Configuration Options
Comprehensive reference for `config.yaml`, validation ranges, and Athena runtime environment variables.
Athena’s runtime configuration comes from four layers:
config.yamlfile sections such asapi,gateway,backup, andpostgres_clients- Environment variables used directly by the runtime or interpolated into
config.yaml - Validation ranges inside
config.yamlthat clamp numeric values to safe ranges - CLI flags such as
--config,--pipelines,--port, and--api-only
This page is meant to be exhaustive for the main Athena server and the runtime settings wired through src/config.rs and src/config_validation.rs.
Config file discovery and precedence
Athena searches for config.yaml in this order:
%APPDATA%/athena/config.yaml%LOCALAPPDATA%/athena/config.yaml%USERPROFILE%/.athena/config.yaml$XDG_CONFIG_HOME/athena/config.yaml$HOME/.config/athena/config.yaml$HOME/.athena/config.yaml~/Library/Application Support/athena/config.yamlon macOS./config.yamlin the current working directory
If no file exists, Athena copies the bundled default config into the first writable location.
Explicit overrides
| Override | Meaning |
|---|---|
ATHENA_CONFIG_PATH | Explicit config file path |
--config <path> / --config-path <path> | CLI override for config file path |
--pipelines <path> | Override config/pipelines.yaml |
--port <port> | Override API port at startup |
--api-only | Start the server rather than running another CLI subcommand |
Top-level config.yaml sections
| Section | Purpose |
|---|---|
urls | Named upstream/base URLs used by Athena routes and tooling |
hosts | Named host/domain values |
authenticator | Per-service auth credentials (for example Athena or Scylla) |
api | HTTP listener, cache, timeout, and CORS behavior |
gateway | Routing, resilience, admission, deferred queue, insert window, and telemetry behavior |
backup | S3-compatible backup storage configuration |
postgres_clients | Logical client name → Postgres URI registry |
validation_ranges | Numeric min/max clamps for config values and runtime env vars |
urls, hosts, and authenticator
urls
urls is a list of single-entry maps. Each key is a logical service name and each value is the resolved URL or an env placeholder.
Example:
urls:
- athena: "${ATHENA_DB_URL}"hosts
hosts works the same way, but stores named host strings used by the application.
Example:
hosts:
- athena: athena-db.com
- scylladb: "${SCYLLADB_HOST}"authenticator
authenticator stores per-service credential objects.
Example:
authenticator:
- scylladb:
username: "${SCYLLADB_USERNAME}"
password: "${SCYLLADB_PASSWORD}"postgres_clients
postgres_clients defines the logical Postgres pools Athena will try to create at boot.
| Key pattern | Meaning |
|---|---|
postgres_clients[].<client_name> | Postgres URI or env placeholder for that logical client |
Example:
postgres_clients:
- athena_logging: "${POSTGRES_ATHENA_LOGGING_URI}"
- athena_benchmark: "${POSTGRES_ATHENA_BENCHMARK_URI}"Behavior notes
- Failed Postgres clients log warnings and are skipped; startup continues with healthy clients.
gateway.logging_pg_urican override the URI used for the configured logging client.- Catalog-backed clients from
athena_clientscan extend the registry after bootstrap when enabled.
