config.py 52 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798991001011021031041051061071081091101111121131141151161171181191201211221231241251261271281291301311321331341351361371381391401411421431441451461471481491501511521531541551561571581591601611621631641651661671681691701711721731741751761771781791801811821831841851861871881891901911921931941951961971981992002012022032042052062072082092102112122132142152162172182192202212222232242252262272282292302312322332342352362372382392402412422432442452462472482492502512522532542552562572582592602612622632642652662672682692702712722732742752762772782792802812822832842852862872882892902912922932942952962972982993003013023033043053063073083093103113123133143153163173183193203213223233243253263273283293303313323333343353363373383393403413423433443453463473483493503513523533543553563573583593603613623633643653663673683693703713723733743753763773783793803813823833843853863873883893903913923933943953963973983994004014024034044054064074084094104114124134144154164174184194204214224234244254264274284294304314324334344354364374384394404414424434444454464474484494504514524534544554564574584594604614624634644654664674684694704714724734744754764774784794804814824834844854864874884894904914924934944954964974984995005015025035045055065075085095105115125135145155165175185195205215225235245255265275285295305315325335345355365375385395405415425435445455465475485495505515525535545555565575585595605615625635645655665675685695705715725735745755765775785795805815825835845855865875885895905915925935945955965975985996006016026036046056066076086096106116126136146156166176186196206216226236246256266276286296306316326336346356366376386396406416426436446456466476486496506516526536546556566576586596606616626636646656666676686696706716726736746756766776786796806816826836846856866876886896906916926936946956966976986997007017027037047057067077087097107117127137147157167177187197207217227237247257267277287297307317327337347357367377387397407417427437447457467477487497507517527537547557567577587597607617627637647657667677687697707717727737747757767777787797807817827837847857867877887897907917927937947957967977987998008018028038048058068078088098108118128138148158168178188198208218228238248258268278288298308318328338348358368378388398408418428438448458468478488498508518528538548558568578588598608618628638648658668678688698708718728738748758768778788798808818828838848858868878888898908918928938948958968978988999009019029039049059069079089099109119129139149159169179189199209219229239249259269279289299309319329339349359369379389399409419429439449459469479489499509519529539549559569579589599609619629639649659669679689699709719729739749759769779789799809819829839849859869879889899909919929939949959969979989991000100110021003100410051006100710081009101010111012101310141015101610171018101910201021102210231024102510261027102810291030103110321033103410351036103710381039104010411042104310441045104610471048104910501051105210531054105510561057105810591060106110621063106410651066106710681069107010711072107310741075107610771078107910801081108210831084108510861087108810891090109110921093109410951096109710981099110011011102110311041105110611071108110911101111111211131114111511161117111811191120112111221123112411251126112711281129113011311132113311341135113611371138113911401141114211431144114511461147114811491150115111521153115411551156115711581159116011611162116311641165116611671168116911701171117211731174117511761177117811791180118111821183118411851186118711881189119011911192119311941195119611971198119912001201120212031204120512061207120812091210121112121213121412151216121712181219122012211222122312241225122612271228122912301231123212331234123512361237123812391240124112421243124412451246124712481249125012511252125312541255125612571258125912601261126212631264126512661267126812691270127112721273127412751276127712781279128012811282128312841285128612871288128912901291129212931294129512961297129812991300130113021303130413051306130713081309131013111312131313141315131613171318131913201321132213231324132513261327132813291330133113321333133413351336133713381339134013411342134313441345134613471348134913501351135213531354135513561357135813591360136113621363136413651366136713681369137013711372137313741375137613771378137913801381138213831384138513861387138813891390139113921393139413951396139713981399140014011402140314041405140614071408140914101411141214131414141514161417141814191420142114221423142414251426142714281429143014311432143314341435143614371438143914401441144214431444144514461447
  1. # Configuration file for jupyterhub.
  2. #------------------------------------------------------------------------------
  3. # Application(SingletonConfigurable) configuration
  4. #------------------------------------------------------------------------------
  5. ## This is an application.
  6. ## The date format used by logging formatters for %(asctime)s
  7. # Default: '%Y-%m-%d %H:%M:%S'
  8. # c.Application.log_datefmt = '%Y-%m-%d %H:%M:%S'
  9. ## The Logging format template
  10. # Default: '[%(name)s]%(highlevel)s %(message)s'
  11. # c.Application.log_format = '[%(name)s]%(highlevel)s %(message)s'
  12. ## Set the log level by value or name.
  13. # Choices: any of [0, 10, 20, 30, 40, 50, 'DEBUG', 'INFO', 'WARN', 'ERROR', 'CRITICAL']
  14. # Default: 30
  15. # c.Application.log_level = 30
  16. ## Configure additional log handlers.
  17. #
  18. # The default stderr logs handler is configured by the log_level, log_datefmt
  19. # and log_format settings.
  20. #
  21. # This configuration can be used to configure additional handlers (e.g. to
  22. # output the log to a file) or for finer control over the default handlers.
  23. #
  24. # If provided this should be a logging configuration dictionary, for more
  25. # information see:
  26. # https://docs.python.org/3/library/logging.config.html#logging-config-
  27. # dictschema
  28. #
  29. # This dictionary is merged with the base logging configuration which defines
  30. # the following:
  31. #
  32. # * A logging formatter intended for interactive use called
  33. # ``console``.
  34. # * A logging handler that writes to stderr called
  35. # ``console`` which uses the formatter ``console``.
  36. # * A logger with the name of this application set to ``DEBUG``
  37. # level.
  38. #
  39. # This example adds a new handler that writes to a file:
  40. #
  41. # .. code-block:: python
  42. #
  43. # c.Application.logging_configuration = {
  44. # 'handlers': {
  45. # 'file': {
  46. # 'class': 'logging.FileHandler',
  47. # 'level': 'DEBUG',
  48. # 'filename': '<path/to/file>',
  49. # }
  50. # },
  51. # 'loggers': {
  52. # '<application-name>': {
  53. # 'level': 'DEBUG',
  54. # # NOTE: if you don't list the default "console"
  55. # # handler here then it will be disabled
  56. # 'handlers': ['console', 'file'],
  57. # },
  58. # }
  59. # }
  60. # Default: {}
  61. # c.Application.logging_config = {}
  62. ## Instead of starting the Application, dump configuration to stdout
  63. # Default: False
  64. # c.Application.show_config = False
  65. ## Instead of starting the Application, dump configuration to stdout (as JSON)
  66. # Default: False
  67. # c.Application.show_config_json = False
  68. #------------------------------------------------------------------------------
  69. # JupyterHub(Application) configuration
  70. #------------------------------------------------------------------------------
  71. ## An Application for starting a Multi-User Jupyter Notebook server.
  72. ## Maximum number of concurrent servers that can be active at a time.
  73. #
  74. # Setting this can limit the total resources your users can consume.
  75. #
  76. # An active server is any server that's not fully stopped. It is considered
  77. # active from the time it has been requested until the time that it has
  78. # completely stopped.
  79. #
  80. # If this many user servers are active, users will not be able to launch new
  81. # servers until a server is shutdown. Spawn requests will be rejected with a 429
  82. # error asking them to try again.
  83. #
  84. # If set to 0, no limit is enforced.
  85. # Default: 0
  86. # c.JupyterHub.active_server_limit = 0
  87. ## Duration (in seconds) to determine the number of active users.
  88. # Default: 1800
  89. # c.JupyterHub.active_user_window = 1800
  90. ## Resolution (in seconds) for updating activity
  91. #
  92. # If activity is registered that is less than activity_resolution seconds more
  93. # recent than the current value, the new value will be ignored.
  94. #
  95. # This avoids too many writes to the Hub database.
  96. # Default: 30
  97. # c.JupyterHub.activity_resolution = 30
  98. ## Grant admin users permission to access single-user servers.
