kms/scripts/install.properties - ranger - Git at Google

 # Licensed to the Apache Software Foundation (ASF) under one or more
 # contributor license agreements.  See the NOTICE file distributed with
 # this work for additional information regarding copyright ownership.
 # The ASF licenses this file to You under the Apache License, Version 2.0
 # (the "License"); you may not use this file except in compliance with
 # the License.  You may obtain a copy of the License at
 #
 #     http://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.

 #
 # This file provides list of deployment variables for the Ranger KMS Web Application
 #

 #------------------------- DB CONFIG - BEGIN ----------------------------------
 # Uncomment the below if the DBA steps need to be run separately
 #setup_mode=SeparateDBA

 PYTHON_COMMAND_INVOKER=python

 #DB_FLAVOR=MYSQL|ORACLE|POSTGRES|MSSQL|SQLA
 DB_FLAVOR=MYSQL

 #
 # Location of DB client library (please check the location of the jar file)
 #
 #SQL_CONNECTOR_JAR=/usr/share/java/ojdbc6.jar
 #SQL_CONNECTOR_JAR=/usr/share/java/mysql-connector-java.jar
 #SQL_CONNECTOR_JAR=/usr/share/java/postgresql.jar
 #SQL_CONNECTOR_JAR=/usr/share/java/sqljdbc4.jar
 #SQL_CONNECTOR_JAR=/opt/sqlanywhere17/java/sajdbc4.jar
 SQL_CONNECTOR_JAR=/usr/share/java/mysql-connector-java.jar


 #
 # DB password for the DB admin user-id
 # **************************************************************************
 # ** If the password is left empty or not-defined here,
 # ** it will be prompted to enter the password during installation process
 # **************************************************************************
 #
 #db_root_user=root|SYS|postgres|sa|dba
 #db_host=host:port              # for DB_FLAVOR=MYSQL|POSTGRES|SQLA|MSSQL       #for example: db_host=localhost:3306
 #db_host=host:port:SID          # for DB_FLAVOR=ORACLE                          #for SID example: db_host=localhost:1521:ORCL
 #db_host=host:port/ServiceName  # for DB_FLAVOR=ORACLE                          #for Service example: db_host=localhost:1521/XE
 #db_host=host:port:GL           # for DB_FLAVOR=ORACLE                          #for TNSNAME example: db_host=localhost:1521:GL
 db_root_user=root
 db_root_password=
 db_host=localhost

 #
 # DB UserId used for the Ranger KMS schema
 #
 db_name=rangerkms
 db_user=rangerkms
 db_password=

 #------------------------- DB CONFIG - END ----------------------------------

 #------------------------- RANGER KMS Master Key Crypt Key ------------------
 KMS_MASTER_KEY_PASSWD=Str0ngPassw0rd

 #
 # ------- UNIX User CONFIG ----------------
 #
 unix_user=kms
 unix_group=kms
 #
 # ------- UNIX User CONFIG  - END ----------------
 #

 #
 # -------
 #

 # Location of Policy Manager URL
 #
 # Example:
 # POLICY_MGR_URL=http://policymanager.xasecure.net:6080
 #
 POLICY_MGR_URL=

 #
 # This is the repository name created within policy manager
 #
 # Example:
 # REPOSITORY_NAME=kmsdev
 #
 REPOSITORY_NAME=kmsdev

 # AUDIT configuration with V3 properties

 #Should audit be summarized at source
 XAAUDIT.SUMMARY.ENABLE=false

 # Enable audit logs to Solr
 #Example
 #XAAUDIT.SOLR.ENABLE=true
 #XAAUDIT.SOLR.URL=http://localhost:6083/solr/ranger_audits
 #XAAUDIT.SOLR.ZOOKEEPER=
 #XAAUDIT.SOLR.FILE_SPOOL_DIR=/var/log/ranger/kms/audit/solr/spool

 XAAUDIT.SOLR.ENABLE=false
 XAAUDIT.SOLR.URL=NONE
 XAAUDIT.SOLR.USER=NONE
 XAAUDIT.SOLR.PASSWORD=NONE
 XAAUDIT.SOLR.ZOOKEEPER=NONE
 XAAUDIT.SOLR.FILE_SPOOL_DIR=/var/log/ranger/kms/audit/solr/spool