api section reference
| Key | Type | Default / typical value | Meaning |
|---|---|---|---|
api.port | integer | 4052 | HTTP listen port |
api.immortal_cache | boolean | false | Enables non-expiring cache behavior where supported |
api.cache_ttl | integer seconds | 240 | Default in-memory cache TTL |
api.pool_idle_timeout | integer seconds | 90 | Reqwest HTTP client pool idle timeout |
api.keep_alive_secs | integer seconds | 15 | HTTP keep-alive timeout |
api.client_disconnect_timeout_secs | integer seconds | 60 | Time to wait for client disconnect completion |
api.client_request_timeout_secs | integer seconds | 60 | Upper bound for request handling |
api.http_workers | integer | 8 | Number of Actix workers |
api.http_max_connections | integer | 10000 | Max listener connections |
api.http_backlog | integer | 2048 | TCP listen backlog |
api.tcp_keepalive_secs | integer seconds | 75 | TCP keepalive duration |
api.cors_allow_any_origin | boolean | false if omitted | Allow all CORS origins |
api.cors_allowed_origins | comma-separated string | none | Explicit allowlist of origins |
api.prometheus_metrics_enabled | boolean | true if omitted | Enable /metrics exporter |
API env helpers
| Variable | Meaning |
|---|---|
ATHENA_CORS_ALLOWED_ORIGINS | Comma-separated extra CORS origins merged with api.cors_allowed_origins |
gateway section reference
Routing and shaping
| Key | Type | Default | Meaning |
|---|---|---|---|
gateway.force_camel_case_to_snake_case | boolean | false | Normalize incoming field names to snake_case |
gateway.auto_cast_uuid_filter_values_to_text | boolean | true | Cast UUID-like filter values to text when Athena casts the compared column |
gateway.allow_schema_names_prefixed_as_table_name | boolean | true | Allow public.table style names in information_schema lookups |
gateway.logging_client | string | none | Logical Postgres client for logs, audit rows, deferred queue, and catalog tables |
gateway.auth_client | string | falls back to logging_client | Logical Postgres client for API key and auth storage |
gateway.benchmark_client | string | falls back to logging_client | Logical client used by benchmark tooling |
gateway.logging_pg_uri | string / env placeholder | none | Direct URI override for the logging client |
gateway.logging_pg_uri_env_var | string | none | Env-var indirection for the logging client override |
Direct JDBC routing and safety
| Key | Type | Default | Meaning |
|---|---|---|---|
gateway.jdbc_allow_private_hosts | boolean | true | Allow direct JDBC URLs pointing at private/local hosts |
gateway.jdbc_allowed_hosts | comma-separated string | empty | Optional allowlist for JDBC destination hosts |
Read resilience
| Key | Type | Default | Meaning |
|---|---|---|---|
gateway.resilience_timeout_secs | integer seconds | 30 | Per-operation read timeout |
gateway.resilience_read_max_retries | integer | 1 | Max retries for transient read failures |
gateway.resilience_initial_backoff_ms | integer ms | 100 | Initial retry backoff |
Admission limiting and deferred queue
| Key | Type | Default | Meaning |
|---|---|---|---|
gateway.admission_limit_enabled | boolean | false | Enable admission limiting middleware |
gateway.admission_window_secs | integer seconds | 1 | Fixed window size |
gateway.admission_global_requests_per_window | integer | 0 | Global request budget per window (0 means unlimited) |
gateway.admission_per_client_requests_per_window | integer | 0 | Per-client request budget per window (0 means unlimited) |
gateway.admission_defer_on_limit_enabled | boolean | false | Defer eligible requests instead of rejecting them |
gateway.admission_defer_route_prefixes | comma-separated string | "/pipelines" in sample config | Which route prefixes can be deferred on limit |
gateway.deferred_query_worker_enabled | boolean | true | Enable background deferred worker |
gateway.deferred_query_worker_poll_ms | integer ms | 1000 | Deferred worker poll interval |
gateway.admission_store_backend | string | redis | Admission state backend (memory or redis) |
gateway.admission_store_fail_mode | string | fail_closed | Behavior when admission store is unavailable |
Insert windowing and batching
| Key | Type | Default | Meaning |
|---|---|---|---|
gateway.insert_execution_window_ms | integer ms | 0 | Default batching window for /gateway/insert; 0 disables unless request header enables it |
gateway.insert_window_max_batch | integer | 100 | Max merged rows per bulk insert |
gateway.insert_window_max_queued | integer | 10000 | Queue capacity before falling back to direct execution |
gateway.insert_merge_deny_tables | comma-separated string | empty | Tables that must not be bulk-merged |
Client catalog and startup stats
| Key | Type | Default | Meaning |
|---|---|---|---|
gateway.database_backed_client_loading | boolean | true | Load runtime clients from athena_clients after boot |
gateway.client_statistics_startup_refresh_mode | string | fast | fast or full refresh of aggregate client statistics on startup |
gateway.client_statistics_startup_refresh_lookback_days | integer | 0 | Optional startup stats aggregation lookback (0 means all rows) |
gateway.api_key_fail_mode | string | fail_closed | Auth behavior when the API key store is unavailable |
backup section reference
backup stores S3-compatible backup defaults. In practice, most deployments use env vars directly.
