This is Hue 4 Beta! - Please feel free to email any feedback / questions to team@gethue.com or @gethue.
'
310 |
311 | # Login splash HTML code
312 | # e.g. WARNING: You are required to have authorization before you proceed
313 | ## login_splash_html=
GetHue.com
WARNING: You have accessed a computer managed by GetHue. You are required to have authorization from GetHue before you proceed.
314 |
315 | # Cache timeout in milliseconds for the assist, autocomplete, etc.
316 | # defaults to 10 days, set to 0 to disable caching
317 | ## cacheable_ttl=864000000
318 |
319 | # SVG code to replace the default Hue logo in the top bar and sign in screen
320 | # e.g.
321 | ## logo_svg=
322 |
323 | # Configuration options for user authentication into the web application
324 | # ------------------------------------------------------------------------
325 | [[auth]]
326 |
327 | # Authentication backend. Common settings are:
328 | # - django.contrib.auth.backends.ModelBackend (entirely Django backend)
329 | # - desktop.auth.backend.AllowAllBackend (allows everyone)
330 | # - desktop.auth.backend.AllowFirstUserDjangoBackend
331 | # (Default. Relies on Django and user manager, after the first login)
332 | # - desktop.auth.backend.LdapBackend
333 | # - desktop.auth.backend.PamBackend
334 | # - desktop.auth.backend.SpnegoDjangoBackend
335 | # - desktop.auth.backend.KnoxSpnegoDjangoBackend
336 | # - desktop.auth.backend.RemoteUserDjangoBackend
337 | # - libsaml.backend.SAML2Backend
338 | # - liboauth.backend.OAuthBackend
339 | # - desktop.auth.backend.OIDCBackend
340 | # (New oauth, support Twitter, Facebook, Google+ and Linkedin
341 | # Multiple Authentication backends are supported by specifying a comma-separated list in order of priority.
342 | # However, in order to enable OAuthBackend, it must be the ONLY backend configured.
343 | ## backend=desktop.auth.backend.AllowFirstUserDjangoBackend
344 |
345 | # Class which defines extra accessor methods for User objects.
346 | ## user_aug=desktop.auth.backend.DefaultUserAugmentor
347 |
348 | # The service to use when querying PAM.
349 | ## pam_service=login
350 |
351 | # When using the desktop.auth.backend.RemoteUserDjangoBackend, this sets
352 | # the normalized name of the header that contains the remote user.
353 | # The HTTP header in the request is converted to a key by converting
354 | # all characters to uppercase, replacing any hyphens with underscores
355 | # and adding an HTTP_ prefix to the name. So, for example, if the header
356 | # is called Remote-User that would be configured as HTTP_REMOTE_USER
357 | #
358 | # Defaults to HTTP_REMOTE_USER
359 | ## remote_user_header=HTTP_REMOTE_USER
360 |
361 | # Ignore the case of usernames when searching for existing users.
362 | # Supported in remoteUserDjangoBackend and SpnegoDjangoBackend
363 | ## ignore_username_case=true
364 |
365 | # Forcibly cast usernames to lowercase, takes precedence over force_username_uppercase
366 | # Supported in remoteUserDjangoBackend and SpnegoDjangoBackend
367 | ## force_username_lowercase=true
368 |
369 | # Forcibly cast usernames to uppercase, cannot be combined with force_username_lowercase
370 | ## force_username_uppercase=false
371 |
372 | # Users will expire after they have not logged in for 'n' amount of seconds.
373 | # A negative number means that users will never expire.
374 | ## expires_after=-1
375 |
376 | # Apply 'expires_after' to superusers.
377 | ## expire_superusers=true
378 |
379 | # Users will automatically be logged out after 'n' seconds of inactivity.
380 | # A negative number means that idle sessions will not be timed out.
381 | idle_session_timeout=-1
382 |
383 | # Force users to change password on first login with desktop.auth.backend.AllowFirstUserDjangoBackend
384 | ## change_default_password=false
385 |
386 | # Number of login attempts allowed before a record is created for failed logins
387 | ## login_failure_limit=3
388 |
389 | # After number of allowed login attempts are exceeded, do we lock out this IP and optionally user agent?
390 | ## login_lock_out_at_failure=false
391 |
392 | # If set, defines period of inactivity in hours after which failed logins will be forgotten.
393 | # A value of 0 or None will disable this check. Default: None
394 | ## login_cooloff_time=None
395 |
396 | # If True, lock out based on an IP address AND a user agent.
397 | # This means requests from different user agents but from the same IP are treated differently.
398 | ## login_lock_out_use_user_agent=false
399 |
400 | # If True, lock out based on IP and user
401 | ## login_lock_out_by_combination_user_and_ip=false
402 |
403 | # If True, it will look for the IP address from the header defined at reverse_proxy_header.
404 | ## behind_reverse_proxy=false
405 |
406 | # If behind_reverse_proxy is True, it will look for the IP address from this header. Default: HTTP_X_FORWARDED_FOR
407 | ## reverse_proxy_header=HTTP_X_FORWARDED_FOR
408 |
409 | # Configuration options for connecting to LDAP and Active Directory
410 | # -------------------------------------------------------------------
411 | [[ldap]]
412 |
413 | # The search base for finding users and groups
414 | ## base_dn="DC=mycompany,DC=com"
415 |
416 | # URL of the LDAP server
417 | ## ldap_url=ldap://auth.mycompany.com
418 |
419 | # The NT domain used for LDAP authentication
420 | ## nt_domain=mycompany.com
421 |
422 | # A PEM-format file containing certificates for the CA's that
423 | # Hue will trust for authentication over TLS.
424 | # The certificate for the CA that signed the
425 | # LDAP server certificate must be included among these certificates.
426 | # See more here http://www.openldap.org/doc/admin24/tls.html.
427 | ## ldap_cert=
428 | ## use_start_tls=true
429 |
430 | # Distinguished name of the user to bind as -- not necessary if the LDAP server
431 | # supports anonymous searches
432 | ## bind_dn="CN=ServiceAccount,DC=mycompany,DC=com"
433 |
434 | # Password of the bind user -- not necessary if the LDAP server supports
435 | # anonymous searches
436 | ## bind_password=
437 |
438 | # Execute this script to produce the bind user password. This will be used
439 | # when 'bind_password' is not set.
440 | ## bind_password_script=
441 |
442 | # Pattern for searching for usernames -- Use for the parameter
443 | # For use when using LdapBackend for Hue authentication
444 | ## ldap_username_pattern="uid=,ou=People,dc=mycompany,dc=com"
445 |
446 | # Create users in Hue when they try to login with their LDAP credentials
447 | # For use when using LdapBackend for Hue authentication
448 | ## create_users_on_login = true
449 |
450 | # Synchronize a users groups when they login
451 | ## sync_groups_on_login=true
452 |
453 | # A comma-separated list of Ldap groups with users that can login
454 | ## login_groups=
455 |
456 | # Ignore the case of usernames when searching for existing users in Hue.
457 | ## ignore_username_case=true
458 |
459 | # Force usernames to lowercase when creating new users from LDAP.
460 | # Takes precedence over force_username_uppercase
461 | ## force_username_lowercase=true
462 |
463 | # Force usernames to uppercase, cannot be combined with force_username_lowercase
464 | ## force_username_uppercase=false
465 |
466 | # Use search bind authentication.
467 | ## search_bind_authentication=true
468 |
469 | # Choose which kind of subgrouping to use: nested or suboordinate (deprecated).
470 | ## subgroups=suboordinate
471 |
472 | # Define the number of levels to search for nested members.
473 | ## nested_members_search_depth=10
474 |
475 | # Whether or not to follow referrals
476 | ## follow_referrals=false
477 |
478 | # Enable python-ldap debugging.
479 | ## debug=false
480 |
481 | # Sets the debug level within the underlying LDAP C lib.
482 | ## debug_level=255
483 |
484 | # Possible values for trace_level are 0 for no logging, 1 for only logging the method calls with arguments,
485 | # 2 for logging the method calls with arguments and the complete results and 9 for also logging the traceback of method calls.
486 | ## trace_level=0
487 |
488 | [[[users]]]
489 |
490 | # Base filter for searching for users
491 | ## user_filter="objectclass=*"
492 |
493 | # The username attribute in the LDAP schema
494 | ## user_name_attr=sAMAccountName
495 |
496 | [[[groups]]]
497 |
498 | # Base filter for searching for groups
499 | ## group_filter="objectclass=*"
500 |
501 | # The group name attribute in the LDAP schema
502 | ## group_name_attr=cn
503 |
504 | # The attribute of the group object which identifies the members of the group
505 | ## group_member_attr=members
506 |
507 | [[[ldap_servers]]]
508 |
509 | ## [[[[mycompany]]]]
510 |
511 | # The search base for finding users and groups
512 | ## base_dn="DC=mycompany,DC=com"
513 |
514 | # URL of the LDAP server
515 | ## ldap_url=ldap://auth.mycompany.com
516 |
517 | # The NT domain used for LDAP authentication
518 | ## nt_domain=mycompany.com
519 |
520 | # A PEM-format file containing certificates for the CA's that
521 | # Hue will trust for authentication over TLS.
