Skip to main content

Custom configuration files

Learn how to configure Piiano Vault using custom files for the system and IAM configuration

Vault provides defaults for the system and IAM configuration in TOML format files. These files are:

  • for the system configuration, pvault.system.toml.
  • for the IAM configuration, pvault.iam.toml.

Vault stores these default files in the /etc/pvault/default folder.

System configuration file

The default system configuration file contains the basic information needed to start the system, such as:

hostname = "localhost"
name = "pvault"
user = "pvault"
password = "pvault"
port = 5432

listen_addr = ""

level = "info"

IAM configuration file

See Default IAM configuration for information on the default IAM configuration.


This file is read during the first initialization phase of the Vault, and its content is stored in the database. After the initial start up the file isn't read again: you read and modify the IAM configuration using the API and CLI.

Overriding configuration files

You can override some or all of the values in the default files by supplying configuration files and storing them in the /etc/pvault/conf.d folder. For example, if you installed Piiano Vault server using Docker, you can override the default files by storing new versions in a local directory and mounting that directory to the container's configuration directory using:

-v /path/to/local/vault/config/directory:/etc/pvault/conf.d

For example, if you create and mount a custom system configuration file with the following contact:

level = "debug"

The values for hostname, name, user, etc., are taken from the default system configuration file, whereas the log level is overridden and set to "debug".


Environment variables, if present, override the corresponding values in the default or custom system configuration file.

You can retrieve the system configuration using the get system configuration REST API operation or CLI command.

See Update the IAM configuration for information on retrieving the IAM configuration.