- apt-get update && apt-get install -y cmake
- mix local.hex --force
- mix local.rebar --force
+ - apt-get -qq update
+ - apt-get install -y libmagic-dev
build:
stage: build
### Changed
+- **Breaking** Requires `libmagic` (or `file`) to guess file types.
- Renamed `:await_up_timeout` in `:connections_pool` namespace to `:connect_timeout`, old name is deprecated.
- Renamed `:timeout` in `pools` namespace to `:recv_timeout`, old name is deprecated.
timeout: 300_000
]
+config :pleroma, :majic_pool, size: 2
+
private_instance? = :if_instance_is_private
config :pleroma, :restrict_unauthenticated,
]
}
]
+ },
+ %{
+ group: :pleroma,
+ key: :majic_pool,
+ type: :group,
+ description: "Majic/libmagic configuration",
+ children: [
+ %{
+ key: :size,
+ type: :integer,
+ description: "Number of majic workers to start.",
+ suggestions: [2]
+ }
+ ]
}
]
* `erlang-parsetools`
* `erlang-xmerl`
* `git`
+* `file-dev`
* Development Tools
* `cmake`
* Install some tools, which are needed later:
```shell
-sudo apk add git build-base cmake
+sudo apk add git build-base cmake file-dev
```
### Install Elixir and Erlang
* `git`
* `base-devel`
* `cmake`
+* `file`
#### Optional packages used in this guide
* Install some of the above mentioned programs:
```shell
-sudo pacman -S git base-devel elixir cmake
+sudo pacman -S git base-devel elixir cmake file
```
### Install PostgreSQL
* `elixir` (1.8+, Follow the guide to install from the Erlang Solutions repo or use [asdf](https://github.com/asdf-vm/asdf) as the pleroma user)
* `erlang-dev`
* `erlang-nox`
+* `libmagic-dev`
* `git`
* `build-essential`
* `cmake`
* Install some of the above mentioned programs:
```shell
-sudo apt install git build-essential postgresql postgresql-contrib cmake
+sudo apt install git build-essential postgresql postgresql-contrib cmake libmagic-devel
```
### Install Elixir and Erlang
- `git`
- `build-essential`
- `cmake`
+- `libmagic-dev`
#### このガイドで利用している追加パッケージ
* 上記に挙げたパッケージをインストールしておきます。
```
-sudo apt install git build-essential postgresql postgresql-contrib cmake
+sudo apt install git build-essential postgresql postgresql-contrib cmake libmagic-dev
```
* `dev-lang/elixir`
* `dev-vcs/git`
* `dev-util/cmake`
+* `sys-apps/file`
#### Optional ebuilds used in this guide
* Emerge all required the required and suggested software in one go:
```shell
- # emerge --ask dev-db/postgresql dev-lang/elixir dev-vcs/git www-servers/nginx app-crypt/certbot app-crypt/certbot-nginx dev-util/cmake
+ # emerge --ask dev-db/postgresql dev-lang/elixir dev-vcs/git www-servers/nginx app-crypt/certbot app-crypt/certbot-nginx dev-util/cmake sys-apps/file
```
If you would not like to install the optional packages, remove them from this line.
* PostgreSQL (also utilizes extensions in postgresql-contrib)
* nginx (could be swapped with another reverse proxy but this guide covers only it)
* certbot (for Let's Encrypt certificates, could be swapped with another ACME client, but this guide covers only it)
+* libmagic/file
=== "Alpine"
```
echo "http://nl.alpinelinux.org/alpine/latest-stable/community" >> /etc/apk/repositories
apk update
- apk add curl unzip ncurses postgresql postgresql-contrib nginx certbot
+ apk add curl unzip ncurses postgresql postgresql-contrib nginx certbot file-dev
```
=== "Debian/Ubuntu"
```
- apt install curl unzip libncurses5 postgresql postgresql-contrib nginx certbot
+ apt install curl unzip libncurses5 postgresql postgresql-contrib nginx certbot libmagic-dev
```
## Setup
[
Pleroma.Stats,
Pleroma.JobQueueMonitor,
+ {Majic.Pool, [name: Pleroma.MajicPool, pool_size: Config.get([:majic_pool, :size], 2)]},
{Oban, Config.get(Oban)}
] ++
task_children(@env) ++
+++ /dev/null
-# Pleroma: A lightweight social networking server
-# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
-# SPDX-License-Identifier: AGPL-3.0-only
-
-defmodule Pleroma.MIME do
- @moduledoc """
- Returns the mime-type of a binary and optionally a normalized file-name.
