Airlock Microgateway (SchemaStore) JSON Schema

Type	object
File match	`microgateway-config.yaml` `microgateway-config.yml` `airlock-microgateway-config.yaml` `airlock-microgateway-config.yml`
Schema URL	https://catalog.lintel.tools/schemas/schemastore/airlock-microgateway/latest.json
Source	https://www.schemastore.org/airlock-microgateway-3.2.json

Versions

3.0 3.1 3.2

Validate with Lintel

npx @lintel/lintel check

Type: object

Properties

apps object[]

deny_rule_groups object[]

Custom deny rule groups that can be referenced in mappings on top of the built in Airlock deny rules.

expert_settings object | null

2 nested properties

apache string | null

Expert settings for the Apache httpd.

security_gate string | null

Expert settings for the Security Gate.

jwks_providers object | null

JWKS Providers which can be referenced in apps[].mappings[].access_token.

3 nested properties

local object[]

JWKS providers that are configured statically.

Default: "[]"

refresh_interval integer

Refresh interval for fetching from remote JWKS providers in seconds.

Default: "86400"

remote object[]

Remote JWKS providers which are fetched according to the jwks_providers.refresh_interval.

Default: "[]"

license string | null

The encoded license.

license_file string | null

The license file path.

Default: "/secret/license"

log object | null

1 nested properties

level string

Allowed values are: info, trace

Default: "info"

Values: "info" "trace"

metrics object

Configuration for metrics sending.

1 nested properties

statsd object

Use this to enable sending metrics using the statsd protocol.

1 nested properties

enabled boolean

Enable sending of statsd metrics. Default is 'true'

Default: "true"

remote_ip object | null

2 nested properties

header string required

If set, Airlock Microgateway will treat the value of this header field as the useragent IP address.
Common values are 'X-Forwarded-For' or 'X-Client-IP'.
Warning: Make sure that internal_proxies is correctly configured for your setup.

internal_proxies string[] required

List of hostnames, IP addresses or IP address ranges (e.g. 10.0.0.0/8) to trust as presenting a valid Remote-IP header.

session object | null

6 nested properties

encryption_passphrase string | null

Specifies the passphrase for the passphrase based encryption mechanism (PBE).

encryption_passphrase_file string | null

The path of the passphrase file.

Default: "/secret/passphrase"

idle_timeout integer

Specifies the amount of idle time in seconds, after which an Airlock Microgateway session is terminated. This timeout should be smaller than all other session timeouts of your back-end applications. Even if the timeout can be configured in seconds, per default the resolution of the idle session timeout check is 5 seconds only.

Default: "600"

lifetime integer

Specifies the absolute lifetime of an Airlock Microgateway session in seconds. After this time a session will be terminated.

Default: "28800"

redis_hosts string[]

Name of the hosts running the Redis Server.

Default: "[]"

store_mode string

Defines the redis session store connection mode. By default, the Microgateway tries to determine the connection mode depending on the number of redis hosts configured:
- server mode if only one host is configured
- cluster mode if several hosts are configured

Allowed values are: server, cluster and disabled.

Values: "server" "cluster" "disabled"

Definitions

DefaultActionDto object

enabled boolean | null

Enable this default header action

name string | null

Name of the default header action

ExpertSettingsDto-nullable object | null

apache string | null

Expert settings for the Apache httpd.

security_gate string | null

Expert settings for the Security Gate.

PatternDto-nullable object | null

pattern string required

A regex pattern used to match, cannot be empty. If you need a pattern that matches every string use ".*"

ignore_case boolean

Whether to ignore case.

Default: "true"

inverted boolean

Whether to invert the match.

Default: "false"

PatternWithRewriteDto-nullable object | null

regex

All of: PatternDto-nullable object | null, variant

substitution string | null

The rewrite expression.

PatternWithoutInvertDto object

pattern string required

A regex pattern used to match, cannot be empty. If you need a pattern that matches every string use ".*"

ignore_case boolean

Whether to ignore case.

Default: "true"

PatternWithoutInvertDto-nullable null | PatternWithoutInvertDto

RemoveHeaderActionDto-nullable object | null

name

All of: PatternDto-nullable object | null, variant

value

All of: PatternDto-nullable object | null, variant

RewriteHeaderValueDto-nullable object | null

name

All of: PatternDto-nullable object | null, variant

replace string | null

A string to rewrite the header value with. Can make back-references to the header value pattern.

value

All of: PatternDto-nullable object | null, variant

SimpleHeaderActionDto-nullable object | null

name string | null

The name of the header to add.

value string | null

The value of the header to add.

SimplePatternDto-nullable object | null

pattern string | null

The actual pattern.