For AI agents: a documentation index is available at the root level at /llms.txt and /llms-full.txt. Append /llms.txt to any URL for a page-level index, or .md for the markdown version of any page.
Open sourceSupportFAQsDocs Home
DocumentationCommand referenceRelease notes
DocumentationCommand referenceRelease notes
  • Itential Automation Gateway
    • Overview
    • Execution engine
    • Concepts
    • Feature comparison
        • Create certificates
        • Initial configuration
        • Configure gateway client
        • Configure client profiles
        • Create cluster in Gateway Manager
        • High availability clusters
        • Distributed execution clusters
          • Overview
          • Application variables
          • Client variables
          • Connect variables
          • Features variables
          • Log variables
          • Registry variables
          • Runner variables
          • Secrets variables
          • Server variables
          • Store variables
          • Terminal variables
      • Migrate inventory to IAG 5
    • IAG secret store
    • Inventory Manager
LogoLogo
Open sourceSupportFAQsDocs Home
On this page
  • Example configuration file
  • Learn more
Itential Automation GatewayDeploy and manageConfigureConfiguration variables

Configuration variables

Was this page helpful?
Previous

Application variables

Next
Built with

You can set configuration variables for each gateway using an environment variable or a configuration file. The system reads configuration variables in the following priority order:

  1. Environment variable (for example, GATEWAY_APPLICATION_WORKING_DIR)
  2. A single configuration file. The system uses the following location precedent:
    1. Path passed using --config <path> from the CLI when you launch the gateway
    2. Path set using GATEWAY_CONFIG environment variable
    3. ~/.gateway.d/gateway.conf
    4. /etc/gateway/gateway.conf
  3. Default value

To view loaded configuration variables in a gateway, run:

$iagctl version --show-config

Example configuration file

When you create a configuration file, reference this example as a starting point:

$[application]
$mode                = local
$ca_certificate_file = 
$cluster_id          = cluster_1
$working_dir         = ~/.gateway.d
$venv_sweep_interval     = 24h
$venv_retention_period   = 30d
$
$[client]
$certificate_file =
$host             =
$port             = 50051
$private_key_file =
$use_tls          = true
$ 
$# Named client profiles — override individual client settings per cluster.
$# Profiles inherit unset values from the base [client] section.
$# Use with: iagctl --profile <profile_name> <command>
$# For more information, see Configure client profiles.
$[client:production]
$host             = gw.prod.example.com
$certificate_file = ~/.gateway.d/certs/prod.crt
$private_key_file = ~/.gateway.d/certs/prod.key
$ 
$[client:staging]
$host             = gw.staging.example.com
$ 
$[connect]
$certificate_file     = /etc/gateway/gw-manager.pem
$private_key_file     = /etc/gateway/gw-manager-key.pem
$enabled              = true
$server_ha_enabled    = false
$server_ha_is_primary = false
$hosts                = 
$ 
$[features]
$ansible_enabled  = true
$hostkeys_enabled = true
$opentofu_enabled = true
$python_enabled   = true
$ 
$[log]
$console_json       = false
$file_enabled       = true
$file_json          = false
$level              = INFO
$server_dir         = /var/log/gateway
$timestamp_timezone = utc
$
$[registry]
$default_overridable = true
$
$[runner]
$announcement_address =
$certificate_file     =
$listen_address       = 127.0.0.1
$port                 = 50051
$private_key_file     =
$runtime_data_dir     = /var/lib/gateway
$use_tls              = true
$ 
$[registry]
$default_overridable = true
$ 
$[secrets]
$encrypt_key_file =
$ 
$[server]
$api_key_expiration     = 1440
$certificate_file       =
$distributed_execution  = true
$listen_address         = 127.0.0.1
$port                   = 50051
$private_key_file       =
$runtime_data_dir       = /var/lib/gateway
$use_tls                = true
$ 
$[store]
$backend                  = local
$etcd_hosts               = "localhost:2379" # space separated list
$etcd_use_tls             = true
$etcd_ca_certificate_file =
$etcd_certificate_file    =
$etcd_client_cert_auth    = false
$etcd_private_key_file    =
$ 
$[terminal]
$no_color           = false
$timestamp_timezone = utc

Learn more

For more detailed information on the available configuration variables, see:

  • Application variables
  • Client variables
  • Connect variables
  • Features variables
  • Log variables
  • Registry variables
  • Runner variables
  • Secrets variables
  • Server variables
  • Store variables
  • Terminal variables