  99. #
  100. # Users should be properly informed if this is enabled.
  101. # Default: False
  102. # c.JupyterHub.admin_access = False
  103. ## DEPRECATED since version 0.7.2, use Authenticator.admin_users instead.
  104. # Default: set()
  105. # c.JupyterHub.admin_users = set()
  106. ## Allow named single-user servers per user
  107. # Default: False
  108. # c.JupyterHub.allow_named_servers = False
  109. ## Answer yes to any questions (e.g. confirm overwrite)
  110. # Default: False
  111. # c.JupyterHub.answer_yes = False
  112. ## The default amount of records returned by a paginated endpoint
  113. # Default: 50
  114. # c.JupyterHub.api_page_default_limit = 50
  115. ## The maximum amount of records that can be returned at once
  116. # Default: 200
  117. # c.JupyterHub.api_page_max_limit = 200
  118. ## PENDING DEPRECATION: consider using services
  119. #
  120. # Dict of token:username to be loaded into the database.
  121. #
  122. # Allows ahead-of-time generation of API tokens for use by externally managed services,
  123. # which authenticate as JupyterHub users.
  124. #
  125. # Consider using services for general services that talk to the
  126. # JupyterHub API.
  127. # Default: {}
  128. # c.JupyterHub.api_tokens = {}
  129. ## Authentication for prometheus metrics
  130. # Default: True
  131. # c.JupyterHub.authenticate_prometheus = True
  132. ## Class for authenticating users.
  133. #
  134. # This should be a subclass of :class:`jupyterhub.auth.Authenticator`
  135. #
  136. # with an :meth:`authenticate` method that:
  137. #
  138. # - is a coroutine (asyncio or tornado)
  139. # - returns username on success, None on failure
  140. # - takes two arguments: (handler, data),
  141. # where `handler` is the calling web.RequestHandler,
  142. # and `data` is the POST form data from the login page.
  143. #
  144. # .. versionchanged:: 1.0
  145. # authenticators may be registered via entry points,
  146. # e.g. `c.JupyterHub.authenticator_class = 'pam'`
  147. #
  148. # Currently installed:
  149. # - default: jupyterhub.auth.PAMAuthenticator
  150. # - dummy: jupyterhub.auth.DummyAuthenticator
  151. # - null: jupyterhub.auth.NullAuthenticator
  152. # - pam: jupyterhub.auth.PAMAuthenticator
  153. # Default: 'jupyterhub.auth.PAMAuthenticator'
  154. # c.JupyterHub.authenticator_class = 'jupyterhub.auth.PAMAuthenticator'
  155. ## The base URL of the entire application.
  156. #
  157. # Add this to the beginning of all JupyterHub URLs.
  158. # Use base_url to run JupyterHub within an existing website.
  159. #
  160. # .. deprecated: 0.9
  161. # Use JupyterHub.bind_url
  162. # Default: '/'
  163. c.JupyterHub.base_url = '/jupyterhub'
  164. ## The public facing URL of the whole JupyterHub application.
  165. #
  166. # This is the address on which the proxy will bind.
  167. # Sets protocol, ip, base_url
  168. # Default: 'http://:8000'
  169. # c.JupyterHub.bind_url = 'http://:8000'
  170. ## Whether to shutdown the proxy when the Hub shuts down.
  171. #
  172. # Disable if you want to be able to teardown the Hub while leaving the
  173. # proxy running.
  174. #
  175. # Only valid if the proxy was starting by the Hub process.
  176. #
  177. # If both this and cleanup_servers are False, sending SIGINT to the Hub will
  178. # only shutdown the Hub, leaving everything else running.
  179. #
  180. # The Hub should be able to resume from database state.
  181. # Default: True
  182. # c.JupyterHub.cleanup_proxy = True
  183. ## Whether to shutdown single-user servers when the Hub shuts down.
  184. #
  185. # Disable if you want to be able to teardown the Hub while leaving the
  186. # single-user servers running.
  187. #
  188. # If both this and cleanup_proxy are False, sending SIGINT to the Hub will
  189. # only shutdown the Hub, leaving everything else running.
  190. #
  191. # The Hub should be able to resume from database state.
  192. # Default: True
  193. # c.JupyterHub.cleanup_servers = True
  194. ## Maximum number of concurrent users that can be spawning at a time.
  195. #
  196. # Spawning lots of servers at the same time can cause performance problems for
  197. # the Hub or the underlying spawning system. Set this limit to prevent bursts of
  198. # logins from attempting to spawn too many servers at the same time.
  199. #
  200. # This does not limit the number of total running servers. See
  201. # active_server_limit for that.
  202. #
  203. # If more than this many users attempt to spawn at a time, their requests will
  204. # be rejected with a 429 error asking them to try again. Users will have to wait
  205. # for some of the spawning services to finish starting before they can start
  206. # their own.
  207. #
  208. # If set to 0, no limit is enforced.
  209. # Default: 100
  210. # c.JupyterHub.concurrent_spawn_limit = 100
  211. ## The config file to load
  212. # Default: 'jupyterhub_config.py'
  213. # c.JupyterHub.config_file = 'jupyterhub_config.py'
  214. ## DEPRECATED: does nothing
  215. # Default: False
  216. # c.JupyterHub.confirm_no_ssl = False
  217. ## Number of days for a login cookie to be valid.
  218. # Default is two weeks.
  219. # Default: 14
  220. # c.JupyterHub.cookie_max_age_days = 14
  221. ## The cookie secret to use to encrypt cookies.
  222. #
  223. # Loaded from the JPY_COOKIE_SECRET env variable by default.
  224. #
  225. # Should be exactly 256 bits (32 bytes).
  226. # Default: traitlets.Undefined
  227. # c.JupyterHub.cookie_secret = traitlets.Undefined
  228. ## File in which to store the cookie secret.
  229. # Default: 'jupyterhub_cookie_secret'
  230. # c.JupyterHub.cookie_secret_file = 'jupyterhub_cookie_secret'
  231. ## The location of jupyterhub data files (e.g. /usr/local/share/jupyterhub)
  232. # Default: '/usr/local/share/jupyterhub'
  233. # c.JupyterHub.data_files_path = '/usr/local/share/jupyterhub'
  234. ## Include any kwargs to pass to the database connection.
  235. # See sqlalchemy.create_engine for details.
  236. # Default: {}
  237. # c.JupyterHub.db_kwargs = {}
  238. ## url for the database. e.g. `sqlite:///jupyterhub.sqlite`
  239. # Default: 'sqlite:///jupyterhub.sqlite'
  240. # c.JupyterHub.db_url = 'sqlite:///jupyterhub.sqlite'
  241. ## log all database transactions. This has A LOT of output
  242. # Default: False
  243. # c.JupyterHub.debug_db = False
  244. ## DEPRECATED since version 0.8: Use ConfigurableHTTPProxy.debug
  245. # Default: False
  246. # c.JupyterHub.debug_proxy = False
  247. ## If named servers are enabled, default name of server to spawn or open, e.g. by
  248. # user-redirect.
  249. # Default: ''
  250. # c.JupyterHub.default_server_name = ''
  251. ## The default URL for users when they arrive (e.g. when user directs to "/")
  252. #
  253. # By default, redirects users to their own server.
  254. #
  255. # Can be a Unicode string (e.g. '/hub/home') or a callable based on the handler
  256. # object:
  257. #
  258. # ::
  259. #
  260. # def default_url_fn(handler):
  261. # user = handler.current_user
  262. # if user and user.admin:
  263. # return '/hub/admin'
  264. # return '/hub/home'
  265. #
  266. # c.JupyterHub.default_url = default_url_fn
  267. # Default: traitlets.Undefined
  268. # c.JupyterHub.default_url = traitlets.Undefined
  269. ## Dict authority:dict(files). Specify the key, cert, and/or
  270. # ca file for an authority. This is useful for externally managed
  271. # proxies that wish to use internal_ssl.
