.png?sv=2022-11-02&spr=https&st=2024-11-18T16%3A22%3A10Z&se=2024-11-18T16%3A32%3A10Z&sr=c&sp=r&sig=24PqMyRKgiysd%2BdNhj%2FkUFtzsih9B%2FBFj4SDfQtsPS0%3D){kind=logo}
Configuration for IAG
- 24 Oct 2024
-
DarkLight
-
PDF
Configuration for IAG
- Updated on 24 Oct 2024
-
DarkLight
-
PDF
Article summary
Did you find this summary helpful?
Thank you for your feedback
This article provides general information on configuring the system properties for Itential Automation Gateway (IAG) via UI and the properties.yml file, including the backup database where configurations are saved. An overview of how to enable the password reset flag is also provided.
System Configurations
The System Configuration user interface (UI) is used to administer IAG properties. The UI provides a simple and straightforward way to view and modify the IAG server configuration.
Figure 1: System Configuration UI
Click here to view the Configuration UI in IAG/2022.1
IAG 2022.1
Most configurations, except those that reside in the System and Databases section of the properties.yml file, can be modified directly in the UI. Any changes made via UI take effect dynamically without rebooting the IAG server.
Properties in the UI that display a lock icon next to them means the value is read-only and cannot be edited via UI. A "locked" property can only be changed in the properties.yml file. Due to RBAC, changes to properties.yml are restricted to users who are members of the admin group. Changes that are made via properties.yml require a reboot.
⚠ Breaking changes to the data types of certain configuration parameters can be found in the product notices → IAG Breaking Changes
Exposing IAG on Different Ports
IAG Port runs at 8083. IAG cannot run on a standard port (i.e., 80-HTTP, 443-HTTPS). In Linux, only root or setuid applications can bind to ports below 1024. See Privileged Ports for running services at specific ports. To workaround this limitation and run IAG over port 443, set HAProxy to listen on 443 and forward to localhost 3443.
Subsystem Configuration
To modify the configuration for a subsystem, (i.e., Ansible, Nornir, Scripts), click the appropriate subsystem needed in the left sidenav menu and edit the properties (Ansible is used in the example below). Once changes are ready to be saved, click the save icon button on the top left corner and verify the success dialog appears on the top right corner of the page.
Figure 2: Save Ansible Configuration
Backup Database
The IAG server configuration is saved in the database, automation-gateway.db. Therefore, it is very important to take a backup of this file before doing any upgrades. During the first boot of the server, the configuration parameters found in the properties file are injected into the database. This applies to both newly created property files as well as pre-2021.2 property files being utilized to upgrade. All subsequent reboots of the server will use the configuration stored in the database. Any changes to the configuration parameters after the first server boot are required to be made from the Configuration UI. The only exception to this paradigm are parameters found in the System and Databases sections of the properties.yml file. Those parameters are still modified by editing the properties file and restarting the server.
Audit Log
If the audit in config file is set to true, audit logging is enabled. It is enabled by default. To disable it, set it to false. For more details, refer to Audit Log.
Password Reset
If the password_reset_enabled flag is set to true (enabled), admin and users have the ability to recover username or reset the password rather than getting locked out of IAG server.
For more details on first time login with password reset functionality enabled, refer to Installation Validation.
Figure 3: Forgot Username/Password
Figure 4: Password Reset
Was this article helpful?
