akkornel/globus-connect-server.conf

## globus-connect-server.conf
; vim: filetype=dosini : nospell :

;------------------------------
; Globus Configuration, Part 1
;------------------------------

; This is the part of /etc/globus-connect-server.conf that is common to all
; authentication methods.  You can fill it out even if you haven't decided on
; an authentication method to use.

; NOTE: If you change anything in this file, you must re-run the
; globus-connect-server-setup command.


; This section contains information on your Globus ID.
[Globus]

; Set 'User' to the username part of your Globus ID.
; For example, if you Globus ID is 'stanford@globusid.org',
; then set this to "stanford" (without the quotes, of course).
User = stanford

; 'Password' is the field for your Globus ID's password.
; DO NOT HARD-CODE THIS!  This is only required when you run the
; globus-connect-server-setup program, which does not happen often.
;
; The default value, "%(GLOBUS_PASSWORD)s", will tell the
; globus-connect-server-setup program to do one of two things:
;
; 1) If the GLOBUS_PASSWORD environment variable is defined, use it.
; 2) Otherwise, prompt for manual password entry.
Password = %(GLOBUS_PASSWORD)s


; This section contains endpoint configuration.
;
; WARNING: The fields here are also editable on the Endpoint configuration
; page on globus.org.  But, it is best if you set them here, because when
; you run globus-connect-server-setup, it will use these values, and change
; whatever you have on globus.org.
[Endpoint]

; This is the computer-readable name for your endpoint.
; This, plus your Globus ID, will form your endpoint's "legacy name".
; For example, for Globus ID "stanford", and endpoint name "blah",
; people will see the name as "stanford#blah".
Name = blah

; True or False, determining if the endpoint will be public or private.
; If not specified, this will default to False (non-public).
; NOTE: Setting Public to True only means people will find it in search
; results.  It does _not_ make the endpoint world-readable.
Public = False

; Default directory when users login to this endpoint (optional).
; If not specified, this will default to /~/.
DefaultDirectory = /~/


; This section contains GridFTP configuration.  GridFTP is the program/service
; which actually performs the transfers.
[GridFTP]

; Require an encrypted data connection for all transfers. Transfers attempted
; without encryption will result in error.
; NOTE: Setting this is normally a good idea, security-wise, even though you
; will take a performance hit.
; WARNING: When set to True, you will _also_ need to set the endpoint's
; "Encryption Required" setting to True.  That does not happen automatically!
RequireEncryption = True

; Restricted path configuration.
; A comma separated list of full paths that clients may access.  Each path may
; be prefixed by R and/or W, denoting read or write access, or N to explicitly
; deny access to a path.  If a given path is a directory, all contents and
; subdirectories will be given the same access.  Order of paths does not matter
; -- the permissions on the longest matching path will apply.  The special
; character '~' will be replaced by the authenticated user's home directory,
; and * may be used for simple wildcard matching.
; By default all paths are allowed, and access control is handled by the OS.
; Examples:
; Allow read access to /data and full access to the user's home directory:
; RestrictPaths = RW~,R/data
; Allow full access to the home directory, but deny hidden files there:
; RestrictPaths = RW~,N~/.*
RestrictPaths =

; Enable sharing with Globus for this server.
; If not specified, this will default to False.
;
; If sharing is enabled, then authenticated users will be able to share their
; stuff with other people, even people who can not access the endpoint on their
; own.
;; Sharing = True

; Using the same syntax as RestrictPaths above, this defines additional
; restrictions which paths that sharing clients may access.
;; SharingRestrictPaths =

; Allow or Deny sharing for specific users or groups.
; Each option takes a comma separated list of user or group names.
; Users named in SharingUsersDeny and members of groups named in
; SharingGroupsDeny will be denied sharing features.
; If SharingUsersAllow or SharingGroupsAllow is set, only those users
; or group members may share, and all other users will be denied.
; Any user for which sharing is denied will not be allowed to create shares,
; and existing shares owned by that user will not be accessible.
; By default these options are not set, and all users are allowed to share.
;
;; SharingUsersAllow =
;; SharingGroupsAllow =
;;
;; SharingUsersDeny =
;; SharingGroupsDeny =

