git.squeep.com Git - akkoma/blob - lib/pleroma/web/endpoint.ex

   1 defmodule Pleroma.Web.Endpoint do
   2   use Phoenix.Endpoint, otp_app: :pleroma
   3
   4   socket("/socket", Pleroma.Web.UserSocket)
   5
   6   socket("/api/v1", Pleroma.Web.MastodonAPI.MastodonSocket)
   7
   8   # Serve at "/" the static files from "priv/static" directory.
   9   #
  10   # You should set gzip to true if you are running phoenix.digest
  11   # when deploying your static files in production.
  12   plug(CORSPlug)
  13   plug(Pleroma.Plugs.HTTPSecurityPlug)
  14
  15   plug(Plug.Static, at: "/media", from: Pleroma.Uploaders.Local.upload_path(), gzip: false)
  16
  17   plug(
  18     Plug.Static,
  19     at: "/",
  20     from: :pleroma,
  21     only:
  22       ~w(index.html static finmoji emoji packs sounds images instance sw.js favicon.png schemas)
  23   )
  24
  25   # Code reloading can be explicitly enabled under the
  26   # :code_reloader configuration of your endpoint.
  27   if code_reloading? do
  28     plug(Phoenix.CodeReloader)
  29   end
  30
  31   plug(TrailingFormatPlug)
  32   plug(Plug.RequestId)
  33   plug(Plug.Logger)
  34
  35   plug(
  36     Plug.Parsers,
  37     parsers: [:urlencoded, :multipart, :json],
  38     pass: ["*/*"],
  39     json_decoder: Jason,
  40     length: Application.get_env(:pleroma, :instance) |> Keyword.get(:upload_limit),
  41     body_reader: {Pleroma.Web.Plugs.DigestPlug, :read_body, []}
  42   )
  43
  44   plug(Plug.MethodOverride)
  45   plug(Plug.Head)
  46
  47   cookie_name =
  48     if Application.get_env(:pleroma, Pleroma.Web.Endpoint) |> Keyword.get(:secure_cookie_flag),
  49       do: "__Host-pleroma_key",
  50       else: "pleroma_key"
  51
  52   # The session will be stored in the cookie and signed,
  53   # this means its contents can be read but not tampered with.
  54   # Set :encryption_salt if you would also like to encrypt it.
  55   plug(
  56     Plug.Session,
  57     store: :cookie,
  58     key: cookie_name,
  59     signing_salt: {Pleroma.Config, :get, [[__MODULE__, :signing_salt], "CqaoopA2"]},
  60     http_only: true,
  61     secure:
  62       Application.get_env(:pleroma, Pleroma.Web.Endpoint) |> Keyword.get(:secure_cookie_flag),
  63     extra: "SameSite=Strict"
  64   )
  65
  66   plug(Pleroma.Web.Router)
  67
  68   @doc """
  69   Dynamically loads configuration from the system environment
  70   on startup.
  71
  72   It receives the endpoint configuration from the config files
  73   and must return the updated configuration.
  74   """
  75   def load_from_system_env(config) do
  76     port = System.get_env("PORT") || raise "expected the PORT environment variable to be set"
  77     {:ok, Keyword.put(config, :http, [:inet6, port: port])}
  78   end
  79 end