| # Licensed to the Apache Software Foundation (ASF) under one or more |
| # contributor license agreements. See the NOTICE file distributed with |
| # this work for additional information regarding copyright ownership. |
| # The ASF licenses this file to You under the Apache License, Version 2.0 |
| # (the "License"); you may not use this file except in compliance with |
| # the License. You may obtain a copy of the License at |
| # |
| # http://www.apache.org/licenses/LICENSE-2.0 |
| # |
| # Unless required by applicable law or agreed to in writing, software |
| # distributed under the License is distributed on an "AS IS" BASIS, |
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| # See the License for the specific language governing permissions and |
| # limitations under the License. |
| |
| # |
| # This file provides a list of the deployment variables for the Policy Manager Web Application |
| # |
| |
| #------------------------- DB CONFIG - BEGIN ---------------------------------- |
| # Uncomment the below if the DBA steps need to be run separately |
| #setup_mode=SeparateDBA |
| |
| PYTHON_COMMAND_INVOKER=python |
| |
| #DB_FLAVOR=MYSQL|ORACLE|POSTGRES|MSSQL|SQLA |
| DB_FLAVOR=MYSQL |
| # |
| |
| # |
| # Location of DB client library (please check the location of the jar file) |
| # |
| #SQL_CONNECTOR_JAR=/usr/share/java/ojdbc6.jar |
| #SQL_CONNECTOR_JAR=/usr/share/java/mysql-connector-java.jar |
| #SQL_CONNECTOR_JAR=/usr/share/java/postgresql.jar |
| #SQL_CONNECTOR_JAR=/usr/share/java/sqljdbc4.jar |
| #SQL_CONNECTOR_JAR=/opt/sqlanywhere17/java/sajdbc4.jar |
| SQL_CONNECTOR_JAR=/usr/share/java/mysql-connector-java.jar |
| |
| |
| # |
| # DB password for the DB admin user-id |
| # ************************************************************************** |
| # ** If the password is left empty or not-defined here, |
| # ** it will try with blank password during installation process |
| # ************************************************************************** |
| # |
| #db_root_user=root|SYS|postgres|sa|dba |
| #db_host=host:port # for DB_FLAVOR=MYSQL|POSTGRES|SQLA|MSSQL #for example: db_host=localhost:3306 |
| #db_host=host:port:SID # for DB_FLAVOR=ORACLE #for SID example: db_host=localhost:1521:ORCL |
| #db_host=host:port/ServiceName # for DB_FLAVOR=ORACLE #for Service example: db_host=localhost:1521/XE |
| db_root_user=root |
| db_root_password= |
| db_host=localhost |
| #SSL config |
| db_ssl_enabled=false |
| db_ssl_required=false |
| db_ssl_verifyServerCertificate=false |
| javax_net_ssl_keyStore=/etc/mysql/keystore |
| javax_net_ssl_keyStorePassword=secret |
| javax_net_ssl_trustStore=/etc/mysql/truststore |
| javax_net_ssl_trustStorePassword=secret |
| # |
| # DB UserId used for the Ranger schema |
| # |
| db_name=ranger |
| db_user=rangeradmin |
| db_password= |
| |
| #Source for Audit Store |
| #audit_store=solr|db |
| # * audit_store is solr |
| audit_store=solr |
| |
| # * audit_solr_url URL to Solr. E.g. http://<solr_host>:6083/solr/ranger_audits |
| audit_solr_urls= |
| audit_solr_user= |
| audit_solr_password= |
| audit_solr_zookeepers= |
| #audit_db_name= |
| #audit_db_user= |
| #audit_db_password= |
| |
| #------------------------- DB CONFIG - END ---------------------------------- |
| |
| # |
| # ------- PolicyManager CONFIG ---------------- |
| # |
| |
| policymgr_external_url=http://localhost:6080 |
| policymgr_http_enabled=true |
| |
| #Add Supported Components list below separated by semi-colon, default value is empty string to support all components |
| #Example : policymgr_supportedcomponents=hive,hbase,hdfs |
| policymgr_supportedcomponents= |
| |
| # |
| # ------- PolicyManager CONFIG - END --------------- |
| # |
| |
| |
| # |
| # ------- UNIX User CONFIG ---------------- |
| # |
| unix_user=ranger |
| unix_group=ranger |
| |
| # |
| # ------- UNIX User CONFIG - END ---------------- |
| # |
| # |
| |
| # |
| # UNIX authentication service for Policy Manager |
| # |
| # PolicyManager can authenticate using UNIX username/password |