; This is the hostname to use for people to connect to your GridFTP server.
; The port number is 2811.  Globus connects to this to send commands.
; The default pulls the server name from EC2 metadata if present, falling back
; to the localhost hostname if needed.  If you are behind a NAT, and not using
; EC2, then you may want to configure this manually.
Server = %(HOSTNAME)s

; The globus-connect-server-setup program compares the system hostname to what
; you configured in the Server line, above.  If the two do not match, then
; GridFTP will be disabled.  But in NAT environments (like EC2), the mismatch
; is normal.  Setting ServerBehindNAT to True will skip the hostname check.
; NOTE: See also the 'DataInterface' setting, below.
;;ServerBehindNAT = True

; Hostname or IP address of the interface to use for data connections. If not
; set in this file, then the default behavior is:
; - When run on an EC2 instance, the data interface will be automatically
;   configured to use the public ipv4 address of the instance.
; - When run on a non-EC2 instance, if ServerBehindNAT is True, then
;   the hostname of the Server string is used. If this resolves to a private
;   IP adddress, a warning will be issued.
; - Otherwise, this will not be set, and the gridftp server will tell clients
;   to connect to the IP address that the control connection was established
;   on.
;; DataInterface =

; Path of a directory where GridFTP will store files used to control
; sharing access to individual accounts.  The variables $USER and $HOME
; should be used in order to define a unique path per user.
; If not specified, this will default to "$HOME/.globus/sharing".
;
; For instance, with SharingStateDir = "/var/globusonline/sharing/$USER",
; user "bob" would be enabled for sharing only if a path exists with the
; name "/var/globusonline/sharing/bob/" and is writable by bob.
;
;;SharingStateDir =
	; vim: filetype=dosini : nospell :

	;------------------------------
	; Globus Configuration, Part 1
	;------------------------------

	; This is the part of /etc/globus-connect-server.conf that is common to all
	; authentication methods. You can fill it out even if you haven't decided on
	; an authentication method to use.

	; NOTE: If you change anything in this file, you must re-run the
	; globus-connect-server-setup command.


	; This section contains information on your Globus ID.
	[Globus]

	; Set 'User' to the username part of your Globus ID.
	; For example, if you Globus ID is 'stanford@globusid.org',
	; then set this to "stanford" (without the quotes, of course).
	User = stanford

	; 'Password' is the field for your Globus ID's password.
	; DO NOT HARD-CODE THIS! This is only required when you run the
	; globus-connect-server-setup program, which does not happen often.
	;
	; The default value, "%(GLOBUS_PASSWORD)s", will tell the
	; globus-connect-server-setup program to do one of two things:
	;
	; 1) If the GLOBUS_PASSWORD environment variable is defined, use it.
	; 2) Otherwise, prompt for manual password entry.
	Password = %(GLOBUS_PASSWORD)s


	; This section contains endpoint configuration.
	;
	; WARNING: The fields here are also editable on the Endpoint configuration
	; page on globus.org. But, it is best if you set them here, because when
	; you run globus-connect-server-setup, it will use these values, and change
	; whatever you have on globus.org.
	[Endpoint]

	; This is the computer-readable name for your endpoint.
	; This, plus your Globus ID, will form your endpoint's "legacy name".
	; For example, for Globus ID "stanford", and endpoint name "blah",
	; people will see the name as "stanford#blah".
	Name = blah

	; True or False, determining if the endpoint will be public or private.
	; If not specified, this will default to False (non-public).
	; NOTE: Setting Public to True only means people will find it in search
	; results. It does _not_ make the endpoint world-readable.
	Public = False

	; Default directory when users login to this endpoint (optional).
	; If not specified, this will default to /~/.
	DefaultDirectory = /~/


