mirror of
https://github.com/seaweedfs/seaweedfs.git
synced 2026-05-25 11:10:20 +00:00
35 lines
1.6 KiB
TOML
35 lines
1.6 KiB
TOML
# Put this file to one of the location, with descending priority
|
|
# ./security.toml
|
|
# $HOME/.seaweedfs/security.toml
|
|
# /etc/seaweedfs/security.toml
|
|
# this file is read by master, volume server, filer, and worker
|
|
|
|
# comma separated origins allowed to make requests to the filer and s3 gateway.
|
|
# enter in this format: https://domain.com, or http://localhost:port
|
|
[cors.allowed_origins]
|
|
values = "*"
|
|
|
|
# this jwt signing key is read by master and volume server, and it is used for write operations:
|
|
# - the Master server generates the JWT, which can be used to write a certain file on a volume server
|
|
# - the Volume server validates the JWT on writing
|
|
# the jwt defaults to expire after 10 seconds.
|
|
[jwt.signing]
|
|
key = "T3A0RDNWNU1HaA=="
|
|
# this jwt signing key is read by master and volume server, and it is used for read operations:
|
|
# - the Master server generates the JWT, which can be used to read a certain file on a volume server
|
|
# - the Volume server validates the JWT on reading
|
|
[jwt.signing.read]
|
|
key = "bWVvQm5wdFRRdg=="
|
|
# If this JWT key is configured, Filer only accepts writes over HTTP if they are signed with this JWT:
|
|
# - f.e. the S3 API Shim generates the JWT
|
|
# - the Filer server validates the JWT on writing
|
|
# the jwt defaults to expire after 10 seconds.
|
|
[jwt.filer_signing]
|
|
key = "UmF3WGxYV0JYSw=="
|
|
# If this JWT key is configured, Filer only accepts reads over HTTP if they are signed with this JWT:
|
|
# - f.e. the S3 API Shim generates the JWT
|
|
# - the Filer server validates the JWT on writing
|
|
# the jwt defaults to expire after 10 seconds.
|
|
[jwt.filer_signing.read]
|
|
key = "T1pPekFzNWV4OQ=="
|