1 # Pleroma: A lightweight social networking server
2 # Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
3 # SPDX-License-Identifier: AGPL-3.0-only
5 defmodule Pleroma.Web.Endpoint do
6 use Phoenix.Endpoint, otp_app: :pleroma
8 socket("/socket", Pleroma.Web.UserSocket)
10 # Serve at "/" the static files from "priv/static" directory.
12 # You should set gzip to true if you are running phoenix.digest
13 # when deploying your static files in production.
15 plug(Pleroma.Plugs.HTTPSecurityPlug)
17 plug(Pleroma.Plugs.UploadedMedia)
19 # InstanceStatic needs to be before Plug.Static to be able to override shipped-static files
20 # If you're adding new paths to `only:` you'll need to configure them in InstanceStatic as well
21 plug(Pleroma.Plugs.InstanceStatic, at: "/")
28 ~w(index.html robots.txt static finmoji emoji packs sounds images instance sw.js sw-pleroma.js favicon.png schemas doc)
29 # credo:disable-for-previous-line Credo.Check.Readability.MaxLineLength
32 # Code reloading can be explicitly enabled under the
33 # :code_reloader configuration of your endpoint.
35 plug(Phoenix.CodeReloader)
38 plug(TrailingFormatPlug)
44 parsers: [:urlencoded, :multipart, :json],
47 length: Application.get_env(:pleroma, :instance) |> Keyword.get(:upload_limit),
48 body_reader: {Pleroma.Web.Plugs.DigestPlug, :read_body, []}
51 plug(Plug.MethodOverride)
54 secure_cookies = Pleroma.Config.get([__MODULE__, :secure_cookie_flag])
58 do: "__Host-pleroma_key",
62 if Pleroma.Config.oauth_consumer_enabled?() do
63 # Note: "SameSite=Strict" prevents sign in with external OAuth provider
64 # (there would be no cookies during callback request from OAuth provider)
70 # The session will be stored in the cookie and signed,
71 # this means its contents can be read but not tampered with.
72 # Set :encryption_salt if you would also like to encrypt it.
77 signing_salt: {Pleroma.Config, :get, [[__MODULE__, :signing_salt], "CqaoopA2"]},
79 secure: secure_cookies,
83 # Note: the plug and its configuration is compile-time this can't be upstreamed yet
84 if proxies = Pleroma.Config.get([__MODULE__, :reverse_proxies]) do
85 plug(RemoteIp, proxies: proxies)
88 defmodule Instrumenter do
89 use Prometheus.PhoenixInstrumenter
92 defmodule PipelineInstrumenter do
93 use Prometheus.PlugPipelineInstrumenter
96 defmodule MetricsExporter do
97 use Prometheus.PlugExporter
100 plug(PipelineInstrumenter)
101 plug(MetricsExporter)
103 plug(Pleroma.Web.Router)
106 Dynamically loads configuration from the system environment
109 It receives the endpoint configuration from the config files
110 and must return the updated configuration.
112 def load_from_system_env(config) do
113 port = System.get_env("PORT") || raise "expected the PORT environment variable to be set"
114 {:ok, Keyword.put(config, :http, [:inet6, port: port])}
118 String.replace_leading(url(), "http", "ws")