1 # Pleroma: A lightweight social networking server
2 # Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
3 # SPDX-License-Identifier: AGPL-3.0-only
5 defmodule Pleroma.Web.Endpoint do
6 use Phoenix.Endpoint, otp_app: :pleroma
8 require Pleroma.Constants
12 socket("/live", Phoenix.LiveView.Socket)
14 plug(Pleroma.Web.Plugs.SetLocalePlug)
16 plug(Pleroma.Web.Plugs.HTTPSecurityPlug)
17 plug(Pleroma.Web.Plugs.UploadedMedia)
19 @static_cache_control "public, no-cache"
21 # InstanceStatic needs to be before Plug.Static to be able to override shipped-static files
22 # If you're adding new paths to `only:` you'll need to configure them in InstanceStatic as well
23 # Cache-control headers are duplicated in case we turn off etags in the future
25 Pleroma.Web.Plugs.InstanceStatic,
28 only: ["emoji", "images"],
30 cache_control_for_etags: "public, max-age=1209600",
32 "cache-control" => "public, max-age=1209600"
36 plug(Pleroma.Web.Plugs.InstanceStatic,
39 cache_control_for_etags: @static_cache_control,
41 "cache-control" => @static_cache_control
45 # Careful! No `only` restriction here, as we don't know what frontends contain.
46 plug(Pleroma.Web.Plugs.FrontendStatic,
48 frontend_type: :primary,
50 cache_control_for_etags: @static_cache_control,
52 "cache-control" => @static_cache_control
56 plug(Plug.Static.IndexHtml, at: "/pleroma/admin/")
58 plug(Pleroma.Web.Plugs.FrontendStatic,
60 frontend_type: :admin,
62 cache_control_for_etags: @static_cache_control,
64 "cache-control" => @static_cache_control
68 plug(Plug.Static.IndexHtml, at: "/akkoma/swaggerui")
70 plug(Pleroma.Web.Plugs.FrontendStatic,
71 at: "/akkoma/swaggerui",
72 frontend_type: :swagger,
74 if: &Pleroma.Web.Swagger.ui_enabled?/0,
75 cache_control_for_etags: @static_cache_control,
77 "cache-control" => @static_cache_control
81 plug(Pleroma.Web.Plugs.FrontendStatic,
83 frontend_type: :mastodon,
85 cache_control_for_etags: @static_cache_control,
87 "cache-control" => @static_cache_control
91 # Serve at "/" the static files from "priv/static" directory.
93 # You should set gzip to true if you are running phoenix.digest
94 # when deploying your static files in production.
99 only: Pleroma.Constants.static_only_files(),
100 # credo:disable-for-previous-line Credo.Check.Readability.MaxLineLength
102 cache_control_for_etags: @static_cache_control,
104 "cache-control" => @static_cache_control
109 at: "/pleroma/admin/",
110 from: {:pleroma, "priv/static/adminfe/"}
113 # Code reloading can be explicitly enabled under the
114 # :code_reloader configuration of your endpoint.
115 if code_reloading? do
116 plug(Phoenix.CodeReloader)
119 plug(Pleroma.Web.Plugs.TrailingFormatPlug)
121 plug(Plug.Logger, log: :debug)
126 {:multipart, length: {Config, :get, [[:instance, :upload_limit]]}},
131 length: Config.get([:instance, :upload_limit]),
132 body_reader: {Pleroma.Web.Plugs.DigestPlug, :read_body, []}
135 plug(Plug.MethodOverride)
138 secure_cookies = Config.get([__MODULE__, :secure_cookie_flag])
142 do: "__Host-pleroma_key",
146 Config.get([__MODULE__, :extra_cookie_attrs])
149 # The session will be stored in the cookie and signed,
150 # this means its contents can be read but not tampered with.
151 # Set :encryption_salt if you would also like to encrypt it.
156 signing_salt: Config.get([__MODULE__, :signing_salt], "CqaoopA2"),
158 secure: secure_cookies,
162 plug(Pleroma.Web.Plugs.RemoteIp)
164 defmodule Instrumenter do
165 use Prometheus.PhoenixInstrumenter
168 defmodule PipelineInstrumenter do
169 use Prometheus.PlugPipelineInstrumenter
172 defmodule MetricsExporter do
173 use Prometheus.PlugExporter
176 defmodule MetricsExporterCaller do
179 def init(opts), do: opts
181 def call(conn, opts) do
182 prometheus_config = Application.get_env(:prometheus, MetricsExporter, [])
183 ip_whitelist = List.wrap(prometheus_config[:ip_whitelist])
186 !prometheus_config[:enabled] ->
189 ip_whitelist != [] and
190 !Enum.find(ip_whitelist, fn ip ->
191 Pleroma.Helpers.InetHelper.parse_address(ip) == {:ok, conn.remote_ip}
196 MetricsExporter.call(conn, opts)
201 plug(PipelineInstrumenter)
203 plug(MetricsExporterCaller)
205 plug(Pleroma.Web.Router)
208 Dynamically loads configuration from the system environment
211 It receives the endpoint configuration from the config files
212 and must return the updated configuration.
214 def load_from_system_env(config) do
215 port = System.get_env("PORT") || raise "expected the PORT environment variable to be set"
216 {:ok, Keyword.put(config, :http, [:inet6, port: port])}
220 String.replace_leading(url(), "http", "ws")