git.squeep.com Git - akkoma/blob - lib/pleroma/web/endpoint.ex

   1 # Pleroma: A lightweight social networking server
   2 # Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
   3 # SPDX-License-Identifier: AGPL-3.0-only
   4
   5 defmodule Pleroma.Web.Endpoint do
   6   use Phoenix.Endpoint, otp_app: :pleroma
   7
   8   require Pleroma.Constants
   9
  10   alias Pleroma.Config
  11
  12   socket("/socket", Pleroma.Web.UserSocket)
  13
  14   plug(Plug.Telemetry, event_prefix: [:phoenix, :endpoint])
  15
  16   plug(Pleroma.Web.Plugs.SetLocalePlug)
  17   plug(CORSPlug)
  18   plug(Pleroma.Web.Plugs.HTTPSecurityPlug)
  19   plug(Pleroma.Web.Plugs.UploadedMedia)
  20
  21   @static_cache_control "public, no-cache"
  22
  23   # InstanceStatic needs to be before Plug.Static to be able to override shipped-static files
  24   # If you're adding new paths to `only:` you'll need to configure them in InstanceStatic as well
  25   # Cache-control headers are duplicated in case we turn off etags in the future
  26   plug(Pleroma.Web.Plugs.InstanceStatic,
  27     at: "/",
  28     gzip: true,
  29     cache_control_for_etags: @static_cache_control,
  30     headers: %{
  31       "cache-control" => @static_cache_control
  32     }
  33   )
  34
  35   # Careful! No `only` restriction here, as we don't know what frontends contain.
  36   plug(Pleroma.Web.Plugs.FrontendStatic,
  37     at: "/",
  38     frontend_type: :primary,
  39     gzip: true,
  40     cache_control_for_etags: @static_cache_control,
  41     headers: %{
  42       "cache-control" => @static_cache_control
  43     }
  44   )
  45
  46   plug(Plug.Static.IndexHtml, at: "/pleroma/admin/")
  47
  48   plug(Pleroma.Web.Plugs.FrontendStatic,
  49     at: "/pleroma/admin",
  50     frontend_type: :admin,
  51     gzip: true,
  52     cache_control_for_etags: @static_cache_control,
  53     headers: %{
  54       "cache-control" => @static_cache_control
  55     }
  56   )
  57
  58   # Serve at "/" the static files from "priv/static" directory.
  59   #
  60   # You should set gzip to true if you are running phoenix.digest
  61   # when deploying your static files in production.
  62   plug(
  63     Plug.Static,
  64     at: "/",
  65     from: :pleroma,
  66     only: Pleroma.Constants.static_only_files(),
  67     # credo:disable-for-previous-line Credo.Check.Readability.MaxLineLength
  68     gzip: true,
  69     cache_control_for_etags: @static_cache_control,
  70     headers: %{
  71       "cache-control" => @static_cache_control
  72     }
  73   )
  74
  75   plug(Plug.Static,
  76     at: "/pleroma/admin/",
  77     from: {:pleroma, "priv/static/adminfe/"}
  78   )
  79
  80   # Code reloading can be explicitly enabled under the
  81   # :code_reloader configuration of your endpoint.
  82   if code_reloading? do
  83     plug(Phoenix.CodeReloader)
  84   end
  85
  86   plug(Pleroma.Web.Plugs.TrailingFormatPlug)
  87   plug(Plug.RequestId)
  88   plug(Plug.Logger, log: :debug)
  89
  90   plug(Plug.Parsers,
  91     parsers: [
  92       :urlencoded,
  93       {:multipart, length: {Config, :get, [[:instance, :upload_limit]]}},
  94       :json
  95     ],
  96     pass: ["*/*"],
  97     json_decoder: Jason,
  98     length: Config.get([:instance, :upload_limit]),
  99     body_reader: {Pleroma.Web.Plugs.DigestPlug, :read_body, []}
 100   )
 101
 102   plug(Plug.MethodOverride)
 103   plug(Plug.Head)
 104
 105   secure_cookies = Config.get([__MODULE__, :secure_cookie_flag])
 106
 107   cookie_name =
 108     if secure_cookies,
 109       do: "__Host-pleroma_key",
 110       else: "pleroma_key"
 111
 112   extra =
 113     Config.get([__MODULE__, :extra_cookie_attrs])
 114     |> Enum.join(";")
 115
 116   # The session will be stored in the cookie and signed,
 117   # this means its contents can be read but not tampered with.
 118   # Set :encryption_salt if you would also like to encrypt it.
 119   plug(
 120     Plug.Session,
 121     store: :cookie,
 122     key: cookie_name,
 123     signing_salt: Config.get([__MODULE__, :signing_salt], "CqaoopA2"),
 124     http_only: true,
 125     secure: secure_cookies,
 126     extra: extra
 127   )
 128
 129   plug(Pleroma.Web.Plugs.RemoteIp)
 130
 131   defmodule Instrumenter do
 132     use Prometheus.PhoenixInstrumenter
 133   end
 134
 135   defmodule PipelineInstrumenter do
 136     use Prometheus.PlugPipelineInstrumenter
 137   end
 138
 139   defmodule MetricsExporter do
 140     use Prometheus.PlugExporter
 141   end
 142
 143   defmodule MetricsExporterCaller do
 144     @behaviour Plug
 145
 146     def init(opts), do: opts
 147
 148     def call(conn, opts) do
 149       prometheus_config = Application.get_env(:prometheus, MetricsExporter, [])
 150       ip_whitelist = List.wrap(prometheus_config[:ip_whitelist])
 151
 152       cond do
 153         !prometheus_config[:enabled] ->
 154           conn
 155
 156         ip_whitelist != [] and
 157             !Enum.find(ip_whitelist, fn ip ->
 158               Pleroma.Helpers.InetHelper.parse_address(ip) == {:ok, conn.remote_ip}
 159             end) ->
 160           conn
 161
 162         true ->
 163           MetricsExporter.call(conn, opts)
 164       end
 165     end
 166   end
 167
 168   plug(PipelineInstrumenter)
 169
 170   plug(MetricsExporterCaller)
 171
 172   plug(Pleroma.Web.Plugs.ConfirmUserPlug)
 173
 174   plug(Pleroma.Web.Router)
 175
 176   @doc """
 177   Dynamically loads configuration from the system environment
 178   on startup.
 179
 180   It receives the endpoint configuration from the config files
 181   and must return the updated configuration.
 182   """
 183   def load_from_system_env(config) do
 184     port = System.get_env("PORT") || raise "expected the PORT environment variable to be set"
 185     {:ok, Keyword.put(config, :http, [:inet6, port: port])}
 186   end
 187
 188   def websocket_url do
 189     String.replace_leading(url(), "http", "ws")
 190   end
 191 end