C³ CELERITY

April 17, 2026 · View on GitHub

⚡ Fast. Simple. Long-lasting.

C³ CELERITY by Click Connect — modern web panel for managing Hysteria 2 and Xray VLESS proxy servers with centralized authentication, one-click node setup, and flexible user-to-server group mapping.

Built for performance: Lightweight architecture designed for speed at any scale.

C³ CELERITY Dashboard
Dashboard — real-time server monitoring and statistics

⚡ Quick Start

Updating an existing installation? See Safe Production Updates.

1. Install Docker (if not installed):

curl -fsSL https://get.docker.com | sh

2. Deploy panel (Docker Hub - recommended):

mkdir hysteria-panel && cd hysteria-panel

# Download required files
curl -O https://raw.githubusercontent.com/ClickDevTech/hysteria-panel/main/docker-compose.hub.yml
curl -O https://raw.githubusercontent.com/ClickDevTech/hysteria-panel/main/docker.env.example

# Create Greenlock SSL config (required for HTTPS)
mkdir -p greenlock.d
curl -o greenlock.d/config.json https://raw.githubusercontent.com/ClickDevTech/hysteria-panel/main/greenlock.d/config.json

cp docker.env.example .env
nano .env  # Set your domain, email, and secrets
docker compose -f docker-compose.hub.yml up -d

Alternative: Build from source (for development or customization)

git clone https://github.com/ClickDevTech/hysteria-panel.git
cd hysteria-panel
cp docker.env.example .env
nano .env  # Set your domain, email, and secrets
docker compose up -d

3. Open https://your-domain/panel

Planning to manage the panel from AI assistants? See MCP Setup Guide.

Required .env variables:

PANEL_DOMAIN=panel.example.com
ACME_EMAIL=admin@example.com
ENCRYPTION_KEY=your32characterkey  # openssl rand -hex 16
SESSION_SECRET=yoursessionsecret   # openssl rand -hex 32
MONGO_PASSWORD=yourmongopassword   # openssl rand -hex 16

🐳 Dokploy (Development and Release)

Use docker-compose.dokploy.yml when deploying through Dokploy with Traefik.

Development Mode (build from current branch)

In Dokploy, create a project from this repository/branch.
Set compose path to docker-compose.dokploy.yml.
Add env vars from docker.env.example and set at least:
- MONGO_PASSWORD
- PANEL_DOMAIN
- ACME_EMAIL
- ENCRYPTION_KEY
- SESSION_SECRET
- DOKPLOY_PANEL_HOST (domain used in Traefik Host(...) rule)
- DOKPLOY_TRAEFIK_SERVICE_PORT (Traefik target/backend port, default 3000)
Deploy: Dokploy will run build: . and start the stack.

This mode is best when you test branch changes before publishing a release image.

Release Mode (Docker Hub image)

If you want stable deploys from Docker Hub tags (without building), replace backend image source in Dokploy compose with:

backend:
  image: clickdevtech/hysteria-panel:latest
  # or pin a release tag, e.g. clickdevtech/hysteria-panel:v1.2.3
  restart: always
  depends_on:
    mongo:
      condition: service_healthy
    redis:
      condition: service_healthy
  expose:
    - "${DOKPLOY_TRAEFIK_SERVICE_PORT:-3000}"
  labels:
    - "traefik.enable=true"
    - "traefik.http.routers.celerity.rule=Host(`${DOKPLOY_PANEL_HOST}`)"
    - "traefik.http.routers.celerity.entrypoints=websecure"
    - "traefik.http.routers.celerity.tls=true"
    - "traefik.http.services.celerity.loadbalancer.server.port=${DOKPLOY_TRAEFIK_SERVICE_PORT:-3000}"
  env_file:
    - .env

Use latest for fast updates, or pin an explicit tag for predictable production rollouts.

