From 6db49100d69b8fea1f2d27fd7f66cf5feefe700a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sebastian=20Kurf=C3=BCrst?= <sebastian@neos.io>
Date: Fri, 24 Dec 2021 13:59:04 +0100
Subject: [PATCH] BUGFIX: add access.ui setting to scaffolded security.toml

... The property is read here: https://github.com/chrislusf/seaweedfs/blob/b70cb3e0b2a75543f0410d4c09f42aa95fcf2ee2/weed/server/volume_server.go#L69
---
 weed/command/scaffold/security.toml | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/weed/command/scaffold/security.toml b/weed/command/scaffold/security.toml
index 0c69b2f24..93b4cc05f 100644
--- a/weed/command/scaffold/security.toml
+++ b/weed/command/scaffold/security.toml
@@ -10,6 +10,13 @@
 key = ""
 expires_after_seconds = 10           # seconds
 
+# by default, if the signing key above is set, the Volume UI over HTTP is disabled.
+# by setting ui.access to true, you can re-enable the Volume UI. Despite
+# some information leakage (as the UI is unauthenticted), this should not
+# pose a security risk.
+[access]
+ui = false
+
 # jwt for read is only supported with master+volume setup. Filer does not support this mode.
 [jwt.signing.read]
 key = ""