- """
- @default "application/octet-stream"
- @read_bytes 35
-
- @spec file_mime_type(String.t(), String.t()) ::
- {:ok, content_type :: String.t(), filename :: String.t()} | {:error, any()} | :error
- def file_mime_type(path, filename) do
- with {:ok, content_type} <- file_mime_type(path),
- filename <- fix_extension(filename, content_type) do
- {:ok, content_type, filename}
- end
- end
-
- @spec file_mime_type(String.t()) :: {:ok, String.t()} | {:error, any()} | :error
- def file_mime_type(filename) do
- File.open(filename, [:read], fn f ->
- check_mime_type(IO.binread(f, @read_bytes))
- end)
- end
-
- def bin_mime_type(binary, filename) do
- with {:ok, content_type} <- bin_mime_type(binary),
- filename <- fix_extension(filename, content_type) do
- {:ok, content_type, filename}
- end
- end
-
- @spec bin_mime_type(binary()) :: {:ok, String.t()} | :error
- def bin_mime_type(<<head::binary-size(@read_bytes), _::binary>>) do
- {:ok, check_mime_type(head)}
- end
-
- def bin_mime_type(_), do: :error
-
- def mime_type(<<_::binary>>), do: {:ok, @default}
-
- defp fix_extension(filename, content_type) do
- parts = String.split(filename, ".")
-
- new_filename =
- if length(parts) > 1 do
- Enum.drop(parts, -1) |> Enum.join(".")
- else
- Enum.join(parts)
- end
-
- cond do
- content_type == "application/octet-stream" ->
- filename
-
- ext = List.first(MIME.extensions(content_type)) ->
- new_filename <> "." <> ext
-
- true ->
- Enum.join([new_filename, String.split(content_type, "/") |> List.last()], ".")
- end
- end
-
- defp check_mime_type(<<0x89, 0x50, 0x4E, 0x47, 0x0D, 0x0A, 0x1A, 0x0A, _::binary>>) do
- "image/png"
- end
-
- defp check_mime_type(<<0x47, 0x49, 0x46, 0x38, _, 0x61, _::binary>>) do
- "image/gif"
- end
-
- defp check_mime_type(<<0xFF, 0xD8, 0xFF, _::binary>>) do
- "image/jpeg"
- end
-
- defp check_mime_type(<<0x1A, 0x45, 0xDF, 0xA3, _::binary>>) do
- "video/webm"
- end
-
- defp check_mime_type(<<0x00, 0x00, 0x00, _, 0x66, 0x74, 0x79, 0x70, _::binary>>) do
- "video/mp4"
- end
-
- defp check_mime_type(<<0x49, 0x44, 0x33, _::binary>>) do
- "audio/mpeg"
- end
-
- defp check_mime_type(<<255, 251, _, 68, 0, 0, 0, 0, _::binary>>) do
- "audio/mpeg"
- end
-
- defp check_mime_type(
- <<0x4F, 0x67, 0x67, 0x53, 0x00, 0x02, 0x00, 0x00, _::size(160), 0x80, 0x74, 0x68, 0x65,
- 0x6F, 0x72, 0x61, _::binary>>
- ) do
- "video/ogg"
- end
-
- defp check_mime_type(<<0x4F, 0x67, 0x67, 0x53, 0x00, 0x02, 0x00, 0x00, _::binary>>) do
- "audio/ogg"
- end
-
- defp check_mime_type(<<"RIFF", _::binary-size(4), "WAVE", _::binary>>) do
- "audio/wav"
- end
-
- defp check_mime_type(<<"RIFF", _::binary-size(4), "WEBP", _::binary>>) do
- "image/webp"
- end
-
- defp check_mime_type(<<"RIFF", _::binary-size(4), "AVI.", _::binary>>) do
- "video/avi"
- end
-
- defp check_mime_type(_) do
- @default
- end
-end
end
@spec store(source, options :: [option()]) :: {:ok, Map.t()} | {:error, any()}
+ @doc "Store a file. If using a `Plug.Upload{}` as the source, be sure to use `Majic.Plug` to ensure its content_type and filename is correct."