 # Enable audit logs to HDFS
 #Example
 #XAAUDIT.HDFS.ENABLE=true
 #XAAUDIT.HDFS.HDFS_DIR=hdfs://node-1.example.com:8020/ranger/audit
 #  If using Azure Blob Storage
 #XAAUDIT.HDFS.HDFS_DIR=wasb[s]://<containername>@<accountname>.blob.core.windows.net/<path>
 #XAAUDIT.HDFS.HDFS_DIR=wasb://ranger_audit_container@my-azure-account.blob.core.windows.net/ranger/audit
 #XAAUDIT.HDFS.FILE_SPOOL_DIR=/var/log/ranger/kms/audit/hdfs/spool

 XAAUDIT.HDFS.ENABLE=false
 XAAUDIT.HDFS.HDFS_DIR=hdfs://__REPLACE__NAME_NODE_HOST:8020/ranger/audit
 XAAUDIT.HDFS.FILE_SPOOL_DIR=/var/log/ranger/kms/audit/hdfs/spool

 # Following additional propertis are needed When auditing to Azure Blob Storage via HDFS
 # Get these values from your /etc/hadoop/conf/core-site.xml
 #XAAUDIT.HDFS.HDFS_DIR=wasb[s]://<containername>@<accountname>.blob.core.windows.net/<path>
 XAAUDIT.HDFS.AZURE_ACCOUNTNAME=__REPLACE_AZURE_ACCOUNT_NAME
 XAAUDIT.HDFS.AZURE_ACCOUNTKEY=__REPLACE_AZURE_ACCOUNT_KEY
 XAAUDIT.HDFS.AZURE_SHELL_KEY_PROVIDER=__REPLACE_AZURE_SHELL_KEY_PROVIDER
 XAAUDIT.HDFS.AZURE_ACCOUNTKEY_PROVIDER=__REPLACE_AZURE_ACCOUNT_KEY_PROVIDER

 # End of V3 properties


 #
 # AUDIT DB Configuration
 #
 #  This information should match with the one you specified during the PolicyManager Installation
 #
 # Example:
 # XAAUDIT.DB.IS_ENABLED=true
 # XAAUDIT.DB.FLAVOUR=MYSQL
 # XAAUDIT.DB.FLAVOUR=ORACLE
 # XAAUDIT.DB.HOSTNAME=localhost
 # XAAUDIT.DB.DATABASE_NAME=ranger_audit
 # XAAUDIT.DB.USER_NAME=rangerlogger
 # XAAUDIT.DB.PASSWORD=rangerlogger
 #
 XAAUDIT.DB.IS_ENABLED=true
 XAAUDIT.DB.FLAVOUR=MYSQL
 XAAUDIT.DB.HOSTNAME=
 XAAUDIT.DB.DATABASE_NAME=
 XAAUDIT.DB.USER_NAME=
 XAAUDIT.DB.PASSWORD=

 #
 #  Audit to HDFS Configuration
 #
 # If XAAUDIT.HDFS.IS_ENABLED is set to true, please replace tokens
 # that start with __REPLACE__ with appropriate values
 #  XAAUDIT.HDFS.IS_ENABLED=true
 #  XAAUDIT.HDFS.DESTINATION_DIRECTORY=hdfs://__REPLACE__NAME_NODE_HOST:8020/ranger/audit/%app-type%/%time:yyyyMMdd%
 #  XAAUDIT.HDFS.LOCAL_BUFFER_DIRECTORY=__REPLACE__LOG_DIR/kms/audit
 #  XAAUDIT.HDFS.LOCAL_ARCHIVE_DIRECTORY=__REPLACE__LOG_DIR/kms/audit/archive
 #
 #
 # Example:
 #  XAAUDIT.HDFS.IS_ENABLED=true
 #  XAAUDIT.HDFS.DESTINATION_DIRECTORY=hdfs://namenode.example.com:8020/ranger/audit/%app-type%/%time:yyyyMMdd%
 #  XAAUDIT.HDFS.LOCAL_BUFFER_DIRECTORY=/var/log/kms/audit
 #  XAAUDIT.HDFS.LOCAL_ARCHIVE_DIRECTORY=/var/log/kms/audit/archive
 #
 XAAUDIT.HDFS.IS_ENABLED=false
 XAAUDIT.HDFS.DESTINATION_DIRECTORY=hdfs://__REPLACE__NAME_NODE_HOST:8020/ranger/audit/%app-type%/%time:yyyyMMdd%
 XAAUDIT.HDFS.LOCAL_BUFFER_DIRECTORY=__REPLACE__LOG_DIR/kms/audit
 XAAUDIT.HDFS.LOCAL_ARCHIVE_DIRECTORY=__REPLACE__LOG_DIR/kms/audit/archive

