OpenShellUse this approach when you want to run the OpenShell gateway as a container instead of installing it with the system package manager. This is useful on immutable OS distributions (Fedora CoreOS, bootc-based images, Silverblue) where the standard installer is not appropriate, or anywhere you prefer a container-first workflow.
The gateway image is published at ghcr.io/nvidia/openshell/gateway.
This example runs the gateway locally with TLS disabled. It is suitable for development on a single machine. Binding to 127.0.0.1 prevents remote access without authentication.
Register the gateway with the CLI:
Confirm the CLI can reach the gateway:
Disabling TLS removes authentication. Binding to 127.0.0.1 limits access to the local machine. If you expose the port on 0.0.0.0, enable TLS and local mTLS user authentication, or put the gateway behind a trusted proxy with its own authentication.
To run the gateway with mutual TLS, generate the PKI bundle first, then start the gateway with the cert paths configured.
Bootstrap the PKI into a local state directory:
This writes the server and client certificates under ~/.local/state/openshell/tls/, writes sandbox JWT signing keys under ~/.local/state/openshell/tls/jwt/, and copies the client bundle to ~/.config/openshell/gateways/openshell/mtls/ so the CLI picks it up automatically.
Start the gateway with mTLS enabled:
Register the gateway with mTLS:
Save the following as compose.yml. This uses the TLS-disabled configuration bound to localhost, suitable for local development.
Start the gateway:
Register the gateway with the CLI:
Replace docker with podman in the commands above. Mount the Podman socket instead of the Docker socket and set the driver to podman:
