The full-stack Rust webapp template that just works.
Clone. Run. Build. No API keys, no configuration, no headaches.
A production-ready webapp starter with a Rust (Axum) backend and React (TypeScript) frontend. Google OAuth when you need it, dev-mode login when you don't. Deploy anywhere with one Docker image.
Built by rust4ai.com
git clone git@github.com:rust4ai/rust4all-template.git my-app
cd my-app
cp .env.example .env
./dev.shOpen http://localhost:5173. Click "Dev Login." You're in.
dev.sh handles everything: starts PostgreSQL (Docker), the Rust backend, and the React dev server.
rust4all-template/
├── backend/ Rust API server (Axum 0.8)
│ ├── src/
│ │ ├── main.rs Server setup, routing, middleware
│ │ ├── config.rs Zero-config env loading
│ │ ├── error.rs Typed errors → HTTP status codes
│ │ ├── controllers/ Route handlers (auth, items, docs, health)
│ │ ├── db/ SQL queries (users, items)
│ │ └── middleware/ JWT auth extractors
│ └── migrations/ Auto-run on startup
├── frontend/ React 19 SPA
│ └── src/
│ ├── api/ Typed HTTP client
│ ├── stores/ Zustand state management
│ └── components/ Pages, layout, UI
├── docs/ Markdown documentation (served in-app)
├── dev.sh One-command dev setup
├── Dockerfile Multi-stage production build
├── docker-compose.yml Local PostgreSQL
└── railway.toml Railway deployment config
| Layer | Tech | Why |
|---|---|---|
| API | Axum 0.8 + Tokio | Type-safe, async, fast |
| Database | PostgreSQL + SQLx | Raw SQL, compile-time checked |
| Auth | Google OAuth / dev login + JWT | Production & dev-friendly |
| Frontend | React 19 + TypeScript + Vite 8 | Fast builds, hot reload |
| Styling | Tailwind CSS 4 | Utility-first, dark mode |
| State | Zustand | Minimal boilerplate |
| Deploy | Docker + Railway | Single image, zero config |
Every config field has a default. The app boots with an empty .env. Dev-mode email login means no Google Cloud Console needed to start building.
When you're ready, add Google OAuth credentials and the app auto-switches to real OIDC authentication with CSRF protection, nonce verification, and HttpOnly JWT cookies.
- Rate limiting (60 req/min per IP)
- Security headers (HSTS, X-Frame-Options, XSS protection)
- CORS configured per environment
- Non-root Docker user
- Graceful shutdown for zero-downtime deploys
A working "items" resource with full create/read/update/delete — backend routes, SQL queries, API client, Zustand store, and UI. Copy the pattern for your own resources.
Three doc pages served from markdown files in docs/, rendered in-app with a sidebar nav. The landing page links directly to them.
| Mode | When | How |
|---|---|---|
| Dev | GOOGLE_CLIENT_ID not set |
Enter any email to log in instantly |
| OAuth credentials configured | Full OIDC flow with CSRF + nonce |
The frontend auto-detects the mode via GET /api/auth/mode.
- Push to GitHub
- Create a project in Railway
- Add PostgreSQL (Railway provides it)
- Connect your repo
- Set env vars:
DATABASE_URL,JWT_SECRET,FRONTEND_URL, Google OAuth creds - Deploy
The included railway.toml configures health checks and restart policy automatically.
1. backend/migrations/003_widgets.sql → CREATE TABLE
2. backend/src/db/widgets.rs → queries
3. backend/src/controllers/widgets.rs → handlers
4. backend/src/main.rs → routes
5. frontend/src/api/widgets.ts → API client
6. frontend/src/stores/widgets.store.ts → state
7. frontend/src/components/pages/Widgets.tsx → UI
pub async fn my_handler(
auth: AuthUser, // ← add this, route is now protected
State(state): State<AppState>,
) -> Result<Json<MyData>, AppError> {
// auth.user_id is available
}tokio::spawn(async move {
let mut interval = tokio::time::interval(Duration::from_secs(60));
loop {
interval.tick().await;
// your work here
}
});The template includes in-app documentation:
- Axum Backend — Architecture, auth, database, error handling
- React Frontend — Vite, Zustand, API client, routing
- Deployment — Docker, Railway, environment variables
Or read the markdown files directly in docs/.
MIT
Built with Rust. Built to last.
rust4ai.com