522 | # The certificate for the CA that signed the
523 | # LDAP server certificate must be included among these certificates.
524 | # See more here http://www.openldap.org/doc/admin24/tls.html.
525 | ## ldap_cert=
526 | ## use_start_tls=true
527 |
528 | # Distinguished name of the user to bind as -- not necessary if the LDAP server
529 | # supports anonymous searches
530 | ## bind_dn="CN=ServiceAccount,DC=mycompany,DC=com"
531 |
532 | # Password of the bind user -- not necessary if the LDAP server supports
533 | # anonymous searches
534 | ## bind_password=
535 |
536 | # Execute this script to produce the bind user password. This will be used
537 | # when 'bind_password' is not set.
538 | ## bind_password_script=
539 |
540 | # Pattern for searching for usernames -- Use for the parameter
541 | # For use when using LdapBackend for Hue authentication
542 | ## ldap_username_pattern="uid=,ou=People,dc=mycompany,dc=com"
543 |
544 | ## Use search bind authentication.
545 | ## search_bind_authentication=true
546 |
547 | # Whether or not to follow referrals
548 | ## follow_referrals=false
549 |
550 | # Enable python-ldap debugging.
551 | ## debug=false
552 |
553 | # Sets the debug level within the underlying LDAP C lib.
554 | ## debug_level=255
555 |
556 | # Possible values for trace_level are 0 for no logging, 1 for only logging the method calls with arguments,
557 | # 2 for logging the method calls with arguments and the complete results and 9 for also logging the traceback of method calls.
558 | ## trace_level=0
559 |
560 | ## [[[[[users]]]]]
561 |
562 | # Base filter for searching for users
563 | ## user_filter="objectclass=Person"
564 |
565 | # The username attribute in the LDAP schema
566 | ## user_name_attr=sAMAccountName
567 |
568 | ## [[[[[groups]]]]]
569 |
570 | # Base filter for searching for groups
571 | ## group_filter="objectclass=groupOfNames"
572 |
573 | # The username attribute in the LDAP schema
574 | ## group_name_attr=cn
575 |
576 | # Configuration options for specifying the Source Version Control.
577 | # ----------------------------------------------------------------
578 | [[vcs]]
579 |
580 | ## [[[git-read-only]]]
581 | ## Base URL to Remote Server
582 | # remote_url=https://github.com/cloudera/hue/tree/master
583 |
584 | ## Base URL to Version Control API
585 | # api_url=https://api.github.com
586 | ## [[[github]]]
587 |
588 | ## Base URL to Remote Server
589 | # remote_url=https://github.com/cloudera/hue/tree/master
590 |
591 | ## Base URL to Version Control API
592 | # api_url=https://api.github.com
593 |
594 | # These will be necessary when you want to write back to the repository.
595 | ## Client ID for Authorized Application
596 | # client_id=
597 |
598 | ## Client Secret for Authorized Application
599 | # client_secret=
600 | ## [[[svn]]
601 | ## Base URL to Remote Server
602 | # remote_url=https://github.com/cloudera/hue/tree/master
603 |
604 | ## Base URL to Version Control API
605 | # api_url=https://api.github.com
606 |
607 | # These will be necessary when you want to write back to the repository.
608 | ## Client ID for Authorized Application
609 | # client_id=
610 |
611 | ## Client Secret for Authorized Application
612 | # client_secret=
613 |
614 | # Configuration options for specifying the Desktop Database. For more info,
615 | # see http://docs.djangoproject.com/en/1.11/ref/settings/#database-engine
616 | # ------------------------------------------------------------------------
617 | [[database]]
618 | # Database engine is typically one of:
619 | # postgresql_psycopg2, mysql, sqlite3 or oracle.
620 | #
621 | # Note that for sqlite3, 'name', below is a path to the filename. For other backends, it is the database name
622 | # Note for Oracle, options={"threaded":true} must be set in order to avoid crashes.
623 | # Note for Oracle, you can use the Oracle Service Name by setting "host=" and "port=" and then "name=:/".
624 | # Note for MariaDB use the 'mysql' engine.
625 | #engine=mysql
626 | #host=localhost
627 | #port=3306
628 | #user=hue
629 | #password=hue
630 | #name=hue
631 | # conn_max_age option to make database connection persistent value in seconds
632 | # https://docs.djangoproject.com/en/1.11/ref/databases/#persistent-connections
633 | ## conn_max_age=0
634 | # Execute this script to produce the database password. This will be used when 'password' is not set.
635 | ## password_script=/path/script
636 | ## name=desktop/desktop.db
637 | ## options={}
638 | # Database schema, to be used only when public schema is revoked in postgres
639 | ## schema=public
640 |
641 | # Configuration options for specifying the Desktop session.
642 | # For more info, see https://docs.djangoproject.com/en/1.4/topics/http/sessions/
643 | # ------------------------------------------------------------------------
644 | [[session]]
645 | # The name of the cookie to use for sessions.
646 | # This can have any value that is not used by the other cookie names in your application.
647 | ## cookie_name=sessionid
648 |
649 | # The cookie containing the users' session ID will expire after this amount of time in seconds.
650 | # Default is 2 weeks.
651 | ## ttl=1209600
652 |
653 | # The cookie containing the users' session ID and csrf cookie will be secure.
654 | # Should only be enabled with HTTPS.
655 | ## secure=false
656 |
657 | # The cookie containing the users' session ID and csrf cookie will use the HTTP only flag.
658 | ## http_only=true
659 |
660 | # Use session-length cookies. Logs out the user when she closes the browser window.
661 | ## expire_at_browser_close=false
662 |
663 | # If set, limits the number of concurrent user sessions. 1 represents 1 browser session per user. Default: 0 (unlimited sessions per user)
664 | ## concurrent_user_session_limit=0
665 |
666 | # A list of hosts which are trusted origins for unsafe requests. See django's CSRF_TRUSTED_ORIGINS for more information
667 | ## trusted_origins=.cloudera.com
668 |
669 | # Configuration options for connecting to an external SMTP server
670 | # ------------------------------------------------------------------------
671 | [[smtp]]
672 |
673 | # The SMTP server information for email notification delivery
674 | host=localhost
675 | port=25
676 | user=
677 | password=
678 |
679 | # Whether to use a TLS (secure) connection when talking to the SMTP server
680 | tls=no
681 |
682 | # Default email address to use for various automated notification from Hue
683 | ## default_from_email=hue@localhost
684 |
685 |
686 | # Configuration options for KNOX integration for secured CDPD cluster
687 | # ------------------------------------------------------------------------
688 | [[knox]]
689 |
690 | # This is a list of hosts that knox proxy requests can come from
691 | ## knox_proxyhosts=server1.domain.com,server2.domain.com
692 | # List of Kerberos principal name which is allowed to impersonate others
693 | ## knox_principal=knox1,knox2
694 | # Comma separated list of strings representing the ports that the Hue server can trust as knox port.
695 | ## knox_ports=80,8443
696 |
697 | # Configuration options for Kerberos integration for secured Hadoop clusters
698 | # ------------------------------------------------------------------------
699 | [[kerberos]]
700 |
701 | # Path to Hue's Kerberos keytab file
702 | ## hue_keytab=
703 | # Kerberos principal name for Hue
704 | ## hue_principal=hue/hostname.foo.com
705 | # Frequency in seconds with which Hue will renew its keytab
706 | ## keytab_reinit_frequency=3600
707 | # Path to keep Kerberos credentials cached
708 | ## ccache_path=/var/run/hue/hue_krb5_ccache
709 | # Path to kinit
710 | ## kinit_path=/path/to/kinit
711 |
712 | # Mutual authentication from the server, attaches HTTP GSSAPI/Kerberos Authentication to the given Request object
713 | ## mutual_authentication="OPTIONAL" or "REQUIRED" or "DISABLED"
714 |
715 | # Configuration options for using OAuthBackend (Core) login
716 | # ------------------------------------------------------------------------
717 | [[oauth]]
718 | # The Consumer key of the application
719 | ## consumer_key=XXXXXXXXXXXXXXXXXXXXX
720 |
721 | # The Consumer secret of the application
722 | ## consumer_secret=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
723 |
724 | # The Request token URL
725 | ## request_token_url=https://api.twitter.com/oauth/request_token
726 |
727 | # The Access token URL
728 | ## access_token_url=https://api.twitter.com/oauth/access_token
729 |
730 | # The Authorize URL
731 | ## authenticate_url=https://api.twitter.com/oauth/authorize
732 |
733 | # Configuration options for using OIDCBackend (Core) login for SSO
734 | # ------------------------------------------------------------------------
735 | [[oidc]]
736 | # The client ID as relay party set in OpenID provider
737 | ## oidc_rp_client_id=XXXXXXXXXXXXXXXXXXXXX
738 |
739 | # The client secret as relay party set in OpenID provider
740 | ## oidc_rp_client_secret=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
741 |
742 | # The OpenID provider authoriation endpoint
743 | ## oidc_op_authorization_endpoint=https://keycloak.example.com/auth/realms/Cloudera/protocol/openid-connect/auth
744 |
745 | # The OpenID provider token endpoint
746 | ## oidc_op_token_endpoint=https://keycloak.example.com/auth/realms/cloudera/protocol/openid-connect/token
747 |
748 | # The OpenID provider user info endpoint
749 | ## oidc_op_user_endpoint=https://keycloak.example.com/auth/realms/cloudera/protocol/openid-connect/userinfo
750 |
751 | # The OpenID provider signing key in PEM or DER format
752 | ## oidc_rp_idp_sign_key=/path/to/key_file
753 |
754 | # The OpenID provider authoriation endpoint
755 | ## oidc_op_jwks_endpoint=https://keycloak.example.com/auth/realms/Cloudera/protocol/openid-connect/certs
756 |
757 | # Whether Hue as OpenID Connect client verify SSL cert
758 | ## oidc_verify_ssl=true
759 |
760 | # As relay party Hue URL path to redirect to after login
761 | ## login_redirect_url=https://localhost:8888/oidc/callback/
762 |
763 | # The OpenID provider URL path to redirect to after logout
764 | ## logout_redirect_url=https://keycloak.example.com/auth/realms/cloudera/protocol/openid-connect/logout
765 |
766 | # As relay party Hue URL path to redirect to after login
767 | ## login_redirect_url_failure=https://localhost:8888/hue/oidc_failed/
768 |
769 | # Create a new user from OpenID Connect on login if it doesn't exist
770 | ## create_users_on_login=true
771 |
772 | # When creating a new user, which 'claims' attribute from the OIDC provider to be used for creating the username.
