| # Licensed to the Apache Software Foundation (ASF) under one or more |
| # contributor license agreements. See the NOTICE file distributed with |
| # this work for additional information regarding copyright ownership. |
| # The ASF licenses this file to You under the Apache License, Version 2.0 |
| # (the "License"); you may not use this file except in compliance with |
| # the License. You may obtain a copy of the License at |
| # |
| # http://www.apache.org/licenses/LICENSE-2.0 |
| # |
| # Unless required by applicable law or agreed to in writing, software |
| # distributed under the License is distributed on an "AS IS" BASIS, |
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| # See the License for the specific language governing permissions and |
| # limitations under the License. |
| |
| # Core Properties # |
| nifi.flow.configuration.file=${nifi.flow.configuration.file} |
| nifi.flow.configuration.archive.enabled=${nifi.flow.configuration.archive.enabled} |
| nifi.flow.configuration.archive.dir=${nifi.flow.configuration.archive.dir} |
| nifi.flow.configuration.archive.max.time=${nifi.flow.configuration.archive.max.time} |
| nifi.flow.configuration.archive.max.storage=${nifi.flow.configuration.archive.max.storage} |
| nifi.flow.configuration.archive.max.count= |
| nifi.flowcontroller.autoResumeState=${nifi.flowcontroller.autoResumeState} |
| nifi.flowcontroller.graceful.shutdown.period=${nifi.flowcontroller.graceful.shutdown.period} |
| nifi.flowservice.writedelay.interval=${nifi.flowservice.writedelay.interval} |
| nifi.administrative.yield.duration=${nifi.administrative.yield.duration} |
| # If a component has no work to do (is "bored"), how long should we wait before checking again for work? |
| nifi.bored.yield.duration=${nifi.bored.yield.duration} |
| nifi.queue.backpressure.count=${nifi.queue.backpressure.count} |
| nifi.queue.backpressure.size=${nifi.queue.backpressure.size} |
| |
| nifi.authorizer.configuration.file=${nifi.authorizer.configuration.file} |
| nifi.login.identity.provider.configuration.file=${nifi.login.identity.provider.configuration.file} |
| nifi.templates.directory=${nifi.templates.directory} |
| nifi.ui.banner.text=${nifi.ui.banner.text} |
| nifi.ui.autorefresh.interval=${nifi.ui.autorefresh.interval} |
| nifi.nar.library.directory=${nifi.nar.library.directory} |
| nifi.nar.library.autoload.directory=${nifi.nar.library.autoload.directory} |
| nifi.nar.working.directory=${nifi.nar.working.directory} |
| nifi.documentation.working.directory=${nifi.documentation.working.directory} |
| |
| #################### |
| # State Management # |
| #################### |
| nifi.state.management.configuration.file=${nifi.state.management.configuration.file} |
| # The ID of the local state provider |
| nifi.state.management.provider.local=${nifi.state.management.provider.local} |
| # The ID of the cluster-wide state provider. This will be ignored if NiFi is not clustered but must be populated if running in a cluster. |
| nifi.state.management.provider.cluster=${nifi.state.management.provider.cluster} |
| # Specifies whether or not this instance of NiFi should run an embedded ZooKeeper server |
| nifi.state.management.embedded.zookeeper.start=${nifi.state.management.embedded.zookeeper.start} |
| # Properties file that provides the ZooKeeper properties to use if <nifi.state.management.embedded.zookeeper.start> is set to true |
| nifi.state.management.embedded.zookeeper.properties=${nifi.state.management.embedded.zookeeper.properties} |
| |
| # H2 Settings |
| nifi.database.directory=${nifi.database.directory} |
