* fix: filer do not support IP whitelist right now #7094 * Apply suggestion from @gemini-code-assist[bot] Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> --------- Co-authored-by: Chris Lu <chrislusf@users.noreply.github.com> Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
This commit is contained in:
Konstantin Lebedev
committed by
GitHub
GitHub
parent
2d06ddab41
commit
dfac1315ca
@@ -173,8 +173,11 @@ func NewFilerServer(defaultMux, readonlyMux *http.ServeMux, option *FilerOption)
|
||||
}
|
||||
})
|
||||
fs.filer.Cipher = option.Cipher
|
||||
whiteList := util.StringSplit(v.GetString("guard.white_list"), ",")
|
||||
fs.filerGuard = security.NewGuard(whiteList, signingKey, expiresAfterSec, readSigningKey, readExpiresAfterSec)
|
||||
// we do not support IP whitelist right now https://github.com/seaweedfs/seaweedfs/issues/7094
|
||||
if v.GetString("guard.white_list") != "" {
|
||||
glog.Warningf("filer: guard.white_list is configured but the IP whitelist feature is currently disabled. See https://github.com/seaweedfs/seaweedfs/issues/7094")
|
||||
}
|
||||
fs.filerGuard = security.NewGuard([]string{}, signingKey, expiresAfterSec, readSigningKey, readExpiresAfterSec)
|
||||
fs.volumeGuard = security.NewGuard([]string{}, volumeSigningKey, volumeExpiresAfterSec, volumeReadSigningKey, volumeReadExpiresAfterSec)
|
||||
|
||||
fs.checkWithMaster()
|
||||
@@ -254,6 +257,4 @@ func (fs *FilerServer) Reload() {
|
||||
glog.V(0).Infoln("Reload filer server...")
|
||||
|
||||
util.LoadConfiguration("security", false)
|
||||
v := util.GetViper()
|
||||
fs.filerGuard.UpdateWhiteList(util.StringSplit(v.GetString("guard.white_list"), ","))
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user