1 # Pleroma: A lightweight social networking server
2 # Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
3 # SPDX-License-Identifier: AGPL-3.0-only
5 defmodule Pleroma.Web.Endpoint do
6 use Phoenix.Endpoint, otp_app: :pleroma
8 require Pleroma.Constants
12 socket("/socket", Pleroma.Web.UserSocket)
13 socket("/live", Phoenix.LiveView.Socket)
15 plug(Plug.Telemetry, event_prefix: [:phoenix, :endpoint])
17 plug(Pleroma.Web.Plugs.SetLocalePlug)
19 plug(Pleroma.Web.Plugs.HTTPSecurityPlug)
20 plug(Pleroma.Web.Plugs.UploadedMedia)
22 @static_cache_control "public, no-cache"
24 # InstanceStatic needs to be before Plug.Static to be able to override shipped-static files
25 # If you're adding new paths to `only:` you'll need to configure them in InstanceStatic as well
26 # Cache-control headers are duplicated in case we turn off etags in the future
28 Pleroma.Web.Plugs.InstanceStatic,
31 only: ["emoji", "images"],
33 cache_control_for_etags: "public, max-age=1209600",
35 "cache-control" => "public, max-age=1209600"
39 plug(Pleroma.Web.Plugs.InstanceStatic,
42 cache_control_for_etags: @static_cache_control,
44 "cache-control" => @static_cache_control
48 # Careful! No `only` restriction here, as we don't know what frontends contain.
49 plug(Pleroma.Web.Plugs.FrontendStatic,
51 frontend_type: :primary,
53 cache_control_for_etags: @static_cache_control,
55 "cache-control" => @static_cache_control
59 plug(Plug.Static.IndexHtml, at: "/pleroma/admin/")
61 plug(Pleroma.Web.Plugs.FrontendStatic,
63 frontend_type: :admin,
65 cache_control_for_etags: @static_cache_control,
67 "cache-control" => @static_cache_control
71 # Serve at "/" the static files from "priv/static" directory.
73 # You should set gzip to true if you are running phoenix.digest
74 # when deploying your static files in production.
79 only: Pleroma.Constants.static_only_files(),
80 # credo:disable-for-previous-line Credo.Check.Readability.MaxLineLength
82 cache_control_for_etags: @static_cache_control,
84 "cache-control" => @static_cache_control
89 at: "/pleroma/admin/",
90 from: {:pleroma, "priv/static/adminfe/"}
93 # Code reloading can be explicitly enabled under the
94 # :code_reloader configuration of your endpoint.
96 plug(Phoenix.CodeReloader)
99 plug(Pleroma.Web.Plugs.TrailingFormatPlug)
101 plug(Plug.Logger, log: :debug)
106 {:multipart, length: {Config, :get, [[:instance, :upload_limit]]}},
111 length: Config.get([:instance, :upload_limit]),
112 body_reader: {Pleroma.Web.Plugs.DigestPlug, :read_body, []}
115 plug(Plug.MethodOverride)
118 secure_cookies = Config.get([__MODULE__, :secure_cookie_flag])
122 do: "__Host-pleroma_key",
126 Config.get([__MODULE__, :extra_cookie_attrs])
129 # The session will be stored in the cookie and signed,
130 # this means its contents can be read but not tampered with.
131 # Set :encryption_salt if you would also like to encrypt it.
136 signing_salt: Config.get([__MODULE__, :signing_salt], "CqaoopA2"),
138 secure: secure_cookies,
142 plug(Pleroma.Web.Plugs.RemoteIp)
144 defmodule Instrumenter do
145 use Prometheus.PhoenixInstrumenter
148 defmodule PipelineInstrumenter do
149 use Prometheus.PlugPipelineInstrumenter
152 defmodule MetricsExporter do
153 use Prometheus.PlugExporter
156 defmodule MetricsExporterCaller do
159 def init(opts), do: opts
161 def call(conn, opts) do
162 prometheus_config = Application.get_env(:prometheus, MetricsExporter, [])
163 ip_whitelist = List.wrap(prometheus_config[:ip_whitelist])
166 !prometheus_config[:enabled] ->
169 ip_whitelist != [] and
170 !Enum.find(ip_whitelist, fn ip ->
171 Pleroma.Helpers.InetHelper.parse_address(ip) == {:ok, conn.remote_ip}
176 MetricsExporter.call(conn, opts)
181 plug(PipelineInstrumenter)
183 plug(MetricsExporterCaller)
185 plug(Pleroma.Web.Router)
188 Dynamically loads configuration from the system environment
191 It receives the endpoint configuration from the config files
192 and must return the updated configuration.
194 def load_from_system_env(config) do
195 port = System.get_env("PORT") || raise "expected the PORT environment variable to be set"
196 {:ok, Keyword.put(config, :http, [:inet6, port: port])}
200 String.replace_leading(url(), "http", "ws")