NVIDIA · drew · May 12, 2026 · May 12, 2026 · May 12, 2026 · May 12, 2026
@@ -69,6 +69,65 @@ To keep the user service running after logout, enable linger:
 sudo loginctl enable-linger $USER
 ```
 
+## Manual Gateway Setup
+
+You can also install the gateway by downloading the release binary and starting `openshell-gateway` yourself.
+
+```shell
+case "$(uname -s)-$(uname -m)" in
+  Linux-x86_64|Linux-amd64) gateway_target="x86_64-unknown-linux-gnu" ;;
+  Linux-aarch64|Linux-arm64) gateway_target="aarch64-unknown-linux-gnu" ;;
+  Darwin-arm64|Darwin-aarch64) gateway_target="aarch64-apple-darwin" ;;
+  *)
+    echo "Unsupported gateway binary target: $(uname -s) $(uname -m)" >&2
+    exit 1
+    ;;
+esac
+
+mkdir -p "$HOME/.local/bin"
+curl -LsSf "https://github.com/NVIDIA/OpenShell/releases/latest/download/openshell-gateway-${gateway_target}.tar.gz" \
+  | tar -xz -C "$HOME/.local/bin" openshell-gateway
+chmod 755 "$HOME/.local/bin/openshell-gateway"
+export PATH="$HOME/.local/bin:$PATH"
+```
+
+For the VM compute driver, also place `openshell-driver-vm` under the gateway libexec directory:
+
+```shell
+mkdir -p "$HOME/.local/libexec/openshell"
+curl -LsSf "https://github.com/NVIDIA/OpenShell/releases/latest/download/openshell-driver-vm-${gateway_target}.tar.gz" \
+  | tar -xz -C "$HOME/.local/libexec/openshell" openshell-driver-vm
+chmod 755 "$HOME/.local/libexec/openshell/openshell-driver-vm"
+```
+
+The gateway searches `$HOME/.local/libexec/openshell` by default. To use a different directory, set `OPENSHELL_DRIVER_DIR`.
+
+To configure the gateway process itself, refer to [Gateway Configuration](/reference/gateway-configuration).
+
+## Manual CLI Setup
+
+You can also install the CLI by downloading the release binary directly.
+
+```shell
+case "$(uname -s)-$(uname -m)" in
+  Linux-x86_64|Linux-amd64) cli_target="x86_64-unknown-linux-musl" ;;
+  Linux-aarch64|Linux-arm64) cli_target="aarch64-unknown-linux-musl" ;;
+  Darwin-arm64|Darwin-aarch64) cli_target="aarch64-apple-darwin" ;;
+  *)
+    echo "Unsupported CLI binary target: $(uname -s) $(uname -m)" >&2
+    exit 1
+    ;;
+esac
+
+mkdir -p "$HOME/.local/bin"
+curl -LsSf "https://github.com/NVIDIA/OpenShell/releases/latest/download/openshell-${cli_target}.tar.gz" \
+  | tar -xz -C "$HOME/.local/bin" openshell
+chmod 755 "$HOME/.local/bin/openshell"
+export PATH="$HOME/.local/bin:$PATH"
+```
+
+After installing the CLI, use `openshell gateway add` to register a gateway. For gateway registration commands, refer to [Register an Existing Gateway](/sandboxes/manage-gateways#register-an-existing-gateway).
+
 ## Kubernetes
 
 Kubernetes deployments use the OpenShell Helm chart. For step-by-step installation, refer to [Kubernetes Setup](/kubernetes/setup). For chart values and packaging details, refer to the [Helm chart README](https://github.com/NVIDIA/OpenShell/blob/main/deploy/helm/openshell/README.md).

@@ -5,7 +5,7 @@ title: "Default Policy Reference"
 sidebar-title: "Default Policy"
 description: "Breakdown of the built-in default policy applied when you create an OpenShell sandbox without a custom policy."
 keywords: "Generative AI, Cybersecurity, AI Agents, Sandboxing, Security, Policy"
-position: 2
+position: 3
 ---
 The default policy is the policy applied when you create an OpenShell sandbox without `--policy`. It is baked into the community base image ([`ghcr.io/nvidia/openshell-community/sandboxes/base`](https://github.com/nvidia/openshell-community)) and defined in the community repo's `dev-sandbox-policy.yaml`.
 

@@ -0,0 +1,68 @@
+---
+# SPDX-FileCopyrightText: Copyright (c) 2025-2026 NVIDIA CORPORATION & AFFILIATES. All rights reserved.
+# SPDX-License-Identifier: Apache-2.0
+title: "Gateway Configuration"
+description: "Reference for configuring the OpenShell gateway with environment variables."