| # The UNIX server specified here as authServiceHostName needs to be installed with ranger-unix-ugsync package. |
| # Once the service is installed on authServiceHostName, the UNIX username/password from the host <authServiceHostName> can be used to login into policy manager |
| # |
| # ** The installation of ranger-unix-ugsync package can be installed after the policymanager installation is finished. |
| # |
| #LDAP|ACTIVE_DIRECTORY|UNIX|NONE |
| authentication_method=NONE |
| remoteLoginEnabled=true |
| authServiceHostName=localhost |
| authServicePort=5151 |
| |
| ####LDAP settings - Required only if have selected LDAP authentication #### |
| # |
| # Sample Settings |
| # |
| #xa_ldap_url=ldap://127.0.0.1:389 |
| #xa_ldap_userDNpattern=uid={0},ou=users,dc=xasecure,dc=net |
| #xa_ldap_groupSearchBase=ou=groups,dc=xasecure,dc=net |
| #xa_ldap_groupSearchFilter=(member=uid={0},ou=users,dc=xasecure,dc=net) |
| #xa_ldap_groupRoleAttribute=cn |
| #xa_ldap_base_dn=dc=xasecure,dc=net |
| #xa_ldap_bind_dn=cn=admin,ou=users,dc=xasecure,dc=net |
| #xa_ldap_bind_password= |
| #xa_ldap_referral=follow|ignore |
| #xa_ldap_userSearchFilter=(uid={0}) |
| |
| xa_ldap_url= |
| xa_ldap_userDNpattern= |
| xa_ldap_groupSearchBase= |
| xa_ldap_groupSearchFilter= |
| xa_ldap_groupRoleAttribute= |
| xa_ldap_base_dn= |
| xa_ldap_bind_dn= |
| xa_ldap_bind_password= |
| xa_ldap_referral= |
| xa_ldap_userSearchFilter= |
| ####ACTIVE_DIRECTORY settings - Required only if have selected AD authentication #### |
| # |
| # Sample Settings |
| # |
| #xa_ldap_ad_domain=xasecure.net |
| #xa_ldap_ad_url=ldap://127.0.0.1:389 |
| #xa_ldap_ad_base_dn=dc=xasecure,dc=net |
| #xa_ldap_ad_bind_dn=cn=administrator,ou=users,dc=xasecure,dc=net |
| #xa_ldap_ad_bind_password= |
| #xa_ldap_ad_referral=follow|ignore |
| #xa_ldap_ad_userSearchFilter=(sAMAccountName={0}) |
| |
| xa_ldap_ad_domain= |
| xa_ldap_ad_url= |
| xa_ldap_ad_base_dn= |
| xa_ldap_ad_bind_dn= |
| xa_ldap_ad_bind_password= |
| xa_ldap_ad_referral= |
| xa_ldap_ad_userSearchFilter= |
| |
| #------------ Kerberos Config ----------------- |
| spnego_principal= |
| spnego_keytab= |
| token_valid=30 |
| cookie_domain= |
| cookie_path=/ |
| admin_principal= |
| admin_keytab= |
| lookup_principal= |
| lookup_keytab= |
| hadoop_conf=/etc/hadoop/conf |
| # |
| #-------- SSO CONFIG - Start ------------------ |
| # |
| sso_enabled=false |
| sso_providerurl=https://127.0.0.1:8443/gateway/knoxsso/api/v1/websso |
| sso_publickey= |
| |
| # |
| #-------- SSO CONFIG - END ------------------ |
| |
| # Custom log directory path |
| RANGER_ADMIN_LOG_DIR=$PWD |
| |
| # PID file path |
| RANGER_PID_DIR_PATH=/var/run/ranger |
| |
| # ################# DO NOT MODIFY ANY VARIABLES BELOW ######################### |
| # |
| # --- These deployment variables are not to be modified unless you understand the full impact of the changes |
| # |
| ################################################################################ |
| XAPOLICYMGR_DIR=$PWD |
| app_home=$PWD/ews/webapp |
| TMPFILE=$PWD/.fi_tmp |
| LOGFILE=$PWD/logfile |
| LOGFILES="$LOGFILE" |
| |
| JAVA_BIN='java' |
| JAVA_VERSION_REQUIRED='1.7' |
| JAVA_ORACLE='Java(TM) SE Runtime Environment' |
| |
| #mysql_create_user_file=${PWD}/db/mysql/create_dev_user.sql |
| mysql_core_file=db/mysql/xa_core_db.sql |
| mysql_audit_file=db/mysql/xa_audit_db.sql |
| #mysql_asset_file=${PWD}/db/mysql/reset_asset.sql |
| |
| #oracle_create_user_file=${PWD}/db/oracle/create_dev_user_oracle.sql |
| oracle_core_file=db/oracle/xa_core_db_oracle.sql |
| oracle_audit_file=db/oracle/xa_audit_db_oracle.sql |
| #oracle_asset_file=${PWD}/db/oracle/reset_asset_oracle.sql |
| # |
| postgres_core_file=db/postgres/xa_core_db_postgres.sql |
| postgres_audit_file=db/postgres/xa_audit_db_postgres.sql |
| sqlserver_core_file=db/sqlserver/xa_core_db_sqlserver.sql |
| sqlserver_audit_file=db/sqlserver/xa_audit_db_sqlserver.sql |
| # |
| sqlanywhere_core_file=db/sqlanywhere/xa_core_db_sqlanywhere.sql |
| sqlanywhere_audit_file=db/sqlanywhere/xa_audit_db_sqlanywhere.sql |
| cred_keystore_filename=$app_home/WEB-INF/classes/conf/.jceks/rangeradmin.jceks |