The JupyterHub API

Application configuration

expand icon

Application configuration


The multi-user notebook application



An Application for starting a Multi-User Jupyter Notebook server.

config c.JupyterHub.active_server_limit = Int(0)

Maximum number of concurrent servers that can be active at a time.

Setting this can limit the total resources your users can consume.

An active server is any server that’s not fully stopped. It is considered active from the time it has been requested until the time that it has completely stopped.

If this many user servers are active, users will not be able to launch new servers until a server is shutdown. Spawn requests will be rejected with a 429 error asking them to try again.

If set to 0, no limit is enforced.

config c.JupyterHub.admin_access = Bool(False)

Grant admin users permission to access single-user servers.

Users should be properly informed if this is enabled.

config c.JupyterHub.admin_users = Set()

DEPRECATED since version 0.7.2, use Authenticator.admin_users instead.

config c.JupyterHub.allow_named_servers = Bool(False)

Allow named single-user servers per user

config c.JupyterHub.answer_yes = Bool(False)

Answer yes to any questions (e.g. confirm overwrite)

config c.JupyterHub.api_tokens = Dict()

PENDING DEPRECATION: consider using service_tokens

Dict of token:username to be loaded into the database.

Allows ahead-of-time generation of API tokens for use by externally managed services, which authenticate as JupyterHub users.

Consider using service_tokens for general services that talk to the JupyterHub API.

config c.JupyterHub.authenticator_class = Type(<class 'jupyterhub.auth.PAMAuthenticator'>)

Class for authenticating users.

This should be a class with the following form:

  • constructor takes one kwarg: config, the IPython config object.
  • is a tornado.gen.coroutine
  • returns username on success, None on failure
  • takes two arguments: (handler, data), where handler is the calling web.RequestHandler, and data is the POST form data from the login page.
config c.JupyterHub.base_url = URLPrefix('/')

The base URL of the entire application

config c.JupyterHub.cleanup_proxy = Bool(True)

Whether to shutdown the proxy when the Hub shuts down.

Disable if you want to be able to teardown the Hub while leaving the proxy running.

Only valid if the proxy was starting by the Hub process.

If both this and cleanup_servers are False, sending SIGINT to the Hub will only shutdown the Hub, leaving everything else running.

The Hub should be able to resume from database state.

config c.JupyterHub.cleanup_servers = Bool(True)

Whether to shutdown single-user servers when the Hub shuts down.

Disable if you want to be able to teardown the Hub while leaving the single-user servers running.

If both this and cleanup_proxy are False, sending SIGINT to the Hub will only shutdown the Hub, leaving everything else running.

The Hub should be able to resume from database state.

config c.JupyterHub.concurrent_spawn_limit = Int(100)

Maximum number of concurrent users that can be spawning at a time.

Spawning lots of servers at the same time can cause performance problems for the Hub or the underlying spawning system. Set this limit to prevent bursts of logins from attempting to spawn too many servers at the same time.

This does not limit the number of total running servers. See active_server_limit for that.

If more than this many users attempt to spawn at a time, their requests will be rejected with a 429 error asking them to try again. Users will have to wait for some of the spawning services to finish starting before they can start their own.

If set to 0, no limit is enforced.

config c.JupyterHub.config_file = Unicode('')

The config file to load

config c.JupyterHub.confirm_no_ssl = Bool(False)

DEPRECATED: does nothing

config c.JupyterHub.cookie_max_age_days = Float(14)

Number of days for a login cookie to be valid. Default is two weeks.

config c.JupyterHub.cookie_secret = Bytes(b'')

The cookie secret to use to encrypt cookies.

Loaded from the JPY_COOKIE_SECRET env variable by default.

Should be exactly 256 bits (32 bytes).

config c.JupyterHub.cookie_secret_file = Unicode('jupyterhub_cookie_secret')

File in which to store the cookie secret.

config c.JupyterHub.data_files_path = Unicode('')

The location of jupyterhub data files (e.g. /usr/local/share/jupyter/hub)

config c.JupyterHub.db_kwargs = Dict()

Include any kwargs to pass to the database connection. See sqlalchemy.create_engine for details.

config c.JupyterHub.db_url = Unicode('sqlite:///jupyterhub.sqlite')

url for the database. e.g. sqlite:///jupyterhub.sqlite

config c.JupyterHub.debug_db = Bool(False)

log all database transactions. This has A LOT of output

config c.JupyterHub.debug_proxy = Bool(False)

DEPRECATED since version 0.8: Use ConfigurableHTTPProxy.debug

config c.JupyterHub.extra_log_file = Unicode('')

Send JupyterHub’s logs to this file.

This will only include the logs of the Hub itself, not the logs of the proxy or any single-user servers.

config c.JupyterHub.extra_log_handlers = List()

Extra log handlers to set on JupyterHub logger

config c.JupyterHub.generate_config = Bool(False)

Generate default config file

config c.JupyterHub.hub_connect_ip = Unicode('')

The ip or hostname for proxies and spawners to use for connecting to the Hub.

Use when the bind address (hub_ip) is or otherwise different from the connect address.

Default: when hub_ip is, use socket.gethostname(), otherwise use hub_ip.