  272. #
  273. # The files dict has this format (you must specify at least a cert)::
  274. #
  275. # {
  276. # 'key': '/path/to/key.key',
  277. # 'cert': '/path/to/cert.crt',
  278. # 'ca': '/path/to/ca.crt'
  279. # }
  280. #
  281. # The authorities you can override: 'hub-ca', 'notebooks-ca',
  282. # 'proxy-api-ca', 'proxy-client-ca', and 'services-ca'.
  283. #
  284. # Use with internal_ssl
  285. # Default: {}
  286. # c.JupyterHub.external_ssl_authorities = {}
  287. ## Register extra tornado Handlers for jupyterhub.
  288. #
  289. # Should be of the form ``("<regex>", Handler)``
  290. #
  291. # The Hub prefix will be added, so `/my-page` will be served at `/hub/my-page`.
  292. # Default: []
  293. # c.JupyterHub.extra_handlers = []
  294. ## DEPRECATED: use output redirection instead, e.g.
  295. #
  296. # jupyterhub &>> /var/log/jupyterhub.log
  297. # Default: ''
  298. # c.JupyterHub.extra_log_file = ''
  299. ## Extra log handlers to set on JupyterHub logger
  300. # Default: []
  301. # c.JupyterHub.extra_log_handlers = []
  302. ## Alternate header to use as the Host (e.g., X-Forwarded-Host)
  303. # when determining whether a request is cross-origin
  304. #
  305. # This may be useful when JupyterHub is running behind a proxy that rewrites
  306. # the Host header.
  307. # Default: ''
  308. # c.JupyterHub.forwarded_host_header = ''
  309. ## Generate certs used for internal ssl
  310. # Default: False
  311. # c.JupyterHub.generate_certs = False
  312. ## Generate default config file
  313. # Default: False
  314. # c.JupyterHub.generate_config = False
  315. ## The URL on which the Hub will listen. This is a private URL for internal
  316. # communication. Typically set in combination with hub_connect_url. If a unix
  317. # socket, hub_connect_url **must** also be set.
  318. #
  319. # For example:
  320. #
  321. # "http://127.0.0.1:8081"
  322. # "unix+http://%2Fsrv%2Fjupyterhub%2Fjupyterhub.sock"
  323. #
  324. # .. versionadded:: 0.9
  325. # Default: ''
  326. # c.JupyterHub.hub_bind_url = ''
  327. ## The ip or hostname for proxies and spawners to use
  328. # for connecting to the Hub.
  329. #
  330. # Use when the bind address (`hub_ip`) is 0.0.0.0, :: or otherwise different
  331. # from the connect address.
  332. #
  333. # Default: when `hub_ip` is 0.0.0.0 or ::, use `socket.gethostname()`,
  334. # otherwise use `hub_ip`.
  335. #
  336. # Note: Some spawners or proxy implementations might not support hostnames. Check your
  337. # spawner or proxy documentation to see if they have extra requirements.
  338. #
  339. # .. versionadded:: 0.8
  340. # Default: ''
  341. # c.JupyterHub.hub_connect_ip = ''
  342. ## DEPRECATED
  343. #
  344. # Use hub_connect_url
  345. #
  346. # .. versionadded:: 0.8
  347. #
  348. # .. deprecated:: 0.9
  349. # Use hub_connect_url
  350. # Default: 0
  351. # c.JupyterHub.hub_connect_port = 0
  352. ## The URL for connecting to the Hub. Spawners, services, and the proxy will use
  353. # this URL to talk to the Hub.
  354. #
  355. # Only needs to be specified if the default hub URL is not connectable (e.g.
  356. # using a unix+http:// bind url).
  357. #
  358. # .. seealso::
  359. # JupyterHub.hub_connect_ip
  360. # JupyterHub.hub_bind_url
  361. #
  362. # .. versionadded:: 0.9
  363. # Default: ''
  364. # c.JupyterHub.hub_connect_url = ''
  365. ## The ip address for the Hub process to *bind* to.
  366. #
  367. # By default, the hub listens on localhost only. This address must be accessible from
  368. # the proxy and user servers. You may need to set this to a public ip or '' for all
  369. # interfaces if the proxy or user servers are in containers or on a different host.
  370. #
  371. # See `hub_connect_ip` for cases where the bind and connect address should differ,
  372. # or `hub_bind_url` for setting the full bind URL.
  373. # Default: '127.0.0.1'
  374. # c.JupyterHub.hub_ip = '127.0.0.1'
  375. ## The internal port for the Hub process.
  376. #
  377. # This is the internal port of the hub itself. It should never be accessed directly.
  378. # See JupyterHub.port for the public port to use when accessing jupyterhub.
  379. # It is rare that this port should be set except in cases of port conflict.
  380. #
  381. # See also `hub_ip` for the ip and `hub_bind_url` for setting the full
  382. # bind URL.
  383. # Default: 8081
  384. # c.JupyterHub.hub_port = 8081
  385. ## The routing prefix for the Hub itself.
  386. #
  387. # Override to send only a subset of traffic to the Hub. Default is to use the
  388. # Hub as the default route for all requests.
  389. #
  390. # This is necessary for normal jupyterhub operation, as the Hub must receive
  391. # requests for e.g. `/user/:name` when the user's server is not running.
  392. #
  393. # However, some deployments using only the JupyterHub API may want to handle
  394. # these events themselves, in which case they can register their own default
  395. # target with the proxy and set e.g. `hub_routespec = /hub/` to serve only the
  396. # hub's own pages, or even `/hub/api/` for api-only operation.
  397. #
  398. # Note: hub_routespec must include the base_url, if any.
  399. #
  400. # .. versionadded:: 1.4
  401. # Default: '/'
  402. # c.JupyterHub.hub_routespec = '/'
  403. ## Trigger implicit spawns after this many seconds.
  404. #
  405. # When a user visits a URL for a server that's not running,
  406. # they are shown a page indicating that the requested server
  407. # is not running with a button to spawn the server.
  408. #
  409. # Setting this to a positive value will redirect the user
  410. # after this many seconds, effectively clicking this button
  411. # automatically for the users,
  412. # automatically beginning the spawn process.
  413. #
  414. # Warning: this can result in errors and surprising behavior
  415. # when sharing access URLs to actual servers,
  416. # since the wrong server is likely to be started.
  417. # Default: 0
  418. # c.JupyterHub.implicit_spawn_seconds = 0
  419. ## Timeout (in seconds) to wait for spawners to initialize
  420. #
  421. # Checking if spawners are healthy can take a long time if many spawners are
  422. # active at hub start time.
  423. #
  424. # If it takes longer than this timeout to check, init_spawner will be left to
  425. # complete in the background and the http server is allowed to start.
  426. #
  427. # A timeout of -1 means wait forever, which can mean a slow startup of the Hub
  428. # but ensures that the Hub is fully consistent by the time it starts responding
  429. # to requests. This matches the behavior of jupyterhub 1.0.
  430. #
  431. # .. versionadded: 1.1.0
  432. # Default: 10
  433. # c.JupyterHub.init_spawners_timeout = 10
  434. ## The location to store certificates automatically created by
  435. # JupyterHub.
  436. #
  437. # Use with internal_ssl
  438. # Default: 'internal-ssl'
  439. # c.JupyterHub.internal_certs_location = 'internal-ssl'
  440. ## Enable SSL for all internal communication
  441. #
  442. # This enables end-to-end encryption between all JupyterHub components.
  443. # JupyterHub will automatically create the necessary certificate
  444. # authority and sign notebook certificates as they're created.
  445. # Default: False
  446. # c.JupyterHub.internal_ssl = False
  447. ## The public facing ip of the whole JupyterHub application
  448. # (specifically referred to as the proxy).
