1 # Pleroma: A lightweight social networking server
2 # Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
3 # SPDX-License-Identifier: AGPL-3.0-only
5 defmodule Pleroma.Web.Endpoint do
6 use Phoenix.Endpoint, otp_app: :pleroma
8 require Pleroma.Constants
12 socket("/socket", Pleroma.Web.UserSocket)
14 plug(Plug.Telemetry, event_prefix: [:phoenix, :endpoint])
16 plug(Pleroma.Web.Plugs.SetLocalePlug)
18 plug(Pleroma.Web.Plugs.HTTPSecurityPlug)
19 plug(Pleroma.Web.Plugs.UploadedMedia)
21 @static_cache_control "public, no-cache"
23 # InstanceStatic needs to be before Plug.Static to be able to override shipped-static files
24 # If you're adding new paths to `only:` you'll need to configure them in InstanceStatic as well
25 # Cache-control headers are duplicated in case we turn off etags in the future
27 Pleroma.Web.Plugs.InstanceStatic,
30 only: ["emoji", "images"],
32 cache_control_for_etags: "public, max-age=1209600",
34 "cache-control" => "public, max-age=1209600"
38 plug(Pleroma.Web.Plugs.InstanceStatic,
41 cache_control_for_etags: @static_cache_control,
43 "cache-control" => @static_cache_control
47 # Careful! No `only` restriction here, as we don't know what frontends contain.
48 plug(Pleroma.Web.Plugs.FrontendStatic,
50 frontend_type: :primary,
52 cache_control_for_etags: @static_cache_control,
54 "cache-control" => @static_cache_control
58 plug(Plug.Static.IndexHtml, at: "/pleroma/admin/")
60 plug(Pleroma.Web.Plugs.FrontendStatic,
62 frontend_type: :admin,
64 cache_control_for_etags: @static_cache_control,
66 "cache-control" => @static_cache_control
70 plug(Plug.Static.IndexHtml, at: "/pleroma/fedife/")
72 plug(Pleroma.Web.Plugs.FrontendStatic,
73 at: "/pleroma/fedife",
74 frontend_type: :fedife,
76 cache_control_for_etags: @static_cache_control,
78 "cache-control" => @static_cache_control
82 # Serve at "/" the static files from "priv/static" directory.
84 # You should set gzip to true if you are running phoenix.digest
85 # when deploying your static files in production.
90 only: Pleroma.Constants.static_only_files(),
91 # credo:disable-for-previous-line Credo.Check.Readability.MaxLineLength
93 cache_control_for_etags: @static_cache_control,
95 "cache-control" => @static_cache_control
100 at: "/pleroma/admin/",
101 from: {:pleroma, "priv/static/adminfe/"}
104 # Code reloading can be explicitly enabled under the
105 # :code_reloader configuration of your endpoint.
106 if code_reloading? do
107 plug(Phoenix.CodeReloader)
110 plug(Pleroma.Web.Plugs.TrailingFormatPlug)
112 plug(Plug.Logger, log: :debug)
117 {:multipart, length: {Config, :get, [[:instance, :upload_limit]]}},
122 length: Config.get([:instance, :upload_limit]),
123 body_reader: {Pleroma.Web.Plugs.DigestPlug, :read_body, []}
126 plug(Plug.MethodOverride)
129 secure_cookies = Config.get([__MODULE__, :secure_cookie_flag])
133 do: "__Host-pleroma_key",
137 Config.get([__MODULE__, :extra_cookie_attrs])
140 # The session will be stored in the cookie and signed,
141 # this means its contents can be read but not tampered with.
142 # Set :encryption_salt if you would also like to encrypt it.
147 signing_salt: Config.get([__MODULE__, :signing_salt], "CqaoopA2"),
149 secure: secure_cookies,
153 plug(Pleroma.Web.Plugs.RemoteIp)
155 defmodule Instrumenter do
156 use Prometheus.PhoenixInstrumenter
159 defmodule PipelineInstrumenter do
160 use Prometheus.PlugPipelineInstrumenter
163 defmodule MetricsExporter do
164 use Prometheus.PlugExporter
167 defmodule MetricsExporterCaller do
170 def init(opts), do: opts
172 def call(conn, opts) do
173 prometheus_config = Application.get_env(:prometheus, MetricsExporter, [])
174 ip_whitelist = List.wrap(prometheus_config[:ip_whitelist])
177 !prometheus_config[:enabled] ->
180 ip_whitelist != [] and
181 !Enum.find(ip_whitelist, fn ip ->
182 Pleroma.Helpers.InetHelper.parse_address(ip) == {:ok, conn.remote_ip}
187 MetricsExporter.call(conn, opts)
192 plug(PipelineInstrumenter)
194 plug(MetricsExporterCaller)
196 plug(Pleroma.Web.Router)
199 Dynamically loads configuration from the system environment
202 It receives the endpoint configuration from the config files
203 and must return the updated configuration.
205 def load_from_system_env(config) do
206 port = System.get_env("PORT") || raise "expected the PORT environment variable to be set"
207 {:ok, Keyword.put(config, :http, [:inet6, port: port])}
211 String.replace_leading(url(), "http", "ws")