New in version 0.8.

config c.JupyterHub.hub_connect_port = Int(0)

The port for proxies & spawners to connect to the hub on.

Used alongside hub_connect_ip

New in version 0.8.

config c.JupyterHub.hub_ip = Unicode('')

The ip address for the Hub process to bind to.

See hub_connect_ip for cases where the bind and connect address should differ.

config c.JupyterHub.hub_port = Int(8081)

The port for the Hub process

config c.JupyterHub.ip = Unicode('')

The public facing ip of the whole application (the proxy)

config c.JupyterHub.jinja_environment_options = Dict()

Supply extra arguments that will be passed to Jinja environment.

config c.JupyterHub.last_activity_interval = Int(300)

Interval (in seconds) at which to update last-activity timestamps.

config c.JupyterHub.load_groups = Dict()

Dict of ‘group’: [‘usernames’] to load at startup.

This strictly adds groups and users to groups.

Loading one set of groups, then starting JupyterHub again with a different set will not remove users or groups from previous launches. That must be done through the API.

config c.JupyterHub.log_datefmt = Unicode('%Y-%m-%d %H:%M:%S')

The date format used by logging formatters for %(asctime)s

config c.JupyterHub.log_format = Unicode('[%(name)s]%(highlevel)s %(message)s')

The Logging format template

config c.JupyterHub.log_level = Enum(30)

Set the log level by value or name.

config c.JupyterHub.logo_file = Unicode('')

Specify path to a logo image to override the Jupyter logo in the banner.

config c.JupyterHub.pid_file = Unicode('')

File to write PID Useful for daemonizing jupyterhub.

config c.JupyterHub.port = Int(8000)

The public facing port of the proxy

config c.JupyterHub.proxy_api_ip = Unicode('')

DEPRECATED since version 0.8 : Use ConfigurableHTTPProxy.api_url

config c.JupyterHub.proxy_api_port = Int(0)

DEPRECATED since version 0.8 : Use ConfigurableHTTPProxy.api_url

config c.JupyterHub.proxy_auth_token = Unicode('')

DEPRECATED since version 0.8: Use ConfigurableHTTPProxy.auth_token

config c.JupyterHub.proxy_check_interval = Int(30)

Interval (in seconds) at which to check if the proxy is running.

config c.JupyterHub.proxy_class = Type(<class 'jupyterhub.proxy.ConfigurableHTTPProxy'>)

Select the Proxy API implementation.

config c.JupyterHub.proxy_cmd = Command()

DEPRECATED since version 0.8. Use ConfigurableHTTPProxy.command

config c.JupyterHub.reset_db = Bool(False)

Purge and reset the database.

config c.JupyterHub.service_check_interval = Int(60)

Interval (in seconds) at which to check connectivity of services with web endpoints.

config c.JupyterHub.service_tokens = Dict()

Dict of token:servicename to be loaded into the database.

Allows ahead-of-time generation of API tokens for use by externally managed services.

config = List()

List of service specification dictionaries.

A service

For instance:

services = [
        'name': 'cull_idle',
        'command': ['/path/to/'],
        'name': 'formgrader',
        'url': '',
        'api_token': 'super-secret',
config c.JupyterHub.spawner_class = Type(<class 'jupyterhub.spawner.LocalProcessSpawner'>)

The class to use for spawning single-user servers.

Should be a subclass of Spawner.

config c.JupyterHub.ssl_cert = Unicode('')

Path to SSL certificate file for the public facing interface of the proxy

Use with ssl_key

config c.JupyterHub.ssl_key = Unicode('')

Path to SSL key file for the public facing interface of the proxy

Use with ssl_cert

config c.JupyterHub.statsd_host = Unicode('')

Host to send statsd metrics to

config c.JupyterHub.statsd_port = Int(8125)

Port on which to send statsd metrics about the hub

config c.JupyterHub.statsd_prefix = Unicode('jupyterhub')

Prefix to use for all metrics sent by jupyterhub to statsd

config c.JupyterHub.subdomain_host = Unicode('')

Run single-user servers on subdomains of this host.

This should be the full https://hub.domain.tld[:port].

Provides additional cross-site protections for javascript served by single-user servers.

Requires <username>.hub.domain.tld to resolve to the same host as hub.domain.tld.

In general, this is most easily achieved with wildcard DNS.

When using SSL (i.e. always) this also requires a wildcard SSL certificate.

config c.JupyterHub.template_paths = List()

Paths to search for jinja templates.

config c.JupyterHub.tornado_settings = Dict()

Extra settings overrides to pass to the tornado application.

config c.JupyterHub.trust_user_provided_tokens = Bool(False)

Trust user-provided tokens (via JupyterHub.service_tokens) to have good entropy.

If you are not inserting additional tokens via configuration file, this flag has no effect.

In JupyterHub 0.8, internally generated tokens do not pass through additional hashing because the hashing is costly and does not increase the entropy of already-good UUIDs.

User-provided tokens, on the other hand, are not trusted to have good entropy by default, and are passed through many rounds of hashing to stretch the entropy of the key (i.e. user-provided tokens are treated as passwords instead of random keys). These keys are more costly to check.

If your inserted tokens are generated by a good-quality mechanism, e.g. openssl rand -hex 32, then you can set this flag to True to reduce the cost of checking authentication tokens.