u64 Follower reconnect backoff after failures.
default: 1000
http_cors_enabled bool Enables HTTP CORS middleware.
default: false
http_cors_allowed_origins list<string> Allowed CORS origins. Avoid * with auth.
default: []
http_cors_allowed_methods list<string> Allowed CORS methods.
default: ["GET","POST","PUT","DELETE","OPTIONS"]
http_cors_allowed_headers list<string> Allowed CORS headers.
default: ["authorization","content-type","x-request-id"]
http_cors_max_age_seconds u64|null Optional CORS preflight cache max-age.
default: null
http_max_body_bytes usize Maximum accepted HTTP request body size.
default: 10485760
http_request_timeout_ms u64 Maximum HTTP request duration.
default: 30000
http_rate_limit_enabled bool Enables a simple global HTTP token-bucket rate limit.
default: false
http_rate_limit_requests_per_second u64 Global HTTP rate-limit refill rate.
default: 1000
http_rate_limit_burst u64 Global HTTP rate-limit burst capacity.
default: 1000
http_principal_rate_limit_enabled bool Enables per-principal HTTP token-bucket rate limiting.
default: false
http_principal_rate_limit_requests_per_second u64 Per-principal HTTP rate-limit refill rate.
default: 100
http_principal_rate_limit_burst u64 Per-principal HTTP rate-limit burst capacity.
default: 200
logging_enabled bool Enables structured server logging.
default: true
log_format compact|json Log output format.
default: "compact"
log_level string Tracing filter level.
default: "info"
log_destination stderr|stdout|file|none Log destination.
default: "stderr"
log_file_path path|null Required when log destination is file.
default: null
require_auth bool Rejects unauthenticated requests when true.
default: false
bearer_token string|null Static full-admin bearer token.
default: null
disable_bearer_token bool Disables static bearer-token authentication even when configured.
default: false
jwt_secret string|null HMAC JWT verification secret.
default: null
jwt_public_key_pem string|null PEM public key for asymmetric JWT validation.
default: null
jwt_issuer string|null Expected JWT issuer.
default: null
jwt_audience string|null Expected JWT audience.
default: null
jwt_algorithm string|null JWT algorithm override.
default: null
jwks_url string|null JWKS endpoint URL.
default: null
jwks_provider_id string|null Provider ID for logs and docs.
default: null
jwks_refresh_interval_seconds u64 JWKS background refresh interval.
default: 300
jwks_cache_ttl_seconds u64 JWKS cache TTL.
default: 3600
jwks_http_timeout_ms u64 JWKS HTTP request timeout.
default: 3000
jwt_leeway_seconds u64 JWT clock-skew leeway.
default: 0