diff --git a/docs/configuration.md b/docs/configuration.md
index a29e3ccd7..68f148d6b 100644
--- a/docs/configuration.md
+++ b/docs/configuration.md
@@ -4,17 +4,15 @@ Once Xen Orchestra is installed, you can configure some parameters in the config
 
 ## Configuration
 
-The configuration file is located at `/etc/xo-server/config.yaml`.
-
-**WARNING: YAML is very strict with indentation: use spaces, not tabs.**
+The configuration file is located at `/etc/xo-server/config.toml`.
 
 ### User to run XO-server as
 
 By default, XO-server runs as 'root'. You can change that by uncommenting these lines and choose whatever user/group you want:
 
-```yaml
-user: 'nobody'
-group: 'nogroup'
+```toml
+user = 'nobody'
+group = 'nogroup'
 ```
 
 **Warning!** A non-privileged user:
@@ -26,20 +24,20 @@ group: 'nogroup'
 
 By default, XO-server listens on all addresses (0.0.0.0) and runs on port 80. If you need to, you can change this in the `# Basic HTTP` section:
 
-```yaml
-host: '0.0.0.0'
-port: 80
+```toml
+host = '0.0.0.0'
+port = 80
 ```
 
 ### HTTPS
 
 XO-server can also run in HTTPS (you can run HTTP and HTTPS at the same time) - just modify what's needed in the `# Basic HTTPS` section, this time with the certificates/keys you need and their path:
 
-```yaml
-host: '0.0.0.0'
-port: 443
-certificate: './certificate.pem'
-key: './key.pem'
+```toml
+host = '0.0.0.0'
+port = 443
+certificate = './certificate.pem'
+key = './key.pem'
 ```
 
 > If a chain of certificates authorities is needed, you may bundle them directly in the certificate. Note: the order of certificates does matter, your certificate should come first followed by the certificate of the above certificate authority up to the root.
@@ -60,10 +58,9 @@ This should be written just before the `mount` option, inside the `http:` block.
 
 You shouldn't have to change this. It's the path where `xo-web` files are served by `xo-server`.
 
-```yaml
-  mounts:
-    '/':
-      - '../xo-web/dist/'
+```toml
+[http.mounts]
+'/' = '../xo-web/dist/'
 ```
 
 ### Custom certificate authority
@@ -87,8 +84,8 @@ Don't forget to reload `systemd` conf and restart `xo-server`:
 
 By default, XO-server will try to contact Redis server on `localhost`, with the port `6379`. But you can define whatever you want:
 
-```yaml
-  uri: 'tcp://db:password@hostname:port'
+```toml
+uri = 'tcp://db:password@hostname:port'
 ```
 
 ### Proxy for XenServer updates and patches
@@ -101,12 +98,12 @@ To do that behind a corporate proxy, just add the `httpProxy` variable to match
 
 You can add this at the end of your config file:
 
-```yaml
+```toml
 # HTTP proxy configuration used by xo-server to fetch resources on the Internet.
 #
 # See: https://github.com/TooTallNate/node-proxy-agent#maps-proxy-protocols-to-httpagent-implementations
 
-httpProxy: 'http://username:password@proxyAddress:port'
+httpProxy = 'http://username:password@proxyAddress:port'
 ```
 
 ### Log file
diff --git a/docs/from_the_sources.md b/docs/from_the_sources.md
index b4f865d7e..b65ec497c 100644
--- a/docs/from_the_sources.md
+++ b/docs/from_the_sources.md
@@ -64,17 +64,15 @@ Now you have to create a config file for `xo-server`:
 
 ```
 $ cd packages/xo-server
-$ cp sample.config.yaml .xo-server.yaml
+$ cp sample.config.toml .xo-server.toml
 ```
 
 Edit and uncomment it to have the right path to serve `xo-web`, because `xo-server` embeds an HTTP server (we assume that `xen-orchestra` and `xo-web` are in the same directory). It's near the end of the file:
 
