OpenMetadata/docker/docker-compose-openmetadata/env-postgres

OPENMETADATA_CLUSTER_NAME="openmetadata"
SERVER_PORT="8585"
SERVER_ADMIN_PORT="8586"
LOG_LEVEL="INFO"

# Migration
MIGRATION_LIMIT_PARAM = 1200

# OpenMetadata Server Authentication Configuration
AUTHORIZER_CLASS_NAME="org.openmetadata.service.security.DefaultAuthorizer"
AUTHORIZER_REQUEST_FILTER="org.openmetadata.service.security.JwtFilter"
AUTHORIZER_ADMIN_PRINCIPALS=[admin]
AUTHORIZER_ALLOWED_REGISTRATION_DOMAIN=["all"]
AUTHORIZER_INGESTION_PRINCIPALS=[ingestion-bot]
AUTHORIZER_PRINCIPAL_DOMAIN="open-metadata.org"
AUTHORIZER_ENFORCE_PRINCIPAL_DOMAIN="false"
AUTHORIZER_ENABLE_SECURE_SOCKET="false"
AUTHENTICATION_PROVIDER="basic"
AUTHENTICATION_RESPONSE_TYPE:"id_token"
CUSTOM_OIDC_AUTHENTICATION_PROVIDER_NAME=""
AUTHENTICATION_PUBLIC_KEYS=[http://localhost:8585/api/v1/system/config/jwks]
AUTHENTICATION_AUTHORITY="https://accounts.google.com"
AUTHENTICATION_CLIENT_ID=""
AUTHENTICATION_CALLBACK_URL=""
AUTHENTICATION_JWT_PRINCIPAL_CLAIMS=[email,preferred_username,sub]
AUTHENTICATION_ENABLE_SELF_SIGNUP="true"
# For SAML Authentication
# SAML_DEBUG_MODE="false"
# SAML_IDP_ENTITY_ID=""
# SAML_IDP_SSO_LOGIN_URL=""
# SAML_IDP_CERTIFICATE=""
# SAML_AUTHORITY_URL="http://localhost:8585/api/v1/saml/login"
# SAML_IDP_NAME_ID="urn:oasis:names:tc:SAML:2.0:nameid-format:emailAddress"
# SAML_SP_ENTITY_ID="http://localhost:8585/api/v1/saml/metadata"
# SAML_SP_ACS="http://localhost:8585/api/v1/saml/acs"
# SAML_SP_CERTIFICATE=""
# SAML_SP_CALLBACK="http://localhost:8585/saml/callback"
# SAML_STRICT_MODE="false"
# SAML_SP_TOKEN_VALIDITY="3600"
# SAML_SEND_ENCRYPTED_NAME_ID="false"
# SAML_SEND_SIGNED_AUTH_REQUEST="false"
# SAML_SIGNED_SP_METADATA="false"
# SAML_WANT_MESSAGE_SIGNED="false"
# SAML_WANT_ASSERTION_SIGNED="false"
# SAML_WANT_ASSERTION_ENCRYPTED="false"
# SAML_WANT_NAME_ID_ENCRYPTED="false"
# SAML_KEYSTORE_FILE_PATH=""
# SAML_KEYSTORE_ALIAS=""
# SAML_KEYSTORE_PASSWORD=""
# For LDAP Authentication
# AUTHENTICATION_LDAP_HOST=""
# AUTHENTICATION_LDAP_PORT=""
# AUTHENTICATION_LOOKUP_ADMIN_DN=""
# AUTHENTICATION_LOOKUP_ADMIN_PWD=""
# AUTHENTICATION_USER_LOOKUP_BASEDN=""
# AUTHENTICATION_USER_MAIL_ATTR=""
# AUTHENTICATION_LDAP_POOL_SIZE="3"
# AUTHENTICATION_LDAP_SSL_ENABLED=""
# AUTHENTICATION_LDAP_TRUSTSTORE_TYPE="TrustAll"
# AUTHENTICATION_LDAP_TRUSTSTORE_PATH=""
# AUTHENTICATION_LDAP_KEYSTORE_PASSWORD=""
# AUTHENTICATION_LDAP_SSL_KEY_FORMAT=""
# AUTHENTICATION_LDAP_ALLOW_WILDCARDS=""
# AUTHENTICATION_LDAP_ALLOWED_HOSTNAMES="[]"
# AUTHENTICATION_LDAP_SSL_VERIFY_CERT_HOST=""
# AUTHENTICATION_LDAP_EXAMINE_VALIDITY_DATES="true"

