1 # Pleroma: A lightweight social networking server
2 # Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
3 # SPDX-License-Identifier: AGPL-3.0-only
5 defmodule Pleroma.Web.Endpoint do
6 use Phoenix.Endpoint, otp_app: :pleroma
8 socket("/socket", Pleroma.Web.UserSocket)
10 plug(Pleroma.Plugs.SetLocalePlug)
12 plug(Pleroma.Plugs.HTTPSecurityPlug)
13 plug(Pleroma.Plugs.UploadedMedia)
15 @static_cache_control "public max-age=86400 must-revalidate"
17 # InstanceStatic needs to be before Plug.Static to be able to override shipped-static files
18 # If you're adding new paths to `only:` you'll need to configure them in InstanceStatic as well
19 # Cache-control headers are duplicated in case we turn off etags in the future
20 plug(Pleroma.Plugs.InstanceStatic,
23 cache_control_for_etags: @static_cache_control,
25 "cache-control" => @static_cache_control
29 # Serve at "/" the static files from "priv/static" directory.
31 # You should set gzip to true if you are running phoenix.digest
32 # when deploying your static files in production.
38 ~w(index.html robots.txt static finmoji emoji packs sounds images instance sw.js sw-pleroma.js favicon.png schemas doc),
39 # credo:disable-for-previous-line Credo.Check.Readability.MaxLineLength
41 cache_control_for_etags: @static_cache_control,
43 "cache-control" => @static_cache_control
47 plug(Plug.Static.IndexHtml, at: "/pleroma/admin/")
50 at: "/pleroma/admin/",
51 from: {:pleroma, "priv/static/adminfe/"}
54 # Code reloading can be explicitly enabled under the
55 # :code_reloader configuration of your endpoint.
57 plug(Phoenix.CodeReloader)
60 plug(Pleroma.Plugs.TrailingFormatPlug)
67 {:multipart, length: {Pleroma.Config, :get, [[:instance, :upload_limit]]}},
72 length: Pleroma.Config.get([:instance, :upload_limit]),
73 body_reader: {Pleroma.Web.Plugs.DigestPlug, :read_body, []}
76 plug(Plug.MethodOverride)
79 secure_cookies = Pleroma.Config.get([__MODULE__, :secure_cookie_flag])
83 do: "__Host-pleroma_key",
87 Pleroma.Config.get([__MODULE__, :extra_cookie_attrs])
90 # The session will be stored in the cookie and signed,
91 # this means its contents can be read but not tampered with.
92 # Set :encryption_salt if you would also like to encrypt it.
97 signing_salt: Pleroma.Config.get([__MODULE__, :signing_salt], "CqaoopA2"),
99 secure: secure_cookies,
103 # Note: the plug and its configuration is compile-time this can't be upstreamed yet
104 if proxies = Pleroma.Config.get([__MODULE__, :reverse_proxies]) do
105 plug(RemoteIp, proxies: proxies)
108 defmodule Instrumenter do
109 use Prometheus.PhoenixInstrumenter
112 defmodule PipelineInstrumenter do
113 use Prometheus.PlugPipelineInstrumenter
116 defmodule MetricsExporter do
117 use Prometheus.PlugExporter
120 plug(PipelineInstrumenter)
121 plug(MetricsExporter)
123 plug(Pleroma.Web.Router)
126 Dynamically loads configuration from the system environment
129 It receives the endpoint configuration from the config files
130 and must return the updated configuration.
132 def load_from_system_env(config) do
133 port = System.get_env("PORT") || raise "expected the PORT environment variable to be set"
134 {:ok, Keyword.put(config, :http, [:inet6, port: port])}
138 String.replace_leading(url(), "http", "ws")