-```yaml
-  mounts: '/': '../xo-web/dist/'
+```toml
+[mounts]
+'/' = '../xo-web/dist/'
 ```
-> Note this `dist` folder will be created in the next step.
-
-**WARNING: YAML is very strict with indentation: use spaces for it, not tabs**.
 
 In this config file, you can also change default ports (80 and 443) for xo-server. If you are running the server as a non-root user, you will need to set the port to 1024 or higher.
 
diff --git a/packages/xo-server/config.toml b/packages/xo-server/config.toml
index fe30aca39..e61db6f3f 100644
--- a/packages/xo-server/config.toml
+++ b/packages/xo-server/config.toml
@@ -1,6 +1,6 @@
 # Vendor config: DO NOT TOUCH!
 #
-# See sample.config.yaml to override.
+# See sample.config.toml to override.
 
 datadir = '/var/lib/xo-server/data'
 
diff --git a/packages/xo-server/sample.config.toml b/packages/xo-server/sample.config.toml
new file mode 100644
index 000000000..290343fd5
--- /dev/null
+++ b/packages/xo-server/sample.config.toml
@@ -0,0 +1,136 @@
+# Example XO-Server configuration.
+#
+# This file is automatically looking for at the following places:
+# - `$HOME/.config/xo-server/config.toml`
+# - `/etc/xo-server/config.toml`
+#
+# The first entries have priority.
+#
+# Note: paths are relative to the configuration file.
+
+#=====================================================================
+
+# HTTP proxy configuration used by xo-server to fetch resources on the Internet.
+#
+# See: https://github.com/TooTallNate/node-proxy-agent#maps-proxy-protocols-to-httpagent-implementations
+# httpProxy = 'http://jsmith:qwerty@proxy.lan:3128'
+
+#=====================================================================
+
+# It may be necessary to run XO-Server as a privileged user (e.g. `root`) for
+# instance to allow the HTTP server to listen on a
+# [privileged ports](http://www.w3.org/Daemon/User/Installation/PrivilegedPorts.html).
+#
+# To avoid security issues, XO-Server can drop its privileges by changing the
+# user and the group is running with.
+#
+# Note: XO-Server will change them just after reading the configuration.
+
+# User to run XO-Server as.
+#
+# Note: The user can be specified using either its name or its numeric
+# identifier.
+#
+# Default: undefined
+#user = 'nobody'
+
+# Group to run XO-Server as.
+#
+# Note: The group can be specified using either its name or its numeric
+# identifier.
+#
+# Default: undefined
+# group = 'nogroup'
+
+#=====================================================================
+
+# Configuration of the embedded HTTP server.
+[http]
+# If set to true, all HTTP traffic will be redirected to the first HTTPs
+# configuration.
+# redirectToHttps = true
+
+# Basic HTTP.
+[[http.listen]]
+# Address on which the server is listening on.
+#
+# Sets it to 'localhost' for IP to listen only on the local host.
+#
+# Default: all IPv6 addresses if available, otherwise all IPv4 addresses.
+# hostname = 'localhost'
+
+# Port on which the server is listening on.
+#
+# Default: undefined
+port = 80
+
+# Instead of `host` and `port` a path to a UNIX socket may be specified
+# (overrides `host` and `port`).
+#
+# Default: undefined
+# socket = './http.sock'
+
+# # Basic HTTPS.
+# #
+# # You can find the list of possible options there
+# # https://nodejs.org/docs/latest/api/tls.html#tls.createServer
+# #
+# # The only difference is the presence of the certificate and the key.
+# [[http.listen]]
+# #hostname = '127.0.0.1'
+# port = 443
+#
+# # File containing the certificate (PEM format).
+# #
+# # If a chain of certificates authorities is needed, you may bundle them
+# # directly in the certificate.
+# #
+# # Note: the order of certificates does matter, your certificate should come
+# # first followed by the certificate of the above
+# # certificate authority up to the root.
+# #
+# # Default: undefined
+# cert = './certificate.pem'
+#
+# # File containing the private key (PEM format).
+# #
+# # If the key is encrypted, the passphrase will be asked at
+# # server startup.
+# #
+# # Default: undefined
+# key = './key.pem'
+
+# List of files/directories which will be served.
+[http.mounts]
+#'/' = '/path/to/xo-web/dist/'
+
+# List of proxied URLs (HTTP & WebSockets).
+[http.proxies]
+#'/any/url' = 'http://localhost:54722'
+
+#=====================================================================
+
+# Connection to the Redis server.
+[redis]
+# Unix sockets can be used
+#
+# Default: undefined
+#socket = '/var/run/redis/redis.sock'
+
+# Syntax: redis://[db[:password]@]hostname[:port][/db-number]
+#
+# Default: redis://localhost:6379/0
+#uri = 'redis://redis.company.lan/42'
+
+# List of aliased commands.
+#
+# See http://redis.io/topics/security#disabling-of-specific-commands
+#renameCommands:
+#  del = '3dda29ad-3015-44f9-b13b-fa570de92489'
+#  srem = '3fd758c9-5610-4e9d-a058-dbf4cb6d8bf0'
+