773 | # Default to 'preferred_username'. Possible values include: 'email'
774 | ## oidc_username_attribute=preferred_username
775 |
776 | # The group of users will be created and updated as superuser. To use this feature, setup in Keycloak:
777 | # 1. add the name of the group here
778 | # 2. in Keycloak, go to your_realm --> your_clients --> Mappers, add a mapper
779 | # Mapper Type: Group Membership (this is predefined mapper type)
780 | # Token Claim Name: group_membership (required exact string)
781 | ## superuser_group=hue_superusers
782 |
783 | # Configuration options for Metrics
784 | # ------------------------------------------------------------------------
785 | [[metrics]]
786 |
787 | # Enable the metrics URL "/desktop/metrics"
788 | ## enable_web_metrics=True
789 |
790 | # If specified, Hue will write metrics to this file.
791 | ## location=/var/log/hue/metrics.json
792 |
793 | # Time in milliseconds on how frequently to collect metrics
794 | ## collection_interval=30000
795 |
796 |
797 | # Configuration options for the request Tracing
798 | # ------------------------------------------------------------------------
799 | [[tracing]]
800 | ## If tracing is enabled.
801 | # enabled=false
802 |
803 | ## Trace all the requests instead of a few specific ones like the SQL Editor. Much noisiers.
804 | # trace_all=false
805 |
806 |
807 | # Configuration options for the Task Server
808 | # ------------------------------------------------------------------------
809 | [[task_server]]
810 |
811 | # If resource intensive or blocking can be delegated to an already running task server.
812 | ## enabled=False
813 |
814 | # Switch on the integration with the Task Scheduler.
815 | ## beat_enabled=False
816 |
817 | # Number of query results rows to fetch into the result storage.
818 | ## fetch_result_limit=2000
819 |
820 | # Django file storage class to use to temporarily store query results
821 | ## result_storage='{"backend": "django.core.files.storage.FileSystemStorage", "properties": {"location": "./logs"}}'
822 |
823 | # How the task server and tasks communicate.
824 | ## broker_url=amqp://guest:guest@localhost//
825 |
826 | # Where to store task results. Defaults to local file system path. Celery comes with a several other backends.
827 | ## celery_result_backend=file:///$HUE_ROOT/logs
828 |
829 | # Default options provided to the task server at startup.
830 | ## celeryd_opts='--time-limit=300'
831 |
832 | # Django cache to use to store temporarily used data during query execution. This is in addition to result_file_storage and result_backend.
833 | ## execution_storage='{"BACKEND": "django.core.cache.backends.locmem.LocMemCache", "LOCATION": "celery-hue"}'
834 |
835 | # Path to a file containing a list of beat schedules.
836 | # beat_schedules_file=/etc/hue/conf/schedules.py
837 | # e.g.
838 | # periodic_tasks = [{
839 | # 'add-every-monday-morning': {
840 | # 'task': 'desktop.celery.debug_task',
841 | # 'schedule': crontab(minute='*'),
842 | # },
843 | # },
844 | # {
845 | # 'customer_count_query': {
846 | # 'task': 'notebook.tasks.run_sync_query',
847 | # 'schedule': crontab(minute='*'),
848 | # 'args': (None, None),
849 | # },
850 | # }
851 | # ]
852 |
853 | # Settings for the Google Cloud lib
854 | # ------------------------------------------------------------------------
855 | [[gc_accounts]]
856 | [[[default]]]
857 | # The JSON credentials to authenticate to Google Cloud e.g. '{ "type": "service_account", "project_id": .... }'
858 | # json_credentials=None
859 |
860 | ###########################################################################
861 | # Settings to configure the snippets available in the Notebook
862 | ###########################################################################
863 |
864 | [notebook]
865 |
866 | ## Show the notebook menu or not
867 | # show_notebooks=true
868 |
869 | ## Flag to enable the selection of queries from files, saved queries into the editor or as snippet.
870 | # enable_external_statements=false
871 |
872 | ## Flag to enable the bulk submission of queries as a background task through Oozie.
873 | # enable_batch_execute=true
874 |
875 | ## Flag to turn on the SQL indexer.
876 | # enable_sql_indexer=false
877 |
878 | ## Flag to turn on the Presentation mode of the editor.
879 | # enable_presentation=true
880 |
881 | ## Flag to enable the SQL query builder of the table assist.
882 | # enable_query_builder=true
883 |
884 | ## Flag to enable the creation of a coordinator for the current SQL query.
885 | # enable_query_scheduling=false
886 |
887 | ## Main flag to override the automatic starting of the DBProxy server.
888 | # enable_dbproxy_server=true
889 |
890 | ## Classpath to be appended to the default DBProxy server classpath.
891 | # dbproxy_extra_classpath=
892 |
893 | ## Comma separated list of interpreters that should be shown on the wheel. This list takes precedence over the
894 | ## order in which the interpreter entries appear. Only the first 5 interpreters will appear on the wheel.
895 | # interpreters_shown_on_wheel=
896 |
897 | # One entry for each type of snippet.
898 | [[interpreters]]
899 | # Define the name and how to connect and execute the language.
900 | # https://docs.gethue.com/administrator/configuration/editor/
901 |
902 | # [[[mysql]]]
903 | # name = MySQL
904 | # interface=sqlalchemy
905 | # ## https://docs.sqlalchemy.org/en/latest/dialects/mysql.html
906 | # options='{"url": "mysql://root:secret@database:3306/hue"}'
907 | # ## options='{"url": "mysql://${USER}:${PASSWORD}@localhost:3306/hue"}'
908 |
909 | # [[[hive]]]
910 | # name=Hive
911 | # interface=hiveserver2
912 |
913 | # [[[llap]]]
914 | # name=LLAP
915 | # interface=hiveserver2
916 |
917 | # [[[impala]]]
918 | # name=Impala
919 | # interface=hiveserver2
920 |
921 | # [[[postgresql]]]
922 | # name = postgresql
923 | # interface=sqlalchemy
924 | # options='{"url": "postgresql://hue:hue@host:5432/hue"}'
925 |
926 | # [[[druid]]]
927 | # name = Druid
928 | # interface=sqlalchemy
929 | # options='{"url": "druid://host:8082/druid/v2/sql/"}'
930 |
931 | # [[[sql]]]
932 | # name=SparkSql
933 | # interface=livy
934 |
935 | # [[[spark]]]
936 | # name=Scala
937 | # interface=livy
938 |
939 | # [[[pyspark]]]
940 | # name=PySpark
941 | # interface=livy
942 |
943 | # [[[r]]]
944 | # name=R
945 | # interface=livy
946 |
947 | # [[jar]]]
948 | # name=Spark Submit Jar
949 | # interface=livy-batch
950 |
951 | # [[[py]]]
952 | # name=Spark Submit Python
953 | # interface=livy-batch
954 |
955 | # [[[text]]]
956 | # name=Text
957 | # interface=text
958 |
959 | # [[[markdown]]]
960 | # name=Markdown
961 | # interface=text
962 |
963 | # [[[sqlite]]]
964 | # name = SQLite
965 | # interface=rdbms
966 |
967 | # [[[oracle]]]
968 | # name = Oracle
969 | # interface=rdbms
970 |
971 | # [[[solr]]]
972 | # name = Solr SQL
973 | # interface=solr
974 | # ## Name of the collection handler
975 | # options='{"collection": "default"}'
976 |
977 | # [[[pig]]]
978 | # name=Pig
979 | # interface=oozie
980 |
981 | # [[[java]]]
982 | # name=Java
983 | # interface=oozie
984 |
985 | # [[[spark2]]]
986 | # name=Spark
987 | # interface=oozie
988 |
989 | # [[[mapreduce]]]
990 | # name=MapReduce
991 | # interface=oozie
992 |
993 | # [[[sqoop1]]]
994 | # name=Sqoop1
995 | # interface=oozie
996 |
997 | # [[[distcp]]]
998 | # name=Distcp
999 | # interface=oozie
1000 |
1001 | # [[[shell]]]
1002 | # name=Shell
1003 | # interface=oozie
1004 |
1005 | # [[[presto]]]
1006 | # name=Presto SQL
1007 | # interface=presto
1008 | # ## Specific options for connecting to the Presto server.
