diff options
| author | chrislu <chris.lu@gmail.com> | 2021-12-24 22:40:07 -0800 |
|---|---|---|
| committer | chrislu <chris.lu@gmail.com> | 2021-12-24 22:40:07 -0800 |
| commit | 982ea85d811a42aea56ecfadb2d38050615316f4 (patch) | |
| tree | 93f21343d6ee31de6e97174243aa8a807e53ce72 | |
| parent | 083d8e9ecede84ea359962136c28ebda0ba1323b (diff) | |
| parent | e7a6a2733b0889e53cb88e7ae771ba4604322ebb (diff) | |
| download | seaweedfs-982ea85d811a42aea56ecfadb2d38050615316f4.tar.xz seaweedfs-982ea85d811a42aea56ecfadb2d38050615316f4.zip | |
Merge branch 'master' of https://github.com/chrislusf/seaweedfs
| -rw-r--r-- | weed/command/scaffold/security.toml | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/weed/command/scaffold/security.toml b/weed/command/scaffold/security.toml index 0c69b2f24..93b4cc05f 100644 --- a/weed/command/scaffold/security.toml +++ b/weed/command/scaffold/security.toml @@ -10,6 +10,13 @@ key = "" expires_after_seconds = 10 # seconds +# by default, if the signing key above is set, the Volume UI over HTTP is disabled. +# by setting ui.access to true, you can re-enable the Volume UI. Despite +# some information leakage (as the UI is unauthenticted), this should not +# pose a security risk. +[access] +ui = false + # jwt for read is only supported with master+volume setup. Filer does not support this mode. [jwt.signing.read] key = "" |