✨ Features

🖥 Web Panel — Full UI for managing nodes and users
🔐 Dual Protocol — Hysteria 2 and Xray VLESS on one panel
🛡️ Panel 2FA (TOTP) — Unified TOTP verification flow for admin login and sensitive security actions
🚀 Auto Node Setup — Install Hysteria/Xray, certs, port hopping in one click
👥 Server Groups — Flexible user-to-node mapping
⚖️ Load Balancing — Distribute users by server load
🚫 Traffic Filtering (ACL) — Block ads, domains, IPs; route through custom proxies
🧩 Advanced Hysteria Config — optional ACME challenge options, masquerade modes, resolver, speed test, sniffing, and QUIC tuning
📊 Statistics — Online users, traffic, server status
📱 Subscriptions — Auto-format for Clash, Sing-box, Shadowrocket, Hiddify
🔄 Backup/Restore — Automatic backups with S3 support
💻 SSH Terminal — Direct node access from browser
🔑 API Keys — Secure external access with scopes, IP allowlist, rate limiting
🪝 Webhooks — Real-time event notifications with HMAC-SHA256 signing
🗺 Network Map — Visual cascade topology with Forward/Reverse chain routing (beta)
🤖 MCP Integration — Native AI assistant support (Claude, Cursor, etc.) for panel management

⚠️ Beta Features

Network Map & Cascade Topology

Status: beta — fully functional, but manual verification after deploy is recommended.

Cascade topology allows building server chains where clients connect to one node while traffic exits through another. This is useful in scenarios where the entry point must reside in a specific network or jurisdiction — for example, when connections must originate from local cloud provider IP ranges.

Why Use This

Many corporate and carrier networks apply IP-range filtering. Traffic to well-known local hosting providers may pass unrestricted, while connections to foreign IPs are blocked or throttled. Cascade topology solves this: clients connect to a server in a "trusted" IP range, and traffic is transparently proxied to an external server.

Xray Mechanisms Used

The panel generates Xray-core configurations using the following mechanisms:

Mechanism	Purpose
Reverse Proxy	Xray bridge/portal — allows a server behind NAT to initiate a connection to a public node and receive traffic through it
Outbound Chaining	Sequential proxying through multiple outbounds via `proxySettings.tag`
REALITY	TLS handshake camouflage to look like a connection to a legitimate site; no domain or certificate required
Transport Layer Proxy	`transportLayer: true` mode for correct REALITY application in hop chains

Link Modes

Reverse Proxy — classic Xray reverse scheme. The Bridge server (typically abroad) initiates a persistent connection to the Portal server. Clients connect to Portal, traffic exits through Bridge.

Client ──▶ Portal (entry) ◀── tunnel ── Bridge (exit) ──▶ Internet
                           (bridge initiates connection)

Portal can be behind NAT or firewall — no incoming connections required
Suitable for scenarios where the entry point must be in a specific network

Forward Chain — direct outbound chain. Portal establishes connections through relay nodes to the exit Bridge.

Client ──▶ Portal ──▶ Relay (opt.) ──▶ Bridge (exit) ──▶ Internet
           (chained outbounds)

All nodes in the chain must have a public IP
REALITY is supported on each hop to encrypt inter-server traffic

REALITY Between Nodes

Tunnel-REALITY is configured independently from the client-facing REALITY on the Portal node. This enables:

Encrypting inter-server traffic without drawing attention
Using different SNI/destination for clients vs. tunnels
Auto-generating x25519 keys and shortIds when creating links

Post-Deploy Recommendations

Check hop statuses on the Network Map
Verify traffic exits through the expected Bridge (check exit IP)
For Forward Chain — confirm each relay is reachable on its tunnelPort

Limitations

Constraint	Reason
REALITY + WebSocket	WebSocket doesn't support uTLS fingerprint required by REALITY
Forward Chain without public IP	Each hop must accept incoming connections
Mixed modes in one chain	Reverse and Forward use different Xray mechanisms and cannot be combined
Same port on relay for two hops	A relay that is both bridge and portal requires different ports for incoming and outgoing tunnels

🏗 Architecture

                              ┌─────────────────┐
                              │     CLIENTS     │
                              │ Clash, Sing-box │
                              │   Shadowrocket  │
                              └────────┬────────┘
                                       │
                     hysteria2:// or vless://
                                       │
              ┌────────────────────────┼────────────────────────┐
              ▼                        ▼                        ▼
     ┌─────────────────┐      ┌─────────────────┐      ┌─────────────────┐
     │  Hysteria Node  │      │   Xray Node     │      │  Hysteria Node  │
     │   :443 + hop    │      │  VLESS Reality  │      │   :443 + hop    │
     └────────┬────────┘      └────────┬────────┘      └────────┬────────┘
              │                        │                        │
              │    POST /api/auth      │   CC Agent API         │
              │    GET /online         │                        │
              └────────────────────────┼────────────────────────┘
                                       ▼
                          ┌────────────────────────┐
                          │    HYSTERIA PANEL      │
                          │                        │
                          │  • Web UI (/panel)     │
                          │  • HTTP Auth API       │
                          │  • Subscriptions       │
                          │  • SSH Terminal        │
                          │  • Stats Collector     │
                          └───────────┬────────────┘
                                      │
                                      ▼
                          ┌────────────────────────┐
                          │       MongoDB          │
                          └────────────────────────┘