+keywords: "Generative AI, Cybersecurity, Gateway, Configuration, Environment Variables, Docker, Podman, Kubernetes, MicroVM, Reference"
+position: 2
+---
+
+Configure a standalone gateway with environment variables. Package-managed and Helm deployments set many of these values for you, but the same variable names apply when you run `openshell-gateway` directly.
+
+| Environment variable | Use |
+|---|---|
+| `OPENSHELL_BIND_ADDRESS` | IP address for the gateway, health, and metrics listeners. |
+| `OPENSHELL_SERVER_PORT` | Main gateway gRPC and HTTP port. |
+| `OPENSHELL_HEALTH_PORT` | Optional unauthenticated health endpoint port. Set to `0` to disable the dedicated health listener. |
+| `OPENSHELL_METRICS_PORT` | Optional Prometheus metrics endpoint port. Set to `0` to disable the dedicated metrics listener. |
+| `OPENSHELL_LOG_LEVEL` | Gateway log level. |
+| `OPENSHELL_DB_URL` | Persistence database URL for gateway state. |
+| `OPENSHELL_GRPC_ENDPOINT` | Endpoint sandbox supervisors use to call back to the gateway. |
+| `OPENSHELL_SSH_GATEWAY_HOST` | Hostname or address advertised for SSH proxy connections. |
+| `OPENSHELL_SSH_GATEWAY_PORT` | Port advertised for SSH proxy connections. |
+| `OPENSHELL_SSH_CONNECT_PATH` | HTTP path used for SSH CONNECT or upgrade traffic. |
+| `OPENSHELL_SSH_HANDSHAKE_SECRET` | Shared secret for gateway-to-sandbox SSH handshake authentication. |
+| `OPENSHELL_SSH_HANDSHAKE_SKEW_SECS` | Allowed clock skew for SSH handshake validation. |
+| `OPENSHELL_TLS_CERT` | Path to the gateway server TLS certificate. |
+| `OPENSHELL_TLS_KEY` | Path to the gateway server TLS private key. |
+| `OPENSHELL_TLS_CLIENT_CA` | Path to the CA certificate used to verify mTLS clients. |
+| `OPENSHELL_DISABLE_TLS` | Disable gateway TLS and listen with plaintext HTTP. |
+| `OPENSHELL_DISABLE_GATEWAY_AUTH` | Disable the mTLS client certificate requirement while keeping TLS enabled. |
+| `OPENSHELL_DRIVERS` | Compute driver selection. Supported values are `docker`, `podman`, `kubernetes`, and `vm`. |
+| `OPENSHELL_SANDBOX_NAMESPACE` | Namespace used for sandbox resources. |
+| `OPENSHELL_SANDBOX_IMAGE` | Default sandbox image. |
+| `OPENSHELL_SANDBOX_IMAGE_PULL_POLICY` | Image pull policy for sandbox workloads. |
+| `OPENSHELL_SANDBOX_SSH_PORT` | SSH port inside sandbox workloads. |
+| `OPENSHELL_CLIENT_TLS_SECRET_NAME` | Kubernetes secret name containing client TLS materials for sandbox pods. |
+| `OPENSHELL_HOST_GATEWAY_IP` | Host IP mapped to `host.docker.internal` and `host.openshell.internal` for sandbox workloads. |
+| `OPENSHELL_ENABLE_USER_NAMESPACES` | Enable Kubernetes user namespace isolation for sandbox pods. |
+| `OPENSHELL_SUPERVISOR_IMAGE` | Supervisor image used by Kubernetes and Podman drivers. |
+| `OPENSHELL_SUPERVISOR_IMAGE_PULL_POLICY` | Image pull policy for the Kubernetes supervisor image. |
+| `OPENSHELL_SUPERVISOR_SIDELOAD_METHOD` | Kubernetes supervisor delivery method. |
+| `OPENSHELL_DOCKER_SUPERVISOR_BIN` | Local Linux `openshell-sandbox` binary for Docker-backed sandboxes. |
+| `OPENSHELL_DOCKER_SUPERVISOR_IMAGE` | Image used to extract the Linux `openshell-sandbox` binary for Docker-backed sandboxes. |
+| `OPENSHELL_DOCKER_TLS_CA` | CA certificate mounted into Docker-backed sandboxes for mTLS callback. |
+| `OPENSHELL_DOCKER_TLS_CERT` | Client certificate mounted into Docker-backed sandboxes for mTLS callback. |
+| `OPENSHELL_DOCKER_TLS_KEY` | Client private key mounted into Docker-backed sandboxes for mTLS callback. |
+| `OPENSHELL_DOCKER_NETWORK_NAME` | Docker bridge network used for sandbox containers. |
+| `OPENSHELL_PODMAN_SOCKET` | Podman API socket path. |
+| `OPENSHELL_NETWORK_NAME` | Podman network name for sandbox containers. |
