X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=server.ts;h=df56bcd822ad3602a974a65821eb966fe2523144;hb=2ba92871319d7af63472c1380664a9f9eeb1c690;hp=59fb820b47a1be95d0d7d2bbdae6dc76b0a5aa9f;hpb=e5565833f62b97f62ea75eba5b479963ae78b873;p=github%2FChocobozzz%2FPeerTube.git diff --git a/server.ts b/server.ts index 59fb820b4..df56bcd82 100644 --- a/server.ts +++ b/server.ts @@ -16,6 +16,7 @@ import * as cookieParser from 'cookie-parser' import * as helmet from 'helmet' import * as useragent from 'useragent' import * as anonymize from 'ip-anonymize' +import * as cli from 'commander' process.title = 'peertube' @@ -27,7 +28,7 @@ import { checkMissedConfig, checkFFmpeg } from './server/initializers/checker-be // Do not use barrels because we don't want to load all modules here (we need to initialize database first) import { logger } from './server/helpers/logger' -import { API_VERSION, CONFIG, CACHE } from './server/initializers/constants' +import { API_VERSION, CONFIG, FILES_CACHE } from './server/initializers/constants' const missed = checkMissedConfig() if (missed.length !== 0) { @@ -52,12 +53,17 @@ if (errorMessage !== null) { app.set('trust proxy', CONFIG.TRUST_PROXY) // Security middleware -app.use(helmet({ - frameguard: { - action: 'deny' // we only allow it for /videos/embed, see server/controllers/client.ts - }, - hsts: false -})) +import { baseCSP } from './server/middlewares/csp' + +if (CONFIG.CSP.ENABLED) { + app.use(baseCSP) + app.use(helmet({ + frameguard: { + action: 'deny' // we only allow it for /videos/embed, see server/controllers/client.ts + }, + hsts: false + })) +} // ----------- Database ----------- @@ -76,7 +82,7 @@ migrate() import { installApplication } from './server/initializers' import { Emailer } from './server/lib/emailer' import { JobQueue } from './server/lib/job-queue' -import { VideosPreviewCache, VideosCaptionCache } from './server/lib/cache' +import { VideosPreviewCache, VideosCaptionCache } from './server/lib/files-cache' import { activityPubRouter, apiRouter, @@ -86,18 +92,24 @@ import { servicesRouter, webfingerRouter, trackerRouter, - createWebsocketServer + createWebsocketTrackerServer, botsRouter } from './server/controllers' import { advertiseDoNotTrack } from './server/middlewares/dnt' import { Redis } from './server/lib/redis' -import { BadActorFollowScheduler } from './server/lib/schedulers/bad-actor-follow-scheduler' +import { ActorFollowScheduler } from './server/lib/schedulers/actor-follow-scheduler' import { RemoveOldJobsScheduler } from './server/lib/schedulers/remove-old-jobs-scheduler' import { UpdateVideosScheduler } from './server/lib/schedulers/update-videos-scheduler' import { YoutubeDlUpdateScheduler } from './server/lib/schedulers/youtube-dl-update-scheduler' import { VideosRedundancyScheduler } from './server/lib/schedulers/videos-redundancy-scheduler' +import { isHTTPSignatureDigestValid } from './server/helpers/peertube-crypto' +import { PeerTubeSocket } from './server/lib/peertube-socket' // ----------- Command line ----------- +cli + .option('--no-client', 'Start PeerTube without client interface') + .parse(process.argv) + // ----------- App ----------- // Enable CORS for develop @@ -126,7 +138,11 @@ app.use(morgan('combined', { app.use(bodyParser.urlencoded({ extended: false })) app.use(bodyParser.json({ type: [ 'application/json', 'application/*+json' ], - limit: '500kb' + limit: '500kb', + verify: (req: express.Request, _, buf: Buffer) => { + const valid = isHTTPSignatureDigestValid(buf, req) + if (valid !== true) throw new Error('Invalid digest') + } })) // Cookies app.use(cookieParser()) @@ -146,12 +162,13 @@ app.use('/', activityPubRouter) app.use('/', feedsRouter) app.use('/', webfingerRouter) app.use('/', trackerRouter) +app.use('/', botsRouter) // Static files app.use('/', staticRouter) // Client files, last valid routes! -app.use('/', clientsRouter) +if (cli.client) app.use('/', clientsRouter) // ----------- Errors ----------- @@ -175,7 +192,7 @@ app.use(function (err, req, res, next) { return res.status(err.status || 500).end() }) -const server = createWebsocketServer(app) +const server = createWebsocketTrackerServer(app) // ----------- Run ----------- @@ -194,16 +211,18 @@ async function startApplication () { // Email initialization Emailer.Instance.init() - await Emailer.Instance.checkConnectionOrDie() - await JobQueue.Instance.init() + await Promise.all([ + Emailer.Instance.checkConnectionOrDie(), + JobQueue.Instance.init() + ]) // Caches initializations - VideosPreviewCache.Instance.init(CONFIG.CACHE.PREVIEWS.SIZE, CACHE.PREVIEWS.MAX_AGE) - VideosCaptionCache.Instance.init(CONFIG.CACHE.VIDEO_CAPTIONS.SIZE, CACHE.VIDEO_CAPTIONS.MAX_AGE) + VideosPreviewCache.Instance.init(CONFIG.CACHE.PREVIEWS.SIZE, FILES_CACHE.PREVIEWS.MAX_AGE) + VideosCaptionCache.Instance.init(CONFIG.CACHE.VIDEO_CAPTIONS.SIZE, FILES_CACHE.VIDEO_CAPTIONS.MAX_AGE) // Enable Schedulers - BadActorFollowScheduler.Instance.enable() + ActorFollowScheduler.Instance.enable() RemoveOldJobsScheduler.Instance.enable() UpdateVideosScheduler.Instance.enable() YoutubeDlUpdateScheduler.Instance.enable() @@ -212,6 +231,8 @@ async function startApplication () { // Redis initialization Redis.Instance.init() + PeerTubeSocket.Instance.init(server) + // Make server listening server.listen(port, hostname, () => { logger.info('Server listening on %s:%d', hostname, port)