You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
|
|
# Put this file to one of the location, with descending priority# ./security.toml# $HOME/.seaweedfs/security.toml# /etc/seaweedfs/security.toml# this file is read by master, volume server, and filer
# the jwt signing key is read by master and volume server.# a jwt defaults to expire after 10 seconds.[jwt.signing]key = ""expires_after_seconds = 10 # seconds
# jwt for read is only supported with master+volume setup. Filer does not support this mode.[jwt.signing.read]key = ""expires_after_seconds = 10 # seconds
# all grpc tls authentications are mutual# the values for the following ca, cert, and key are paths to the PERM files.# the host name is not checked, so the PERM files can be shared.[grpc]ca = ""# Set wildcard domain for enable TLS authentication by common namesallowed_wildcard_domain = "" # .mycompany.com
[grpc.volume]cert = ""key = ""allowed_commonNames = "" # comma-separated SSL certificate common names
[grpc.master]cert = ""key = ""allowed_commonNames = "" # comma-separated SSL certificate common names
[grpc.filer]cert = ""key = ""allowed_commonNames = "" # comma-separated SSL certificate common names
[grpc.msg_broker]cert = ""key = ""allowed_commonNames = "" # comma-separated SSL certificate common names
# use this for any place needs a grpc client# i.e., "weed backup|benchmark|filer.copy|filer.replicate|mount|s3|upload"[grpc.client]cert = ""key = ""
# volume server https options# Note: work in progress!# this does not work with other clients, e.g., "weed filer|mount" etc, yet.[https.client]enabled = true[https.volume]cert = ""key = ""
|
