X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=server.ts;h=eccd19919b3d56db1009f31ed7aa2626a6a3f665;hb=3dfa84940273619ae00f11a5f419a5e4876b2f53;hp=7dffb65761573a919c7ee7dfd99ac1dabc4d3e5f;hpb=62945f067b90961d6947287014ef5b64781d7ca1;p=github%2FChocobozzz%2FPeerTube.git diff --git a/server.ts b/server.ts index 7dffb6576..eccd19919 100644 --- a/server.ts +++ b/server.ts @@ -16,6 +16,8 @@ import * as morgan from 'morgan' import * as cors from 'cors' import * as cookieParser from 'cookie-parser' import * as helmet from 'helmet' +import * as useragent from 'useragent' +import * as anonymise from 'ip-anonymize' process.title = 'peertube' @@ -27,7 +29,7 @@ import { checkMissedConfig, checkFFmpeg, checkConfig, checkActivityPubUrls } fro // Do not use barrels because we don't want to load all modules here (we need to initialize database first) import { logger } from './server/helpers/logger' -import { API_VERSION, CONFIG, STATIC_PATHS, CACHE } from './server/initializers/constants' +import { API_VERSION, CONFIG, CACHE } from './server/initializers/constants' const missed = checkMissedConfig() if (missed.length !== 0) { @@ -49,28 +51,10 @@ if (errorMessage !== null) { // Trust our proxy (IP forwarding...) app.set('trust proxy', CONFIG.TRUST_PROXY) -// Security middlewares +// Security middleware app.use(helmet({ frameguard: { action: 'deny' // we only allow it for /videos/embed, see server/controllers/client.ts - }, - dnsPrefetchControl: { - allow: true - }, - contentSecurityPolicy: { - directives: { - fontSrc: ["'self'"], - frameSrc: ["'none'"], - mediaSrc: ['*', 'https:'], - objectSrc: ["'none'"], - scriptSrc: ["'self'"], - styleSrc: ["'self'"], - upgradeInsecureRequests: true - }, - browserSniff: false // assumes a modern browser, but allows CDN in front - }, - referrerPolicy: { - policy: 'strict-origin-when-cross-origin' } })) @@ -103,10 +87,12 @@ import { trackerRouter, createWebsocketServer } from './server/controllers' +import { advertiseDoNotTrack } from './server/middlewares/dnt' import { Redis } from './server/lib/redis' import { BadActorFollowScheduler } from './server/lib/schedulers/bad-actor-follow-scheduler' import { RemoveOldJobsScheduler } from './server/lib/schedulers/remove-old-jobs-scheduler' import { UpdateVideosScheduler } from './server/lib/schedulers/update-videos-scheduler' +import { YoutubeDlUpdateScheduler } from './server/lib/schedulers/youtube-dl-update-scheduler' // ----------- Command line ----------- @@ -120,8 +106,17 @@ if (isTestInstance()) { credentials: true })) } - // For the logger +morgan.token('remote-addr', req => { + return (req.get('DNT') === '1') ? + anonymise(req.ip || (req.connection && req.connection.remoteAddress) || undefined, + 16, // bitmask for IPv4 + 16 // bitmask for IPv6 + ) : + req.ip +}) +morgan.token('user-agent', req => (req.get('DNT') === '1') ? + useragent.parse(req.get('user-agent')).family : req.get('user-agent')) app.use(morgan('combined', { stream: { write: logger.info.bind(logger) } })) @@ -133,6 +128,8 @@ app.use(bodyParser.json({ })) // Cookies app.use(cookieParser()) +// W3C DNT Tracking Status +app.use(advertiseDoNotTrack) // ----------- Views, routes and static files ----------- @@ -169,7 +166,7 @@ app.use(function (err, req, res, next) { error = err.stack || err.message || err } - logger.error('Error in controller.', { error }) + logger.error('Error in controller.', { err: error }) return res.status(err.status || 500).end() }) @@ -204,6 +201,7 @@ async function startApplication () { BadActorFollowScheduler.Instance.enable() RemoveOldJobsScheduler.Instance.enable() UpdateVideosScheduler.Instance.enable() + YoutubeDlUpdateScheduler.Instance.enable() // Redis initialization Redis.Instance.init() @@ -213,4 +211,10 @@ async function startApplication () { logger.info('Server listening on %s:%d', hostname, port) logger.info('Web server: %s', CONFIG.WEBSERVER.URL) }) + + process.on('exit', () => { + JobQueue.Instance.terminate() + }) + + process.on('SIGINT', () => process.exit(0)) }