1009 | # ## The JDBC driver presto-jdbc.jar need to be in the CLASSPATH environment variable.
1010 | # ## If 'user' and 'password' are omitted, they will be prompted in the UI.
1011 | # options='{"url": "jdbc:presto://localhost:8080/catalog/schema", "driver": "io.prestosql.jdbc.PrestoDriver", "user": "root", "password": "root"}'
1012 |
1013 | # [[[clickhouse]]]
1014 | # name=ClickHouse
1015 | # interface=jdbc
1016 | # ## Specific options for connecting to the ClickHouse server.
1017 | # ## The JDBC driver clickhouse-jdbc.jar and its related jars need to be in the CLASSPATH environment variable.
1018 | # options='{"url": "jdbc:clickhouse://localhost:8123", "driver": "ru.yandex.clickhouse.ClickHouseDriver", "user": "readonly", "password": ""}'
1019 |
1020 | # [[[vertica]]]
1021 | # name=Vertica
1022 | # interface=jdbc
1023 | # ## Specific options for connecting to a Vertica server.
1024 | # ## The JDBC driver vertica-jdbc-*.jar and its related jars need to be in the CLASSPATH environment variable.
1025 | # ## If 'user' and 'password' are omitted, they will be prompted in the UI.
1026 | # options='{"url": "jdbc:vertica://localhost:5434", "driver": "com.vertica.jdbc.Driver"}'
1027 |
1028 |
1029 | ###########################################################################
1030 | # Settings to configure your Analytics Dashboards
1031 | ###########################################################################
1032 |
1033 | [dashboard]
1034 |
1035 | # Activate the Dashboard link in the menu.
1036 | ## is_enabled=true
1037 |
1038 | # Activate the SQL Dashboard (beta).
1039 | ## has_sql_enabled=false
1040 |
1041 | # Activate the Query Builder (beta).
1042 | ## has_query_builder_enabled=false
1043 |
1044 | # Activate the static report layout (beta).
1045 | ## has_report_enabled=false
1046 |
1047 | # Activate the new grid layout system.
1048 | ## use_gridster=true
1049 |
1050 | # Activate the widget filter and comparison (beta).
1051 | ## has_widget_filter=false
1052 |
1053 | # Activate the tree widget (to drill down fields as dimensions, alpha).
1054 | ## has_tree_widget=false
1055 |
1056 | [[engines]]
1057 |
1058 | # [[[solr]]]
1059 | # Requires Solr 6+
1060 | ## analytics=true
1061 | ## nesting=false
1062 |
1063 | # [[[sql]]]
1064 | ## analytics=true
1065 | ## nesting=false
1066 |
1067 |
1068 | ###########################################################################
1069 | # Settings to configure your Hadoop cluster.
1070 | ###########################################################################
1071 |
1072 | [hadoop]
1073 |
1074 | # Configuration for HDFS NameNode
1075 | # ------------------------------------------------------------------------
1076 | [[hdfs_clusters]]
1077 | # HA support by using HttpFs
1078 |
1079 | [[[default]]]
1080 | # Enter the filesystem uri
1081 | fs_defaultfs=hdfs://localhost:8020
1082 |
1083 | # NameNode logical name.
1084 | ## logical_name=
1085 |
1086 | # Use WebHdfs/HttpFs as the communication mechanism.
1087 | # Domain should be the NameNode or HttpFs host.
1088 | # Default port is 14000 for HttpFs.
1089 | webhdfs_url=http://localhost:9870/webhdfs/v1
1090 |
1091 | # Change this if your HDFS cluster is Kerberos-secured
1092 | ## security_enabled=false
1093 |
1094 | # In secure mode (HTTPS), if SSL certificates from YARN Rest APIs
1095 | # have to be verified against certificate authority
1096 | ## ssl_cert_ca_verify=True
1097 |
1098 | # Directory of the Hadoop configuration
1099 | ## hadoop_conf_dir=$HADOOP_CONF_DIR when set or '/etc/hadoop/conf'
1100 |
1101 | # Configuration for YARN (MR2)
1102 | # ------------------------------------------------------------------------
1103 | [[yarn_clusters]]
1104 |
1105 | [[[default]]]
1106 | # Enter the host on which you are running the ResourceManager
1107 | resourcemanager_host=localhost
1108 |
1109 | # The port where the ResourceManager IPC listens on
1110 | resourcemanager_port=8032
1111 |
1112 | # Whether to submit jobs to this cluster
1113 | submit_to=True
1114 |
1115 | # Resource Manager logical name (required for HA)
1116 | ## logical_name=
1117 |
1118 | # Change this if your YARN cluster is Kerberos-secured
1119 | ## security_enabled=false
1120 |
1121 | # URL of the ResourceManager API
1122 | resourcemanager_api_url=http://localhost:8088
1123 |
1124 | # URL of the ProxyServer API
1125 | proxy_api_url=http://localhost:8088
1126 |
1127 | # URL of the HistoryServer API
1128 | history_server_api_url=http://localhost:19888
1129 |
1130 | # URL of the Spark History Server
1131 | spark_history_server_url=http://localhost:18088
1132 |
1133 | # Change this if your Spark History Server is Kerberos-secured
1134 | ## spark_history_server_security_enabled=false
1135 |
1136 | # In secure mode (HTTPS), if SSL certificates from YARN Rest APIs
1137 | # have to be verified against certificate authority
1138 | ## ssl_cert_ca_verify=True
1139 |
1140 | # HA support by specifying multiple clusters.
1141 | # Redefine different properties there.
1142 | # e.g.
1143 |
1144 | # [[[ha]]]
1145 | # Resource Manager logical name (required for HA)
1146 | ## logical_name=my-rm-name
1147 |
1148 | # Un-comment to enable
1149 | ## submit_to=True
1150 |
1151 | # URL of the ResourceManager API
1152 | ## resourcemanager_api_url=http://localhost:8088
1153 |
1154 | # ...
1155 |
1156 |
1157 | ###########################################################################
1158 | # Settings to configure Beeswax with Hive
1159 | ###########################################################################
1160 |
1161 | [beeswax]
1162 |
1163 | # Host where HiveServer2 is running.
1164 | # If Kerberos security is enabled, use fully-qualified domain name (FQDN).
1165 | hive_server_host=localhost
1166 |
1167 | # Binary thrift port for HiveServer2.
1168 | hive_server_port=10000
1169 |
1170 | # Http thrift port for HiveServer2.
1171 | ## hive_server_http_port=10001
1172 |
1173 | # Host where LLAP is running
1174 | ## llap_server_host = localhost
1175 |
1176 | # LLAP binary thrift port
1177 | ## llap_server_port = 10500
1178 |
1179 | # LLAP HTTP Thrift port
1180 | ## llap_server_thrift_port = 10501
1181 |
1182 | # Alternatively, use Service Discovery for LLAP (Hive Server Interactive) and/or Hiveserver2, this will override server and thrift port
1183 |
1184 | # Whether to use Service Discovery for LLAP
1185 | ## hive_discovery_llap = true
1186 |
1187 | # is llap (hive server interactive) running in an HA configuration (more than 1)
1188 | # important as the zookeeper structure is different
1189 | ## hive_discovery_llap_ha = false
1190 |
1191 | # Shortcuts to finding LLAP znode Key
1192 | # Non-HA - hiveserver-interactive-site - hive.server2.zookeeper.namespace ex hive2 = /hive2
1193 | # HA-NonKerberized - _llap ex app name llap0 = /llap0_llap
1194 | # HA-Kerberized - _llap-sasl ex app name llap0 = /llap0_llap-sasl
1195 | ## hive_discovery_llap_znode = /hiveserver2-hive2
1196 |
1197 | # Whether to use Service Discovery for HiveServer2
1198 | ## hive_discovery_hs2 = true
1199 |
1200 | # Hiveserver2 is hive-site hive.server2.zookeeper.namespace ex hiveserver2 = /hiverserver2
1201 | ## hive_discovery_hiveserver2_znode = /hiveserver2
1202 |
1203 | # Applicable only for LLAP HA
1204 | # To keep the load on zookeeper to a minimum
1205 | # ---- we cache the LLAP activeEndpoint for the cache_timeout period
1206 | # ---- we cache the hiveserver2 endpoint for the length of session
1207 | # configurations to set the time between zookeeper checks
1208 | ## cache_timeout = 60
1209 |
1210 | # Host where Hive Metastore Server (HMS) is running.
