Docroot, file permission, and growing files configuration

The Docroot configuration options include the docroot and the file permissions. The absolute path, or docroot, is the area of the file system that is accessible to an Aspera transfer user. The default empty value allows access to the entire file system. You can set one global docroot and then further restrict access to the file system by individual user.

Important configuration notes:

  • The default server configuration gives users full access to the server's file system with read, write, and browse privileges. Set a global docroot that is an empty folder and set the global file permissions to false.
  • Some Aspera features require a docroot in URI format or require a file restriction instead of a docroot. For more information, see Docroot versus file restriction.
  1. Start HSTE with root privileges.
  2. Click Configuration > Docroot.

    Bring up the Server Configuration window

    Docroot configuration options.

  3. Edit Global and Users settings on their Docroot tab. Select Override in the option's row to set an effective value. User settings take precedence over global settings.

    Set restrictive Global settings, as described in the following table, and then granting permissions for specific Users.

Docroot settings reference

Field Description Values Default
Absolute Path The absolute path, or docroot, is the area of the file system that is accessible to an Aspera transfer user. The default empty value allows access to the entire file system. You can set one global docroot and then further restrict access to the file system by individual user. Docroot paths require specific formatting that depends on where the transfer server's storage is located.
Format examples:
  • Local storage-absolute path:/home/aspera424/movies

    Or using a placeholder for usernames: /home/$(name)

  • Local storage in URI format: file:////home/bear/movies

    URI format is required for server-side encryption at rest, but is not supported by the Aspera Watch Service.

Set a global docroot to an empty folder or a part of the file system specific to each user. If there is a pattern in the docroot of each user, for example, /sandbox/username, you can use a substitutional string. Allowing you to assign an independent docroot to each user without setting it individually for each user. For more information, see Setting up users.

You can also set multiple docroots and make them conditional based on the IP address from which the connection is made by editing aspera.conf. To do so, edit the absolute path setting by adding the IP address by using the following syntax:
<absolute peer_ip="ip_address">path</absolute>
Growing files allows you to start transferring files to the target directory while they are still being written to the source directory. To configure aspera.conf for growing files:
  • Edit the <absolute> section.
  • Add your growing files specification using the syntax described in Ascp command reference for the source element.

See also Ascp general examples.

file path or URI undefined (total access)
Read Allowed Set to true to allow users to transfer files and folders from their docroot.
  • true
  • false
true
Write Allowed Set to true to allow users to transfer files and folders to their docroot.
  • true
  • false
true
Browse Allowed Set to true to allow users to browse their docroot.
  • true
  • false
true