# JWT Configuration
RSA_PUBLIC_KEY_FILE_PATH="./conf/public_key.der"
RSA_PRIVATE_KEY_FILE_PATH="./conf/private_key.der"
JWT_ISSUER="open-metadata.org"
JWT_KEY_ID="Gb389a-9f76-gdjs-a92j-0242bk94356"
# OpenMetadata Server Pipeline Service Client Configuration
PIPELINE_SERVICE_CLIENT_ENDPOINT="http://ingestion:8080"
SERVER_HOST_API_URL="http://openmetadata-server:8585/api"
PIPELINE_SERVICE_CLIENT_VERIFY_SSL="no-ssl"
PIPELINE_SERVICE_CLIENT_SSL_CERT_PATH=""
#Database configuration for postgresql
DB_DRIVER_CLASS="org.postgresql.Driver"
DB_SCHEME="postgresql"
DB_USE_SSL="false"
DB_USER="openmetadata_user"
DB_USER_PASSWORD="openmetadata_password"
DB_HOST="postgresql"
DB_PORT="5432"
OM_DATABASE="openmetadata_db"
# ElasticSearch Configurations
ELASTICSEARCH_HOST= "elasticsearch"
ELASTICSEARCH_PORT="9200"
ELASTICSEARCH_SCHEME="http"
ELASTICSEARCH_USER=""
ELASTICSEARCH_PASSWORD=""
SEARCH_TYPE="elasticsearch"
ELASTICSEARCH_TRUST_STORE_PATH=""
ELASTICSEARCH_TRUST_STORE_PASSWORD=""
ELASTICSEARCH_CONNECTION_TIMEOUT_SECS="5"
ELASTICSEARCH_SOCKET_TIMEOUT_SECS="60"
ELASTICSEARCH_KEEP_ALIVE_TIMEOUT_SECS="600"
ELASTICSEARCH_BATCH_SIZE="10"
ELASTICSEARCH_PAYLOAD_BYTES_SIZE="10485760"
ELASTICSEARCH_INDEX_MAPPING_LANG="EN"
# Event Monitoring configurations
EVENT_MONITOR="prometheus"
EVENT_MONITOR_BATCH_SIZE="10"
EVENT_MONITOR_PATH_PATTERN=["/api/v1/tables/*", "/api/v1/health-check"]
EVENT_MONITOR_LATENCY="[]"
#PipelineServiceClient Configuration
PIPELINE_SERVICE_CLIENT_CLASS_NAME="org.openmetadata.service.clients.pipeline.airflow.AirflowRESTClient"
PIPELINE_SERVICE_IP_INFO_ENABLED="false"
PIPELINE_SERVICE_CLIENT_HOST_IP=""
PIPELINE_SERVICE_CLIENT_SECRETS_MANAGER_LOADER="noop"
#Airflow Parameters
AIRFLOW_USERNAME="admin"
AIRFLOW_PASSWORD="admin"
AIRFLOW_TIMEOUT="10"
AIRFLOW_TRUST_STORE_PATH=""
AIRFLOW_TRUST_STORE_PASSWORD=""
FERNET_KEY="jJ/9sz0g0OHxsfxOoSfdFdmk3ysNmPRnH3TUAbz3IHA="
#secretsManagerConfiguration
SECRET_MANAGER="noop"
OM_SM_REGION=""
OM_SM_ACCESS_KEY_ID=""
OM_SM_ACCESS_KEY=""
#email configuration:
OM_EMAIL_ENTITY="OpenMetadata"
OM_SUPPORT_URL="https://slack.open-metadata.org"
AUTHORIZER_ENABLE_SMTP="false"
OPENMETADATA_SERVER_URL="http://localhost:8585"
OPENMETADATA_SMTP_SENDER_MAIL=""
SMTP_SERVER_ENDPOINT=""
SMTP_SERVER_PORT=""
SMTP_SERVER_USERNAME=""
SMTP_SERVER_PWD=""
SMTP_SERVER_STRATEGY="SMTP_TLS"
#extensionConfiguration
OM_RESOURCE_PACKAGES="[]"
OM_EXTENSIONS="[]"
# Heap OPTS Configurations
OPENMETADATA_HEAP_OPTS="-Xmx1G -Xms1G"
# Application Config
CUSTOM_LOGO_URL_PATH=""
CUSTOM_MONOGRAM_URL_PATH=""
OM_MAX_FAILED_LOGIN_ATTEMPTS=3
OM_LOGIN_ACCESS_BLOCK_TIME=600
OM_JWT_EXPIRY_TIME=3600
# Mask passwords values in UI
MASK_PASSWORDS_API="false"
#WebConfiguration
WEB_CONF_URI_PATH="/api"
WEB_CONF_HSTS_ENABLED=false
WEB_CONF_HSTS_MAX_AGE="365 days"
WEB_CONF_HSTS_INCLUDE_SUBDOMAINS="true"
WEB_CONF_HSTS_PRELOAD="true"
WEB_CONF_FRAME_OPTION_ENABLED=false
WEB_CONF_FRAME_OPTION="SAMEORIGIN"
WEB_CONF_FRAME_ORIGIN=""
WEB_CONF_CONTENT_TYPE_OPTIONS_ENABLED=false
WEB_CONF_XSS_PROTECTION_ENABLED=false
WEB_CONF_XSS_PROTECTION_ON=true
WEB_CONF_XSS_PROTECTION_BLOCK=true
WEB_CONF_XSS_CSP_ENABLED=false
WEB_CONF_XSS_CSP_POLICY="default-src 'self'"
WEB_CONF_XSS_CSP_REPORT_ONLY_POLICY=""