| Key | Type | Meaning |
|---|---|---|
backup.s3_bucket | string | Bucket name |
backup.s3_region | string | AWS/S3 region |
backup.s3_endpoint | string | Custom S3-compatible endpoint |
backup.s3_prefix | string | Prefix/folder used for uploaded backups |
Backup and restore env vars
| Variable | Meaning |
|---|---|
ATHENA_BACKUP_S3_BUCKET | Required bucket name |
ATHENA_BACKUP_S3_REGION | Optional region |
ATHENA_BACKUP_S3_ACCESS_KEY | Optional access key |
ATHENA_BACKUP_S3_SECRET_KEY | Optional secret key |
ATHENA_BACKUP_S3_ENDPOINT | Optional S3-compatible endpoint |
ATHENA_BACKUP_S3_PREFIX | Optional object prefix |
ATHENA_PG_DUMP_PATH | Explicit path to pg_dump |
ATHENA_PG_RESTORE_PATH | Explicit path to pg_restore |
validation_ranges reference
validation_ranges lets the config file define numeric min/max clamps for both file-based config values and runtime environment variables.
validation_ranges.config
These keys clamp values read from config.yaml:
api.portapi.cache_ttlapi.pool_idle_timeoutapi.keep_alive_secsapi.client_disconnect_timeout_secsapi.client_request_timeout_secsapi.http_workersapi.http_max_connectionsapi.http_backlogapi.tcp_keepalive_secsgateway.insert_execution_window_msgateway.insert_window_max_batchgateway.insert_window_max_queuedgateway.resilience_timeout_secsgateway.resilience_read_max_retriesgateway.resilience_initial_backoff_msgateway.admission_global_requests_per_windowgateway.admission_per_client_requests_per_windowgateway.admission_window_secsgateway.deferred_query_worker_poll_ms
validation_ranges.env
These keys clamp runtime env settings loaded through RuntimeEnvSettings.
Runtime env settings (src/config_validation.rs)
These settings do not live under api or gateway in config.yaml; they are direct environment variables with internal defaults and optional min/max clamps.