+# Directory containing the database of XO.
+# Currently used for logs.
+#
+# Default: '/var/lib/xo-server/data'
+#datadir = '/var/lib/xo-server/data'
diff --git a/packages/xo-server/sample.config.yaml b/packages/xo-server/sample.config.yaml
deleted file mode 100644
index 8be509160..000000000
--- a/packages/xo-server/sample.config.yaml
+++ /dev/null
@@ -1,144 +0,0 @@
-# BE *VERY* CAREFUL WHEN EDITING!
-# YAML FILES ARE SUPER SUPER SENSITIVE TO MISTAKES IN WHITESPACE OR ALIGNMENT!
-# visit http://www.yamllint.com/ to validate this file as needed
-
-#=====================================================================
-
-# Example XO-Server configuration.
-#
-# This file is automatically looking for at the following places:
-# - `$HOME/.config/xo-server/config.yaml`
-# - `/etc/xo-server/config.yaml`
-#
-# The first entries have priority.
-#
-# Note: paths are relative to the configuration file.
-
-#=====================================================================
-
-# It may be necessary to run XO-Server as a privileged user (e.g.
-# `root`) for instance to allow the HTTP server to listen on a
-# [privileged ports](http://www.w3.org/Daemon/User/Installation/PrivilegedPorts.html).
-#
-# To avoid security issues, XO-Server can drop its privileges by
-# changing the user and the group is running with.
-#
-# Note: XO-Server will change them just after reading the
-# configuration.
-
-# User to run XO-Server as.
-#
-# Note: The user can be specified using either its name or its numeric
-# identifier.
-#
-# Default: undefined
-#user: 'nobody'
-
-# Group to run XO-Server as.
-#
-# Note: The group can be specified using either its name or its
-# numeric identifier.
-#
-# Default: undefined
-#group: 'nogroup'
-
-#=====================================================================
-
-# Configuration of the embedded HTTP server.
-http:
-  # Hosts & ports on which to listen.
-  #
-  # By default, the server listens on [::]:80.
-  listen:
-    # Basic HTTP.
-    - # Address on which the server is listening on.
-      #
-      # Sets it to 'localhost' for IP to listen only on the local host.
-      #
-      # Default: all IPv6 addresses if available, otherwise all IPv4
-      # addresses.
-      #hostname: 'localhost'
-
-      # Port on which the server is listening on.
-      #
-      # Default: undefined
-      port: 80
-
-      # Instead of `host` and `port` a path to a UNIX socket may be
-      # specified (overrides `host` and `port`).
-      #
-      # Default: undefined
-      #socket: './http.sock'
-
-    # Basic HTTPS.
-    #
-    # You can find the list of possible options there https://nodejs.org/docs/latest/api/tls.html#tls.createServer
-    # -
-    #   # The only difference is the presence of the certificate and the
-    #   # key.
-    #   #
-    #   #hostname: '127.0.0.1'
-    #   port: 443
-
-    #   # File containing the certificate (PEM format).
-    #
-    #   # If a chain of certificates authorities is needed, you may bundle
-    #   # them directly in the certificate.
-    #   #
-    #   # Note: the order of certificates does matter, your certificate
-    #   # should come first followed by the certificate of the above
-    #   # certificate authority up to the root.
-    #   #
-    #   # Default: undefined
-    #   cert: './certificate.pem'
-
-    #   # File containing the private key (PEM format).
-    #   #
-    #   # If the key is encrypted, the passphrase will be asked at
-    #   # server startup.
-    #   #
-    #   # Default: undefined
-    #   key: './key.pem'
-
-  # If set to true, all HTTP traffic will be redirected to the first
-  # HTTPs configuration.
-  #redirectToHttps: true
-
-  # List of files/directories which will be served.
-  mounts:
-    #'/': '/path/to/xo-web/dist/'
-
-  # List of proxied URLs (HTTP & WebSockets).
-  proxies:
-    # '/any/url': 'http://localhost:54722'
-
-# HTTP proxy configuration used by xo-server to fetch resources on the
-# Internet.
-#
-# See: https://github.com/TooTallNate/node-proxy-agent#maps-proxy-protocols-to-httpagent-implementations
-#httpProxy: 'http://jsmith:qwerty@proxy.lan:3128'
-
-#=====================================================================
-
-# Connection to the Redis server.
-redis:
-  # Unix sockets can be used
-  #
-  # Default: undefined
-  #socket: /var/run/redis/redis.sock
-  # Syntax: redis://[db[:password]@]hostname[:port][/db-number]
-  #
-  # Default: redis://localhost:6379/0
-  #uri: redis://redis.company.lan/42
-  # List of aliased commands.
-  #
-  # See http://redis.io/topics/security#disabling-of-specific-commands
-  #renameCommands:
-  #  del: '3dda29ad-3015-44f9-b13b-fa570de92489'
-  #  srem: '3fd758c9-5610-4e9d-a058-dbf4cb6d8bf0'
-
-# Directory containing the database of XO.
-# Currently used for logs.
-#
-# Default: '/var/lib/xo-server/data'
-#datadir: '/var/lib/xo-server/data'