Cookest
Backend API

Environment Variables

All configuration variables for the Cookest API

Environment Variables

Copy .env.example to .env and fill in the required values.

cp .env.example .env

Required variables

VariableDescriptionExample
DATABASE_URLPostgreSQL connection stringpostgres://user:pass@localhost/cookest
JWT_SECRETJWT signing key β€” minimum 32 characterssuper-secret-key-at-least-32-chars

Optional variables

VariableDefaultDescription
HOST0.0.0.0Server bind address
PORT8080Server port
CORS_ORIGINhttp://localhost:3000Allowed CORS origin
JWT_ACCESS_EXPIRY_SECONDS900Access token TTL (15 minutes)
JWT_REFRESH_EXPIRY_SECONDS2592000Refresh token TTL (30 days)
OLLAMA_URLhttp://localhost:11434Ollama API base URL
OLLAMA_MODELllavaVision model for PDF price extraction
PDF_UPLOAD_DIR/var/cookest/pdfsWritable directory for uploaded PDFs
STRIPE_WEBHOOK_SECRETβ€”Stripe webhook signing secret (whsec_...)

Security notes

Never commit your .env file. The .gitignore already excludes it. In production, inject secrets via environment variables or a secrets manager β€” never via a committed file.

  • JWT_SECRET must be at least 32 characters of random data (openssl rand -hex 32)
  • STRIPE_WEBHOOK_SECRET starts with whsec_ β€” obtain from the Stripe dashboard
  • DATABASE_URL should use a dedicated database user with least-privilege permissions in production

Getting Started

Running the Cookest Rust API locally

Authentication

JWT-based auth flow β€” login, refresh, and protected endpoints

On this page

Environment VariablesRequired variablesOptional variablesSecurity notes