chore: update example config with ratelimit opts; format TOML

Signed-off-by: NotAShelf <raf@notashelf.dev> Change-Id: Iefb657f4564caa8fd9a0ec375522c4726a6a6964
2026-03-08 01:06:57 +03:00 · 2026-03-08 01:06:57 +03:00 · cb10c84809
commit cb10c84809
parent 99b3c01d22
4 changed files with 96 additions and 72 deletions
--- a/.cargo/config.toml
+++ b/.cargo/config.toml
@ -23,5 +23,3 @@ codegen-units = 1
 panic = "abort"
 strip = true
 incremental = false
--- a/.deny.toml
+++ b/.deny.toml
@ -81,7 +81,7 @@ ignore = [
  { id = "RUSTSEC-2024-0416", reason = "Used by Dioxus and there is no alternative!" },
  { id = "RUSTSEC-2024-0418", reason = "Used by Dioxus and there is no alternative!" },
  { id = "RUSTSEC-2024-0419", reason = "Used by Dioxus and there is no alternative!" },
-    { id = "RUSTSEC-2024-0420", reason = "Used by Dioxus and there is no alternative!"}
+  { id = "RUSTSEC-2024-0420", reason = "Used by Dioxus and there is no alternative!" },
  #"RUSTSEC-0000-0000",
  #{ id = "RUSTSEC-0000-0000", reason = "you can specify a reason the advisory is ignored" },
--- a/.rustfmt.toml
+++ b/.rustfmt.toml
@ -24,4 +24,3 @@ unstable_features            = true
 use_field_init_shorthand = true
 use_try_shorthand = true
 wrap_comments = true
--- a/pinakes.example.toml
+++ b/pinakes.example.toml
@ -95,10 +95,9 @@ port = 3000
 # session_timeout_secs = 86400
 # Enable CORS (Cross-Origin Resource Sharing)
 # When enabled with origins, replaces default localhost origins
 # Default: false
 # cors_enabled = true
 # Allowed CORS origins (if CORS is enabled)
 # cors_origins = ["http://localhost:5173", "https://app.example.com"]
 # Enable TLS/HTTPS
@ -198,6 +197,10 @@ sidebar_collapsed = false
 ## User Accounts & Authentication
 [accounts]
 # Session expiry in hours
 # Default: 24
 # session_expiry_hours = 24
 # Require email verification for new accounts
 # Default: false
 # require_email_verification = false
@ -222,6 +225,22 @@ sidebar_collapsed = false
 # Default: 900 (15 minutes)
 # lockout_duration_secs = 900
 ## Rate Limiting Configuration
 ## All rate limits are per-IP. Values control token bucket parameters:
 ## per_second = interval in seconds between token replenishment
 ## burst_size = maximum tokens (concurrent requests) allowed
 # [rate_limits]
 # global_per_second = 1       # ~100 req/sec with burst_size=100
 # global_burst_size = 100
 # login_per_second = 12       # ~5 req/min with burst_size=5
 # login_burst_size = 5
 # search_per_second = 6       # ~10 req/min with burst_size=10
 # search_burst_size = 10
 # stream_per_second = 60      # 1 per minute, max 5 concurrent
 # stream_burst_size = 5
 # share_per_second = 2        # Share token access rate limit
 # share_burst_size = 20
 ## Background Jobs Configuration
 [jobs]
 # Number of concurrent background job workers
@ -232,6 +251,11 @@ worker_count = 2
 # Default: 60
 cache_ttl_secs = 60
 # Maximum time a job can run before being cancelled (in seconds)
 # Set to 0 to disable timeout
 # Default: 3600 (1 hour)
 # job_timeout_secs = 3600
 ## Metadata Enrichment Configuration
 [enrichment]
 # Enable automatic metadata enrichment from online sources
@ -333,11 +357,14 @@ enabled = false
 # retention_days = 90
 ## Webhook Configuration
-# Send HTTP notifications for events
+# Send HTTP notifications for events.
 # Supported events: media.created, media.updated, media.deleted,
 #                   scan.completed, import.completed, test
 # Use "*" to receive all events.
 # [[webhooks]]
 # url = "https://example.com/webhook"
-# events = ["media.imported", "media.deleted", "tag.created"]
+# events = ["media.created", "media.deleted", "scan.completed"]
-# secret = "webhook-secret-for-signature"  # Optional HMAC secret
+# secret = "webhook-secret-for-signature"  # Optional BLAKE3 HMAC secret
 ## Scheduled Tasks
 # Configure periodic background tasks