+| `OPENSHELL_STOP_TIMEOUT` | Podman container stop timeout in seconds. |
+| `OPENSHELL_PODMAN_TLS_CA` | CA certificate mounted into Podman-backed sandboxes for mTLS callback. |
+| `OPENSHELL_PODMAN_TLS_CERT` | Client certificate mounted into Podman-backed sandboxes for mTLS callback. |
+| `OPENSHELL_PODMAN_TLS_KEY` | Client private key mounted into Podman-backed sandboxes for mTLS callback. |
+| `OPENSHELL_VM_DRIVER_STATE_DIR` | VM driver state directory. |
+| `OPENSHELL_DRIVER_DIR` | Directory searched for compute-driver binaries such as `openshell-driver-vm`. |
+| `OPENSHELL_VM_KRUN_LOG_LEVEL` | libkrun log level for VM helper processes. |
+| `OPENSHELL_VM_DRIVER_VCPUS` | Default vCPU count for VM sandboxes. |
+| `OPENSHELL_VM_DRIVER_MEM_MIB` | Default memory allocation for VM sandboxes. |
+| `OPENSHELL_VM_TLS_CA` | CA certificate installed into VM sandboxes for mTLS callback. |
+| `OPENSHELL_VM_TLS_CERT` | Client certificate installed into VM sandboxes for mTLS callback. |
+| `OPENSHELL_VM_TLS_KEY` | Client private key installed into VM sandboxes for mTLS callback. |
+| `OPENSHELL_OIDC_ISSUER` | OIDC issuer URL for JWT-based gateway authentication. |
+| `OPENSHELL_OIDC_AUDIENCE` | Expected OIDC audience claim. |
+| `OPENSHELL_OIDC_JWKS_TTL` | JWKS cache TTL in seconds. |
+| `OPENSHELL_OIDC_ROLES_CLAIM` | Dot-separated claim path containing roles. |
+| `OPENSHELL_OIDC_ADMIN_ROLE` | Role name that grants admin access. |
+| `OPENSHELL_OIDC_USER_ROLE` | Role name that grants standard user access. |
+| `OPENSHELL_OIDC_SCOPES_CLAIM` | Dot-separated claim path containing scopes. Empty disables scope enforcement. |
@@ -5,7 +5,7 @@ title: "Policy Schema Reference"
 sidebar-title: "Policy Schema"
 description: "Complete field reference for the sandbox policy YAML including static and dynamic sections."
 keywords: "Generative AI, Cybersecurity, Policy, Schema, YAML, Reference, Security"
-position: 3
+position: 4
 ---
 
 Complete field reference for the sandbox policy YAML. Each field is documented with its type, whether it is required, and whether it is static (locked at sandbox creation) or dynamic (hot-reloadable on a running sandbox).

@@ -5,7 +5,7 @@ title: "Sandbox Compute Drivers"
 sidebar-title: "Compute Drivers"
 description: "Reference for Docker, Podman, MicroVM, and Kubernetes sandbox compute drivers."
 keywords: "Generative AI, Cybersecurity, AI Agents, Sandboxing, Docker, Podman, MicroVM, Kubernetes, Reference"
-position: 4
+position: 5
 ---
 
 The gateway's configured compute driver determines how OpenShell creates each sandbox. The CLI workflow stays the same across drivers: you create, connect to, inspect, and delete sandboxes through the gateway API.

@@ -3,7 +3,7 @@
 # SPDX-License-Identifier: Apache-2.0
 title: "Support Matrix"
 description: ""
-position: 5
+position: 6
 ---
 
 This page lists the host platform, compute driver, software, runtime, and kernel requirements for running OpenShell.

@@ -36,6 +36,8 @@ All compute drivers expose the same gateway API surface. Sandboxes, policies, an
 <Tip>
 For driver setup, including Docker, Podman, MicroVM, and Kubernetes paths, refer to [Installation](/about/installation).
 
+For gateway environment variables, refer to [Gateway Configuration](/reference/gateway-configuration).
+
 </Tip>
 
 ## Register an Existing Gateway
@@ -150,4 +152,5 @@ For sandbox startup failures, inspect the selected compute driver:
 ## Next Steps
 
 - To install OpenShell and choose a compute driver, refer to [Installation](/about/installation).
+- To configure gateway environment variables, refer to [Gateway Configuration](/reference/gateway-configuration).
 - To create a sandbox using the gateway, refer to [Manage Sandboxes](/sandboxes/manage-sandboxes).