[Feature Request] Make HTTP Endpoint optional

[meip]

I propose to have toggle to turn off the HTTP-Endpoint to increase security. In our use-case we don't use it on a daily basis since the Web-UI is anyway read-only and it can easily be monitored through prometheus/logs.

The thing which scares me is that anyone with the credentials can directly access the backups and having this feature turned off would definitively improve my sleep :). What you think?

[JamesClonk]

Sure, OK.
I've added disable_web and disable_metrics as configuration options.
👍