Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ; vim: filetype=dosini : nospell :
- ;------------------------------
- ; Globus Configuration, Part 1
- ;------------------------------
- ; This is the part of /etc/globus-connect-server.conf that is common to all
- ; authentication methods. You can fill it out even if you haven't decided on
- ; an authentication method to use.
- ; NOTE: If you change anything in this file, you must re-run the
- ; globus-connect-server-setup command.
- ; This section contains information on your Globus ID.
- [Globus]
- ; Set 'User' to the username part of your Globus ID.
- ; For example, if you Globus ID is 'stanford@globusid.org',
- ; then set this to "stanford" (without the quotes, of course).
- User = stanford
- ; 'Password' is the field for your Globus ID's password.
- ; DO NOT HARD-CODE THIS! This is only required when you run the
- ; globus-connect-server-setup program, which does not happen often.
- ;
- ; The default value, "%(GLOBUS_PASSWORD)s", will tell the
- ; globus-connect-server-setup program to do one of two things:
- ;
- ; 1) If the GLOBUS_PASSWORD environment variable is defined, use it.
- ; 2) Otherwise, prompt for manual password entry.
- Password = %(GLOBUS_PASSWORD)s
- ; This section contains endpoint configuration.
- ;
- ; WARNING: The fields here are also editable on the Endpoint configuration
- ; page on globus.org. But, it is best if you set them here, because when
- ; you run globus-connect-server-setup, it will use these values, and change
- ; whatever you have on globus.org.
- [Endpoint]
- ; This is the computer-readable name for your endpoint.
- ; This, plus your Globus ID, will form your endpoint's "legacy name".
- ; For example, for Globus ID "stanford", and endpoint name "blah",
- ; people will see the name as "stanford#blah".
- Name = blah
- ; True or False, determining if the endpoint will be public or private.
- ; If not specified, this will default to False (non-public).
- ; NOTE: Setting Public to True only means people will find it in search
- ; results. It does _not_ make the endpoint world-readable.
- Public = False
- ; Default directory when users login to this endpoint (optional).
- ; If not specified, this will default to /~/.
- DefaultDirectory = /~/
- ; This section contains GridFTP configuration. GridFTP is the program/service
- ; which actually performs the transfers.
- [GridFTP]
- ; Require an encrypted data connection for all transfers. Transfers attempted
- ; without encryption will result in error.
- ; NOTE: Setting this is normally a good idea, security-wise, even though you
- ; will take a performance hit.
- ; WARNING: When set to True, you will _also_ need to set the endpoint's
- ; "Encryption Required" setting to True. That does not happen automatically!
- RequireEncryption = True
- ; Restricted path configuration.
- ; A comma separated list of full paths that clients may access. Each path may
- ; be prefixed by R and/or W, denoting read or write access, or N to explicitly
- ; deny access to a path. If a given path is a directory, all contents and
- ; subdirectories will be given the same access. Order of paths does not matter
- ; -- the permissions on the longest matching path will apply. The special
- ; character '~' will be replaced by the authenticated user's home directory,
- ; and * may be used for simple wildcard matching.
- ; By default all paths are allowed, and access control is handled by the OS.
- ; Examples:
- ; Allow read access to /data and full access to the user's home directory:
- ; RestrictPaths = RW~,R/data
- ; Allow full access to the home directory, but deny hidden files there:
- ; RestrictPaths = RW~,N~/.*
- RestrictPaths =
- ; Enable sharing with Globus for this server.
- ; If not specified, this will default to False.
- ;
- ; If sharing is enabled, then authenticated users will be able to share their
- ; stuff with other people, even people who can not access the endpoint on their
- ; own.
- ;; Sharing = True
- ; Using the same syntax as RestrictPaths above, this defines additional
- ; restrictions which paths that sharing clients may access.
- ;; SharingRestrictPaths =
- ; Allow or Deny sharing for specific users or groups.
- ; Each option takes a comma separated list of user or group names.
- ; Users named in SharingUsersDeny and members of groups named in
- ; SharingGroupsDeny will be denied sharing features.
- ; If SharingUsersAllow or SharingGroupsAllow is set, only those users
- ; or group members may share, and all other users will be denied.
- ; Any user for which sharing is denied will not be allowed to create shares,
- ; and existing shares owned by that user will not be accessible.
- ; By default these options are not set, and all users are allowed to share.
- ;
- ;; SharingUsersAllow =
- ;; SharingGroupsAllow =
- ;;
- ;; SharingUsersDeny =
- ;; SharingGroupsDeny =
- ; This is the hostname to use for people to connect to your GridFTP server.
- ; The port number is 2811. Globus connects to this to send commands.
- ; The default pulls the server name from EC2 metadata if present, falling back
- ; to the localhost hostname if needed. If you are behind a NAT, and not using
- ; EC2, then you may want to configure this manually.
- Server = %(HOSTNAME)s
- ; The globus-connect-server-setup program compares the system hostname to what
- ; you configured in the Server line, above. If the two do not match, then
- ; GridFTP will be disabled. But in NAT environments (like EC2), the mismatch
- ; is normal. Setting ServerBehindNAT to True will skip the hostname check.
- ; NOTE: See also the 'DataInterface' setting, below.
- ;;ServerBehindNAT = True
- ; Hostname or IP address of the interface to use for data connections. If not
- ; set in this file, then the default behavior is:
- ; - When run on an EC2 instance, the data interface will be automatically
- ; configured to use the public ipv4 address of the instance.
- ; - When run on a non-EC2 instance, if ServerBehindNAT is True, then
- ; the hostname of the Server string is used. If this resolves to a private
- ; IP adddress, a warning will be issued.
- ; - Otherwise, this will not be set, and the gridftp server will tell clients
- ; to connect to the IP address that the control connection was established
- ; on.
- ;; DataInterface =
- ; Path of a directory where GridFTP will store files used to control
- ; sharing access to individual accounts. The variables $USER and $HOME
- ; should be used in order to define a unique path per user.
- ; If not specified, this will default to "$HOME/.globus/sharing".
- ;
- ; For instance, with SharingStateDir = "/var/globusonline/sharing/$USER",
- ; user "bob" would be enabled for sharing only if a path exists with the
- ; name "/var/globusonline/sharing/bob/" and is writable by bob.
- ;
- ;;SharingStateDir =
Add Comment
Please, Sign In to add comment