| nifi.h2.url.append=${nifi.h2.url.append} |
| |
| # Repository Encryption properties override individual repository implementation properties |
| nifi.repository.encryption.protocol.version= |
| nifi.repository.encryption.key.id= |
| nifi.repository.encryption.key.provider= |
| nifi.repository.encryption.key.provider.keystore.location= |
| nifi.repository.encryption.key.provider.keystore.password= |
| |
| # FlowFile Repository |
| nifi.flowfile.repository.implementation=${nifi.flowfile.repository.implementation} |
| nifi.flowfile.repository.wal.implementation=${nifi.flowfile.repository.wal.implementation} |
| nifi.flowfile.repository.directory=${nifi.flowfile.repository.directory} |
| nifi.flowfile.repository.checkpoint.interval=${nifi.flowfile.repository.checkpoint.interval} |
| nifi.flowfile.repository.always.sync=${nifi.flowfile.repository.always.sync} |
| nifi.flowfile.repository.retain.orphaned.flowfiles=${nifi.flowfile.repository.retain.orphaned.flowfiles} |
| |
| nifi.swap.manager.implementation=${nifi.swap.manager.implementation} |
| nifi.queue.swap.threshold=${nifi.queue.swap.threshold} |
| |
| # Content Repository |
| nifi.content.repository.implementation=${nifi.content.repository.implementation} |
| nifi.content.claim.max.appendable.size=${nifi.content.claim.max.appendable.size} |
| nifi.content.repository.directory.default=${nifi.content.repository.directory.default} |
| nifi.content.repository.archive.max.retention.period=${nifi.content.repository.archive.max.retention.period} |
| nifi.content.repository.archive.max.usage.percentage=${nifi.content.repository.archive.max.usage.percentage} |
| nifi.content.repository.archive.enabled=${nifi.content.repository.archive.enabled} |
| nifi.content.repository.always.sync=${nifi.content.repository.always.sync} |
| nifi.content.viewer.url=${nifi.content.viewer.url} |
| |
| # Provenance Repository Properties |
| nifi.provenance.repository.implementation=${nifi.provenance.repository.implementation} |
| |
| # Persistent Provenance Repository Properties |
| nifi.provenance.repository.directory.default=${nifi.provenance.repository.directory.default} |
| nifi.provenance.repository.max.storage.time=${nifi.provenance.repository.max.storage.time} |
| nifi.provenance.repository.max.storage.size=${nifi.provenance.repository.max.storage.size} |
| nifi.provenance.repository.rollover.time=${nifi.provenance.repository.rollover.time} |
| nifi.provenance.repository.rollover.size=${nifi.provenance.repository.rollover.size} |
| nifi.provenance.repository.query.threads=${nifi.provenance.repository.query.threads} |
| nifi.provenance.repository.index.threads=${nifi.provenance.repository.index.threads} |
| nifi.provenance.repository.compress.on.rollover=${nifi.provenance.repository.compress.on.rollover} |
| nifi.provenance.repository.always.sync=${nifi.provenance.repository.always.sync} |
| # Comma-separated list of fields. Fields that are not indexed will not be searchable. Valid fields are: |
| # EventType, FlowFileUUID, Filename, TransitURI, ProcessorID, AlternateIdentifierURI, Relationship, Details |
| nifi.provenance.repository.indexed.fields=${nifi.provenance.repository.indexed.fields} |
| # FlowFile Attributes that should be indexed and made searchable. Some examples to consider are filename, uuid, mime.type |
| nifi.provenance.repository.indexed.attributes=${nifi.provenance.repository.indexed.attributes} |
| # Large values for the shard size will result in more Java heap usage when searching the Provenance Repository |
| # but should provide better performance |
| nifi.provenance.repository.index.shard.size=${nifi.provenance.repository.index.shard.size} |
| # Indicates the maximum length that a FlowFile attribute can be when retrieving a Provenance Event from |
| # the repository. If the length of any attribute exceeds this value, it will be truncated when the event is retrieved. |
| nifi.provenance.repository.max.attribute.length=${nifi.provenance.repository.max.attribute.length} |
| nifi.provenance.repository.concurrent.merge.threads=${nifi.provenance.repository.concurrent.merge.threads} |
| |
| |
| # Volatile Provenance Respository Properties |
| nifi.provenance.repository.buffer.size=${nifi.provenance.repository.buffer.size} |
| |
| # Component and Node Status History Repository |
| nifi.components.status.repository.implementation=${nifi.components.status.repository.implementation} |
| |
| # Volatile Status History Repository Properties |
| nifi.components.status.repository.buffer.size=${nifi.components.status.repository.buffer.size} |
| nifi.components.status.snapshot.frequency=${nifi.components.status.snapshot.frequency} |
| |
| # QuestDB Status History Repository Properties |
| nifi.status.repository.questdb.persist.node.days=${nifi.status.repository.questdb.persist.node.days} |
| nifi.status.repository.questdb.persist.component.days=${nifi.status.repository.questdb.persist.component.days} |
| nifi.status.repository.questdb.persist.location=${nifi.status.repository.questdb.persist.location} |
| |
| # Site to Site properties |
| nifi.remote.input.host= |
| nifi.remote.input.secure=${nifi.remote.input.secure} |
| nifi.remote.input.socket.port= |
| nifi.remote.input.http.enabled=true |
| nifi.remote.input.http.transaction.ttl=30 sec |
| nifi.remote.contents.cache.expiration=30 secs |
| |
| # web properties # |
| ############################################# |
| |
| # For security, NiFi will present the UI on 127.0.0.1 and only be accessible through this loopback interface. |
| # Be aware that changing these properties may affect how your instance can be accessed without any restriction. |
| # We recommend configuring HTTPS instead. The administrators guide provides instructions on how to do this. |
| |
| nifi.web.http.host=${nifi.web.http.host} |
| nifi.web.http.port=${nifi.web.http.port} |
| nifi.web.http.network.interface.default=${nifi.web.http.network.interface.default} |
| |
| ############################################# |
| |
| nifi.web.https.host=${nifi.web.https.host} |
| nifi.web.https.port=${nifi.web.https.port} |
| nifi.web.https.network.interface.default=${nifi.web.https.network.interface.default} |
| nifi.web.jetty.working.directory=${nifi.jetty.work.dir} |
| nifi.web.jetty.threads=${nifi.web.jetty.threads} |
| nifi.web.max.header.size=${nifi.web.max.header.size} |
| nifi.web.proxy.context.path=${nifi.web.proxy.context.path} |
| nifi.web.proxy.host=${nifi.web.proxy.host} |
| nifi.web.max.content.size=${nifi.web.max.content.size} |
| nifi.web.max.requests.per.second=${nifi.web.max.requests.per.second} |
| nifi.web.max.access.token.requests.per.second=${nifi.web.max.access.token.requests.per.second} |
| nifi.web.request.timeout=${nifi.web.request.timeout} |
| nifi.web.request.ip.whitelist=${nifi.web.request.ip.whitelist} |
| nifi.web.should.send.server.version=${nifi.web.should.send.server.version} |
| |
| # Include or Exclude TLS Cipher Suites for HTTPS |
| nifi.web.https.ciphersuites.include= |
| nifi.web.https.ciphersuites.exclude= |
| |
| # security properties # |
| nifi.sensitive.props.key= |
| nifi.sensitive.props.key.protected=${nifi.sensitive.props.key.protected} |
| nifi.sensitive.props.algorithm=${nifi.sensitive.props.algorithm} |
| nifi.sensitive.props.additional.keys=${nifi.sensitive.props.additional.keys} |
| |
| nifi.security.autoreload.enabled=${nifi.security.autoreload.enabled} |
| nifi.security.autoreload.interval=${nifi.security.autoreload.interval} |
| nifi.security.keystore=${nifi.security.keystore} |
| nifi.security.keystoreType=${nifi.security.keystoreType} |
| nifi.security.keystorePasswd=${nifi.security.keystorePasswd} |
| nifi.security.keyPasswd=${nifi.security.keyPasswd} |
| nifi.security.truststore=${nifi.security.truststore} |
| nifi.security.truststoreType=${nifi.security.truststoreType} |
| nifi.security.truststorePasswd=${nifi.security.truststorePasswd} |
| nifi.security.user.authorizer=${nifi.security.user.authorizer} |
| nifi.security.allow.anonymous.authentication=${nifi.security.allow.anonymous.authentication} |
| nifi.security.user.login.identity.provider=${nifi.security.user.login.identity.provider} |
| nifi.security.user.jws.key.rotation.period=${nifi.security.user.jws.key.rotation.period} |
| nifi.security.ocsp.responder.url=${nifi.security.ocsp.responder.url} |
| nifi.security.ocsp.responder.certificate=${nifi.security.ocsp.responder.certificate} |
| |
| # OpenId Connect SSO Properties # |
| nifi.security.user.oidc.discovery.url=${nifi.security.user.oidc.discovery.url} |
| nifi.security.user.oidc.connect.timeout=${nifi.security.user.oidc.connect.timeout} |
| nifi.security.user.oidc.read.timeout=${nifi.security.user.oidc.read.timeout} |
| nifi.security.user.oidc.client.id=${nifi.security.user.oidc.client.id} |
| nifi.security.user.oidc.client.secret=${nifi.security.user.oidc.client.secret} |
| nifi.security.user.oidc.preferred.jwsalgorithm=${nifi.security.user.oidc.preferred.jwsalgorithm} |
| nifi.security.user.oidc.additional.scopes=${nifi.security.user.oidc.additional.scopes} |
| nifi.security.user.oidc.claim.identifying.user=${nifi.security.user.oidc.claim.identifying.user} |
| nifi.security.user.oidc.fallback.claims.identifying.user=${nifi.security.user.oidc.fallback.claims.identifying.user} |
| |
| # Apache Knox SSO Properties # |
| nifi.security.user.knox.url=${nifi.security.user.knox.url} |
| nifi.security.user.knox.publicKey=${nifi.security.user.knox.publicKey} |
| nifi.security.user.knox.cookieName=${nifi.security.user.knox.cookieName} |
| nifi.security.user.knox.audiences=${nifi.security.user.knox.audiences} |
| |
| # SAML Properties # |
| nifi.security.user.saml.idp.metadata.url=${nifi.security.user.saml.idp.metadata.url} |
| nifi.security.user.saml.sp.entity.id=${nifi.security.user.saml.sp.entity.id} |
| nifi.security.user.saml.identity.attribute.name=${nifi.security.user.saml.identity.attribute.name} |
| nifi.security.user.saml.group.attribute.name=${nifi.security.user.saml.group.attribute.name} |
| nifi.security.user.saml.metadata.signing.enabled=${nifi.security.user.saml.metadata.signing.enabled} |
| nifi.security.user.saml.request.signing.enabled=${nifi.security.user.saml.request.signing.enabled} |
| nifi.security.user.saml.want.assertions.signed=${nifi.security.user.saml.want.assertions.signed} |
| nifi.security.user.saml.signature.algorithm=${nifi.security.user.saml.signature.algorithm} |
| nifi.security.user.saml.signature.digest.algorithm=${nifi.security.user.saml.signature.digest.algorithm} |
| nifi.security.user.saml.message.logging.enabled=${nifi.security.user.saml.message.logging.enabled} |
| nifi.security.user.saml.authentication.expiration=${nifi.security.user.saml.authentication.expiration} |
| nifi.security.user.saml.single.logout.enabled=${nifi.security.user.saml.single.logout.enabled} |
| nifi.security.user.saml.http.client.truststore.strategy=${nifi.security.user.saml.http.client.truststore.strategy} |
| nifi.security.user.saml.http.client.connect.timeout=${nifi.security.user.saml.http.client.connect.timeout} |
| nifi.security.user.saml.http.client.read.timeout=${nifi.security.user.saml.http.client.read.timeout} |
| |
| # Identity Mapping Properties # |
| # These properties allow normalizing user identities such that identities coming from different identity providers |
| # (certificates, LDAP, Kerberos) can be treated the same internally in NiFi. The following example demonstrates normalizing |
| # DNs from certificates and principals from Kerberos into a common identity string: |
| # |
| # nifi.security.identity.mapping.pattern.dn=^CN=(.*?), OU=(.*?), O=(.*?), L=(.*?), ST=(.*?), C=(.*?)$ |
| # nifi.security.identity.mapping.value.dn=$1@$2 |
| # nifi.security.identity.mapping.transform.dn=NONE |
| # nifi.security.identity.mapping.pattern.kerb=^(.*?)/instance@(.*?)$ |
| # nifi.security.identity.mapping.value.kerb=$1@$2 |
| # nifi.security.identity.mapping.transform.kerb=UPPER |
| |
| # Group Mapping Properties # |
| # These properties allow normalizing group names coming from external sources like LDAP. The following example |
| # lowercases any group name. |
| # |
| # nifi.security.group.mapping.pattern.anygroup=^(.*)$ |
| # nifi.security.group.mapping.value.anygroup=$1 |
| # nifi.security.group.mapping.transform.anygroup=LOWER |
| |
| # cluster common properties (all nodes must have same values) # |
| nifi.cluster.protocol.heartbeat.interval=${nifi.cluster.protocol.heartbeat.interval} |
| nifi.cluster.protocol.heartbeat.missable.max=${nifi.cluster.protocol.heartbeat.missable.max} |
| nifi.cluster.protocol.is.secure=${nifi.cluster.protocol.is.secure} |
| |
| # cluster node properties (only configure for cluster nodes) # |
| nifi.cluster.is.node=${nifi.cluster.is.node} |
| nifi.cluster.node.address=${nifi.cluster.node.address} |
| nifi.cluster.node.protocol.port=${nifi.cluster.node.protocol.port} |
| nifi.cluster.node.protocol.max.threads=${nifi.cluster.node.protocol.max.threads} |
| nifi.cluster.node.event.history.size=${nifi.cluster.node.event.history.size} |
| nifi.cluster.node.connection.timeout=${nifi.cluster.node.connection.timeout} |
| nifi.cluster.node.read.timeout=${nifi.cluster.node.read.timeout} |
| nifi.cluster.node.max.concurrent.requests=${nifi.cluster.node.max.concurrent.requests} |
| nifi.cluster.firewall.file=${nifi.cluster.firewall.file} |
| nifi.cluster.flow.election.max.wait.time=${nifi.cluster.flow.election.max.wait.time} |
| nifi.cluster.flow.election.max.candidates=${nifi.cluster.flow.election.max.candidates} |
| |
| # cluster load balancing properties # |
| nifi.cluster.load.balance.host=${nifi.cluster.load.balance.host} |
| nifi.cluster.load.balance.port=${nifi.cluster.load.balance.port} |
| nifi.cluster.load.balance.connections.per.node=${nifi.cluster.load.balance.connections.per.node} |
| nifi.cluster.load.balance.max.thread.count=${nifi.cluster.load.balance.max.thread.count} |
| nifi.cluster.load.balance.comms.timeout=${nifi.cluster.load.balance.comms.timeout} |
| |
| # zookeeper properties, used for cluster management # |
| nifi.zookeeper.connect.string=${nifi.zookeeper.connect.string} |
| nifi.zookeeper.connect.timeout=${nifi.zookeeper.connect.timeout} |
| nifi.zookeeper.session.timeout=${nifi.zookeeper.session.timeout} |
| nifi.zookeeper.root.node=${nifi.zookeeper.root.node} |
| nifi.zookeeper.client.secure=${nifi.zookeeper.client.secure} |