How Authentication Works

Hysteria:

Client connects to node with userId:password
Node sends POST /api/auth to panel
Panel validates user and returns { "ok": true/false }

Xray:

Client connects with UUID (xrayUuid)
CC Agent on node manages user list via API
Panel syncs users to node without restarting Xray

Server Groups

Instead of rigid "plans", use flexible groups:

Create group (e.g., "Europe", "Premium")
Assign nodes to group
Assign users to group
User gets only nodes from their groups in subscription

🔧 Node Types

Hysteria 2

Fast UDP protocol based on QUIC with port hopping and obfuscation support.

Advantages:

High speed on unstable networks
Port hopping to bypass blocks
Salamander obfuscation

Settings:

Port, port range for hopping
ACME or self-signed certificates
Obfs (Salamander) with password

Advanced Hysteria settings in panel:

Port Hopping interval (hopInterval)
ACME advanced options (challenge type, alt ports, DNS challenge provider and config)
Masquerade modes: proxy and string
Bandwidth limits (up / down) and ignoreClientBandwidth
Built-in speedTest, disableUDP, udpIdleTimeout
Protocol sniffing (sniff) and QUIC parameters (quic)
Custom DNS resolver (resolver)
ACL source mode (inline or file) + GeoIP/GeoSite paths
Advanced sections are optional and omitted from generated config until enabled in UI

Xray VLESS

Modern protocol with Reality support and various transports.

Advantages:

Reality — disguise as legitimate HTTPS traffic
Multiple transports (TCP, WebSocket, gRPC, XHTTP)
No domain required for Reality

Transports:

Transport	Description	Client Support
TCP	Direct connection, max speed	All clients
WebSocket	Works through CDN and proxies	All clients
gRPC	Multiplexing, good for CDN	All clients
XHTTP	New splithttp transport	Limited*

*XHTTP is not supported by all clients (Clash/Sing-box don't support it yet)

Security:

Mode	Description
Reality	Disguise as popular site, no domain needed
TLS	Classic TLS with certificate
None	No encryption (not recommended)

🚀 Xray Node Setup

Automatic Setup (Recommended)

Add node in panel:
- Type: Xray
- IP, SSH credentials
- Security: Reality (recommended)
- Transport: TCP (recommended for Reality)
Click "⚙️ Auto Setup"
Panel will automatically:
- Install Xray-core
- Generate Reality keys (x25519)
- Upload config
- Install CC Agent for user management
- Open firewall ports
- Start services

Reality Settings

Field	Description	Example
Dest	Disguise destination (domain:port)	`www.google.com:443`
SNI	Server Name Indication	`www.google.com`
Private Key	x25519 private key	Auto-generated
Public Key	Public key (for clients)	Auto-generated
Short IDs	Session identifiers	Auto-generated

CC Agent

CC Agent is a lightweight HTTP service on the node for managing Xray users without restart.

Features:

Add/remove users on the fly
Traffic stats collection
Health check

Agent is installed automatically during Xray node auto-setup.

🔧 Hysteria Node Setup

Understanding Node Configuration

Ports

Main port (443) — Port Hysteria listens on
Port hopping range (20000-50000) — UDP ports for hopping
Stats port (9999) — Internal port for stats collection

Domain vs SNI

Field	Purpose	Example
Domain	For ACME/Let's Encrypt certificates	`de1.example.com` → `1.2.3.4`
SNI	For masquerading (domain fronting)	`www.google.com`

Scenarios:

Simple setup: Set domain, leave SNI empty
Domain fronting: Set domain for certs, SNI as popular domain
No domain: Leave empty — self-signed certificate will be used

Automatic Setup (Recommended)

Add node in panel (IP, SSH credentials)
Click "⚙️ Auto Setup"
Panel will automatically:
- Install Hysteria 2
- Configure ACME or self-signed certificates
- Set up port hopping
- Open firewall ports
- Start service

Obfuscation (Salamander)

Hysteria supports obfuscation to disguise traffic:

Enable Obfs in node settings
Set obfuscation password
Save and update config

Clients will automatically receive obfs params in subscription.

