Mender Gateway uses a JSON file for configuring the proxy and mTLS settings. The
configuration is loaded from the file /var/lib/mender/mender-gateway.conf
by
default, unless otherwise by the --config
command line argument. This section
provides a reference for the configuration variables.
{
"Features": {
"ArtifactsProxy": {
"Enabled": true,
"GatewayURL": "https://gateway.mender.io",
"DomainWhitelist": ["s3.amazonaws.com", "s3.my-min.io"],
"ArtifactsCache": {
"Enabled": true,
"Path": "/var/cache/mender-gateway"
}
},
"mTLS": {
"Enabled": true,
"CACertificate": "/var/lib/mender/ca-cert.pem",
"MenderUsername": "gateway@mender.io",
"MenderPassword": "password123",
"BlacklistPath": "/var/lib/mender/mtls-blacklist.txt"
},
"DeviceSystem": {
"Enabled": false,
"SystemID": "REPLACE_WITH_YOUR_UNIQUE_SYSTEM_ID",
"DefaultInventory": [
{
"Name": "region",
"Value": "eu"
}
]
}
},
"HTTP": {
"Enabled": false,
"Listen": ":80"
},
"HTTPS": {
"Enabled": true,
"Listen": ":443",
"ServerCertificate": "/var/lib/mender/server-cert.pem",
"ServerKey": "/var/lib/mender/server-pkey.pem"
},
"UpstreamServer": {
"URL": "https://hosted.mender.io",
"InsecureSkipVerify": false
},
"DebugLog": false
}
Hosted Mender is available in multiple regions to connect to. Make sure you select your desired one before proceeding.
Mender Enterprise Only: Using RBAC you can create a new user with a dedicated role to the user access scope to the preauthorization API endpoint for the gateway user.
© 2024 Northern.tech AS