 XAAUDIT.HDFS.DESTINTATION_FILE=%hostname%-audit.log
 XAAUDIT.HDFS.DESTINTATION_FLUSH_INTERVAL_SECONDS=900
 XAAUDIT.HDFS.DESTINTATION_ROLLOVER_INTERVAL_SECONDS=86400
 XAAUDIT.HDFS.DESTINTATION_OPEN_RETRY_INTERVAL_SECONDS=60
 XAAUDIT.HDFS.LOCAL_BUFFER_FILE=%time:yyyyMMdd-HHmm.ss%.log
 XAAUDIT.HDFS.LOCAL_BUFFER_FLUSH_INTERVAL_SECONDS=60
 XAAUDIT.HDFS.LOCAL_BUFFER_ROLLOVER_INTERVAL_SECONDS=600
 XAAUDIT.HDFS.LOCAL_ARCHIVE_MAX_FILE_COUNT=10

 #Solr Audit Provder
 XAAUDIT.SOLR.IS_ENABLED=false
 XAAUDIT.SOLR.MAX_QUEUE_SIZE=1
 XAAUDIT.SOLR.MAX_FLUSH_INTERVAL_MS=1000
 XAAUDIT.SOLR.SOLR_URL=http://localhost:6083/solr/ranger_audits

 #
 # SSL Client Certificate Information
 #
 # Example:
 # SSL_KEYSTORE_FILE_PATH=/etc/ranger/kms/conf/ranger-plugin-keystore.jks
 # SSL_KEYSTORE_PASSWORD=none
 # SSL_TRUSTSTORE_FILE_PATH=/etc/ranger/kms/conf/ranger-plugin-truststore.jks
 # SSL_TRUSTSTORE_PASSWORD=none
 #
 # You do not need use SSL between agent and security admin tool, please leave these sample value as it is.
 #
 SSL_KEYSTORE_FILE_PATH=/etc/ranger/kms/conf/ranger-plugin-keystore.jks
 SSL_KEYSTORE_PASSWORD=myKeyFilePassword
 SSL_TRUSTSTORE_FILE_PATH=/etc/ranger/kms/conf/ranger-plugin-truststore.jks
 SSL_TRUSTSTORE_PASSWORD=changeit

 # #################  DO NOT MODIFY ANY VARIABLES BELOW #########################
 #
 # --- These deployment variables are not to be modified unless you understand the full impact of the changes
 #
 ################################################################################

 KMS_DIR=$PWD
 app_home=$PWD/ews/webapp
 TMPFILE=$PWD/.fi_tmp
 LOGFILE=$PWD/logfile
 LOGFILES="$LOGFILE"

 JAVA_BIN='java'
 JAVA_VERSION_REQUIRED='1.7'
 JAVA_ORACLE='Java(TM) SE Runtime Environment'

 mysql_core_file=db/mysql/kms_core_db.sql

 oracle_core_file=db/oracle/kms_core_db_oracle.sql

 postgres_core_file=db/postgres/kms_core_db_postgres.sql

 sqlserver_core_file=db/sqlserver/kms_core_db_sqlserver.sql

 sqlanywhere_core_file=db/sqlanywhere/kms_core_db_sqlanywhere.sql
 cred_keystore_filename=$app_home/WEB-INF/classes/conf/.jceks/rangerkms.jceks

 KMS_BLACKLIST_DECRYPT_EEK=hdfs
	# Licensed to the Apache Software Foundation (ASF) under one or more
	# contributor license agreements. See the NOTICE file distributed with
	# this work for additional information regarding copyright ownership.
	# The ASF licenses this file to You under the Apache License, Version 2.0
	# (the "License"); you may not use this file except in compliance with
	# the License. You may obtain a copy of the License at
	#
	# http://www.apache.org/licenses/LICENSE-2.0
	#
	# Unless required by applicable law or agreed to in writing, software
	# distributed under the License is distributed on an "AS IS" BASIS,
	# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	# See the License for the specific language governing permissions and
	# limitations under the License.

