Itential Automation GatewayDeploy and manageConfigureConfiguration variables

Configuration variables

You can set configuration variables for each gateway using an environment variable or a configuration file. The system reads configuration variables in the following priority order:

  1. Environment variable (for example, GATEWAY_APPLICATION_WORKING_DIR)
  2. A single configuration file. The system uses the following location precedent:
    1. Path passed using --config <path> from the CLI when you launch the gateway
    2. Path set using GATEWAY_CONFIG environment variable
    3. ~/.gateway.d/gateway.conf
    4. /etc/gateway/gateway.conf
  3. Default value

To view loaded configuration variables in a gateway, run:

$iagctl version --show-config

Example configuration file

When you create a configuration file, reference this example as a starting point:

$[application]
$mode                = local
$ca_certificate_file = 
$cluster_id          = cluster_1
$working_dir         = ~/.gateway.d
$venv_sweep_interval     = 24h
$venv_retention_period   = 30d
$
$[client]
$certificate_file =
$host             =
$port             = 50051
$private_key_file =
$use_tls          = true
$ 
$# Named client profiles — override individual client settings per cluster.
$# Profiles inherit unset values from the base [client] section.
$# Use with: iagctl --profile <profile_name> <command>
$# For more information, see Configure client profiles.
$[client:production]
$host             = gw.prod.example.com
$certificate_file = ~/.gateway.d/certs/prod.crt
$private_key_file = ~/.gateway.d/certs/prod.key
$ 
$[client:staging]
$host             = gw.staging.example.com
$ 
$[connect]
$certificate_file     = /etc/gateway/gw-manager.pem
$private_key_file     = /etc/gateway/gw-manager-key.pem
$enabled              = true
$server_ha_enabled    = false
$server_ha_is_primary = false
$hosts                = 
$ 
$[features]
$ansible_enabled  = true
$hostkeys_enabled = true
$opentofu_enabled = true
$python_enabled   = true
$ 
$[log]
$console_json       = false
$file_enabled       = true
$file_json          = false
$level              = INFO
$server_dir         = /var/log/gateway
$timestamp_timezone = utc
$
$[registry]
$default_overridable = true
$
$[runner]
$announcement_address =
$certificate_file     =
$listen_address       = 127.0.0.1
$port                 = 50051
$private_key_file     =
$runtime_data_dir     = /var/lib/gateway
$use_tls              = true
$ 
$[registry]
$default_overridable = true
$ 
$[secrets]
$encrypt_key_file =
$ 
$[server]
$api_key_expiration     = 1440
$certificate_file       =
$distributed_execution  = true
$listen_address         = 127.0.0.1
$port                   = 50051
$private_key_file       =
$runtime_data_dir       = /var/lib/gateway
$use_tls                = true
$ 
$[store]
$backend                  = local
$etcd_hosts               = "localhost:2379" # space separated list
$etcd_use_tls             = true
$etcd_ca_certificate_file =
$etcd_certificate_file    =
$etcd_client_cert_auth    = false
$etcd_private_key_file    =
$ 
$[terminal]
$no_color           = false
$timestamp_timezone = utc

Learn more

For more detailed information on the available configuration variables, see: