git.squeep.com Git - akkoma/blob - lib/pleroma/web/endpoint.ex

   1 # Pleroma: A lightweight social networking server
   2 # Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
   3 # SPDX-License-Identifier: AGPL-3.0-only
   4
   5 defmodule Pleroma.Web.Endpoint do
   6   use Phoenix.Endpoint, otp_app: :pleroma
   7
   8   require Pleroma.Constants
   9
  10   alias Pleroma.Config
  11
  12   socket("/socket", Pleroma.Web.UserSocket)
  13
  14   plug(Pleroma.Web.Plugs.SetLocalePlug)
  15   plug(CORSPlug)
  16   plug(Pleroma.Web.Plugs.HTTPSecurityPlug)
  17   plug(Pleroma.Web.Plugs.UploadedMedia)
  18
  19   @static_cache_control "public, no-cache"
  20
  21   # InstanceStatic needs to be before Plug.Static to be able to override shipped-static files
  22   # If you're adding new paths to `only:` you'll need to configure them in InstanceStatic as well
  23   # Cache-control headers are duplicated in case we turn off etags in the future
  24   plug(Pleroma.Web.Plugs.InstanceStatic,
  25     at: "/",
  26     gzip: true,
  27     cache_control_for_etags: @static_cache_control,
  28     headers: %{
  29       "cache-control" => @static_cache_control
  30     }
  31   )
  32
  33   # Careful! No `only` restriction here, as we don't know what frontends contain.
  34   plug(Pleroma.Web.Plugs.FrontendStatic,
  35     at: "/",
  36     frontend_type: :primary,
  37     gzip: true,
  38     cache_control_for_etags: @static_cache_control,
  39     headers: %{
  40       "cache-control" => @static_cache_control
  41     }
  42   )
  43
  44   plug(Plug.Static.IndexHtml, at: "/pleroma/admin/")
  45
  46   plug(Pleroma.Web.Plugs.FrontendStatic,
  47     at: "/pleroma/admin",
  48     frontend_type: :admin,
  49     gzip: true,
  50     cache_control_for_etags: @static_cache_control,
  51     headers: %{
  52       "cache-control" => @static_cache_control
  53     }
  54   )
  55
  56   # Serve at "/" the static files from "priv/static" directory.
  57   #
  58   # You should set gzip to true if you are running phoenix.digest
  59   # when deploying your static files in production.
  60   plug(
  61     Plug.Static,
  62     at: "/",
  63     from: :pleroma,
  64     only: Pleroma.Constants.static_only_files(),
  65     # credo:disable-for-previous-line Credo.Check.Readability.MaxLineLength
  66     gzip: true,
  67     cache_control_for_etags: @static_cache_control,
  68     headers: %{
  69       "cache-control" => @static_cache_control
  70     }
  71   )
  72
  73   plug(Plug.Static,
  74     at: "/pleroma/admin/",
  75     from: {:pleroma, "priv/static/adminfe/"}
  76   )
  77
  78   # Code reloading can be explicitly enabled under the
  79   # :code_reloader configuration of your endpoint.
  80   if code_reloading? do
  81     plug(Phoenix.CodeReloader)
  82   end
  83
  84   plug(Pleroma.Web.Plugs.TrailingFormatPlug)
  85   plug(Plug.RequestId)
  86   plug(Plug.Logger, log: :debug)
  87
  88   plug(Plug.Parsers,
  89     parsers: [
  90       :urlencoded,
  91       {:multipart, length: {Config, :get, [[:instance, :upload_limit]]}},
  92       :json
  93     ],
  94     pass: ["*/*"],
  95     json_decoder: Jason,
  96     length: Config.get([:instance, :upload_limit]),
  97     body_reader: {Pleroma.Web.Plugs.DigestPlug, :read_body, []}
  98   )
  99
 100   plug(Plug.MethodOverride)
 101   plug(Plug.Head)
 102
 103   secure_cookies = Config.get([__MODULE__, :secure_cookie_flag])
 104
 105   cookie_name =
 106     if secure_cookies,
 107       do: "__Host-pleroma_key",
 108       else: "pleroma_key"
 109
 110   extra =
 111     Config.get([__MODULE__, :extra_cookie_attrs])
 112     |> Enum.join(";")
 113
 114   # The session will be stored in the cookie and signed,
 115   # this means its contents can be read but not tampered with.
 116   # Set :encryption_salt if you would also like to encrypt it.
 117   plug(
 118     Plug.Session,
 119     store: :cookie,
 120     key: cookie_name,
 121     signing_salt: Config.get([__MODULE__, :signing_salt], "CqaoopA2"),
 122     http_only: true,
 123     secure: secure_cookies,
 124     extra: extra
 125   )
 126
 127   plug(Pleroma.Web.Plugs.RemoteIp)
 128
 129   defmodule Instrumenter do
 130     use Prometheus.PhoenixInstrumenter
 131   end
 132
 133   defmodule PipelineInstrumenter do
 134     use Prometheus.PlugPipelineInstrumenter
 135   end
 136
 137   defmodule MetricsExporter do
 138     use Prometheus.PlugExporter
 139   end
 140
 141   defmodule MetricsExporterCaller do
 142     @behaviour Plug
 143
 144     def init(opts), do: opts
 145
 146     def call(conn, opts) do
 147       prometheus_config = Application.get_env(:prometheus, MetricsExporter, [])
 148       ip_whitelist = List.wrap(prometheus_config[:ip_whitelist])
 149
 150       cond do
 151         !prometheus_config[:enabled] ->
 152           conn
 153
 154         ip_whitelist != [] and
 155             !Enum.find(ip_whitelist, fn ip ->
 156               Pleroma.Helpers.InetHelper.parse_address(ip) == {:ok, conn.remote_ip}
 157             end) ->
 158           conn
 159
 160         true ->
 161           MetricsExporter.call(conn, opts)
 162       end
 163     end
 164   end
 165
 166   plug(PipelineInstrumenter)
 167
 168   plug(MetricsExporterCaller)
 169
 170   plug(Pleroma.Web.Router)
 171
 172   @doc """
 173   Dynamically loads configuration from the system environment
 174   on startup.
 175
 176   It receives the endpoint configuration from the config files
 177   and must return the updated configuration.
 178   """
 179   def load_from_system_env(config) do
 180     port = System.get_env("PORT") || raise "expected the PORT environment variable to be set"
 181     {:ok, Keyword.put(config, :http, [:inet6, port: port])}
 182   end
 183
 184   def websocket_url do
 185     String.replace_leading(url(), "http", "ws")
 186   end
 187 end