at: "/",
from: :pleroma,
only:
- ~w(index.html static finmoji emoji packs sounds images instance sw.js sw-pleroma.js favicon.png schemas doc)
+ ~w(index.html robots.txt static finmoji emoji packs sounds images instance sw.js sw-pleroma.js favicon.png schemas doc)
+ # credo:disable-for-previous-line Credo.Check.Readability.MaxLineLength
+ )
+
+ plug(Plug.Static.IndexHtml, at: "/pleroma/admin/")
+
+ plug(Plug.Static,
+ at: "/pleroma/admin/",
+ from: {:pleroma, "priv/static/adminfe/"}
)
# Code reloading can be explicitly enabled under the
do: "__Host-pleroma_key",
else: "pleroma_key"
- same_site =
- if Pleroma.Config.get([:auth, :oauth_consumer_enabled]) do
- # Note: "SameSite=Strict" prevents sign in with external OAuth provider (no cookies during callback request)
- "SameSite=Lax"
- else
- "SameSite=Strict"
- end
+ extra =
+ Pleroma.Config.get([__MODULE__, :extra_cookie_attrs])
+ |> Enum.join(";")
# The session will be stored in the cookie and signed,
# this means its contents can be read but not tampered with.
signing_salt: {Pleroma.Config, :get, [[__MODULE__, :signing_salt], "CqaoopA2"]},
http_only: true,
secure: secure_cookies,
- extra: same_site
+ extra: extra
)
+ # Note: the plug and its configuration is compile-time this can't be upstreamed yet
+ if proxies = Pleroma.Config.get([__MODULE__, :reverse_proxies]) do
+ plug(RemoteIp, proxies: proxies)
+ end
+
+ defmodule Instrumenter do
+ use Prometheus.PhoenixInstrumenter
+ end
+
+ defmodule PipelineInstrumenter do
+ use Prometheus.PlugPipelineInstrumenter
+ end
+
+ defmodule MetricsExporter do
+ use Prometheus.PlugExporter
+ end
+
+ plug(PipelineInstrumenter)
+ plug(MetricsExporter)
+
plug(Pleroma.Web.Router)
@doc """