	#
	# This file provides list of deployment variables for the Ranger KMS Web Application
	#

	#------------------------- DB CONFIG - BEGIN ----------------------------------
	# Uncomment the below if the DBA steps need to be run separately
	#setup_mode=SeparateDBA

	PYTHON_COMMAND_INVOKER=python

	#DB_FLAVOR=MYSQL\|ORACLE\|POSTGRES\|MSSQL\|SQLA
	DB_FLAVOR=MYSQL

	#
	# Location of DB client library (please check the location of the jar file)
	#
	#SQL_CONNECTOR_JAR=/usr/share/java/ojdbc6.jar
	#SQL_CONNECTOR_JAR=/usr/share/java/mysql-connector-java.jar
	#SQL_CONNECTOR_JAR=/usr/share/java/postgresql.jar
	#SQL_CONNECTOR_JAR=/usr/share/java/sqljdbc4.jar
	#SQL_CONNECTOR_JAR=/opt/sqlanywhere17/java/sajdbc4.jar
	SQL_CONNECTOR_JAR=/usr/share/java/mysql-connector-java.jar


	#
	# DB password for the DB admin user-id
	# **************************************************************************
	# ** If the password is left empty or not-defined here,
	# ** it will be prompted to enter the password during installation process
	# **************************************************************************
	#
	#db_root_user=root\|SYS\|postgres\|sa\|dba
	#db_host=host:port # for DB_FLAVOR=MYSQL\|POSTGRES\|SQLA\|MSSQL #for example: db_host=localhost:3306
	#db_host=host:port:SID # for DB_FLAVOR=ORACLE #for SID example: db_host=localhost:1521:ORCL
	#db_host=host:port/ServiceName # for DB_FLAVOR=ORACLE #for Service example: db_host=localhost:1521/XE
	#db_host=host:port:GL # for DB_FLAVOR=ORACLE #for TNSNAME example: db_host=localhost:1521:GL
	db_root_user=root
	db_root_password=
	db_host=localhost

	#
	# DB UserId used for the Ranger KMS schema
	#
	db_name=rangerkms
	db_user=rangerkms
	db_password=

	#------------------------- DB CONFIG - END ----------------------------------

	#------------------------- RANGER KMS Master Key Crypt Key ------------------
	KMS_MASTER_KEY_PASSWD=Str0ngPassw0rd

	#
	# ------- UNIX User CONFIG ----------------
	#
	unix_user=kms
	unix_group=kms
	#
	# ------- UNIX User CONFIG - END ----------------
	#

	#
	# -------
	#

	# Location of Policy Manager URL
	#
	# Example:
	# POLICY_MGR_URL=http://policymanager.xasecure.net:6080
	#
	POLICY_MGR_URL=

	#
	# This is the repository name created within policy manager
	#
	# Example:
	# REPOSITORY_NAME=kmsdev
	#
	REPOSITORY_NAME=kmsdev

	# AUDIT configuration with V3 properties

	#Should audit be summarized at source
	XAAUDIT.SUMMARY.ENABLE=false

	# Enable audit logs to Solr
	#Example
	#XAAUDIT.SOLR.ENABLE=true
	#XAAUDIT.SOLR.URL=http://localhost:6083/solr/ranger_audits
	#XAAUDIT.SOLR.ZOOKEEPER=
	#XAAUDIT.SOLR.FILE_SPOOL_DIR=/var/log/ranger/kms/audit/solr/spool

