Configuration

The Airlock Microgateway configuration aims to be as lean as possible – therefore, most settings are pre-configured to default values with security in mind.

The majority of settings are to be configured in the config.yaml file using the popular YAML Ain't Markup Language. For Airlock Microgateway specific settings in the config file, we developed a simple domain-specific language (DSL).

Airlock Microgateway expects some files at a certain location without explicitly configure them. The files used implicitly are described in External files in dedicated folders.

  • In case the defaults suit your current environment, you don't have to make any changes.
  • If required, the default settings can be adapted by using the DSL for your specific needs.
  • In rare cases, a mapping file may be used to add missing DSL options to your configuration.

The most important configuration parts are mentioned in this section to give you an overview of how the configuration is applied.

Sources of default values

The pre-configured default values are carefully selected for a secure basic setup to offer a good starting point for most generic requirements.

  • You can look up the different types of defaults here:
  • 1.
    The DSL reference contains all DSL configurable settings, their defaults, and possible values.
  • 2.
    The settings of the default request and response actions as well as the default deny rule groups share the same base with Airlock Gateway. They are described here:
  • The information from the default settings tables (see links above) can be used within the DSL configuration to enabled/disable the default request or response actions or see which default deny rules are enabled at a certain security level.

Checking the DSL defaults is sufficient for most cases. However, it is possible to check the settings in the graphical interface of an Airlock Gateway Configuration Center by importing the default mapping file of the Microgateway , see Default mapping template.

Mapping template file (optional)

Most requirements can be configured through the DSL settings. However, special cases may require additional settings that can only be configured in a mapping template file.

How to use it and reasons to do it are described here: Workaround with mapping_template_file.

Sequential settings procession

The configuration settings are stored in more than one location making it necessary to process the different settings files sequentially.

  • The Airlock Microgateway configbuilder loads the configuration in the following order:
  • 1.
    Default values
  • 2.
    Mapping template file (optional)
  • 3.
    Domain-specific language (DSL)

This means, that settings configured in the DSL overwrite the default values as well as those from the mapping template file.