1211 | # If Kerberos security is enabled, the fully-qualified domain name (FQDN) is required.
1212 | ## hive_metastore_host=localhost
1213 |
1214 | # Configure the port the Hive Metastore Server runs on.
1215 | ## hive_metastore_port=9083
1216 |
1217 | # Hive configuration directory, where hive-site.xml is located
1218 | ## hive_conf_dir=/etc/hive/conf
1219 |
1220 | # Timeout in seconds for thrift calls to Hive service
1221 | ## server_conn_timeout=120
1222 |
1223 | # Choose whether to use the old GetLog() thrift call from before Hive 0.14 to retrieve the logs.
1224 | # If false, use the FetchResults() thrift call from Hive 1.0 or more instead.
1225 | ## use_get_log_api=false
1226 |
1227 | # Limit the number of partitions that can be listed.
1228 | ## list_partitions_limit=10000
1229 |
1230 | # The maximum number of partitions that will be included in the SELECT * LIMIT sample query for partitioned tables.
1231 | ## query_partitions_limit=10
1232 |
1233 | # A limit to the number of rows that can be downloaded from a query before it is truncated.
1234 | # A value of -1 means there will be no limit.
1235 | ## download_row_limit=100000
1236 |
1237 | # A limit to the number of bytes that can be downloaded from a query before it is truncated.
1238 | # A value of -1 means there will be no limit.
1239 | ## download_bytes_limit=-1
1240 |
1241 | # Hue will try to close the Hive query when the user leaves the editor page.
1242 | # This will free all the query resources in HiveServer2, but also make its results inaccessible.
1243 | ## close_queries=false
1244 |
1245 | # Hue will use at most this many HiveServer2 sessions per user at a time.
1246 | # For Tez, increase the number to more if you need more than one query at the time, e.g. 2 or 3 (Tez has a maximum of 1 query by session).
1247 | ## max_number_of_sessions=1
1248 |
1249 | # Thrift version to use when communicating with HiveServer2.
1250 | # Version 11 comes with Hive 3.0. If issues, try 7.
1251 | ## thrift_version=11
1252 |
1253 | # A comma-separated list of white-listed Hive configuration properties that users are authorized to set.
1254 | ## config_whitelist=hive.map.aggr,hive.exec.compress.output,hive.exec.parallel,hive.execution.engine,mapreduce.job.queuename
1255 |
1256 | # Override the default desktop username and password of the hue user used for authentications with other services.
1257 | # e.g. Used for LDAP/PAM pass-through authentication.
1258 | ## auth_username=hue
1259 | ## auth_password=
1260 |
1261 | # Use SASL framework to establish connection to host.
1262 | ## use_sasl=false
1263 |
1264 | [[ssl]]
1265 | # Path to Certificate Authority certificates.
1266 | ## cacerts=/etc/hue/cacerts.pem
1267 |
1268 | # Choose whether Hue should validate certificates received from the server.
1269 | ## validate=true
1270 |
1271 | ###########################################################################
1272 | # Settings to configure Metastore
1273 | ###########################################################################
1274 |
1275 | [metastore]
1276 | # Flag to turn on the new version of the create table wizard.
1277 | ## enable_new_create_table=true
1278 |
1279 | # Flag to force all metadata calls (e.g. list tables, table or column details...) to happen via HiveServer2 if available instead of Impala.
1280 | ## force_hs2_metadata=false
1281 |
1282 |
1283 | ###########################################################################
1284 | # Settings to configure Impala
1285 | ###########################################################################
1286 |
1287 | [impala]
1288 | # Host of the Impala Server (one of the Impalad)
1289 | ## server_host=localhost
1290 |
1291 | # Port of the Impala Server
1292 | ## server_port=21050
1293 |
1294 | # Kerberos principal
1295 | ## impala_principal=impala/hostname.foo.com
1296 |
1297 | # Turn on/off impersonation mechanism when talking to Impala
1298 | ## impersonation_enabled=False
1299 |
1300 | # Number of initial rows of a result set to ask Impala to cache in order
1301 | # to support re-fetching them for downloading them.
1302 | # Set to 0 for disabling the option and backward compatibility.
1303 | ## querycache_rows=50000
1304 |
1305 | # Timeout in seconds for thrift calls
1306 | ## server_conn_timeout=120
1307 |
1308 | # Hue will try to close the Impala query when the user leaves the editor page.
1309 | # This will free all the query resources in Impala, but also make its results inaccessible.
1310 | ## close_queries=true
1311 |
1312 | # If > 0, the query will be timed out (i.e. cancelled) if Impala does not do any work
1313 | # (compute or send back results) for that query within QUERY_TIMEOUT_S seconds.
1314 | ## query_timeout_s=300
1315 |
1316 | # If > 0, the session will be timed out (i.e. cancelled) if Impala does not do any work
1317 | # (compute or send back results) for that session within SESSION_TIMEOUT_S seconds (default 15 min).
1318 | ## session_timeout_s=900
1319 |
1320 | # Override the desktop default username and password of the hue user used for authentications with other services.
1321 | # e.g. Used for LDAP/PAM pass-through authentication.
1322 | ## auth_username=hue
1323 | ## auth_password=
1324 |
1325 | # Username and password for Impala Daemon Web interface for getting Impala queries in JobBrowser
1326 | # Set when webserver_htpassword_user and webserver_htpassword_password are set for Impala
1327 | ## daemon_api_username=
1328 | ## daemon_api_password=
1329 | # Execute this script to produce the password to avoid entering in clear text
1330 | ## daemon_api_password_script=
1331 |
1332 | # A comma-separated list of white-listed Impala configuration properties that users are authorized to set.
1333 | # config_whitelist=debug_action,explain_level,mem_limit,optimize_partition_key_scans,query_timeout_s,request_pool
1334 |
1335 | # Path to the impala configuration dir which has impalad_flags file
1336 | ## impala_conf_dir=${HUE_CONF_DIR}/impala-conf
1337 |
1338 | # Use SASL framework to establish connection to host.
1339 | ## use_sasl=true
1340 |
1341 | [[ssl]]
1342 | # SSL communication enabled for this server.
1343 | ## enabled=false
1344 |
1345 | # Path to Certificate Authority certificates.
1346 | ## cacerts=/etc/hue/cacerts.pem
1347 |
1348 | # Choose whether Hue should validate certificates received from the server.
1349 | ## validate=true
1350 |
1351 |
1352 | ###########################################################################
1353 | # Settings to configure the Spark application.
1354 | ###########################################################################
1355 |
1356 | [spark]
1357 | # The Livy Server URL.
1358 | ## livy_server_url=http://localhost:8998
1359 |
1360 | # Configure Livy to start in local 'process' mode, or 'yarn' workers.
1361 | ## livy_server_session_kind=yarn
1362 |
1363 | # Whether Livy requires client to perform Kerberos authentication.
1364 | ## security_enabled=false
1365 |
1366 | # Whether Livy requires client to use csrf protection.
1367 | ## csrf_enabled=false
1368 |
1369 | # Host of the Sql Server
1370 | ## sql_server_host=localhost
1371 |
1372 | # Port of the Sql Server
1373 | ## sql_server_port=10000
1374 |
1375 | # Choose whether Hue should validate certificates received from the server.
1376 | ## ssl_cert_ca_verify=true
1377 |
1378 | # Use SASL framework to establish connection to host.
1379 | ## use_sasl=false
1380 |
1381 | ###########################################################################
1382 | # Settings to configure the Oozie app
1383 | ###########################################################################
1384 |
1385 | [oozie]
1386 | # Location on local FS where the examples are stored.
1387 | ## local_data_dir=..../examples
1388 |
1389 | # Location on local FS where the data for the examples is stored.
1390 | ## sample_data_dir=...thirdparty/sample_data
1391 |
1392 | # Location on HDFS where the oozie examples and workflows are stored.
1393 | # Parameters are $TIME and $USER, e.g. /user/$USER/hue/workspaces/workflow-$TIME
1394 | ## remote_data_dir=/user/hue/oozie/workspaces
1395 |
1396 | # Maximum of Oozie workflows or coodinators to retrieve in one API call.
1397 | ## oozie_jobs_count=100
1398 |
1399 | # Use Cron format for defining the frequency of a Coordinator instead of the old frequency number/unit.
1400 | ## enable_cron_scheduling=true
1401 |
1402 | # Flag to enable the saved Editor queries to be dragged and dropped into a workflow.
1403 | ## enable_document_action=true
1404 |
1405 | # Flag to enable Oozie backend filtering instead of doing it at the page level in Javascript. Requires Oozie 4.3+.
1406 | ## enable_oozie_backend_filtering=true
1407 |
1408 | # Flag to enable the Impala action.
1409 | ## enable_impala_action=false
1410 |
1411 | # Flag to enable the Altus action.
1412 | ## enable_altus_action=false
1413 |
1414 |
1415 | ###########################################################################
1416 | # Settings to configure the Filebrowser app
1417 | ###########################################################################
1418 |
1419 | [filebrowser]
1420 | # Location on local filesystem where the uploaded archives are temporary stored.
1421 | ## archive_upload_tempdir=/tmp
1422 |
1423 | # Show Download Button for HDFS file browser.