Single VPS Setup (Panel + Node)

You can run panel and node on the same VPS (panel TCP, node UDP on 443).

Option 1: Use panel domain (recommended)

Set node domain same as panel domain
Panel certificates will be copied automatically

Option 2: No domain (self-signed)

Leave domain field empty
Self-signed certificate will be generated

📖 API Reference

API Key Authentication

All /api/* endpoints (except /api/auth and /api/files) require authentication.

Create a key: Settings → Security → API Keys → Create Key

Usage:

# Option 1 — header
X-API-Key: ck_your_key_here

# Option 2 — Bearer token
Authorization: Bearer ck_your_key_here

Scopes

Scope	Access
`users:read`	Read users
`users:write`	Create / update / delete users
`nodes:read`	Read nodes
`nodes:write`	Create / update / delete / sync nodes
`stats:read`	Read stats and groups
`sync:write`	Trigger sync, kick users

Rate Limiting

Each key has a configurable rate limit (default: 60 req/min).
Exceeded requests return 429 with X-RateLimit-Limit / X-RateLimit-Remaining headers.

Authentication (for nodes)

POST `/api/auth`

Validates user on Hysteria node connection.

// Request
{ "addr": "1.2.3.4:12345", "auth": "userId:password" }

// Response (success)
{ "ok": true, "id": "userId" }

// Response (error)
{ "ok": false }

Subscriptions

GET `/api/files/:token`

Universal subscription endpoint. Auto-detects format by User-Agent.

User-Agent	Format
`shadowrocket`	Base64 URI list
`clash`, `stash`, `surge`	Clash YAML
`hiddify`, `sing-box`, `karing`	Sing-box JSON
Browser	HTML page with QR code
Other	Plain URI list

Query params: ?format=clash, ?format=singbox, ?format=uri

GET `/api/files/info/:token`

Subscription info (status, traffic, expiry).

Users

Required scope: users:read (GET) / users:write (POST, PUT, DELETE)

Method	Endpoint	Description
GET	`/api/users`	List users (pagination, filtering, sorting)
GET	`/api/users/:userId`	Get user
POST	`/api/users`	Create user
PUT	`/api/users/:userId`	Update user
DELETE	`/api/users/:userId`	Delete user
POST	`/api/users/:userId/enable`	Enable user
POST	`/api/users/:userId/disable`	Disable user
POST	`/api/users/:userId/groups`	Add user to groups
DELETE	`/api/users/:userId/groups/:groupId`	Remove user from group
POST	`/api/users/sync-from-main`	Sync from external DB

Nodes

Required scope: nodes:read (GET) / nodes:write (POST, PUT, DELETE)

Method	Endpoint	Description
GET	`/api/nodes`	List nodes
GET	`/api/nodes/:id`	Get node
POST	`/api/nodes`	Create node
PUT	`/api/nodes/:id`	Update node
DELETE	`/api/nodes/:id`	Delete node
GET	`/api/nodes/:id/config`	Get node config (YAML/JSON)
GET	`/api/nodes/:id/status`	Get node status
POST	`/api/nodes/:id/reset-status`	Reset status to online
GET	`/api/nodes/:id/users`	Get users on node
POST	`/api/nodes/:id/sync`	Sync specific node
POST	`/api/nodes/:id/update-config`	Push config via SSH
POST	`/api/nodes/:id/setup`	Auto-setup node via SSH
POST	`/api/nodes/:id/setup-port-hopping`	Setup port hopping
POST	`/api/nodes/:id/groups`	Add node to groups
DELETE	`/api/nodes/:id/groups/:groupId`	Remove from group
GET	`/api/nodes/:id/agent-info`	Get CC Agent info (Xray)
POST	`/api/nodes/:id/generate-xray-keys`	Generate Reality keys

Stats & Sync

Method	Endpoint	Scope	Description
GET	`/api/stats`	`stats:read`	Panel statistics
GET	`/api/groups`	`stats:read`	List server groups
POST	`/api/sync`	`sync:write`	Sync all nodes
POST	`/api/kick/:userId`	`sync:write`	Kick user from all nodes

🪝 Webhooks

Send real-time event notifications to any HTTP endpoint.