	XAAUDIT.SOLR.ENABLE=false
	XAAUDIT.SOLR.URL=NONE
	XAAUDIT.SOLR.USER=NONE
	XAAUDIT.SOLR.PASSWORD=NONE
	XAAUDIT.SOLR.ZOOKEEPER=NONE
	XAAUDIT.SOLR.FILE_SPOOL_DIR=/var/log/ranger/kms/audit/solr/spool

	# Enable audit logs to HDFS
	#Example
	#XAAUDIT.HDFS.ENABLE=true
	#XAAUDIT.HDFS.HDFS_DIR=hdfs://node-1.example.com:8020/ranger/audit
	# If using Azure Blob Storage
	#XAAUDIT.HDFS.HDFS_DIR=wasb[s]://<containername>@<accountname>.blob.core.windows.net/<path>
	#XAAUDIT.HDFS.HDFS_DIR=wasb://ranger_audit_container@my-azure-account.blob.core.windows.net/ranger/audit
	#XAAUDIT.HDFS.FILE_SPOOL_DIR=/var/log/ranger/kms/audit/hdfs/spool

	XAAUDIT.HDFS.ENABLE=false
	XAAUDIT.HDFS.HDFS_DIR=hdfs://__REPLACE__NAME_NODE_HOST:8020/ranger/audit
	XAAUDIT.HDFS.FILE_SPOOL_DIR=/var/log/ranger/kms/audit/hdfs/spool

	# Following additional propertis are needed When auditing to Azure Blob Storage via HDFS
	# Get these values from your /etc/hadoop/conf/core-site.xml
	#XAAUDIT.HDFS.HDFS_DIR=wasb[s]://<containername>@<accountname>.blob.core.windows.net/<path>
	XAAUDIT.HDFS.AZURE_ACCOUNTNAME=__REPLACE_AZURE_ACCOUNT_NAME
	XAAUDIT.HDFS.AZURE_ACCOUNTKEY=__REPLACE_AZURE_ACCOUNT_KEY
	XAAUDIT.HDFS.AZURE_SHELL_KEY_PROVIDER=__REPLACE_AZURE_SHELL_KEY_PROVIDER
	XAAUDIT.HDFS.AZURE_ACCOUNTKEY_PROVIDER=__REPLACE_AZURE_ACCOUNT_KEY_PROVIDER

	# End of V3 properties


	#
	# AUDIT DB Configuration
	#
	# This information should match with the one you specified during the PolicyManager Installation
	#
	# Example:
	# XAAUDIT.DB.IS_ENABLED=true
	# XAAUDIT.DB.FLAVOUR=MYSQL
	# XAAUDIT.DB.FLAVOUR=ORACLE
	# XAAUDIT.DB.HOSTNAME=localhost
	# XAAUDIT.DB.DATABASE_NAME=ranger_audit
	# XAAUDIT.DB.USER_NAME=rangerlogger
	# XAAUDIT.DB.PASSWORD=rangerlogger
	#
	XAAUDIT.DB.IS_ENABLED=true
	XAAUDIT.DB.FLAVOUR=MYSQL
	XAAUDIT.DB.HOSTNAME=
	XAAUDIT.DB.DATABASE_NAME=
	XAAUDIT.DB.USER_NAME=
	XAAUDIT.DB.PASSWORD=

	#
	# Audit to HDFS Configuration
	#
	# If XAAUDIT.HDFS.IS_ENABLED is set to true, please replace tokens
	# that start with __REPLACE__ with appropriate values
	# XAAUDIT.HDFS.IS_ENABLED=true
	# XAAUDIT.HDFS.DESTINATION_DIRECTORY=hdfs://__REPLACE__NAME_NODE_HOST:8020/ranger/audit/%app-type%/%time:yyyyMMdd%
	# XAAUDIT.HDFS.LOCAL_BUFFER_DIRECTORY=__REPLACE__LOG_DIR/kms/audit
	# XAAUDIT.HDFS.LOCAL_ARCHIVE_DIRECTORY=__REPLACE__LOG_DIR/kms/audit/archive
	#
	#
	# Example:
	# XAAUDIT.HDFS.IS_ENABLED=true
	# XAAUDIT.HDFS.DESTINATION_DIRECTORY=hdfs://namenode.example.com:8020/ranger/audit/%app-type%/%time:yyyyMMdd%
	# XAAUDIT.HDFS.LOCAL_BUFFER_DIRECTORY=/var/log/kms/audit
	# XAAUDIT.HDFS.LOCAL_ARCHIVE_DIRECTORY=/var/log/kms/audit/archive
	#
	XAAUDIT.HDFS.IS_ENABLED=false
	XAAUDIT.HDFS.DESTINATION_DIRECTORY=hdfs://__REPLACE__NAME_NODE_HOST:8020/ranger/audit/%app-type%/%time:yyyyMMdd%
	XAAUDIT.HDFS.LOCAL_BUFFER_DIRECTORY=__REPLACE__LOG_DIR/kms/audit
	XAAUDIT.HDFS.LOCAL_ARCHIVE_DIRECTORY=__REPLACE__LOG_DIR/kms/audit/archive

