Description
Run the Infisical gateway in the foreground or manage its systemd service installation. The gateway allows secure communication between your self-hosted Infisical instance and client applications.Subcommands & flags
infisical gateway
infisical gateway
Run the Infisical gateway in the foreground. The gateway will connect to the relay service and maintain a persistent connection.
Flags
--token
--token
The machine identity access token to authenticate with Infisical.You may also expose the token to the CLI by setting the environment variable
INFISICAL_TOKEN before executing the gateway command.--domain
--domain
Domain of your self-hosted Infisical instance.
infisical gateway install
infisical gateway install
Install and enable the gateway as a systemd service. This command must be run with sudo on Linux.
Requirements
- Must be run on Linux
- Must be run with root/sudo privileges
- Requires systemd
Flags
--token
--token
The machine identity access token to authenticate with Infisical.You may also expose the token to the CLI by setting the environment variable
INFISICAL_TOKEN before executing the install command.--domain
--domain
Domain of your self-hosted Infisical instance.
Service Details
The systemd service is installed with secure defaults:- Service file:
/etc/systemd/system/infisical-gateway.service - Config file:
/etc/infisical/gateway.conf - Runs with restricted privileges:
- InaccessibleDirectories=/home
- PrivateTmp=yes
- Resource limits configured for stability
- Automatically restarts on failure
- Enabled to start on boot