  449. #
  450. # This is the address on which the proxy will listen. The default is to
  451. # listen on all interfaces. This is the only address through which JupyterHub
  452. # should be accessed by users.
  453. #
  454. # .. deprecated: 0.9
  455. # Use JupyterHub.bind_url
  456. # Default: ''
  457. # c.JupyterHub.ip = ''
  458. ## Supply extra arguments that will be passed to Jinja environment.
  459. # Default: {}
  460. # c.JupyterHub.jinja_environment_options = {}
  461. ## Interval (in seconds) at which to update last-activity timestamps.
  462. # Default: 300
  463. # c.JupyterHub.last_activity_interval = 300
  464. ## Dict of 'group': ['usernames'] to load at startup.
  465. #
  466. # This strictly *adds* groups and users to groups.
  467. #
  468. # Loading one set of groups, then starting JupyterHub again with a different
  469. # set will not remove users or groups from previous launches.
  470. # That must be done through the API.
  471. # Default: {}
  472. # c.JupyterHub.load_groups = {}
  473. ## List of predefined role dictionaries to load at startup.
  474. #
  475. # For instance::
  476. #
  477. # load_roles = [
  478. # {
  479. # 'name': 'teacher',
  480. # 'description': 'Access to users' information and group membership',
  481. # 'scopes': ['users', 'groups'],
  482. # 'users': ['cyclops', 'gandalf'],
  483. # 'services': [],
  484. # 'groups': []
  485. # }
  486. # ]
  487. #
  488. # All keys apart from 'name' are optional.
  489. # See all the available scopes in the JupyterHub REST API documentation.
  490. #
  491. # Default roles are defined in roles.py.
  492. # Default: []
  493. # c.JupyterHub.load_roles = []
  494. ## The date format used by logging formatters for %(asctime)s
  495. # See also: Application.log_datefmt
  496. # c.JupyterHub.log_datefmt = '%Y-%m-%d %H:%M:%S'
  497. ## The Logging format template
  498. # See also: Application.log_format
  499. # c.JupyterHub.log_format = '[%(name)s]%(highlevel)s %(message)s'
  500. ## Set the log level by value or name.
  501. # See also: Application.log_level
  502. # c.JupyterHub.log_level = 30
  503. ##
  504. # See also: Application.logging_config
  505. # c.JupyterHub.logging_config = {}
  506. ## Specify path to a logo image to override the Jupyter logo in the banner.
  507. # Default: ''
  508. # c.JupyterHub.logo_file = ''
  509. ## Maximum number of concurrent named servers that can be created by a user at a
  510. # time.
  511. #
  512. # Setting this can limit the total resources a user can consume.
  513. #
  514. # If set to 0, no limit is enforced.
  515. # Default: 0
  516. # c.JupyterHub.named_server_limit_per_user = 0
  517. ## Expiry (in seconds) of OAuth access tokens.
  518. #
  519. # The default is to expire when the cookie storing them expires,
  520. # according to `cookie_max_age_days` config.
  521. #
  522. # These are the tokens stored in cookies when you visit
  523. # a single-user server or service.
  524. # When they expire, you must re-authenticate with the Hub,
  525. # even if your Hub authentication is still valid.
  526. # If your Hub authentication is valid,
  527. # logging in may be a transparent redirect as you refresh the page.
  528. #
  529. # This does not affect JupyterHub API tokens in general,
  530. # which do not expire by default.
  531. # Only tokens issued during the oauth flow
  532. # accessing services and single-user servers are affected.
  533. #
  534. # .. versionadded:: 1.4
  535. # OAuth token expires_in was not previously configurable.
  536. # .. versionchanged:: 1.4
  537. # Default now uses cookie_max_age_days so that oauth tokens
  538. # which are generally stored in cookies,
  539. # expire when the cookies storing them expire.
  540. # Previously, it was one hour.
  541. # Default: 0
  542. # c.JupyterHub.oauth_token_expires_in = 0
  543. ## File to write PID
  544. # Useful for daemonizing JupyterHub.
  545. # Default: ''
  546. # c.JupyterHub.pid_file = ''
  547. ## The public facing port of the proxy.
  548. #
  549. # This is the port on which the proxy will listen.
  550. # This is the only port through which JupyterHub
  551. # should be accessed by users.
  552. #
  553. # .. deprecated: 0.9
  554. # Use JupyterHub.bind_url
  555. # Default: 8000
  556. # c.JupyterHub.port = 8000
  557. ## DEPRECATED since version 0.8 : Use ConfigurableHTTPProxy.api_url
  558. # Default: ''
  559. # c.JupyterHub.proxy_api_ip = ''
  560. ## DEPRECATED since version 0.8 : Use ConfigurableHTTPProxy.api_url
  561. # Default: 0
  562. # c.JupyterHub.proxy_api_port = 0
  563. ## DEPRECATED since version 0.8: Use ConfigurableHTTPProxy.auth_token
  564. # Default: ''
  565. # c.JupyterHub.proxy_auth_token = ''
  566. ## DEPRECATED since version 0.8: Use ConfigurableHTTPProxy.check_running_interval
  567. # Default: 5
  568. # c.JupyterHub.proxy_check_interval = 5
  569. ## The class to use for configuring the JupyterHub proxy.
  570. #
  571. # Should be a subclass of :class:`jupyterhub.proxy.Proxy`.
  572. #
  573. # .. versionchanged:: 1.0
  574. # proxies may be registered via entry points,
  575. # e.g. `c.JupyterHub.proxy_class = 'traefik'`
  576. #
  577. # Currently installed:
  578. # - configurable-http-proxy: jupyterhub.proxy.ConfigurableHTTPProxy
  579. # - default: jupyterhub.proxy.ConfigurableHTTPProxy
  580. # Default: 'jupyterhub.proxy.ConfigurableHTTPProxy'
  581. # c.JupyterHub.proxy_class = 'jupyterhub.proxy.ConfigurableHTTPProxy'
  582. ## DEPRECATED since version 0.8. Use ConfigurableHTTPProxy.command
  583. # Default: []
  584. # c.JupyterHub.proxy_cmd = []
  585. ## Recreate all certificates used within JupyterHub on restart.
  586. #
  587. # Note: enabling this feature requires restarting all notebook servers.
  588. #
  589. # Use with internal_ssl
  590. # Default: False
  591. # c.JupyterHub.recreate_internal_certs = False
  592. ## Redirect user to server (if running), instead of control panel.
  593. # Default: True
  594. # c.JupyterHub.redirect_to_server = True
  595. ## Purge and reset the database.
  596. # Default: False
  597. # c.JupyterHub.reset_db = False
  598. ## Interval (in seconds) at which to check connectivity of services with web
  599. # endpoints.
  600. # Default: 60
  601. # c.JupyterHub.service_check_interval = 60
  602. ## Dict of token:servicename to be loaded into the database.
  603. #
  604. # Allows ahead-of-time generation of API tokens for use by externally
  605. # managed services.
  606. # Default: {}
  607. # c.JupyterHub.service_tokens = {}
  608. ## List of service specification dictionaries.
  609. #
  610. # A service
  611. #
  612. # For instance::
  613. #
  614. # services = [
  615. # {
  616. # 'name': 'cull_idle',
  617. # 'command': ['/path/to/cull_idle_servers.py'],
  618. # },
  619. # {
  620. # 'name': 'formgrader',
  621. # 'url': 'http://127.0.0.1:1234',
  622. # 'api_token': 'super-secret',
  623. # 'environment':
  624. # }
  625. # ]
  626. # Default: []
  627. # c.JupyterHub.services = []
  628. ## Instead of starting the Application, dump configuration to stdout
  629. # See also: Application.show_config
  630. # c.JupyterHub.show_config = False
  631. ## Instead of starting the Application, dump configuration to stdout (as JSON)
  632. # See also: Application.show_config_json
  633. # c.JupyterHub.show_config_json = False
  634. ## Shuts down all user servers on logout
  635. # Default: False
  636. # c.JupyterHub.shutdown_on_logout = False
  637. ## The class to use for spawning single-user servers.
