git.squeep.com Git - akkoma/blob - lib/pleroma/web/endpoint.ex

   1 # Pleroma: A lightweight social networking server
   2 # Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
   3 # SPDX-License-Identifier: AGPL-3.0-only
   4
   5 defmodule Pleroma.Web.Endpoint do
   6   use Phoenix.Endpoint, otp_app: :pleroma
   7
   8   socket("/socket", Pleroma.Web.UserSocket)
   9
  10   # Serve at "/" the static files from "priv/static" directory.
  11   #
  12   # You should set gzip to true if you are running phoenix.digest
  13   # when deploying your static files in production.
  14   plug(CORSPlug)
  15   plug(Pleroma.Plugs.HTTPSecurityPlug)
  16
  17   plug(Pleroma.Plugs.UploadedMedia)
  18
  19   # InstanceStatic needs to be before Plug.Static to be able to override shipped-static files
  20   # If you're adding new paths to `only:` you'll need to configure them in InstanceStatic as well
  21   plug(Pleroma.Plugs.InstanceStatic, at: "/")
  22
  23   plug(
  24     Plug.Static,
  25     at: "/",
  26     from: :pleroma,
  27     only:
  28       ~w(index.html robots.txt static finmoji emoji packs sounds images instance sw.js sw-pleroma.js favicon.png schemas doc)
  29     # credo:disable-for-previous-line Credo.Check.Readability.MaxLineLength
  30   )
  31
  32   # Code reloading can be explicitly enabled under the
  33   # :code_reloader configuration of your endpoint.
  34   if code_reloading? do
  35     plug(Phoenix.CodeReloader)
  36   end
  37
  38   plug(TrailingFormatPlug)
  39   plug(Plug.RequestId)
  40   plug(Plug.Logger)
  41
  42   plug(
  43     Plug.Parsers,
  44     parsers: [:urlencoded, :multipart, :json],
  45     pass: ["*/*"],
  46     json_decoder: Jason,
  47     length: Application.get_env(:pleroma, :instance) |> Keyword.get(:upload_limit),
  48     body_reader: {Pleroma.Web.Plugs.DigestPlug, :read_body, []}
  49   )
  50
  51   plug(Plug.MethodOverride)
  52   plug(Plug.Head)
  53
  54   secure_cookies = Pleroma.Config.get([__MODULE__, :secure_cookie_flag])
  55
  56   cookie_name =
  57     if secure_cookies,
  58       do: "__Host-pleroma_key",
  59       else: "pleroma_key"
  60
  61   extra =
  62     Pleroma.Config.get([__MODULE__, :extra_cookie_attrs])
  63     |> Enum.join(";")
  64
  65   # The session will be stored in the cookie and signed,
  66   # this means its contents can be read but not tampered with.
  67   # Set :encryption_salt if you would also like to encrypt it.
  68   plug(
  69     Plug.Session,
  70     store: :cookie,
  71     key: cookie_name,
  72     signing_salt: {Pleroma.Config, :get, [[__MODULE__, :signing_salt], "CqaoopA2"]},
  73     http_only: true,
  74     secure: secure_cookies,
  75     extra: extra
  76   )
  77
  78   # Note: the plug and its configuration is compile-time this can't be upstreamed yet
  79   if proxies = Pleroma.Config.get([__MODULE__, :reverse_proxies]) do
  80     plug(RemoteIp, proxies: proxies)
  81   end
  82
  83   defmodule Instrumenter do
  84     use Prometheus.PhoenixInstrumenter
  85   end
  86
  87   defmodule PipelineInstrumenter do
  88     use Prometheus.PlugPipelineInstrumenter
  89   end
  90
  91   defmodule MetricsExporter do
  92     use Prometheus.PlugExporter
  93   end
  94
  95   plug(PipelineInstrumenter)
  96   plug(MetricsExporter)
  97
  98   plug(Pleroma.Web.Router)
  99
 100   @doc """
 101   Dynamically loads configuration from the system environment
 102   on startup.
 103
 104   It receives the endpoint configuration from the config files
 105   and must return the updated configuration.
 106   """
 107   def load_from_system_env(config) do
 108     port = System.get_env("PORT") || raise "expected the PORT environment variable to be set"
 109     {:ok, Keyword.put(config, :http, [:inet6, port: port])}
 110   end
 111
 112   def websocket_url do
 113     String.replace_leading(url(), "http", "ws")
 114   end
 115 end