| nifi.zookeeper.security.keystore=${nifi.zookeeper.security.keystore} |
| nifi.zookeeper.security.keystoreType=${nifi.zookeeper.security.keystoreType} |
| nifi.zookeeper.security.keystorePasswd=${nifi.zookeeper.security.keystorePasswd} |
| nifi.zookeeper.security.truststore=${nifi.zookeeper.security.truststore} |
| nifi.zookeeper.security.truststoreType=${nifi.zookeeper.security.truststoreType} |
| nifi.zookeeper.security.truststorePasswd=${nifi.zookeeper.security.truststorePasswd} |
| nifi.zookeeper.jute.maxbuffer=${nifi.zookeeper.jute.maxbuffer} |
| |
| # Zookeeper properties for the authentication scheme used when creating acls on znodes used for cluster management |
| # Values supported for nifi.zookeeper.auth.type are "default", which will apply world/anyone rights on znodes |
| # and "sasl" which will give rights to the sasl/kerberos identity used to authenticate the nifi node |
| # The identity is determined using the value in nifi.kerberos.service.principal and the removeHostFromPrincipal |
| # and removeRealmFromPrincipal values (which should align with the kerberos.removeHostFromPrincipal and kerberos.removeRealmFromPrincipal |
| # values configured on the zookeeper server). |
| nifi.zookeeper.auth.type=${nifi.zookeeper.auth.type} |
| nifi.zookeeper.kerberos.removeHostFromPrincipal=${nifi.zookeeper.kerberos.removeHostFromPrincipal} |
| nifi.zookeeper.kerberos.removeRealmFromPrincipal=${nifi.zookeeper.kerberos.removeRealmFromPrincipal} |
| |
| # kerberos # |
| nifi.kerberos.krb5.file=${nifi.kerberos.krb5.file} |
| |
| # kerberos service principal # |
| nifi.kerberos.service.principal=${nifi.kerberos.service.principal} |
| nifi.kerberos.service.keytab.location=${nifi.kerberos.service.keytab.location} |
| |
| # kerberos spnego principal # |
| nifi.kerberos.spnego.principal=${nifi.kerberos.spnego.principal} |
| nifi.kerberos.spnego.keytab.location=${nifi.kerberos.spnego.keytab.location} |
| nifi.kerberos.spnego.authentication.expiration=${nifi.kerberos.spnego.authentication.expiration} |
| |
| # external properties files for variable registry |
| # supports a comma delimited list of file locations |
| nifi.variable.registry.properties= |
| |
| # analytics properties # |
| nifi.analytics.predict.enabled=${nifi.analytics.predict.enabled} |
| nifi.analytics.predict.interval=${nifi.analytics.predict.interval} |
| nifi.analytics.query.interval=${nifi.analytics.query.interval} |
| nifi.analytics.connection.model.implementation=${nifi.analytics.connection.model.implementation} |
| nifi.analytics.connection.model.score.name=${nifi.analytics.connection.model.score.name} |
| nifi.analytics.connection.model.score.threshold=${nifi.analytics.connection.model.score.threshold} |
| |
| # runtime monitoring properties |
| nifi.monitor.long.running.task.schedule= |
| nifi.monitor.long.running.task.threshold= |
| |
| # Create automatic diagnostics when stopping/restarting NiFi. |
| |
| # Enable automatic diagnostic at shutdown. |
| nifi.diagnostics.on.shutdown.enabled=false |
| |
| # Include verbose diagnostic information. |
| nifi.diagnostics.on.shutdown.verbose=false |
| |
| # The location of the diagnostics folder. |
| nifi.diagnostics.on.shutdown.directory=./diagnostics |
| |
| # The maximum number of files permitted in the directory. If the limit is exceeded, the oldest files are deleted. |
| nifi.diagnostics.on.shutdown.max.filecount=10 |
| |
| # The diagnostics folder's maximum permitted size in bytes. If the limit is exceeded, the oldest files are deleted. |
| nifi.diagnostics.on.shutdown.max.directory.size=10 MB |
| |
| |
| |