  638. #
  639. # Should be a subclass of :class:`jupyterhub.spawner.Spawner`.
  640. #
  641. # .. versionchanged:: 1.0
  642. # spawners may be registered via entry points,
  643. # e.g. `c.JupyterHub.spawner_class = 'localprocess'`
  644. #
  645. # Currently installed:
  646. # - default: jupyterhub.spawner.LocalProcessSpawner
  647. # - localprocess: jupyterhub.spawner.LocalProcessSpawner
  648. # - simple: jupyterhub.spawner.SimpleLocalProcessSpawner
  649. # Default: 'jupyterhub.spawner.LocalProcessSpawner'
  650. #c.JupyterHub.spawner_class = 'yarnspawner.YarnSpawner'
  651. ## Path to SSL certificate file for the public facing interface of the proxy
  652. #
  653. # When setting this, you should also set ssl_key
  654. # Default: ''
  655. # c.JupyterHub.ssl_cert = ''
  656. ## Path to SSL key file for the public facing interface of the proxy
  657. #
  658. # When setting this, you should also set ssl_cert
  659. # Default: ''
  660. # c.JupyterHub.ssl_key = ''
  661. ## Host to send statsd metrics to. An empty string (the default) disables sending
  662. # metrics.
  663. # Default: ''
  664. # c.JupyterHub.statsd_host = ''
  665. ## Port on which to send statsd metrics about the hub
  666. # Default: 8125
  667. # c.JupyterHub.statsd_port = 8125
  668. ## Prefix to use for all metrics sent by jupyterhub to statsd
  669. # Default: 'jupyterhub'
  670. # c.JupyterHub.statsd_prefix = 'jupyterhub'
  671. ## Run single-user servers on subdomains of this host.
  672. #
  673. # This should be the full `https://hub.domain.tld[:port]`.
  674. #
  675. # Provides additional cross-site protections for javascript served by
  676. # single-user servers.
  677. #
  678. # Requires `<username>.hub.domain.tld` to resolve to the same host as
  679. # `hub.domain.tld`.
  680. #
  681. # In general, this is most easily achieved with wildcard DNS.
  682. #
  683. # When using SSL (i.e. always) this also requires a wildcard SSL
  684. # certificate.
  685. # Default: ''
  686. # c.JupyterHub.subdomain_host = ''
  687. ## Paths to search for jinja templates, before using the default templates.
  688. # Default: []
  689. # c.JupyterHub.template_paths = []
  690. ## Extra variables to be passed into jinja templates
  691. # Default: {}
  692. # c.JupyterHub.template_vars = {}
  693. ## Extra settings overrides to pass to the tornado application.
  694. # Default: {}
  695. # c.JupyterHub.tornado_settings = {}
  696. ## Trust user-provided tokens (via JupyterHub.service_tokens)
  697. # to have good entropy.
  698. #
  699. # If you are not inserting additional tokens via configuration file,
  700. # this flag has no effect.
  701. #
  702. # In JupyterHub 0.8, internally generated tokens do not
  703. # pass through additional hashing because the hashing is costly
  704. # and does not increase the entropy of already-good UUIDs.
  705. #
  706. # User-provided tokens, on the other hand, are not trusted to have good entropy by default,
  707. # and are passed through many rounds of hashing to stretch the entropy of the key
  708. # (i.e. user-provided tokens are treated as passwords instead of random keys).
  709. # These keys are more costly to check.
  710. #
  711. # If your inserted tokens are generated by a good-quality mechanism,
  712. # e.g. `openssl rand -hex 32`, then you can set this flag to True
  713. # to reduce the cost of checking authentication tokens.
  714. # Default: False
  715. # c.JupyterHub.trust_user_provided_tokens = False
  716. ## Names to include in the subject alternative name.
  717. #
  718. # These names will be used for server name verification. This is useful
  719. # if JupyterHub is being run behind a reverse proxy or services using ssl
  720. # are on different hosts.
  721. #
  722. # Use with internal_ssl
  723. # Default: []
  724. # c.JupyterHub.trusted_alt_names = []
  725. ## Downstream proxy IP addresses to trust.
  726. #
  727. # This sets the list of IP addresses that are trusted and skipped when processing
  728. # the `X-Forwarded-For` header. For example, if an external proxy is used for TLS
  729. # termination, its IP address should be added to this list to ensure the correct
  730. # client IP addresses are recorded in the logs instead of the proxy server's IP
  731. # address.
  732. # Default: []
  733. # c.JupyterHub.trusted_downstream_ips = []
  734. ## Upgrade the database automatically on start.
  735. #
  736. # Only safe if database is regularly backed up.
  737. # Only SQLite databases will be backed up to a local file automatically.
  738. # Default: False
  739. # c.JupyterHub.upgrade_db = False
  740. ## Return 503 rather than 424 when request comes in for a non-running server.
  741. #
  742. # Prior to JupyterHub 2.0, we returned a 503 when any request came in for a user
  743. # server that was currently not running. By default, JupyterHub 2.0 will return
  744. # a 424 - this makes operational metric dashboards more useful.
  745. #
  746. # JupyterLab < 3.2 expected the 503 to know if the user server is no longer
  747. # running, and prompted the user to start their server. Set this config to true
  748. # to retain the old behavior, so JupyterLab < 3.2 can continue to show the
  749. # appropriate UI when the user server is stopped.
  750. #
  751. # This option will be removed in a future release.
  752. # Default: False
  753. # c.JupyterHub.use_legacy_stopped_server_status_code = False
  754. ## Callable to affect behavior of /user-redirect/
  755. #
  756. # Receives 4 parameters: 1. path - URL path that was provided after /user-
  757. # redirect/ 2. request - A Tornado HTTPServerRequest representing the current
  758. # request. 3. user - The currently authenticated user. 4. base_url - The
  759. # base_url of the current hub, for relative redirects
  760. #
  761. # It should return the new URL to redirect to, or None to preserve current
  762. # behavior.
  763. # Default: None
  764. # c.JupyterHub.user_redirect_hook = None
  765. #------------------------------------------------------------------------------
  766. # Spawner(LoggingConfigurable) configuration
  767. #------------------------------------------------------------------------------
  768. ## Base class for spawning single-user notebook servers.
  769. #
  770. # Subclass this, and override the following methods:
  771. #
  772. # - load_state
  773. # - get_state
  774. # - start
  775. # - stop
  776. # - poll
  777. #
  778. # As JupyterHub supports multiple users, an instance of the Spawner subclass
  779. # is created for each user. If there are 20 JupyterHub users, there will be 20
  780. # instances of the subclass.
  781. ## Extra arguments to be passed to the single-user server.
  782. #
  783. # Some spawners allow shell-style expansion here, allowing you to use
  784. # environment variables here. Most, including the default, do not. Consult the
  785. # documentation for your spawner to verify!
  786. # Default: []
  787. # c.Spawner.args = []
  788. ## An optional hook function that you can implement to pass `auth_state` to the
  789. # spawner after it has been initialized but before it starts. The `auth_state`
  790. # dictionary may be set by the `.authenticate()` method of the authenticator.
  791. # This hook enables you to pass some or all of that information to your spawner.
  792. #
  793. # Example::
  794. #
  795. # def userdata_hook(spawner, auth_state):
  796. # spawner.userdata = auth_state["userdata"]
  797. #
  798. # c.Spawner.auth_state_hook = userdata_hook
  799. # Default: None
  800. # c.Spawner.auth_state_hook = None
  801. ## The command used for starting the single-user server.
