git.squeep.com Git - akkoma/blob - lib/pleroma/web/endpoint.ex

   1 # Pleroma: A lightweight social networking server
   2 # Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
   3 # SPDX-License-Identifier: AGPL-3.0-only
   4
   5 defmodule Pleroma.Web.Endpoint do
   6   use Phoenix.Endpoint, otp_app: :pleroma
   7
   8   require Pleroma.Constants
   9
  10   socket("/socket", Pleroma.Web.UserSocket)
  11
  12   plug(Pleroma.Plugs.SetLocalePlug)
  13   plug(CORSPlug)
  14   plug(Pleroma.Plugs.HTTPSecurityPlug)
  15   plug(Pleroma.Plugs.UploadedMedia)
  16
  17   @static_cache_control "public, no-cache"
  18
  19   # InstanceStatic needs to be before Plug.Static to be able to override shipped-static files
  20   # If you're adding new paths to `only:` you'll need to configure them in InstanceStatic as well
  21   # Cache-control headers are duplicated in case we turn off etags in the future
  22   plug(Pleroma.Plugs.InstanceStatic,
  23     at: "/",
  24     gzip: true,
  25     cache_control_for_etags: @static_cache_control,
  26     headers: %{
  27       "cache-control" => @static_cache_control
  28     }
  29   )
  30
  31   # Careful! No `only` restriction here, as we don't know what frontends contain.
  32   plug(Pleroma.Plugs.FrontendStatic,
  33     at: "/",
  34     frontend_type: :primary,
  35     gzip: true,
  36     cache_control_for_etags: @static_cache_control,
  37     headers: %{
  38       "cache-control" => @static_cache_control
  39     }
  40   )
  41
  42   plug(Plug.Static.IndexHtml, at: "/pleroma/admin/")
  43
  44   plug(Pleroma.Plugs.FrontendStatic,
  45     at: "/pleroma/admin",
  46     frontend_type: :admin,
  47     gzip: true,
  48     cache_control_for_etags: @static_cache_control,
  49     headers: %{
  50       "cache-control" => @static_cache_control
  51     }
  52   )
  53
  54   # Serve at "/" the static files from "priv/static" directory.
  55   #
  56   # You should set gzip to true if you are running phoenix.digest
  57   # when deploying your static files in production.
  58   plug(
  59     Plug.Static,
  60     at: "/",
  61     from: :pleroma,
  62     only: Pleroma.Constants.static_only_files(),
  63     # credo:disable-for-previous-line Credo.Check.Readability.MaxLineLength
  64     gzip: true,
  65     cache_control_for_etags: @static_cache_control,
  66     headers: %{
  67       "cache-control" => @static_cache_control
  68     }
  69   )
  70
  71   plug(Plug.Static,
  72     at: "/pleroma/admin/",
  73     from: {:pleroma, "priv/static/adminfe/"}
  74   )
  75
  76   # Code reloading can be explicitly enabled under the
  77   # :code_reloader configuration of your endpoint.
  78   if code_reloading? do
  79     plug(Phoenix.CodeReloader)
  80   end
  81
  82   plug(Pleroma.Plugs.TrailingFormatPlug)
  83   plug(Plug.RequestId)
  84   plug(Plug.Logger, log: :debug)
  85
  86   plug(Plug.Parsers,
  87     parsers: [
  88       :urlencoded,
  89       {:multipart, length: {Pleroma.Config, :get, [[:instance, :upload_limit]]}},
  90       :json
  91     ],
  92     pass: ["*/*"],
  93     json_decoder: Jason,
  94     length: Pleroma.Config.get([:instance, :upload_limit]),
  95     body_reader: {Pleroma.Web.Plugs.DigestPlug, :read_body, []}
  96   )
  97
  98   plug(Plug.MethodOverride)
  99   plug(Plug.Head)
 100
 101   secure_cookies = Pleroma.Config.get([__MODULE__, :secure_cookie_flag])
 102
 103   cookie_name =
 104     if secure_cookies,
 105       do: "__Host-pleroma_key",
 106       else: "pleroma_key"
 107
 108   extra =
 109     Pleroma.Config.get([__MODULE__, :extra_cookie_attrs])
 110     |> Enum.join(";")
 111
 112   # The session will be stored in the cookie and signed,
 113   # this means its contents can be read but not tampered with.
 114   # Set :encryption_salt if you would also like to encrypt it.
 115   plug(
 116     Plug.Session,
 117     store: :cookie,
 118     key: cookie_name,
 119     signing_salt: Pleroma.Config.get([__MODULE__, :signing_salt], "CqaoopA2"),
 120     http_only: true,
 121     secure: secure_cookies,
 122     extra: extra
 123   )
 124
 125   plug(Pleroma.Plugs.RemoteIp)
 126
 127   defmodule Instrumenter do
 128     use Prometheus.PhoenixInstrumenter
 129   end
 130
 131   defmodule PipelineInstrumenter do
 132     use Prometheus.PlugPipelineInstrumenter
 133   end
 134
 135   defmodule MetricsExporter do
 136     use Prometheus.PlugExporter
 137   end
 138
 139   plug(PipelineInstrumenter)
 140   plug(MetricsExporter)
 141
 142   plug(Pleroma.Web.Router)
 143
 144   @doc """
 145   Dynamically loads configuration from the system environment
 146   on startup.
 147
 148   It receives the endpoint configuration from the config files
 149   and must return the updated configuration.
 150   """
 151   def load_from_system_env(config) do
 152     port = System.get_env("PORT") || raise "expected the PORT environment variable to be set"
 153     {:ok, Keyword.put(config, :http, [:inet6, port: port])}
 154   end
 155
 156   def websocket_url do
 157     String.replace_leading(url(), "http", "ws")
 158   end
 159 end