1 # Pleroma: A lightweight social networking server
2 # Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
3 # SPDX-License-Identifier: AGPL-3.0-only
5 defmodule Pleroma.Web.Endpoint do
6 use Phoenix.Endpoint, otp_app: :pleroma
8 require Pleroma.Constants
10 socket("/socket", Pleroma.Web.UserSocket)
12 plug(Pleroma.Web.Plugs.SetLocalePlug)
14 plug(Pleroma.Web.Plugs.HTTPSecurityPlug)
15 plug(Pleroma.Web.Plugs.UploadedMedia)
17 @static_cache_control "public, no-cache"
19 # InstanceStatic needs to be before Plug.Static to be able to override shipped-static files
20 # If you're adding new paths to `only:` you'll need to configure them in InstanceStatic as well
21 # Cache-control headers are duplicated in case we turn off etags in the future
22 plug(Pleroma.Web.Plugs.InstanceStatic,
25 cache_control_for_etags: @static_cache_control,
27 "cache-control" => @static_cache_control
31 # Careful! No `only` restriction here, as we don't know what frontends contain.
32 plug(Pleroma.Web.Plugs.FrontendStatic,
34 frontend_type: :primary,
36 cache_control_for_etags: @static_cache_control,
38 "cache-control" => @static_cache_control
42 plug(Plug.Static.IndexHtml, at: "/pleroma/admin/")
44 plug(Pleroma.Web.Plugs.FrontendStatic,
46 frontend_type: :admin,
48 cache_control_for_etags: @static_cache_control,
50 "cache-control" => @static_cache_control
54 # Serve at "/" the static files from "priv/static" directory.
56 # You should set gzip to true if you are running phoenix.digest
57 # when deploying your static files in production.
62 only: Pleroma.Constants.static_only_files(),
63 # credo:disable-for-previous-line Credo.Check.Readability.MaxLineLength
65 cache_control_for_etags: @static_cache_control,
67 "cache-control" => @static_cache_control
72 at: "/pleroma/admin/",
73 from: {:pleroma, "priv/static/adminfe/"}
76 # Code reloading can be explicitly enabled under the
77 # :code_reloader configuration of your endpoint.
79 plug(Phoenix.CodeReloader)
82 plug(Pleroma.Web.Plugs.TrailingFormatPlug)
84 plug(Plug.Logger, log: :debug)
89 {:multipart, length: {Pleroma.Config, :get, [[:instance, :upload_limit]]}},
94 length: Pleroma.Config.get([:instance, :upload_limit]),
95 body_reader: {Pleroma.Web.Plugs.DigestPlug, :read_body, []}
98 plug(Plug.MethodOverride)
101 secure_cookies = Pleroma.Config.get([__MODULE__, :secure_cookie_flag])
105 do: "__Host-pleroma_key",
109 Pleroma.Config.get([__MODULE__, :extra_cookie_attrs])
112 # The session will be stored in the cookie and signed,
113 # this means its contents can be read but not tampered with.
114 # Set :encryption_salt if you would also like to encrypt it.
119 signing_salt: Pleroma.Config.get([__MODULE__, :signing_salt], "CqaoopA2"),
121 secure: secure_cookies,
125 plug(Pleroma.Web.Plugs.RemoteIp)
127 defmodule Instrumenter do
128 use Prometheus.PhoenixInstrumenter
131 defmodule PipelineInstrumenter do
132 use Prometheus.PlugPipelineInstrumenter
135 defmodule MetricsExporter do
136 use Prometheus.PlugExporter
139 plug(PipelineInstrumenter)
140 plug(MetricsExporter)
142 plug(Pleroma.Web.Router)
145 Dynamically loads configuration from the system environment
148 It receives the endpoint configuration from the config files
149 and must return the updated configuration.
151 def load_from_system_env(config) do
152 port = System.get_env("PORT") || raise "expected the PORT environment variable to be set"
153 {:ok, Keyword.put(config, :http, [:inet6, port: port])}
157 String.replace_leading(url(), "http", "ws")