  802. #
  803. # Provide either a string or a list containing the path to the startup script
  804. # command. Extra arguments, other than this path, should be provided via `args`.
  805. #
  806. # This is usually set if you want to start the single-user server in a different
  807. # python environment (with virtualenv/conda) than JupyterHub itself.
  808. #
  809. # Some spawners allow shell-style expansion here, allowing you to use
  810. # environment variables. Most, including the default, do not. Consult the
  811. # documentation for your spawner to verify!
  812. # Default: ['jupyterhub-singleuser']
  813. c.Spawner.cmd = ['jupyter-labhub']
  814. ## Maximum number of consecutive failures to allow before shutting down
  815. # JupyterHub.
  816. #
  817. # This helps JupyterHub recover from a certain class of problem preventing
  818. # launch in contexts where the Hub is automatically restarted (e.g. systemd,
  819. # docker, kubernetes).
  820. #
  821. # A limit of 0 means no limit and consecutive failures will not be tracked.
  822. # Default: 0
  823. # c.Spawner.consecutive_failure_limit = 0
  824. ## Minimum number of cpu-cores a single-user notebook server is guaranteed to
  825. # have available.
  826. #
  827. # If this value is set to 0.5, allows use of 50% of one CPU. If this value is
  828. # set to 2, allows use of up to 2 CPUs.
  829. #
  830. # **This is a configuration setting. Your spawner must implement support for the
  831. # limit to work.** The default spawner, `LocalProcessSpawner`, does **not**
  832. # implement this support. A custom spawner **must** add support for this setting
  833. # for it to be enforced.
  834. # Default: None
  835. # c.Spawner.cpu_guarantee = None
  836. ## Maximum number of cpu-cores a single-user notebook server is allowed to use.
  837. #
  838. # If this value is set to 0.5, allows use of 50% of one CPU. If this value is
  839. # set to 2, allows use of up to 2 CPUs.
  840. #
  841. # The single-user notebook server will never be scheduled by the kernel to use
  842. # more cpu-cores than this. There is no guarantee that it can access this many
  843. # cpu-cores.
  844. #
  845. # **This is a configuration setting. Your spawner must implement support for the
  846. # limit to work.** The default spawner, `LocalProcessSpawner`, does **not**
  847. # implement this support. A custom spawner **must** add support for this setting
  848. # for it to be enforced.
  849. # Default: None
  850. # c.Spawner.cpu_limit = None
  851. ## Enable debug-logging of the single-user server
  852. # Default: False
  853. # c.Spawner.debug = False
  854. ## The URL the single-user server should start in.
  855. #
  856. # `{username}` will be expanded to the user's username
  857. #
  858. # Example uses:
  859. #
  860. # - You can set `notebook_dir` to `/` and `default_url` to `/tree/home/{username}` to allow people to
  861. # navigate the whole filesystem from their notebook server, but still start in their home directory.
  862. # - Start with `/notebooks` instead of `/tree` if `default_url` points to a notebook instead of a directory.
  863. # - You can set this to `/lab` to have JupyterLab start by default, rather than Jupyter Notebook.
  864. # Default: ''
  865. # c.Spawner.default_url = ''
  866. ## Disable per-user configuration of single-user servers.
  867. #
  868. # When starting the user's single-user server, any config file found in the
  869. # user's $HOME directory will be ignored.
  870. #
  871. # Note: a user could circumvent this if the user modifies their Python
  872. # environment, such as when they have their own conda environments / virtualenvs
  873. # / containers.
  874. # Default: False
  875. # c.Spawner.disable_user_config = False
  876. ## List of environment variables for the single-user server to inherit from the
  877. # JupyterHub process.
  878. #
  879. # This list is used to ensure that sensitive information in the JupyterHub
  880. # process's environment (such as `CONFIGPROXY_AUTH_TOKEN`) is not passed to the
  881. # single-user server's process.
  882. # Default: ['PATH', 'PYTHONPATH', 'CONDA_ROOT', 'CONDA_DEFAULT_ENV', 'VIRTUAL_ENV', 'LANG', 'LC_ALL', 'JUPYTERHUB_SINGLEUSER_APP']
  883. c.Spawner.env_keep = ['PATH', 'PYTHONPATH', 'CONDA_ROOT', 'CONDA_DEFAULT_ENV', 'VIRTUAL_ENV', 'LANG', 'LC_ALL', 'JUPYTERHUB_SINGLEUSER_APP',
  884. 'SPARKMAGIC_CONF_DIR', 'KRB5CCNAME', 'JAVA_HOME', 'HADOOP_HOME', 'HADOOP_CONF_DIR', 'LD_LIBRARY_PATH', 'CLASSPATH', 'KINIT_INTERVAL', 'KINIT_PRINCIPAL', 'WEBHDFS_URL']
  885. ## Extra environment variables to set for the single-user server's process.
  886. #
  887. # Environment variables that end up in the single-user server's process come from 3 sources:
  888. # - This `environment` configurable
  889. # - The JupyterHub process' environment variables that are listed in `env_keep`
  890. # - Variables to establish contact between the single-user notebook and the hub (such as JUPYTERHUB_API_TOKEN)
  891. #
  892. # The `environment` configurable should be set by JupyterHub administrators to
  893. # add installation specific environment variables. It is a dict where the key is
  894. # the name of the environment variable, and the value can be a string or a
  895. # callable. If it is a callable, it will be called with one parameter (the
  896. # spawner instance), and should return a string fairly quickly (no blocking
  897. # operations please!).
  898. #
  899. # Note that the spawner class' interface is not guaranteed to be exactly same
  900. # across upgrades, so if you are using the callable take care to verify it
  901. # continues to work after upgrades!
  902. #
  903. # .. versionchanged:: 1.2
  904. # environment from this configuration has highest priority,
  905. # allowing override of 'default' env variables,
  906. # such as JUPYTERHUB_API_URL.
  907. # Default: {}
  908. #c.Spawner.environment = {'SPARKMAGIC_CONF_DIR': '/etc/sparkmagic'}
  909. ## Timeout (in seconds) before giving up on a spawned HTTP server
  910. #
  911. # Once a server has successfully been spawned, this is the amount of time we
  912. # wait before assuming that the server is unable to accept connections.
  913. # Default: 30
  914. # c.Spawner.http_timeout = 30
  915. ## The URL the single-user server should connect to the Hub.
  916. #
  917. # If the Hub URL set in your JupyterHub config is not reachable from spawned
  918. # notebooks, you can set differnt URL by this config.
  919. #
  920. # Is None if you don't need to change the URL.
  921. # Default: None
  922. # c.Spawner.hub_connect_url = None
  923. ## The IP address (or hostname) the single-user server should listen on.
  924. #
  925. # Usually either '127.0.0.1' (default) or '0.0.0.0'.
  926. #
  927. # The JupyterHub proxy implementation should be able to send packets to this
  928. # interface.
  929. #
  930. # Subclasses which launch remotely or in containers should override the default
  931. # to '0.0.0.0'.
  932. #
  933. # .. versionchanged:: 2.0
  934. # Default changed to '127.0.0.1', from ''.
  935. # In most cases, this does not result in a change in behavior,
  936. # as '' was interpreted as 'unspecified',
  937. # which used the subprocesses' own default, itself usually '127.0.0.1'.
  938. # Default: '127.0.0.1'
  939. # c.Spawner.ip = '127.0.0.1'
  940. ## Minimum number of bytes a single-user notebook server is guaranteed to have
  941. # available.
  942. #
  943. # Allows the following suffixes:
  944. # - K -> Kilobytes
  945. # - M -> Megabytes
  946. # - G -> Gigabytes
  947. # - T -> Terabytes
  948. #
  949. # **This is a configuration setting. Your spawner must implement support for the
  950. # limit to work.** The default spawner, `LocalProcessSpawner`, does **not**
  951. # implement this support. A custom spawner **must** add support for this setting
  952. # for it to be enforced.