1424 | ## show_download_button=true
1425 |
1426 | # Show Upload Button for HDFS file browser.
1427 | ## show_upload_button=true
1428 |
1429 | # Flag to enable the extraction of a uploaded archive in HDFS.
1430 | ## enable_extract_uploaded_archive=true
1431 |
1432 | # Redirect client to WebHdfs or S3 for file download. Note: Turning this on will override notebook/redirect_whitelist for user selected file downloads on WebHdfs & S3.
1433 | ## redirect_download=false
1434 |
1435 | ###########################################################################
1436 | # Settings to configure Pig
1437 | ###########################################################################
1438 |
1439 | [pig]
1440 | # Path to directory with piggybank.jar on local filesystem.
1441 | ## local_sample_dir=/usr/share/hue/apps/pig/examples
1442 |
1443 | # Location piggybank.jar will be copied to in HDFS.
1444 | ## remote_data_dir=/user/hue/pig/examples
1445 |
1446 |
1447 | ###########################################################################
1448 | # Settings to configure Sqoop2
1449 | ###########################################################################
1450 |
1451 | [sqoop]
1452 | # If the Sqoop2 app is enabled. Sqoop2 project is deprecated. Sqoop1 is recommended.
1453 | ## is_enabled=false
1454 |
1455 | # Sqoop server URL
1456 | ## server_url=http://localhost:12000/sqoop
1457 |
1458 | # Path to configuration directory
1459 | ## sqoop_conf_dir=/etc/sqoop2/conf
1460 |
1461 | # Choose whether Hue should validate certificates received from the server.
1462 | ## ssl_cert_ca_verify=true
1463 |
1464 | # For autocompletion, fill out the librdbms section.
1465 |
1466 | ###########################################################################
1467 | # Settings to configure Proxy
1468 | ###########################################################################
1469 |
1470 | [proxy]
1471 | # Comma-separated list of regular expressions,
1472 | # which match 'host:port' of requested proxy target.
1473 | ## whitelist=(localhost|127\.0\.0\.1):(50030|50070|50060|50075)
1474 |
1475 | # Comma-separated list of regular expressions,
1476 | # which match any prefix of 'host:port/path' of requested proxy target.
1477 | # This does not support matching GET parameters.
1478 | ## blacklist=
1479 |
1480 |
1481 | ###########################################################################
1482 | # Settings to configure HBase Browser
1483 | ###########################################################################
1484 |
1485 | [hbase]
1486 | # Comma-separated list of HBase Thrift servers for clusters in the format of '(name|host:port)'.
1487 | # Use full hostname. If hbase.thrift.ssl.enabled in hbase-site is set to true, https will be used otherwise it will use http
1488 | # If using Kerberos we assume GSSAPI SASL, not PLAIN.
1489 | ## hbase_clusters=(Cluster|localhost:9090)
1490 |
1491 | # HBase configuration directory, where hbase-site.xml is located.
1492 | ## hbase_conf_dir=/etc/hbase/conf
1493 |
1494 | # Hard limit of rows or columns per row fetched before truncating.
1495 | ## truncate_limit = 500
1496 |
1497 | # Should come from hbase-site.xml, do not set. 'framed' is used to chunk up responses, used with the nonblocking server in Thrift but is not supported in Hue.
1498 | # 'buffered' used to be the default of the HBase Thrift Server. Default is buffered when not set in hbase-site.xml.
1499 | ## thrift_transport=buffered
1500 |
1501 | # Choose whether Hue should validate certificates received from the server.
1502 | ## ssl_cert_ca_verify=true
1503 |
1504 |
1505 | ###########################################################################
1506 | # Settings to configure Solr Search
1507 | ###########################################################################
1508 |
1509 | [search]
1510 |
1511 | # URL of the Solr Server
1512 | ## solr_url=http://localhost:8983/solr/
1513 |
1514 | # Requires FQDN in solr_url if enabled
1515 | ## security_enabled=false
1516 |
1517 | ## Query sent when no term is entered
1518 | ## empty_query=*:*
1519 |
1520 |
1521 | ###########################################################################
1522 | # Settings to configure Solr API lib
1523 | ###########################################################################
1524 |
1525 | [libsolr]
1526 |
1527 | # Choose whether Hue should validate certificates received from the server.
1528 | ## ssl_cert_ca_verify=true
1529 |
1530 | # Default path to Solr in ZooKeeper.
1531 | ## solr_zk_path=/solr
1532 |
1533 |
1534 | ###########################################################################
1535 | # Settings to configure the Data Import Wizard
1536 | ###########################################################################
1537 |
1538 | [indexer]
1539 |
1540 | # Filesystem directory containing Solr Morphline indexing libs.
1541 | ## config_indexer_libs_path=/tmp/smart_indexer_lib
1542 |
1543 | # Filesystem directory containing JDBC libs.
1544 | ## config_jdbc_libs_path=/user/oozie/libext/jdbc_drivers
1545 |
1546 | # Filesystem directory containing jar libs.
1547 | ## config_jars_libs_path=/user/oozie/libext/libs
1548 |
1549 | # Flag to turn on the Solr Morphline indexer.
1550 | ## enable_scalable_indexer=true
1551 |
1552 | # Flag to turn on Sqoop ingest.
1553 | ## enable_sqoop=true
1554 |
1555 | # Flag to turn on Kafka topic ingest.
1556 | ## enable_kafka=false
1557 |
1558 |
1559 | ###########################################################################
1560 | # Settings to configure Job Designer
1561 | ###########################################################################
1562 |
1563 | [jobsub]
1564 |
1565 | # Location on local FS where examples and template are stored.
1566 | ## local_data_dir=..../data
1567 |
1568 | # Location on local FS where sample data is stored
1569 | ## sample_data_dir=...thirdparty/sample_data
1570 |
1571 |
1572 | ###########################################################################
1573 | # Settings to configure Job Browser.
1574 | ###########################################################################
1575 |
1576 | [jobbrowser]
1577 | # Share submitted jobs information with all users. If set to false,
1578 | # submitted jobs are visible only to the owner and administrators.
1579 | ## share_jobs=true
1580 |
1581 | # Whether to disalbe the job kill button for all users in the jobbrowser
1582 | ## disable_killing_jobs=false
1583 |
1584 | # Offset in bytes where a negative offset will fetch the last N bytes for the given log file (default 1MB).
1585 | ## log_offset=-1000000
1586 |
1587 | # Maximum number of jobs to fetch and display when pagination is not supported for the type.
1588 | ## max_job_fetch=500
1589 |
1590 | # Show the version 2 of app which unifies all the past browsers into one.
1591 | ## enable_v2=true
1592 |
1593 | # Show the Impala query section for listing and showing more troubleshooting information.
1594 | ## enable_query_browser=true
1595 |
1596 | # Show the Hive query section for listing and showing more troubleshooting information.
1597 | ## enable_hive_query_browser=false
1598 |
1599 |
1600 | ###########################################################################
1601 | # Settings to configure Sentry / Security App.
1602 | ###########################################################################
1603 |
1604 | [security]
1605 |
1606 | # Use Sentry API V1 for Hive.
1607 | ## hive_v1=true
1608 |
1609 | # Use Sentry API V2 for Hive.
1610 | ## hive_v2=false
1611 |
1612 | # Use Sentry API V2 for Solr.
1613 | ## solr_v2=true
1614 |
1615 |
1616 | ###########################################################################
1617 | # Settings to configure the Zookeeper application.
1618 | ###########################################################################
1619 |
1620 | [zookeeper]
1621 |
1622 | [[clusters]]
1623 |
1624 | [[[default]]]
1625 | # Zookeeper ensemble. Comma separated list of Host/Port.
1626 | # e.g. localhost:2181,localhost:2182,localhost:2183
1627 | ## host_ports=localhost:2181
1628 |
1629 | # The URL of the REST contrib service (required for znode browsing).
1630 | ## rest_url=http://localhost:9998
1631 |
1632 | # Name of Kerberos principal when using security.
1633 | ## principal_name=zookeeper
1634 |
1635 |
1636 | ###########################################################################
1637 | # Settings for the User Admin application
1638 | ###########################################################################
1639 |
1640 | [useradmin]
1641 | # Default home directory permissions
1642 | ## home_dir_permissions=0755
1643 |
1644 | # The name of the default user group that users will be a member of
1645 | ## default_user_group=default
1646 |
1647 | [[password_policy]]
1648 | # Set password policy to all users. The default policy requires password to be at least 8 characters long,
1649 | # and contain both uppercase and lowercase letters, numbers, and special characters.
1650 |
1651 | ## is_enabled=false
1652 | ## pwd_regex="^(?=.*?[A-Z])(?=(.*[a-z]){1,})(?=(.*[\d]){1,})(?=(.*[\W_]){1,}).{8,}$"
1653 | ## pwd_hint="The password must be at least 8 characters long, and must contain both uppercase and lowercase letters, at least one number, and at least one special character."
1654 | ## pwd_error_message="The password must be at least 8 characters long, and must contain both uppercase and lowercase letters, at least one number, and at least one special character."