Configure: Settings → Security → Webhooks

Request Format

POST https://your-endpoint.com/webhook
Content-Type: application/json
X-Webhook-Event: user.created
X-Webhook-Timestamp: 1700000000
X-Webhook-Signature: sha256=<hmac>
User-Agent: C3-Celerity-Webhook/1.0

{
  "event": "user.created",
  "timestamp": "2024-01-01T00:00:00.000Z",
  "data": { ... }
}

Signature Verification

const crypto = require('crypto');
const expected = 'sha256=' + crypto
  .createHmac('sha256', YOUR_SECRET)
  .update(`${timestamp}.${rawBody}`)
  .digest('hex');
// compare with X-Webhook-Signature header

Events

Event	Trigger
`user.created`	User created
`user.updated`	User updated
`user.deleted`	User deleted
`user.enabled`	User enabled
`user.disabled`	User disabled
`user.traffic_exceeded`	User traffic limit reached
`user.expired`	User subscription expired
`node.online`	Node came online
`node.offline`	Node went offline
`node.error`	Node error
`sync.completed`	Sync cycle finished

📊 Data Models

User

Field	Type	Description
`userId`	String	Unique ID
`username`	String	Display name
`subscriptionToken`	String	URL token for subscription
`xrayUuid`	String	UUID for Xray VLESS (auto-generated)
`enabled`	Boolean	User active status
`groups`	[ObjectId]	Server groups
`nodes`	[ObjectId]	Direct node assignments
`traffic`	Object	`{ tx, rx, lastUpdate }` — used traffic
`trafficLimit`	Number	Traffic limit in bytes (0 = unlimited)
`maxDevices`	Number	Device limit (0 = group limit, -1 = unlimited)
`expireAt`	Date	Expiration date

Node

Field	Type	Description
`type`	String	`hysteria` or `xray`
`name`	String	Display name
`flag`	String	Country flag (emoji)
`ip`	String	IP address
`domain`	String	Domain for SNI/ACME
`sni`	String	Custom SNI for masquerading
`port`	Number	Main port (443)
`portRange`	String	Port hopping range
`portConfigs`	Array	Multi-port: `[{ name, port, portRange, enabled }]`
`obfs`	Object	Obfuscation: `{ type: 'salamander', password }`
`statsPort`	Number	Hysteria stats port (9999)
`statsSecret`	String	Stats API secret
`groups`	[ObjectId]	Server groups
`outbounds`	Array	Proxies for ACL: `[{ name, type, addr }]`
`aclRules`	[String]	ACL rules
`maxOnlineUsers`	Number	Max online for load balancing
`rankingCoefficient`	Number	Sorting coefficient (1.0)
`status`	String	online/offline/error/syncing
`traffic`	Object	`{ tx, rx, lastUpdate }` — node traffic
`xray`	Object	Xray settings (see below)

Xray Settings (node.xray)

Field	Type	Description
`transport`	String	tcp, ws, grpc, xhttp
`security`	String	reality, tls, none
`flow`	String	xtls-rprx-vision (for tcp)
`fingerprint`	String	chrome, firefox, safari, etc.
`alpn`	[String]	ALPN protocols (h3, h2, http/1.1)
`realityDest`	String	Disguise destination
`realitySni`	[String]	Server names
`realityPrivateKey`	String	x25519 private key
`realityPublicKey`	String	Public key
`realityShortIds`	[String]	Short IDs
`realitySpiderX`	String	Spider X path (default: /)
`wsPath`	String	WebSocket path
`wsHost`	String	WebSocket host header
`grpcServiceName`	String	gRPC service name
`xhttpPath`	String	XHTTP path
`xhttpHost`	String	XHTTP host header
`xhttpMode`	String	auto, packet-up, stream-up
`apiPort`	Number	Xray gRPC API port (61000)
`inboundTag`	String	Inbound tag (vless-in)
`agentPort`	Number	CC Agent port (62080)
`agentToken`	String	Agent token
`agentTls`	Boolean	TLS for CC Agent

ServerGroup

Field	Type	Description
`name`	String	Group name
`description`	String	Description
`color`	String	UI color (#hex)
`maxDevices`	Number	Device limit for group
`subscriptionTitle`	String	Title in subscription profile

🚫 Traffic Filtering (ACL)

Control traffic routing on each Hysteria node. Access: Panel → Node → Traffic Filtering.