	; This section contains GridFTP configuration. GridFTP is the program/service
	; which actually performs the transfers.
	[GridFTP]

	; Require an encrypted data connection for all transfers. Transfers attempted
	; without encryption will result in error.
	; NOTE: Setting this is normally a good idea, security-wise, even though you
	; will take a performance hit.
	; WARNING: When set to True, you will _also_ need to set the endpoint's
	; "Encryption Required" setting to True. That does not happen automatically!
	RequireEncryption = True

	; Restricted path configuration.
	; A comma separated list of full paths that clients may access. Each path may
	; be prefixed by R and/or W, denoting read or write access, or N to explicitly
	; deny access to a path. If a given path is a directory, all contents and
	; subdirectories will be given the same access. Order of paths does not matter
	; -- the permissions on the longest matching path will apply. The special
	; character '~' will be replaced by the authenticated user's home directory,
	; and * may be used for simple wildcard matching.
	; By default all paths are allowed, and access control is handled by the OS.
	; Examples:
	; Allow read access to /data and full access to the user's home directory:
	; RestrictPaths = RW~,R/data
	; Allow full access to the home directory, but deny hidden files there:
	; RestrictPaths = RW~,N~/.*
	RestrictPaths =

	; Enable sharing with Globus for this server.
	; If not specified, this will default to False.
	;
	; If sharing is enabled, then authenticated users will be able to share their
	; stuff with other people, even people who can not access the endpoint on their
	; own.
	;; Sharing = True

	; Using the same syntax as RestrictPaths above, this defines additional
	; restrictions which paths that sharing clients may access.
	;; SharingRestrictPaths =

	; Allow or Deny sharing for specific users or groups.
	; Each option takes a comma separated list of user or group names.
	; Users named in SharingUsersDeny and members of groups named in
	; SharingGroupsDeny will be denied sharing features.
	; If SharingUsersAllow or SharingGroupsAllow is set, only those users
	; or group members may share, and all other users will be denied.
	; Any user for which sharing is denied will not be allowed to create shares,
	; and existing shares owned by that user will not be accessible.
	; By default these options are not set, and all users are allowed to share.
	;
	;; SharingUsersAllow =
	;; SharingGroupsAllow =
	;;
	;; SharingUsersDeny =
	;; SharingGroupsDeny =

	; This is the hostname to use for people to connect to your GridFTP server.
	; The port number is 2811. Globus connects to this to send commands.
	; The default pulls the server name from EC2 metadata if present, falling back
	; to the localhost hostname if needed. If you are behind a NAT, and not using
	; EC2, then you may want to configure this manually.
	Server = %(HOSTNAME)s

	; The globus-connect-server-setup program compares the system hostname to what
	; you configured in the Server line, above. If the two do not match, then
	; GridFTP will be disabled. But in NAT environments (like EC2), the mismatch
	; is normal. Setting ServerBehindNAT to True will skip the hostname check.
	; NOTE: See also the 'DataInterface' setting, below.
	;;ServerBehindNAT = True

	; Hostname or IP address of the interface to use for data connections. If not
	; set in this file, then the default behavior is:
	; - When run on an EC2 instance, the data interface will be automatically
	; configured to use the public ipv4 address of the instance.
	; - When run on a non-EC2 instance, if ServerBehindNAT is True, then
	; the hostname of the Server string is used. If this resolves to a private
	; IP adddress, a warning will be issued.
	; - Otherwise, this will not be set, and the gridftp server will tell clients
	; to connect to the IP address that the control connection was established
	; on.
	;; DataInterface =

	; Path of a directory where GridFTP will store files used to control
	; sharing access to individual accounts. The variables $USER and $HOME
	; should be used in order to define a unique path per user.
	; If not specified, this will default to "$HOME/.globus/sharing".
	;
	; For instance, with SharingStateDir = "/var/globusonline/sharing/$USER",
	; user "bob" would be enabled for sharing only if a path exists with the
	; name "/var/globusonline/sharing/bob/" and is writable by bob.
	;
	;;SharingStateDir =