  953. # Default: None
  954. # c.Spawner.mem_guarantee = None
  955. ## Maximum number of bytes a single-user notebook server is allowed to use.
  956. #
  957. # Allows the following suffixes:
  958. # - K -> Kilobytes
  959. # - M -> Megabytes
  960. # - G -> Gigabytes
  961. # - T -> Terabytes
  962. #
  963. # If the single user server tries to allocate more memory than this, it will
  964. # fail. There is no guarantee that the single-user notebook server will be able
  965. # to allocate this much memory - only that it can not allocate more than this.
  966. #
  967. # **This is a configuration setting. Your spawner must implement support for the
  968. # limit to work.** The default spawner, `LocalProcessSpawner`, does **not**
  969. # implement this support. A custom spawner **must** add support for this setting
  970. # for it to be enforced.
  971. # Default: None
  972. # c.Spawner.mem_limit = None
  973. ## Path to the notebook directory for the single-user server.
  974. #
  975. # The user sees a file listing of this directory when the notebook interface is
  976. # started. The current interface does not easily allow browsing beyond the
  977. # subdirectories in this directory's tree.
  978. #
  979. # `~` will be expanded to the home directory of the user, and {username} will be
  980. # replaced with the name of the user.
  981. #
  982. # Note that this does *not* prevent users from accessing files outside of this
  983. # path! They can do so with many other means.
  984. # Default: ''
  985. # c.Spawner.notebook_dir = ''
  986. ## Allowed roles for oauth tokens.
  987. #
  988. # This sets the maximum and default roles
  989. # assigned to oauth tokens issued by a single-user server's
  990. # oauth client (i.e. tokens stored in browsers after authenticating with the server),
  991. # defining what actions the server can take on behalf of logged-in users.
  992. #
  993. # Default is an empty list, meaning minimal permissions to identify users,
  994. # no actions can be taken on their behalf.
  995. # Default: traitlets.Undefined
  996. # c.Spawner.oauth_roles = traitlets.Undefined
  997. ## An HTML form for options a user can specify on launching their server.
  998. #
  999. # The surrounding `<form>` element and the submit button are already provided.
  1000. #
  1001. # For example:
  1002. #
  1003. # .. code:: html
  1004. #
  1005. # Set your key:
  1006. # <input name="key" val="default_key"></input>
  1007. # <br>
  1008. # Choose a letter:
  1009. # <select name="letter" multiple="true">
  1010. # <option value="A">The letter A</option>
  1011. # <option value="B">The letter B</option>
  1012. # </select>
  1013. #
  1014. # The data from this form submission will be passed on to your spawner in
  1015. # `self.user_options`
  1016. #
  1017. # Instead of a form snippet string, this could also be a callable that takes as
  1018. # one parameter the current spawner instance and returns a string. The callable
  1019. # will be called asynchronously if it returns a future, rather than a str. Note
  1020. # that the interface of the spawner class is not deemed stable across versions,
  1021. # so using this functionality might cause your JupyterHub upgrades to break.
  1022. # Default: traitlets.Undefined
  1023. # c.Spawner.options_form = traitlets.Undefined
  1024. ## Interpret HTTP form data
  1025. #
  1026. # Form data will always arrive as a dict of lists of strings. Override this
  1027. # function to understand single-values, numbers, etc.
  1028. #
  1029. # This should coerce form data into the structure expected by self.user_options,
  1030. # which must be a dict, and should be JSON-serializeable, though it can contain
  1031. # bytes in addition to standard JSON data types.
  1032. #
  1033. # This method should not have any side effects. Any handling of `user_options`
  1034. # should be done in `.start()` to ensure consistent behavior across servers
  1035. # spawned via the API and form submission page.
  1036. #
  1037. # Instances will receive this data on self.user_options, after passing through
  1038. # this function, prior to `Spawner.start`.
  1039. #
  1040. # .. versionchanged:: 1.0
  1041. # user_options are persisted in the JupyterHub database to be reused
  1042. # on subsequent spawns if no options are given.
  1043. # user_options is serialized to JSON as part of this persistence
  1044. # (with additional support for bytes in case of uploaded file data),
  1045. # and any non-bytes non-jsonable values will be replaced with None
  1046. # if the user_options are re-used.
  1047. # Default: traitlets.Undefined
  1048. # c.Spawner.options_from_form = traitlets.Undefined
  1049. ## Interval (in seconds) on which to poll the spawner for single-user server's
  1050. # status.
  1051. #
  1052. # At every poll interval, each spawner's `.poll` method is called, which checks
  1053. # if the single-user server is still running. If it isn't running, then
  1054. # JupyterHub modifies its own state accordingly and removes appropriate routes
  1055. # from the configurable proxy.
  1056. # Default: 30
  1057. # c.Spawner.poll_interval = 30
  1058. ## The port for single-user servers to listen on.
  1059. #
  1060. # Defaults to `0`, which uses a randomly allocated port number each time.
  1061. #
  1062. # If set to a non-zero value, all Spawners will use the same port, which only
  1063. # makes sense if each server is on a different address, e.g. in containers.
  1064. #
  1065. # New in version 0.7.
  1066. # Default: 0
  1067. # c.Spawner.port = 0
  1068. ## An optional hook function that you can implement to do work after the spawner
  1069. # stops.
  1070. #
  1071. # This can be set independent of any concrete spawner implementation.
  1072. # Default: None
  1073. # c.Spawner.post_stop_hook = None
  1074. ## An optional hook function that you can implement to do some bootstrapping work
  1075. # before the spawner starts. For example, create a directory for your user or
  1076. # load initial content.
  1077. #
  1078. # This can be set independent of any concrete spawner implementation.
  1079. #
  1080. # This maybe a coroutine.
  1081. #
  1082. # Example::
  1083. #
  1084. # from subprocess import check_call
  1085. # def my_hook(spawner):
  1086. # username = spawner.user.name
  1087. # check_call(['./examples/bootstrap-script/bootstrap.sh', username])
  1088. #
  1089. # c.Spawner.pre_spawn_hook = my_hook
  1090. # Default: None
  1091. # c.Spawner.pre_spawn_hook = None
  1092. ## List of SSL alt names
  1093. #
  1094. # May be set in config if all spawners should have the same value(s),
  1095. # or set at runtime by Spawner that know their names.
  1096. # Default: []
  1097. # c.Spawner.ssl_alt_names = []
  1098. ## Whether to include DNS:localhost, IP:127.0.0.1 in alt names
  1099. # Default: True
  1100. # c.Spawner.ssl_alt_names_include_local = True
  1101. ## Timeout (in seconds) before giving up on starting of single-user server.
  1102. #
  1103. # This is the timeout for start to return, not the timeout for the server to
  1104. # respond. Callers of spawner.start will assume that startup has failed if it
  1105. # takes longer than this. start should return when the server process is started
  1106. # and its location is known.
  1107. # Default: 60
  1108. # c.Spawner.start_timeout = 60
  1109. #------------------------------------------------------------------------------
  1110. # Authenticator(LoggingConfigurable) configuration
  1111. #------------------------------------------------------------------------------
  1112. ## Base class for implementing an authentication provider for JupyterHub
  1113. ## Set of users that will have admin rights on this JupyterHub.
  1114. #
  1115. # Note: As of JupyterHub 2.0, full admin rights should not be required, and more
  1116. # precise permissions can be managed via roles.
  1117. #
  1118. # Admin users have extra privileges:
  1119. # - Use the admin panel to see list of users logged in
  1120. # - Add / remove users in some authenticators
  1121. # - Restart / halt the hub
  1122. # - Start / stop users' single-user servers
  1123. # - Can access each individual users' single-user server (if configured)
  1124. #
  1125. # Admin access should be treated the same way root access is.