1655 |
1656 |
1657 | ###########################################################################
1658 | # Settings to configure liboozie
1659 | ###########################################################################
1660 |
1661 | [liboozie]
1662 | # The URL where the Oozie service runs on. This is required in order for
1663 | # users to submit jobs. Empty value disables the config check.
1664 | ## oozie_url=http://localhost:11000/oozie
1665 |
1666 | # Requires FQDN in oozie_url if enabled
1667 | ## security_enabled=false
1668 |
1669 | # Location on HDFS where the workflows/coordinator are deployed when submitted.
1670 | ## remote_deployement_dir=/user/hue/oozie/deployments
1671 |
1672 |
1673 | ###########################################################################
1674 | # Settings for the AWS lib
1675 | ###########################################################################
1676 |
1677 | [aws]
1678 | [[aws_accounts]]
1679 | # Default AWS account
1680 | ## [[[default]]]
1681 | # AWS credentials
1682 | ## access_key_id=
1683 | ## secret_access_key=
1684 | ## security_token=
1685 |
1686 | # Execute this script to produce the AWS access key ID.
1687 | ## access_key_id_script=/path/access_key_id.sh
1688 |
1689 | # Execute this script to produce the AWS secret access key.
1690 | ## secret_access_key_script=/path/secret_access_key.sh
1691 |
1692 | # Allow to use either environment variables or
1693 | # EC2 InstanceProfile to retrieve AWS credentials.
1694 | ## allow_environment_credentials=yes
1695 |
1696 | # AWS region to use, if no region is specified, will attempt to connect to standard s3.amazonaws.com endpoint
1697 | ## region=us-east-1
1698 |
1699 | # Endpoint overrides
1700 | ## host=
1701 |
1702 | # Proxy address and port
1703 | ## proxy_address=
1704 | ## proxy_port=8080
1705 | ## proxy_user=
1706 | ## proxy_pass=
1707 |
1708 | # Secure connections are the default, but this can be explicitly overridden:
1709 | ## is_secure=true
1710 |
1711 | # The default calling format uses https://.s3.amazonaws.com but
1712 | # this may not make sense if DNS is not configured in this way for custom endpoints.
1713 | # e.g. Use boto.s3.connection.OrdinaryCallingFormat for https://s3.amazonaws.com/
1714 | ## calling_format=boto.s3.connection.OrdinaryCallingFormat
1715 |
1716 | # The time in seconds before a delegate key is expired. Used when filebrowser/redirect_download is used. Default to 4 Hours.
1717 | ## key_expiry=14400
1718 |
1719 | ###########################################################################
1720 | # Settings for the Azure lib
1721 | ###########################################################################
1722 | [azure]
1723 | [[azure_accounts]]
1724 | # Default Azure account
1725 | [[[default]]]
1726 | # Azure credentials
1727 | ## client_id=
1728 | # Execute this script to produce the ADLS client id.
1729 | ## client_id_script=/path/client_id.sh
1730 | ## client_secret=
1731 | # Execute this script to produce the ADLS client secret.
1732 | ## client_secret_script=/path/client_secret.sh
1733 | ## tenant_id=
1734 | # Execute this script to produce the ADLS tenant id.
1735 | ## tenant_id_script=/path/tenant_id.sh
1736 |
1737 | [[adls_clusters]]
1738 | # Default ADLS cluster
1739 | [[[default]]]
1740 | ## fs_defaultfs=adl://.azuredatalakestore.net
1741 | ## webhdfs_url=https://.azuredatalakestore.net/webhdfs/v1
1742 |
1743 | [[abfs_clusters]]
1744 | # Default ABFS cluster
1745 | [[[default]]]
1746 | ## fs_defaultfs=abfss://@.dfs.core.windows.net
1747 | ## webhdfs_url=https://@.dfs.core.windows.net
1748 |
1749 | ###########################################################################
1750 | # Settings for the Sentry lib
1751 | ###########################################################################
1752 |
1753 | [libsentry]
1754 | # Hostname or IP of server.
1755 | ## hostname=localhost
1756 |
1757 | # Port the sentry service is running on.
1758 | ## port=8038
1759 |
1760 | # Sentry configuration directory, where sentry-site.xml is located.
1761 | ## sentry_conf_dir=/etc/sentry/conf
1762 |
1763 | # Number of seconds when the privilege list of a user is cached.
1764 | ## privilege_checker_caching=300
1765 |
1766 |
1767 | ###########################################################################
1768 | # Settings to configure the ZooKeeper Lib
1769 | ###########################################################################
1770 |
1771 | [libzookeeper]
1772 | # ZooKeeper ensemble. Comma separated list of Host/Port.
1773 | # e.g. localhost:2181,localhost:2182,localhost:2183
1774 | ## ensemble=localhost:2181
1775 |
1776 | # Name of Kerberos principal when using security.
1777 | ## principal_name=zookeeper
1778 |
1779 |
1780 | ###########################################################################
1781 | # Settings for the RDBMS application
1782 | ###########################################################################
1783 |
1784 | [librdbms]
1785 | # The RDBMS app can have any number of databases configured in the databases
1786 | # section. A database is known by its section name
1787 | # (IE sqlite, mysql, psql, and oracle in the list below).
1788 |
1789 | [[databases]]
1790 | # sqlite configuration.
1791 | ## [[[sqlite]]]
1792 | # Name to show in the UI.
1793 | ## nice_name=SQLite
1794 |
1795 | # For SQLite, name defines the path to the database.
1796 | ## name=/tmp/sqlite.db
1797 |
1798 | # Database backend to use.
1799 | ## engine=sqlite
1800 |
1801 | # Database options to send to the server when connecting.
1802 | # https://docs.djangoproject.com/en/1.4/ref/databases/
1803 | ## options={}
1804 |
1805 | # mysql, oracle, or postgresql configuration.
1806 | ## [[[mysql]]]
1807 | # Name to show in the UI.
1808 | ## nice_name="My SQL DB"
1809 |
1810 | # For MySQL and PostgreSQL, name is the name of the database.
1811 | # For Oracle, Name is instance of the Oracle server. For express edition
1812 | # this is 'xe' by default.
1813 | ## name=mysqldb
1814 |
1815 | # Database backend to use. This can be:
1816 | # 1. mysql
1817 | # 2. postgresql
1818 | # 3. oracle
1819 | ## engine=mysql
1820 |
1821 | # IP or hostname of the database to connect to.
1822 | ## host=localhost
1823 |
1824 | # Port the database server is listening to. Defaults are:
1825 | # 1. MySQL: 3306
1826 | # 2. PostgreSQL: 5432
1827 | # 3. Oracle Express Edition: 1521
1828 | ## port=3306
1829 |
1830 | # Username to authenticate with when connecting to the database.
1831 | ## user=example
1832 |
1833 | # Password matching the username to authenticate with when
1834 | # connecting to the database.
1835 | ## password=example
1836 |
1837 | # Database options to send to the server when connecting.
1838 | # https://docs.djangoproject.com/en/1.4/ref/databases/
1839 | ## options={}
1840 |
1841 |
1842 | ###########################################################################
1843 | # Settings to configure SAML
1844 | ###########################################################################
1845 |
1846 | [libsaml]
1847 | # Xmlsec1 binary path. This program should be executable by the user running Hue.
1848 | ## xmlsec_binary=/usr/local/bin/xmlsec1
1849 |
1850 | # Entity ID for Hue acting as service provider.
1851 | # Can also accept a pattern where '' will be replaced with server URL base.
1852 | ## entity_id="/saml2/metadata/"
1853 |
1854 | # Create users from SSO on login.
1855 | ## create_users_on_login=true
1856 |
1857 | # Required attributes to ask for from IdP.
1858 | # This requires a comma separated list.
1859 | ## required_attributes=uid
1860 |
1861 | # Optional attributes to ask for from IdP.
1862 | # This requires a comma separated list.
1863 | ## optional_attributes=
1864 |
1865 | # IdP metadata in the form of a file. This is generally an XML file containing metadata that the Identity Provider generates.
1866 | ## metadata_file=
1867 |
1868 | # Private key to encrypt metadata with.
1869 | ## key_file=
1870 |
1871 | # Signed certificate to send along with encrypted metadata.
1872 | ## cert_file=
1873 |
1874 | # Path to a file containing the password private key.
1875 | ## key_file_password=/path/key
1876 |
1877 | # Execute this script to produce the private key password. This will be used when 'key_file_password' is not set.
1878 | ## key_file_password_script=/path/pwd.sh
1879 |
1880 | # A mapping from attributes in the response from the IdP to django user attributes.
1881 | ## user_attribute_mapping={'uid': ('username', )}
1882 |
1883 | # Have Hue initiated authn requests be signed and provide a certificate.
1884 | ## authn_requests_signed=false
1885 |
1886 | # Have Hue initiated authn response be signed.
1887 | ## want_response_signed=false
1888 |
1889 | # Have Hue initiated authn assertions response be signed.
1890 | ## want_assertions_signed=false
1891 |
1892 | # Have Hue initiated logout requests be signed and provide a certificate.