def store(upload, opts \\ []) do
opts = get_opts(opts)
end
defp prepare_upload(%Plug.Upload{} = file, opts) do
- with :ok <- check_file_size(file.path, opts.size_limit),
- {:ok, content_type, name} <- Pleroma.MIME.file_mime_type(file.path, file.filename) do
+ with :ok <- check_file_size(file.path, opts.size_limit) do
{:ok,
%__MODULE__{
id: UUID.generate(),
- name: name,
+ name: file.filename,
tempfile: file.path,
- content_type: content_type
+ content_type: file.content_type
}}
end
end
defp prepare_upload(%{img: "data:image/" <> image_data}, opts) do
parsed = Regex.named_captures(~r/(?<filetype>jpeg|png|gif);base64,(?<data>.*)/, image_data)
data = Base.decode64!(parsed["data"], ignore: :whitespace)
- hash = String.downcase(Base.encode16(:crypto.hash(:sha256, data)))
+ hash = Base.encode16(:crypto.hash(:sha256, data), lower: true)
with :ok <- check_binary_size(data, opts.size_limit),
tmp_path <- tempfile_for_image(data),
- {:ok, content_type, name} <-
- Pleroma.MIME.bin_mime_type(data, hash <> "." <> parsed["filetype"]) do
+ {:ok, %{mime_type: content_type}} <-
+ Majic.perform({:bytes, data}, pool: Pleroma.MajicPool),
+ [ext | _] <- MIME.extensions(content_type) do
{:ok,
%__MODULE__{
id: UUID.generate(),
- name: name,
+ name: hash <> "." <> ext,
tempfile: tmp_path,
content_type: content_type
}}
# For Mix.Tasks.MigrateLocalUploads
defp prepare_upload(%__MODULE__{tempfile: path} = upload, _opts) do
- with {:ok, content_type} <- Pleroma.MIME.file_mime_type(path) do
+ with {:ok, %{mime_type: content_type}} <- Majic.perform(path, pool: Pleroma.MajicPool) do
{:ok, %__MODULE__{upload | content_type: content_type}}
end
end
when action in [:read_inbox, :update_outbox, :whoami, :upload_media]
)
+ plug(Majic.Plug, [pool: Pleroma.MajicPool] when action in [:upload_media])
+
plug(
Pleroma.Plugs.Cache,
[query_params: false, tracking_fun: &__MODULE__.track_object_fetch/2]
alias Pleroma.Web.ActivityPub.ActivityPub
action_fallback(Pleroma.Web.MastodonAPI.FallbackController)
+ plug(Majic.Plug, [pool: Pleroma.MajicPool] when action in [:create, :create2])
plug(Pleroma.Web.ApiSpec.CastAndValidate)
plug(:put_view, Pleroma.Web.MastodonAPI.StatusView)
require Pleroma.Constants
+ plug(
+ Majic.Plug,
+ [pool: Pleroma.MajicPool] when action in [:update_avatar, :update_background, :update_banner]
+ )
+
plug(
OpenApiSpex.Plug.PutApiSpec,
[module: Pleroma.Web.ApiSpec] when action == :confirmation_resend
alias Pleroma.User
alias Pleroma.Web.ActivityPub.ActivityPub
+ plug(Majic.Plug, [pool: Pleroma.MajicPool] when action in [:update])
plug(Pleroma.Web.ApiSpec.CastAndValidate)
plug(OAuthScopesPlug, %{scopes: ["read:accounts"]} when action == :show)
plug(OAuthScopesPlug, %{scopes: ["write:accounts"]} when action != :show)
@doc "PUT /api/v1/pleroma/mascot"
def update(%{assigns: %{user: user}, body_params: %{file: file}} = conn, _) do
- with {:ok, object} <- ActivityPub.upload(file, actor: User.ap_id(user)),
- # Reject if not an image
- %{type: "image"} = attachment <- render_attachment(object) do
+ with {:content_type, "image" <> _} <- {:content_type, file.content_type},
+ {:ok, object} <- ActivityPub.upload(file, actor: User.ap_id(user)) do