  1126. #
  1127. # Defaults to an empty set, in which case no user has admin access.
  1128. # Default: set()
  1129. # c.Authenticator.admin_users = set()
  1130. ## Set of usernames that are allowed to log in.
  1131. #
  1132. # Use this with supported authenticators to restrict which users can log in.
  1133. # This is an additional list that further restricts users, beyond whatever
  1134. # restrictions the authenticator has in place. Any user in this list is granted
  1135. # the 'user' role on hub startup.
  1136. #
  1137. # If empty, does not perform any additional restriction.
  1138. #
  1139. # .. versionchanged:: 1.2
  1140. # `Authenticator.whitelist` renamed to `allowed_users`
  1141. # Default: set()
  1142. # c.Authenticator.allowed_users = set()
  1143. ## The max age (in seconds) of authentication info
  1144. # before forcing a refresh of user auth info.
  1145. #
  1146. # Refreshing auth info allows, e.g. requesting/re-validating auth
  1147. # tokens.
  1148. #
  1149. # See :meth:`.refresh_user` for what happens when user auth info is refreshed
  1150. # (nothing by default).
  1151. # Default: 300
  1152. # c.Authenticator.auth_refresh_age = 300
  1153. ## Automatically begin the login process
  1154. #
  1155. # rather than starting with a "Login with..." link at `/hub/login`
  1156. #
  1157. # To work, `.login_url()` must give a URL other than the default `/hub/login`,
  1158. # such as an oauth handler or another automatic login handler,
  1159. # registered with `.get_handlers()`.
  1160. #
  1161. # .. versionadded:: 0.8
  1162. # Default: False
  1163. # c.Authenticator.auto_login = False
  1164. ## Automatically begin login process for OAuth2 authorization requests
  1165. #
  1166. # When another application is using JupyterHub as OAuth2 provider, it sends
  1167. # users to `/hub/api/oauth2/authorize`. If the user isn't logged in already, and
  1168. # auto_login is not set, the user will be dumped on the hub's home page, without
  1169. # any context on what to do next.
  1170. #
  1171. # Setting this to true will automatically redirect users to login if they aren't
  1172. # logged in *only* on the `/hub/api/oauth2/authorize` endpoint.
  1173. #
  1174. # .. versionadded:: 1.5
  1175. # Default: False
  1176. # c.Authenticator.auto_login_oauth2_authorize = False
  1177. ## Set of usernames that are not allowed to log in.
  1178. #
  1179. # Use this with supported authenticators to restrict which users can not log in.
  1180. # This is an additional block list that further restricts users, beyond whatever
  1181. # restrictions the authenticator has in place.
  1182. #
  1183. # If empty, does not perform any additional restriction.
  1184. #
  1185. # .. versionadded: 0.9
  1186. #
  1187. # .. versionchanged:: 1.2
  1188. # `Authenticator.blacklist` renamed to `blocked_users`
  1189. # Default: set()
  1190. # c.Authenticator.blocked_users = set()
  1191. ## Delete any users from the database that do not pass validation
  1192. #
  1193. # When JupyterHub starts, `.add_user` will be called
  1194. # on each user in the database to verify that all users are still valid.
  1195. #
  1196. # If `delete_invalid_users` is True,
  1197. # any users that do not pass validation will be deleted from the database.
  1198. # Use this if users might be deleted from an external system,
  1199. # such as local user accounts.
  1200. #
  1201. # If False (default), invalid users remain in the Hub's database
  1202. # and a warning will be issued.
  1203. # This is the default to avoid data loss due to config changes.
  1204. # Default: False
  1205. # c.Authenticator.delete_invalid_users = False
  1206. ## Enable persisting auth_state (if available).
  1207. #
  1208. # auth_state will be encrypted and stored in the Hub's database.
  1209. # This can include things like authentication tokens, etc.
  1210. # to be passed to Spawners as environment variables.
  1211. #
  1212. # Encrypting auth_state requires the cryptography package.
  1213. #
  1214. # Additionally, the JUPYTERHUB_CRYPT_KEY environment variable must
  1215. # contain one (or more, separated by ;) 32B encryption keys.
  1216. # These can be either base64 or hex-encoded.
  1217. #
  1218. # If encryption is unavailable, auth_state cannot be persisted.
  1219. #
  1220. # New in JupyterHub 0.8
  1221. # Default: False
  1222. # c.Authenticator.enable_auth_state = False
  1223. ## Let authenticator manage user groups
  1224. #
  1225. # If True, Authenticator.authenticate and/or .refresh_user
  1226. # may return a list of group names in the 'groups' field,
  1227. # which will be assigned to the user.
  1228. #
  1229. # All group-assignment APIs are disabled if this is True.
  1230. # Default: False
  1231. # c.Authenticator.manage_groups = False
  1232. ## An optional hook function that you can implement to do some bootstrapping work
  1233. # during authentication. For example, loading user account details from an
  1234. # external system.
  1235. #
  1236. # This function is called after the user has passed all authentication checks
  1237. # and is ready to successfully authenticate. This function must return the
  1238. # authentication dict reguardless of changes to it.
  1239. #
  1240. # This maybe a coroutine.
  1241. #
  1242. # .. versionadded: 1.0
  1243. #
  1244. # Example::
  1245. #
  1246. # import os, pwd
  1247. # def my_hook(authenticator, handler, authentication):
  1248. # user_data = pwd.getpwnam(authentication['name'])
  1249. # spawn_data = {
  1250. # 'pw_data': user_data
  1251. # 'gid_list': os.getgrouplist(authentication['name'], user_data.pw_gid)
  1252. # }
  1253. #
  1254. # if authentication['auth_state'] is None:
  1255. # authentication['auth_state'] = {}
  1256. # authentication['auth_state']['spawn_data'] = spawn_data
  1257. #
  1258. # return authentication
  1259. #
  1260. # c.Authenticator.post_auth_hook = my_hook
  1261. # Default: None
  1262. # c.Authenticator.post_auth_hook = None
  1263. ## Force refresh of auth prior to spawn.
  1264. #
  1265. # This forces :meth:`.refresh_user` to be called prior to launching
  1266. # a server, to ensure that auth state is up-to-date.
  1267. #
  1268. # This can be important when e.g. auth tokens that may have expired
  1269. # are passed to the spawner via environment variables from auth_state.
  1270. #
  1271. # If refresh_user cannot refresh the user auth data,
  1272. # launch will fail until the user logs in again.
  1273. # Default: False
  1274. # c.Authenticator.refresh_pre_spawn = False
  1275. ## Dictionary mapping authenticator usernames to JupyterHub users.
  1276. #
  1277. # Primarily used to normalize OAuth user names to local users.
  1278. # Default: {}
  1279. # c.Authenticator.username_map = {}
  1280. ## Regular expression pattern that all valid usernames must match.
  1281. #
  1282. # If a username does not match the pattern specified here, authentication will
  1283. # not be attempted.
  1284. #
  1285. # If not set, allow any username.
  1286. # Default: ''
  1287. # c.Authenticator.username_pattern = ''
  1288. ## Deprecated, use `Authenticator.allowed_users`
  1289. # Default: set()
  1290. # c.Authenticator.whitelist = set()
  1291. #------------------------------------------------------------------------------
  1292. # CryptKeeper(SingletonConfigurable) configuration
  1293. #------------------------------------------------------------------------------
  1294. ## Encapsulate encryption configuration
  1295. #
  1296. # Use via the encryption_config singleton below.
  1297. # Default: []
  1298. # c.CryptKeeper.keys = []
  1299. ## The number of threads to allocate for encryption
  1300. # Default: 24
  1301. # c.CryptKeeper.n_threads = 24