Merge pull request #2534 from skurfuerst/add-ui-access-to-security-toml

author: Chris Lu <chrislusf@users.noreply.github.com> 2021-12-24 09:57:00 -0800
committer: GitHub <noreply@github.com> 2021-12-24 09:57:00 -0800
commit: e7a6a2733b0889e53cb88e7ae771ba4604322ebb (patch)
tree: c657209177a920bb487134c85e938aee7fdd512e
parent: 255a1c7dcd009524c34cb8c3d6fce59c6d9a03cb (diff)
parent: 6db49100d69b8fea1f2d27fd7f66cf5feefe700a (diff)
download: seaweedfs-e7a6a2733b0889e53cb88e7ae771ba4604322ebb.tar.xz
seaweedfs-e7a6a2733b0889e53cb88e7ae771ba4604322ebb.zip
1 files changed, 7 insertions, 0 deletions
diff --git a/weed/command/scaffold/security.toml b/weed/command/scaffold/security.toml
index 0c69b2f24..93b4cc05f 100644
--- a/weed/command/scaffold/security.toml
+++ b/weed/command/scaffold/security.toml
@@ -10,6 +10,13 @@
 key = ""
 expires_after_seconds = 10           # seconds
 
+# by default, if the signing key above is set, the Volume UI over HTTP is disabled.
+# by setting ui.access to true, you can re-enable the Volume UI. Despite
+# some information leakage (as the UI is unauthenticted), this should not
+# pose a security risk.
+[access]
+ui = false
+
 # jwt for read is only supported with master+volume setup. Filer does not support this mode.
 [jwt.signing.read]
 key = ""
author	Chris Lu <chrislusf@users.noreply.github.com>	2021-12-24 09:57:00 -0800
committer	GitHub <noreply@github.com>	2021-12-24 09:57:00 -0800
commit	e7a6a2733b0889e53cb88e7ae771ba4604322ebb (patch)
tree	c657209177a920bb487134c85e938aee7fdd512e
parent	255a1c7dcd009524c34cb8c3d6fce59c6d9a03cb (diff)
parent	6db49100d69b8fea1f2d27fd7f66cf5feefe700a (diff)
download	seaweedfs-e7a6a2733b0889e53cb88e7ae771ba4604322ebb.tar.xz seaweedfs-e7a6a2733b0889e53cb88e7ae771ba4604322ebb.zip