+ attachment = render_attachment(object)
{:ok, _user} = User.mascot_update(user, attachment)
json(conn, attachment)
else
- %{type: _} -> render_error(conn, :unsupported_media_type, "mascots can only be images")
+ {:content_type, _} ->
+ render_error(conn, :unsupported_media_type, "mascots can only be images")
end
end
git: "https://git.pleroma.social/pleroma/elixir-libraries/elixir-captcha.git",
ref: "e0f16822d578866e186a0974d65ad58cddc1e2ab"},
{:restarter, path: "./restarter"},
+ {:majic, git: "https://github.com/hrefhref/majic", branch: "develop"},
{:open_api_spex,
git: "https://git.pleroma.social/pleroma/elixir-libraries/open_api_spex.git",
ref: "f296ac0924ba3cf79c7a588c4c252889df4c2edd"},
"jumper": {:hex, :jumper, "1.0.1", "3c00542ef1a83532b72269fab9f0f0c82bf23a35e27d278bfd9ed0865cecabff", [:mix], [], "hexpm", "318c59078ac220e966d27af3646026db9b5a5e6703cb2aa3e26bcfaba65b7433"},
"libring": {:hex, :libring, "1.4.0", "41246ba2f3fbc76b3971f6bce83119dfec1eee17e977a48d8a9cfaaf58c2a8d6", [:mix], [], "hexpm"},
"linkify": {:hex, :linkify, "0.2.0", "2518bbbea21d2caa9d372424e1ad845b640c6630e2d016f1bd1f518f9ebcca28", [:mix], [], "hexpm", "b8ca8a68b79e30b7938d6c996085f3db14939f29538a59ca5101988bb7f917f6"},
+ "majic": {:git, "https://github.com/hrefhref/majic", "51ecea6458c4b2fbc98272ce5ab2951f2c0d46cc", [branch: "develop"]},
"makeup": {:hex, :makeup, "1.0.3", "e339e2f766d12e7260e6672dd4047405963c5ec99661abdc432e6ec67d29ef95", [:mix], [{:nimble_parsec, "~> 0.5", [hex: :nimble_parsec, repo: "hexpm", optional: false]}], "hexpm", "2e9b4996d11832947731f7608fed7ad2f9443011b3b479ae288011265cdd3dad"},
"makeup_elixir": {:hex, :makeup_elixir, "0.14.1", "4f0e96847c63c17841d42c08107405a005a2680eb9c7ccadfd757bd31dabccfb", [:mix], [{:makeup, "~> 1.0", [hex: :makeup, repo: "hexpm", optional: false]}], "hexpm", "f2438b1a80eaec9ede832b5c41cd4f373b38fd7aa33e3b22d9db79e640cbde11"},
"meck": {:hex, :meck, "0.8.13", "ffedb39f99b0b99703b8601c6f17c7f76313ee12de6b646e671e3188401f7866", [:rebar3], [], "hexpm", "d34f013c156db51ad57cc556891b9720e6a1c1df5fe2e15af999c84d6cebeb1a"},
alias Pleroma.Uploaders.Uploader
@upload_file %Plug.Upload{
- content_type: "image/jpg",
+ content_type: "image/jpeg",
path: Path.absname("test/fixtures/image_tmp.jpg"),
filename: "image.jpg"
}
File.cp!("test/fixtures/image.jpg", "test/fixtures/image_tmp.jpg")
file = %Plug.Upload{
- content_type: "image/jpg",
+ content_type: "image/jpeg",
path: Path.absname("test/fixtures/image_tmp.jpg"),
filename: "image.jpg"
}
File.cp!("test/fixtures/image.jpg", "test/fixtures/image_tmp.jpg")
file = %Plug.Upload{
- content_type: "image/jpg",
+ content_type: "image/jpeg",
path: Path.absname("test/fixtures/image_tmp.jpg"),
filename: "an [image.jpg"
}
File.cp!("test/fixtures/image.jpg", "test/fixtures/image_tmp.jpg")
file = %Plug.Upload{
- content_type: "image/jpg",
+ content_type: "image/jpeg",
path: Path.absname("test/fixtures/image_tmp.jpg"),
filename: "an [image.jpg"
}
assert data["name"] == "an [image.jpg"
end
- test "fixes incorrect content type" do
- File.cp!("test/fixtures/image.jpg", "test/fixtures/image_tmp.jpg")
-
- file = %Plug.Upload{
