projects / akkoma / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
purge chat and shout endpoints
[akkoma] / lib / pleroma / web / endpoint.ex
1 # Pleroma: A lightweight social networking server
2 # Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
3 # SPDX-License-Identifier: AGPL-3.0-only
4
5 defmodule Pleroma.Web.Endpoint do
6 use Phoenix.Endpoint, otp_app: :pleroma
7
8 require Pleroma.Constants
9
10 alias Pleroma.Config
11
12 socket("/live", Phoenix.LiveView.Socket)
13
14 plug(Pleroma.Web.Plugs.SetLocalePlug)
15 plug(CORSPlug)
16 plug(Pleroma.Web.Plugs.HTTPSecurityPlug)
17 plug(Pleroma.Web.Plugs.UploadedMedia)
18
19 @static_cache_control "public, no-cache"
20
21 # InstanceStatic needs to be before Plug.Static to be able to override shipped-static files
22 # If you're adding new paths to `only:` you'll need to configure them in InstanceStatic as well
23 # Cache-control headers are duplicated in case we turn off etags in the future
24 plug(
25 Pleroma.Web.Plugs.InstanceStatic,
26 at: "/",
27 from: :pleroma,
28 only: ["emoji", "images"],
29 gzip: true,
30 cache_control_for_etags: "public, max-age=1209600",
31 headers: %{
32 "cache-control" => "public, max-age=1209600"
33 }
34 )
35
36 plug(Pleroma.Web.Plugs.InstanceStatic,
37 at: "/",
38 gzip: true,
39 cache_control_for_etags: @static_cache_control,
40 headers: %{
41 "cache-control" => @static_cache_control
42 }
43 )
44
45 # Careful! No `only` restriction here, as we don't know what frontends contain.
46 plug(Pleroma.Web.Plugs.FrontendStatic,
47 at: "/",
48 frontend_type: :primary,
49 gzip: true,
50 cache_control_for_etags: @static_cache_control,
51 headers: %{
52 "cache-control" => @static_cache_control
53 }
54 )
55
56 plug(Plug.Static.IndexHtml, at: "/pleroma/admin/")
57
58 plug(Pleroma.Web.Plugs.FrontendStatic,
59 at: "/pleroma/admin",
60 frontend_type: :admin,
61 gzip: true,
62 cache_control_for_etags: @static_cache_control,
63 headers: %{
64 "cache-control" => @static_cache_control
65 }
66 )
67
68 plug(Plug.Static.IndexHtml, at: "/akkoma/swaggerui")
69
70 plug(Pleroma.Web.Plugs.FrontendStatic,
71 at: "/akkoma/swaggerui",
72 frontend_type: :swagger,
73 gzip: true,
74 if: &Pleroma.Web.Swagger.ui_enabled?/0,
75 cache_control_for_etags: @static_cache_control,
76 headers: %{
77 "cache-control" => @static_cache_control
78 }
79 )
80
81 plug(Pleroma.Web.Plugs.FrontendStatic,
82 at: "/",
83 frontend_type: :mastodon,
84 gzip: true,
85 cache_control_for_etags: @static_cache_control,
86 headers: %{
87 "cache-control" => @static_cache_control
88 }
89 )
90
91 # Serve at "/" the static files from "priv/static" directory.
92 #
93 # You should set gzip to true if you are running phoenix.digest
94 # when deploying your static files in production.
95 plug(
96 Plug.Static,
97 at: "/",
98 from: :pleroma,
99 only: Pleroma.Constants.static_only_files(),
100 # credo:disable-for-previous-line Credo.Check.Readability.MaxLineLength
101 gzip: true,
102 cache_control_for_etags: @static_cache_control,
103 headers: %{
104 "cache-control" => @static_cache_control
105 }
106 )
107
108 plug(Plug.Static,
109 at: "/pleroma/admin/",
110 from: {:pleroma, "priv/static/adminfe/"}
111 )
112
113 # Code reloading can be explicitly enabled under the
114 # :code_reloader configuration of your endpoint.
115 if code_reloading? do
116 plug(Phoenix.CodeReloader)
117 end
118
119 plug(Pleroma.Web.Plugs.TrailingFormatPlug)
120 plug(Plug.RequestId)
121 plug(Plug.Logger, log: :debug)
122
123 plug(Plug.Parsers,
124 parsers: [
125 :urlencoded,
126 {:multipart, length: {Config, :get, [[:instance, :upload_limit]]}},
127 :json
128 ],
129 pass: ["*/*"],
130 json_decoder: Jason,
131 length: Config.get([:instance, :upload_limit]),
132 body_reader: {Pleroma.Web.Plugs.DigestPlug, :read_body, []}
133 )
134
135 plug(Plug.MethodOverride)
136 plug(Plug.Head)
137
138 secure_cookies = Config.get([__MODULE__, :secure_cookie_flag])
139
140 cookie_name =
141 if secure_cookies,
142 do: "__Host-pleroma_key",
143 else: "pleroma_key"
144
145 extra =
146 Config.get([__MODULE__, :extra_cookie_attrs])
147 |> Enum.join(";")
148
149 # The session will be stored in the cookie and signed,
150 # this means its contents can be read but not tampered with.
151 # Set :encryption_salt if you would also like to encrypt it.
152 plug(
153 Plug.Session,
154 store: :cookie,
155 key: cookie_name,
156 signing_salt: Config.get([__MODULE__, :signing_salt], "CqaoopA2"),
157 http_only: true,
158 secure: secure_cookies,
159 extra: extra
160 )
161
162 plug(Pleroma.Web.Plugs.RemoteIp)
163
164 defmodule Instrumenter do
165 use Prometheus.PhoenixInstrumenter
166 end
167
168 defmodule PipelineInstrumenter do
169 use Prometheus.PlugPipelineInstrumenter
170 end
171
172 defmodule MetricsExporter do
173 use Prometheus.PlugExporter
174 end
175
176 defmodule MetricsExporterCaller do
177 @behaviour Plug
178
179 def init(opts), do: opts
180
181 def call(conn, opts) do
182 prometheus_config = Application.get_env(:prometheus, MetricsExporter, [])
183 ip_whitelist = List.wrap(prometheus_config[:ip_whitelist])
184
185 cond do
186 !prometheus_config[:enabled] ->
187 conn
188
189 ip_whitelist != [] and
190 !Enum.find(ip_whitelist, fn ip ->
191 Pleroma.Helpers.InetHelper.parse_address(ip) == {:ok, conn.remote_ip}
192 end) ->
193 conn
194
195 true ->
196 MetricsExporter.call(conn, opts)
197 end
198 end
199 end
200
201 plug(PipelineInstrumenter)
202
203 plug(MetricsExporterCaller)
204
205 plug(Pleroma.Web.Router)
206
207 @doc """
208 Dynamically loads configuration from the system environment
209 on startup.
210
211 It receives the endpoint configuration from the config files
212 and must return the updated configuration.
213 """
214 def load_from_system_env(config) do
215 port = System.get_env("PORT") || raise "expected the PORT environment variable to be set"
216 {:ok, Keyword.put(config, :http, [:inet6, port: port])}
217 end
218
219 def websocket_url do
220 String.replace_leading(url(), "http", "ws")
221 end
222 end
Fork of https://akkoma.dev/AkkomaGang/akkoma.git