External files
External files in dedicated folders

The Airlock Microgateway configbuilder expects some files to be in dedicated folders for different purposes. The files could be either mounted into the container or copied into a custom image.

This section gives an overview of the predefined folders and their expected content.

Path in image
Description
/config/config.yaml
Folder of the Airlock Microgateway configuration file.
/config/error-pages/
Folder for custom error pages files.
Table 1: Base configuration files

Some attributes can be specified either by directly providing a value or by referencing a file.

  • For instance, to configure a passphrase, these attributes are supported:
  • session.encryption_passphrase_file
  • session.encryption_passphrase

If the same attribute is configured with and without _file suffix, the _file attribute is used. If no attribute is configured, the default paths listed below are used. The following attributes support file references:

Default path in image
DSL attribute
Description
/secret/license
license_file
Contains the Airlock Microgateway license
/secret/passphrase
session.encryption_passphrase_file
Contains the passphrase
/secret/tls/frontend-server.crt
apps[].virtual_host.certificate.certificate_file
If no certificates are specified, the default certificate is used.
/secret/tls/frontend-server.key
apps[].virtual_host.certificate.privatekey_file
If no certificates are specified, the default certificate is used.
/secret/tls/frontend-server-ca.crt
apps[].virtual_host.certificate.ca_chain_file
If no certificates are specified, the default certificate is used.
/secret/auth/client_certificate/selection.crt
apps[].virtual_host.auth.client_certificate.ca_selection_file
The file containing the selection CA certificates for client certificates.
/secret/auth/client_certificate/validation.crt
apps[].virtual_host.auth.client_certificate.ca_validation_file
The file containing the validation CA certificates for client certificates.
/secret/auth/client_certificate/client.crl
apps[].virtual_host.auth.client_certificate.crl_file
The file containing the CRL for client certificates.
/secret/auth/jwks/tls/client/client.crt
jwks_providers.remote[].tls.client.certificate_file
If no client certificate is specified for a remote JWKS provider, the default certificate is used.
/secret/auth/jwks/tls/client/client.key
jwks_providers.remote[].tls.client.privatekey_file
If no private key is specified for a remote JWKS provider client certificate, the default key is used.
/secret/auth/jwks/tls/client/client-ca.crt
jwks_providers.remote[].tls.client.ca_chain_file
The CA chain file path for the client certificate.
/secret/auth/jwks/tls/server/server-validation.crt
jwks_providers.remote[].tls.server.ca_validation_file
The file containing the validation CA certificates.
/config/mapping.xml
apps[].mappings.mapping_template_file
The mapping template file used for all Mappings without specifying the attribute mapping_template_file.
/config/openapi.json
apps[].mappings.openapi.spec_file
An OpenAPI specification file
Table 2: Attributes supporting file references