git.squeep.com Git - akkoma/blob - lib/pleroma/web/endpoint.ex

   1 # Pleroma: A lightweight social networking server
   2 # Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
   3 # SPDX-License-Identifier: AGPL-3.0-only
   4
   5 defmodule Pleroma.Web.Endpoint do
   6   use Phoenix.Endpoint, otp_app: :pleroma
   7
   8   require Pleroma.Constants
   9
  10   socket("/socket", Pleroma.Web.UserSocket)
  11
  12   plug(Pleroma.Plugs.SetLocalePlug)
  13   plug(CORSPlug)
  14   plug(Pleroma.Plugs.HTTPSecurityPlug)
  15   plug(Pleroma.Plugs.UploadedMedia)
  16
  17   @static_cache_control "public, no-cache"
  18
  19   # InstanceStatic needs to be before Plug.Static to be able to override shipped-static files
  20   # If you're adding new paths to `only:` you'll need to configure them in InstanceStatic as well
  21   # Cache-control headers are duplicated in case we turn off etags in the future
  22   plug(Pleroma.Plugs.InstanceStatic,
  23     at: "/",
  24     gzip: true,
  25     cache_control_for_etags: @static_cache_control,
  26     headers: %{
  27       "cache-control" => @static_cache_control
  28     }
  29   )
  30
  31   # Careful! No `only` restriction here, as we don't know what frontends contain.
  32   plug(Pleroma.Plugs.FrontendStatic,
  33     at: "/",
  34     frontend_type: :primary,
  35     gzip: true,
  36     cache_control_for_etags: @static_cache_control,
  37     headers: %{
  38       "cache-control" => @static_cache_control
  39     }
  40   )
  41
  42   # Serve at "/" the static files from "priv/static" directory.
  43   #
  44   # You should set gzip to true if you are running phoenix.digest
  45   # when deploying your static files in production.
  46   plug(
  47     Plug.Static,
  48     at: "/",
  49     from: :pleroma,
  50     only: Pleroma.Constants.static_only_files(),
  51     # credo:disable-for-previous-line Credo.Check.Readability.MaxLineLength
  52     gzip: true,
  53     cache_control_for_etags: @static_cache_control,
  54     headers: %{
  55       "cache-control" => @static_cache_control
  56     }
  57   )
  58
  59   plug(Plug.Static.IndexHtml, at: "/pleroma/admin/")
  60
  61   plug(Plug.Static,
  62     at: "/pleroma/admin/",
  63     from: {:pleroma, "priv/static/adminfe/"}
  64   )
  65
  66   # Code reloading can be explicitly enabled under the
  67   # :code_reloader configuration of your endpoint.
  68   if code_reloading? do
  69     plug(Phoenix.CodeReloader)
  70   end
  71
  72   plug(Pleroma.Plugs.TrailingFormatPlug)
  73   plug(Plug.RequestId)
  74   plug(Plug.Logger, log: :debug)
  75
  76   plug(Plug.Parsers,
  77     parsers: [
  78       :urlencoded,
  79       {:multipart, length: {Pleroma.Config, :get, [[:instance, :upload_limit]]}},
  80       :json
  81     ],
  82     pass: ["*/*"],
  83     json_decoder: Jason,
  84     length: Pleroma.Config.get([:instance, :upload_limit]),
  85     body_reader: {Pleroma.Web.Plugs.DigestPlug, :read_body, []}
  86   )
  87
  88   plug(Plug.MethodOverride)
  89   plug(Plug.Head)
  90
  91   secure_cookies = Pleroma.Config.get([__MODULE__, :secure_cookie_flag])
  92
  93   cookie_name =
  94     if secure_cookies,
  95       do: "__Host-pleroma_key",
  96       else: "pleroma_key"
  97
  98   extra =
  99     Pleroma.Config.get([__MODULE__, :extra_cookie_attrs])
 100     |> Enum.join(";")
 101
 102   # The session will be stored in the cookie and signed,
 103   # this means its contents can be read but not tampered with.
 104   # Set :encryption_salt if you would also like to encrypt it.
 105   plug(
 106     Plug.Session,
 107     store: :cookie,
 108     key: cookie_name,
 109     signing_salt: Pleroma.Config.get([__MODULE__, :signing_salt], "CqaoopA2"),
 110     http_only: true,
 111     secure: secure_cookies,
 112     extra: extra
 113   )
 114
 115   plug(Pleroma.Plugs.RemoteIp)
 116
 117   defmodule Instrumenter do
 118     use Prometheus.PhoenixInstrumenter
 119   end
 120
 121   defmodule PipelineInstrumenter do
 122     use Prometheus.PlugPipelineInstrumenter
 123   end
 124
 125   defmodule MetricsExporter do
 126     use Prometheus.PlugExporter
 127   end
 128
 129   plug(PipelineInstrumenter)
 130   plug(MetricsExporter)
 131
 132   plug(Pleroma.Web.Router)
 133
 134   @doc """
 135   Dynamically loads configuration from the system environment
 136   on startup.
 137
 138   It receives the endpoint configuration from the config files
 139   and must return the updated configuration.
 140   """
 141   def load_from_system_env(config) do
 142     port = System.get_env("PORT") || raise "expected the PORT environment variable to be set"
 143     {:ok, Keyword.put(config, :http, [:inet6, port: port])}
 144   end
 145
 146   def websocket_url do
 147     String.replace_leading(url(), "http", "ws")
 148   end
 149 end