	XAAUDIT.HDFS.DESTINTATION_FILE=%hostname%-audit.log
	XAAUDIT.HDFS.DESTINTATION_FLUSH_INTERVAL_SECONDS=900
	XAAUDIT.HDFS.DESTINTATION_ROLLOVER_INTERVAL_SECONDS=86400
	XAAUDIT.HDFS.DESTINTATION_OPEN_RETRY_INTERVAL_SECONDS=60
	XAAUDIT.HDFS.LOCAL_BUFFER_FILE=%time:yyyyMMdd-HHmm.ss%.log
	XAAUDIT.HDFS.LOCAL_BUFFER_FLUSH_INTERVAL_SECONDS=60
	XAAUDIT.HDFS.LOCAL_BUFFER_ROLLOVER_INTERVAL_SECONDS=600
	XAAUDIT.HDFS.LOCAL_ARCHIVE_MAX_FILE_COUNT=10

	#Solr Audit Provder
	XAAUDIT.SOLR.IS_ENABLED=false
	XAAUDIT.SOLR.MAX_QUEUE_SIZE=1
	XAAUDIT.SOLR.MAX_FLUSH_INTERVAL_MS=1000
	XAAUDIT.SOLR.SOLR_URL=http://localhost:6083/solr/ranger_audits

	#
	# SSL Client Certificate Information
	#
	# Example:
	# SSL_KEYSTORE_FILE_PATH=/etc/ranger/kms/conf/ranger-plugin-keystore.jks
	# SSL_KEYSTORE_PASSWORD=none
	# SSL_TRUSTSTORE_FILE_PATH=/etc/ranger/kms/conf/ranger-plugin-truststore.jks
	# SSL_TRUSTSTORE_PASSWORD=none
	#
	# You do not need use SSL between agent and security admin tool, please leave these sample value as it is.
	#
	SSL_KEYSTORE_FILE_PATH=/etc/ranger/kms/conf/ranger-plugin-keystore.jks
	SSL_KEYSTORE_PASSWORD=myKeyFilePassword
	SSL_TRUSTSTORE_FILE_PATH=/etc/ranger/kms/conf/ranger-plugin-truststore.jks
	SSL_TRUSTSTORE_PASSWORD=changeit

	# ################# DO NOT MODIFY ANY VARIABLES BELOW #########################
	#
	# --- These deployment variables are not to be modified unless you understand the full impact of the changes
	#
	################################################################################

	KMS_DIR=$PWD
	app_home=$PWD/ews/webapp
	TMPFILE=$PWD/.fi_tmp
	LOGFILE=$PWD/logfile
	LOGFILES="$LOGFILE"

	JAVA_BIN='java'
	JAVA_VERSION_REQUIRED='1.7'
	JAVA_ORACLE='Java(TM) SE Runtime Environment'

	mysql_core_file=db/mysql/kms_core_db.sql

	oracle_core_file=db/oracle/kms_core_db_oracle.sql

	postgres_core_file=db/postgres/kms_core_db_postgres.sql

	sqlserver_core_file=db/sqlserver/kms_core_db_sqlserver.sql

	sqlanywhere_core_file=db/sqlanywhere/kms_core_db_sqlanywhere.sql
	cred_keystore_filename=$app_home/WEB-INF/classes/conf/.jceks/rangerkms.jceks

	KMS_BLACKLIST_DECRYPT_EEK=hdfs