| Variable | Default | Meaning |
|---|---|---|
ATHENA_POOL_MONITOR_INTERVAL_SECS | 30 | Pool monitor sample interval |
ATHENA_POOL_MONITOR_RETENTION_HOURS | 24 | Connection snapshot retention |
ATHENA_VACUUM_HEALTH_INTERVAL_SECS | 3600 | Vacuum-health collector interval |
ATHENA_VACUUM_HEALTH_RETENTION_DAYS | 30 | Vacuum-health retention |
ATHENA_VACUUM_HEALTH_STATEMENT_TIMEOUT_MS | 60000 | Vacuum-health statement timeout |
ATHENA_CLIENT_RECONNECT_INTERVAL_SECS | 20 | Retry interval for reconnecting unavailable catalog clients |
ATHENA_CACHE_MAX_CAPACITY | 10000 | Max request-cache entries/weight budget |
ATHENA_CACHE_MAX_ENTRY_WEIGHT | 262144 | Per-entry cache weight cap |
ATHENA_PG_POOL_MAX_CONNECTIONS | 100 | SQLx pool max connections per logical client |
ATHENA_DEADPOOL_WARMUP_TIMEOUT_MS | 800 | Deadpool warmup timeout |
ATHENA_PG_POOL_MAX_LIFETIME_SECS | 900 | SQLx pool max lifetime |
ATHENA_PG_POOL_MIN_CONNECTIONS | 0 | SQLx pool min connections |
ATHENA_PG_POOL_ACQUIRE_TIMEOUT_SECS | 8 | SQLx acquire timeout |
ATHENA_PG_POOL_IDLE_TIMEOUT_SECS | 120 | SQLx idle timeout |
ATHENA_DEFERRED_MAX_ATTEMPTS | 3 | Deferred-request retry count |
ATHENA_DEFERRED_WORKER_NO_STORAGE_POLL_MS | 30000 | Deferred worker backoff when storage is unavailable |
ATHENA_DEADPOOL_CHECKOUT_TIMEOUT_MS | 800 | Deadpool checkout timeout |
ATHENA_FETCH_SINGLEFLIGHT_WAIT_TIMEOUT_MS | 5000 | Cache singleflight wait timeout |
ATHENA_CACHE_INVALIDATION_WINDOW_MS | 25 | Cache invalidation coalescing window |
ATHENA_REDIS_OP_TIMEOUT_MS | 30 | Redis operation timeout |
ATHENA_REDIS_COOLDOWN_MS | 5000 | Temporary Redis bypass cooldown after failure |
ATHENA_VACUUM_HEALTH_BLOAT_DEAD_PCT | 10.0 | Bloat threshold for warnings |
ATHENA_VACUUM_HEALTH_XID_RISK_PCT | 50.0 | Transaction-ID risk threshold |
ATHENA_REALTIME_REGISTRY_PURGE_INTERVAL_SECS | 30 | Realtime connection registry purge cadence |
ATHENA_REALTIME_REGISTRY_INACTIVE_AFTER_SECS | 300 | Realtime connection inactivity window |
Other important environment variables
These are widely used operational variables that are not part of RuntimeEnvSettings but matter in most Athena deployments.
| Variable | Meaning |
|---|---|
POSTGRES_ATHENA_LOGGING_URI | Logging database connection URI |
POSTGRES_ATHENA_BENCHMARK_URI | Benchmark-target database connection URI |
ATHENA_BENCHMARK_CLIENT | Benchmark client name for cargo bench --bench gateway_e2e |
ATHENA_REDIS_URL | Enable Redis write-through cache and admission-store backend |
ATHENA_KEY_12 | Static admin key used by admin/control-plane routes |
ATHENA_WILDCARD_HOST_PATTERN | Wildcard host routing pattern |
ATHENA_WILDCARD_HOST_ROUTING_ENABLED | Toggle wildcard host routing |
ATHENA_PG_TOOLS_ALLOW_DOWNLOAD | Allow auto-download of Postgres tools when not on PATH |
ATHENA_CORS_ALLOWED_ORIGINS | Extra allowed origins merged into config |
Operational guidance
Shared logging pool
If gateway.logging_client and gateway.auth_client point to the same logical client, auth, request logs, operation logs, deferred queue rows, admission events, and aggregate stats can all compete for one Postgres pool. For deep dives, read:
docs/architecture_gateway_pool_starvation.mddocs/architecture_gateway_client_stats_batcher.md
Startup behavior
- Missing or unreachable Postgres clients do not hard-stop the process; Athena starts with the reachable subset.
- Config-backed clients and database-backed catalog clients merge into one in-memory registry.
- Numeric values can be silently clamped to configured
validation_rangeslimits; watch logs for normalization warnings.
Safe authoring tips
- Prefer env placeholders for secrets:
"${POSTGRES_ATHENA_LOGGING_URI}" - Keep
gateway.logging_client,gateway.auth_client, andgateway.benchmark_clientexplicit in production - Use
validation_rangeswhen you want guardrails for operators editing config by hand