Built-in Actions

Action	Description
`reject(...)`	Block connection
`direct(...)`	Allow through server

Rule Examples

reject(suffix:doubleclick.net)     # Block ads
reject(suffix:googlesyndication.com)
reject(geoip:cn)                   # Block Chinese IPs
reject(geoip:private)              # Block private IPs
direct(all)                        # Allow everything else

Custom Proxy Routing

Add proxy (e.g., my-proxy, SOCKS5, 1.2.3.4:1080)
Use in rules: my-proxy(geoip:ru)

⚖️ Load Balancing

Configure in Settings:

Enable balancing — Sort nodes by current load
Hide overloaded — Exclude nodes at capacity

Algorithm:

Get user's nodes from groups
Sort by load % (online/max)
Filter overloaded if enabled
Fall back to rankingCoefficient

🔒 Device Limits

Priority:

User's personal limit (maxDevices > 0)
Minimum limit from user's groups
-1 = unlimited

Device Grace Period — delay (in seconds) before counting a disconnected device, to avoid false triggers during reconnections.

📱 Subscription Page Customization

Customize the HTML subscription page in Settings → Subscription:

Field	Description
`Logo URL`	Logo URL for page header
`Page Title`	Page title
`Support URL`	Support link (button at bottom)
`Web Page URL`	Profile URL (`profile-web-page-url` header)

The subscription page automatically shows:

QR code for app import
Traffic stats and expiration
Location list with copy buttons

💾 Backups

Auto Backups

Configure in Settings → Backups:

Interval (in hours)
Number of local copies to keep

Field	Description
`Endpoint`	Storage URL (for MinIO, etc.). Leave empty for AWS S3
`Region`	Region (e.g., `us-east-1`)
`Bucket`	Bucket name
`Prefix`	Prefix/folder for backups
`Access Key ID`	Access key
`Secret Access Key`	Secret key
`Keep Last`	How many backups to keep in S3

Configuration examples:

# AWS S3
Endpoint: (empty)
Region: eu-central-1
Bucket: my-backups

# MinIO
Endpoint: https://minio.example.com
Region: us-east-1
Bucket: backups

# Cloudflare R2
Endpoint: https://<account-id>.r2.cloudflarestorage.com
Region: auto
Bucket: my-backups

🐳 Docker Compose

version: '3.8'

services:
  mongo:
    image: mongo:7
    restart: always
    volumes:
      - mongo_data:/data/db
    environment:
      MONGO_INITDB_ROOT_USERNAME: ${MONGO_USER:-hysteria}
      MONGO_INITDB_ROOT_PASSWORD: ${MONGO_PASSWORD}

  backend:
    image: clickdevtech/hysteria-panel:latest
    restart: always
    depends_on:
      - mongo
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - ./logs:/app/logs
      - ./greenlock.d:/app/greenlock.d
      - ./backups:/app/backups
    env_file:
      - .env

volumes:
  mongo_data:

📝 Environment Variables

Variable	Required	Description
`PANEL_DOMAIN`	✅	Panel domain
`DOKPLOY_PANEL_HOST`	❌	Traefik host for Dokploy (`Host(...)` rule)
`DOKPLOY_TRAEFIK_SERVICE_PORT`	❌	Traefik/backend service port in Dokploy (default: `3000`)
`ACME_EMAIL`	✅	Let's Encrypt email
`ENCRYPTION_KEY`	✅	SSH encryption key (32 chars)
`SESSION_SECRET`	✅	Session secret
`MONGO_PASSWORD`	✅	MongoDB password (for Docker)
`MONGO_USER`	❌	MongoDB user (default: hysteria)
`MONGO_URI`	❌	MongoDB connection URI (for non-Docker)
`REDIS_URL`	❌	Redis URL for cache (default: in-memory)
`PANEL_IP_WHITELIST`	❌	IP whitelist for panel
`SYNC_INTERVAL`	❌	Sync interval in minutes (default: 2)
`API_DOCS_ENABLED`	❌	Enable interactive API docs at `/api/docs`
`LOG_LEVEL`	❌	Logging level (default: info)

🤝 Contributing

Pull requests welcome!

📄 License

MIT