From d7c8569288c5cd6b4ca7d60868b4eb764a8b05ef Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sebastian=20Kurf=C3=BCrst?= <sebastian@neos.io>
Date: Sat, 25 Dec 2021 10:04:19 +0100
Subject: [PATCH] TASK: add ui.access config docs

---
 Security-Configuration.md | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/Security-Configuration.md b/Security-Configuration.md
index 7fc1add..0550626 100644
--- a/Security-Configuration.md
+++ b/Security-Configuration.md
@@ -17,6 +17,13 @@ $ weed scaffold -config=security
 key = ""
 expires_after_seconds = 10           # seconds
 
+# by default, if the signing key above is set, the Volume UI over HTTP is disabled.
+# by setting ui.access to true, you can re-enable the Volume UI. Despite
+# some information leakage (as the UI is unauthenticted), this should not
+# pose a security risk.
+[access]
+ui = false
+
 # jwt for read is only supported with master+volume setup. Filer does not support this mode.
 [jwt.signing.read]
 key = ""