- content_type: "application/octet-stream",
- path: Path.absname("test/fixtures/image_tmp.jpg"),
- filename: "an [image.jpg"
+ test "fixes incorrect content type when base64 is given" do
+ params = %{
+ img: "data:image/png;base64,#{Base.encode64(File.read!("test/fixtures/image.jpg"))}"
}
- {:ok, data} = Upload.store(file, filters: [Pleroma.Upload.Filter.Dedupe])
+ {:ok, data} = Upload.store(params)
assert hd(data["url"])["mediaType"] == "image/jpeg"
end
- test "adds missing extension" do
- File.cp!("test/fixtures/image.jpg", "test/fixtures/image_tmp.jpg")
-
- file = %Plug.Upload{
- content_type: "image/jpg",
- path: Path.absname("test/fixtures/image_tmp.jpg"),
- filename: "an [image"
- }
-
- {:ok, data} = Upload.store(file)
- assert data["name"] == "an [image.jpg"
- end
-
- test "fixes incorrect file extension" do
+ test "adds extension when base64 is given" do
File.cp!("test/fixtures/image.jpg", "test/fixtures/image_tmp.jpg")
- file = %Plug.Upload{
- content_type: "image/jpg",
- path: Path.absname("test/fixtures/image_tmp.jpg"),
- filename: "an [image.blah"
- }
-
- {:ok, data} = Upload.store(file)
- assert data["name"] == "an [image.jpg"
- end
-
- test "don't modify filename of an unknown type" do
- File.cp("test/fixtures/test.txt", "test/fixtures/test_tmp.txt")
-
- file = %Plug.Upload{
- content_type: "text/plain",
- path: Path.absname("test/fixtures/test_tmp.txt"),
- filename: "test.txt"
+ params = %{
+ img: "data:image/png;base64,#{Base.encode64(File.read!("test/fixtures/image.jpg"))}"
}
- {:ok, data} = Upload.store(file)
- assert data["name"] == "test.txt"
+ {:ok, data} = Upload.store(params)
+ assert String.ends_with?(data["name"], ".jpg")
end
test "copies the file to the configured folder with anonymizing filename" do
File.cp!("test/fixtures/image.jpg", "test/fixtures/image_tmp.jpg")
file = %Plug.Upload{
- content_type: "image/jpg",
+ content_type: "image/jpeg",
path: Path.absname("test/fixtures/image_tmp.jpg"),
filename: "an [image.jpg"
}
File.cp!("test/fixtures/image.jpg", "test/fixtures/image_tmp.jpg")
file = %Plug.Upload{
- content_type: "image/jpg",
+ content_type: "image/jpeg",
path: Path.absname("test/fixtures/image_tmp.jpg"),
filename: "an… image.jpg"
}
File.cp!("test/fixtures/image.jpg", "test/fixtures/image_tmp.jpg")
file = %Plug.Upload{
- content_type: "image/jpg",
+ content_type: "image/jpeg",
path: Path.absname("test/fixtures/image_tmp.jpg"),
filename: ":?#[]@!$&\\'()*+,;=.jpg"
}
File.cp!("test/fixtures/image.jpg", "test/fixtures/image_tmp.jpg")
file = %Plug.Upload{
- content_type: "image/jpg",
+ content_type: "image/jpeg",
path: Path.absname("test/fixtures/image_tmp.jpg"),
filename: "image.jpg"
}
desc = "Description of the image"
image = %Plug.Upload{
- content_type: "image/jpg",
+ content_type: "bad/content-type",
path: Path.absname("test/fixtures/image.jpg"),
- filename: "an_image.jpg"
+ filename: "an_image.png"
}
object =
assert [%{"href" => object_href, "mediaType" => object_mediatype}] = object["url"]
assert is_binary(object_href)
assert object_mediatype == "image/jpeg"
+ assert String.ends_with?(object_href, ".jpg")
activity_request = %{
"@context" => "https://www.w3.org/ns/activitystreams",