Configuration Reference
Complete schema for config.json, vault.json, and mcp_servers.yaml.
config.json
The gateway is configured via ~/.elemm/config.json. The file is automatically created with sensible defaults on the first start. Missing keys are auto-migrated.
Complete Schema
json
{
"security": {
"enforce_whitelist": false,
"allowed_landmarks": [],
"allowed_actions": [],
"disallowed_patterns": ["delete", "remove", "purge", "destroy"],
"disallowed_landmarks": ["admin", "billing", "internal"],
"disallowed_actions": ["users_delete_account"],
"allowed_methods": ["GET", "POST", "PUT", "PATCH", "DELETE"],
"prevent_key_leakage": true,
"custom_remedies": {},
"simulate_security_policy": false
},
"limit_standard": 30000,
"limit_inspect": 20000,
"limit_search_items": 10,
"timeout_seconds": 30,
"retry_attempts": 3,
"retry_delay_ms": 1000,
"max_tools_per_landmark": 5,
"max_landmarks_per_view": 20,
"user_agent": "ElemmGateway/1.0 (Autonomous Agent)",
"ui": {
"display_mode": "tokens",
"char_to_token_ratio": 4.0,
"simulate_security_policy": false
}
}Key Reference
Security
| Key | Type | Default | Description |
|---|---|---|---|
enforce_whitelist | boolean | false | Enable Zero-Trust mode |
allowed_landmarks | string[] | [] | Whitelisted landmarks (only in Zero-Trust) |
allowed_actions | string[] | [] | Whitelisted actions (only in Zero-Trust) |
disallowed_patterns | string[] | ["delete","remove","purge","destroy"] | Blocked patterns. Prefix re: for regex |
disallowed_landmarks | string[] | [] | Completely hidden/blocked namespaces |
disallowed_actions | string[] | [] | Explicitly blocked Action IDs |
allowed_methods | string[] | ["GET","POST","PUT","PATCH","DELETE"] | Allowed HTTP methods |
prevent_key_leakage | boolean | true | Scrub API keys from responses |
custom_remedies | object | {} | Pattern/Action -> Custom error message |
Limits & Execution
| Key | Type | Default | Description |
|---|---|---|---|
limit_standard | integer | 30000 | Max chars for standard responses |
limit_inspect | integer | 20000 | Max chars for inspection responses |
limit_search_items | integer | 10 | Max results for search_landmarks |
timeout_seconds | integer | 30 | HTTP request timeout |
retry_attempts | integer | 3 | Default retry count |
retry_delay_ms | integer | 1000 | Delay between retries in ms |
max_tools_per_landmark | integer | 5 | Max tools shown per landmark on connect |
max_landmarks_per_view | integer | 20 | Max landmarks in get_landmarks |
user_agent | string | "ElemmGateway/1.0" | User-Agent header for outgoing HTTP requests |
UI Settings
| Key | Type | Default | Description |
|---|---|---|---|
display_mode | string | "tokens" | Display mode: "tokens", "chars", or "both" |
char_to_token_ratio | float | 4.0 | Conversion factor characters to tokens |
simulate_security_policy | boolean | false | Apply Security Policy to Dashboard UI |
File Paths
| File | Path |
|---|---|
| Gateway Configuration | ~/.elemm/config.json |
| Authentication Vault | ~/.elemm/vault.json |
| MCP Server Configuration | ~/.elemm/mcp_servers.yaml |
| Gateway Source | src/elemm_gateway/ |
| Protocol Core | src/elemm/ |
MCP Server Configuration (mcp_servers.yaml)
Local MCP servers are configured in ~/.elemm/mcp_servers.yaml:
yaml
servers:
sqlite:
command: uvx
args: ["mcp-server-sqlite", "--db-path", "/path/to/db.sqlite"]
env:
API_KEY: "vault:api.example.com"
github:
command: npx
args: ["-y", "@modelcontextprotocol/server-github"]
env:
GITHUB_TOKEN: "env:GITHUB_TOKEN"Variable Interpolation
env:VAR_NAME— Reads an environment variable at runtimevault:domain— Reads the API key for the specified domain from the vault
Hot-Reloading
Configuration changes are automatically detected and applied at runtime — without restarting the gateway.