1893 | ## logout_requests_signed=false
1894 |
1895 | # Username can be sourced from 'attributes' or 'nameid'.
1896 | ## username_source=attributes
1897 |
1898 | # Performs the logout or not.
1899 | ## logout_enabled=true
1900 |
1901 |
1902 | ###########################################################################
1903 | # Settings to configure OAuth
1904 | ###########################################################################
1905 |
1906 | [liboauth]
1907 | # NOTE:
1908 | # To work, each of the active (i.e. uncommented) service must have
1909 | # applications created on the social network.
1910 | # Then the "consumer key" and "consumer secret" must be provided here.
1911 | #
1912 | # The addresses where to do so are:
1913 | # Twitter: https://dev.twitter.com/apps
1914 | # Google+ : https://cloud.google.com/
1915 | # Facebook: https://developers.facebook.com/apps
1916 | # Linkedin: https://www.linkedin.com/secure/developer
1917 | #
1918 | # Additionnaly, the following must be set in the application settings:
1919 | # Twitter: Callback URL (aka Redirect URL) must be set to http://YOUR_HUE_IP_OR_DOMAIN_NAME/oauth/social_login/oauth_authenticated
1920 | # Google+ : CONSENT SCREEN must have email address
1921 | # Facebook: Sandbox Mode must be DISABLED
1922 | # Linkedin: "In OAuth User Agreement", r_emailaddress is REQUIRED
1923 |
1924 | # The Consumer key of the application
1925 | ## consumer_key_twitter=
1926 | ## consumer_key_google=
1927 | ## consumer_key_facebook=
1928 | ## consumer_key_linkedin=
1929 |
1930 | # The Consumer secret of the application
1931 | ## consumer_secret_twitter=
1932 | ## consumer_secret_google=
1933 | ## consumer_secret_facebook=
1934 | ## consumer_secret_linkedin=
1935 |
1936 | # The Request token URL
1937 | ## request_token_url_twitter=https://api.twitter.com/oauth/request_token
1938 | ## request_token_url_google=https://accounts.google.com/o/oauth2/auth
1939 | ## request_token_url_linkedin=https://www.linkedin.com/uas/oauth2/authorization
1940 | ## request_token_url_facebook=https://graph.facebook.com/oauth/authorize
1941 |
1942 | # The Access token URL
1943 | ## access_token_url_twitter=https://api.twitter.com/oauth/access_token
1944 | ## access_token_url_google=https://accounts.google.com/o/oauth2/token
1945 | ## access_token_url_facebook=https://graph.facebook.com/oauth/access_token
1946 | ## access_token_url_linkedin=https://api.linkedin.com/uas/oauth2/accessToken
1947 |
1948 | # The Authenticate URL
1949 | ## authenticate_url_twitter=https://api.twitter.com/oauth/authorize
1950 | ## authenticate_url_google=https://www.googleapis.com/oauth2/v1/userinfo?access_token=
1951 | ## authenticate_url_facebook=https://graph.facebook.com/me?access_token=
1952 | ## authenticate_url_linkedin=https://api.linkedin.com/v1/people/~:(email-address)?format=json&oauth2_access_token=
1953 |
1954 | # Username Map. Json Hash format.
1955 | # Replaces username parts in order to simplify usernames obtained
1956 | # Example: {"@sub1.domain.com":"_S1", "@sub2.domain.com":"_S2"}
1957 | # converts 'email@sub1.domain.com' to 'email_S1'
1958 | ## username_map={}
1959 |
1960 | # Whitelisted domains (only applies to Google OAuth). CSV format.
1961 | ## whitelisted_domains_google=
1962 |
1963 |
1964 | ###########################################################################
1965 | # Settings to configure Kafka
1966 | ###########################################################################
1967 |
1968 | [kafka]
1969 |
1970 | [[kafka]]
1971 | # Enable the Kafka integration.
1972 | ## is_enabled=false
1973 |
1974 | # Base URL of Kafka Ksql API.
1975 | ## ksql_api_url=http://127.0.0.1:8088
1976 |
1977 |
1978 | ###########################################################################
1979 | # Settings to configure Metadata
1980 | ###########################################################################
1981 |
1982 | [metadata]
1983 |
1984 | [[manager]]
1985 | # Cloudera Manager API URL (without version suffix).
1986 | ## api_url=http://localhost:7180/api
1987 |
1988 | [[optimizer]]
1989 | # Type of Optimizer connector to query, e.g. optimizer, dummy
1990 | # interface=optimizer
1991 |
1992 | # Hostname to Optimizer API or compatible service.
1993 | ## hostname=navoptapi.us-west-1.optimizer.altus.cloudera.com
1994 |
1995 | # The name of the key of the service.
1996 | ## auth_key_id=e0819f3a-1e6f-4904-be69-5b704bacd1245
1997 |
1998 | # The private part of the key associated with the auth_key.
1999 | ## auth_key_secret='-----BEGIN PRIVATE KEY....'
2000 |
2001 | # Execute this script to produce the auth_key secret. This will be used when `auth_key_secret` is not set.
2002 | ## auth_key_secret_script=/path/to/script.sh
2003 |
2004 | # The name of the workload where queries are uploaded and optimizations are calculated from. Automatically guessed from auth_key and cluster_id if not specified.
2005 | ## tenant_id=
2006 |
2007 | # Perform Sentry privilege filtering.
2008 | # Default to true automatically if the cluster is secure.
2009 | ## apply_sentry_permissions=False
2010 |
2011 | # Cache timeout in milliseconds for the Optimizer metadata used in assist, autocomplete, etc.
2012 | # Defaults to 10 days, set to 0 to disable caching.
2013 | ## cacheable_ttl=864000000
2014 |
2015 | # Automatically upload queries after their execution in order to improve recommendations.
2016 | ## auto_upload_queries=true
2017 |
2018 | # Automatically upload queried tables DDL in order to improve recommendations.
2019 | ## auto_upload_ddl=true
2020 |
2021 | # Automatically upload queried tables and columns stats in order to improve recommendations.
2022 | ## auto_upload_stats=false
2023 |
2024 | # Allow admins to upload the last N executed queries in the quick start wizard. Use 0 to disable.
2025 | ## query_history_upload_limit=10000
2026 |
2027 | [[catalog]]
2028 | # The type of Catalog: Apache Atlas, Cloudera Navigator...
2029 | ## interface=atlas
2030 | # Catalog API URL (without version suffix).
2031 | ## api_url=http://localhost:21000/atlas/v2
2032 |
2033 | # Username of the CM user used for authentication.
2034 | ## server_user=hue
2035 | # Password of the user used for authentication.
2036 | ## server_password=
2037 |
2038 | # Limits found entities to a specific cluster. When empty the entities from all clusters will be included in the
2039 | # search results.
2040 | ## search_cluster=
2041 |
2042 | # Set to true when authenticating via kerberos instead of username/password
2043 | ## kerberos_enabled=core_site.is_kerberos_enabled()
2044 |
2045 | # Directory of the configurations.
2046 | ## conf_dir=HUE_CONF_DIR/hive-conf
2047 |
2048 | # Deprecated by [[catalog]]
2049 | [[navigator]]
2050 | # Navigator API URL (without version suffix).
2051 | ## api_url=http://localhost:7187/api
2052 |
2053 | # Which authentication to use: CM or external via LDAP or SAML.
2054 | ## navmetadataserver_auth_type=CMDB
2055 |
2056 | # Username of the CM user used for authentication.
2057 | ## navmetadataserver_cmdb_user=hue
2058 | # CM password of the user used for authentication.
2059 | ## navmetadataserver_cmdb_password=
2060 | # Execute this script to produce the CM password. This will be used when the plain password is not set.
2061 | # navmetadataserver_cmdb_password_script=
2062 |
2063 | # Username of the LDAP user used for authentication.
2064 | ## navmetadataserver_ldap_user=hue
2065 | # LDAP password of the user used for authentication.
2066 | ## navmetadataserver_ldap_ppassword=
2067 | # Execute this script to produce the LDAP password. This will be used when the plain password is not set.
2068 | ## navmetadataserver_ldap_password_script=
2069 |
2070 | # Username of the SAML user used for authentication.
2071 | ## navmetadataserver_saml_user=hue
2072 | ## SAML password of the user used for authentication.
2073 | # navmetadataserver_saml_password=
2074 | # Execute this script to produce the SAML password. This will be used when the plain password is not set.
2075 | ## navmetadataserver_saml_password_script=
2076 |
2077 | # Perform Sentry privilege filtering.
2078 | # Default to true automatically if the cluster is secure.
2079 | ## apply_sentry_permissions=False
2080 |
2081 | # Max number of items to fetch in one call in object search.
2082 | ## fetch_size_search=450
2083 |
2084 | # Max number of items to fetch in one call in object search autocomplete.
2085 | ## fetch_size_search_interactive=450
2086 |
2087 | # If metadata search is enabled, also show the search box in the left assist.
2088 | ## enable_file_search=false
2089 |
2090 | [[prometheus]]
2091 | # Configuration options for Prometheus API.
2092 | ## api_url=http://localhost:9090/api
2093 |
--------------------------------------------------------------------------------