import * as cors from 'cors'
import * as cookieParser from 'cookie-parser'
import * as helmet from 'helmet'
+import * as useragent from 'useragent'
+import * as anonymise from 'ip-anonymize'
process.title = 'peertube'
// Do not use barrels because we don't want to load all modules here (we need to initialize database first)
import { logger } from './server/helpers/logger'
-import { API_VERSION, CONFIG, STATIC_PATHS, CACHE } from './server/initializers/constants'
+import { API_VERSION, CONFIG, CACHE } from './server/initializers/constants'
const missed = checkMissedConfig()
if (missed.length !== 0) {
// Trust our proxy (IP forwarding...)
app.set('trust proxy', CONFIG.TRUST_PROXY)
-// Security middlewares
+// Security middleware
app.use(helmet({
frameguard: {
action: 'deny' // we only allow it for /videos/embed, see server/controllers/client.ts
- },
- dnsPrefetchControl: {
- allow: true
- },
- contentSecurityPolicy: {
- directives: {
- defaultSrc: ['*', 'data:', 'wss:', 'https:'],
- fontSrc: ["'self'", 'data:'],
- frameSrc: ["'none'"],
- mediaSrc: ['*', 'https:'],
- objectSrc: ["'none'"],
- scriptSrc: ["'self'", "'unsafe-inline'", "'unsafe-eval'"],
- styleSrc: ["'self'", "'unsafe-inline'"],
- upgradeInsecureRequests: true
- },
- browserSniff: false // assumes a modern browser, but allows CDN in front
- },
- referrerPolicy: {
- policy: 'strict-origin-when-cross-origin'
}
}))
-app.use((_, res, next) => {
- [
- "vibrate 'none'",
- "geolocation 'none'",
- "camera 'none'",
- "microphone 'none'",
- "magnetometer 'none'",
- "payment 'none'",
- "accelerometer 'none'"
- ].forEach(e => res.append('Feature-Policy', e + ';'))
- next()
-})
// ----------- Database -----------
trackerRouter,
createWebsocketServer
} from './server/controllers'
+import { advertiseDoNotTrack } from './server/middlewares/dnt'
import { Redis } from './server/lib/redis'
import { BadActorFollowScheduler } from './server/lib/schedulers/bad-actor-follow-scheduler'
import { RemoveOldJobsScheduler } from './server/lib/schedulers/remove-old-jobs-scheduler'
import { UpdateVideosScheduler } from './server/lib/schedulers/update-videos-scheduler'
+import { YoutubeDlUpdateScheduler } from './server/lib/schedulers/youtube-dl-update-scheduler'
// ----------- Command line -----------
credentials: true
}))
}
-
// For the logger
+morgan.token('remote-addr', req => {
+ return (req.get('DNT') === '1') ?
+ anonymise(req.ip || (req.connection && req.connection.remoteAddress) || undefined,
+ 16, // bitmask for IPv4
+ 16 // bitmask for IPv6
+ ) :
+ req.ip
+})
+morgan.token('user-agent', req => (req.get('DNT') === '1') ?
+ useragent.parse(req.get('user-agent')).family : req.get('user-agent'))
app.use(morgan('combined', {
stream: { write: logger.info.bind(logger) }
}))
}))
// Cookies
app.use(cookieParser())
+// W3C DNT Tracking Status
+app.use(advertiseDoNotTrack)
// ----------- Views, routes and static files -----------
error = err.stack || err.message || err
}
- logger.error('Error in controller.', { error })
+ logger.error('Error in controller.', { err: error })
return res.status(err.status || 500).end()
})
BadActorFollowScheduler.Instance.enable()
RemoveOldJobsScheduler.Instance.enable()
UpdateVideosScheduler.Instance.enable()
+ YoutubeDlUpdateScheduler.Instance.enable()
// Redis initialization
Redis.Instance.init()
logger.info('Server listening on %s:%d', hostname, port)
logger.info('Web server: %s', CONFIG.WEBSERVER.URL)
})
+
+ process.on('exit', () => {
+ JobQueue.Instance.terminate()
+ })
+
+ process.on('SIGINT', () => process.exit(0))
}
projects / github / Chocobozzz / PeerTube.git / blobdiff