diff options
Diffstat (limited to 'server.ts')
-rw-r--r-- | server.ts | 35 |
1 files changed, 27 insertions, 8 deletions
@@ -16,6 +16,7 @@ import * as cookieParser from 'cookie-parser' | |||
16 | import * as helmet from 'helmet' | 16 | import * as helmet from 'helmet' |
17 | import * as useragent from 'useragent' | 17 | import * as useragent from 'useragent' |
18 | import * as anonymize from 'ip-anonymize' | 18 | import * as anonymize from 'ip-anonymize' |
19 | import * as cli from 'commander' | ||
19 | 20 | ||
20 | process.title = 'peertube' | 21 | process.title = 'peertube' |
21 | 22 | ||
@@ -52,6 +53,9 @@ if (errorMessage !== null) { | |||
52 | app.set('trust proxy', CONFIG.TRUST_PROXY) | 53 | app.set('trust proxy', CONFIG.TRUST_PROXY) |
53 | 54 | ||
54 | // Security middleware | 55 | // Security middleware |
56 | import { baseCSP } from './server/middlewares' | ||
57 | |||
58 | app.use(baseCSP) | ||
55 | app.use(helmet({ | 59 | app.use(helmet({ |
56 | frameguard: { | 60 | frameguard: { |
57 | action: 'deny' // we only allow it for /videos/embed, see server/controllers/client.ts | 61 | action: 'deny' // we only allow it for /videos/embed, see server/controllers/client.ts |
@@ -86,18 +90,24 @@ import { | |||
86 | servicesRouter, | 90 | servicesRouter, |
87 | webfingerRouter, | 91 | webfingerRouter, |
88 | trackerRouter, | 92 | trackerRouter, |
89 | createWebsocketServer | 93 | createWebsocketTrackerServer, botsRouter |
90 | } from './server/controllers' | 94 | } from './server/controllers' |
91 | import { advertiseDoNotTrack } from './server/middlewares/dnt' | 95 | import { advertiseDoNotTrack } from './server/middlewares/dnt' |
92 | import { Redis } from './server/lib/redis' | 96 | import { Redis } from './server/lib/redis' |
93 | import { BadActorFollowScheduler } from './server/lib/schedulers/bad-actor-follow-scheduler' | 97 | import { ActorFollowScheduler } from './server/lib/schedulers/actor-follow-scheduler' |
94 | import { RemoveOldJobsScheduler } from './server/lib/schedulers/remove-old-jobs-scheduler' | 98 | import { RemoveOldJobsScheduler } from './server/lib/schedulers/remove-old-jobs-scheduler' |
95 | import { UpdateVideosScheduler } from './server/lib/schedulers/update-videos-scheduler' | 99 | import { UpdateVideosScheduler } from './server/lib/schedulers/update-videos-scheduler' |
96 | import { YoutubeDlUpdateScheduler } from './server/lib/schedulers/youtube-dl-update-scheduler' | 100 | import { YoutubeDlUpdateScheduler } from './server/lib/schedulers/youtube-dl-update-scheduler' |
97 | import { VideosRedundancyScheduler } from './server/lib/schedulers/videos-redundancy-scheduler' | 101 | import { VideosRedundancyScheduler } from './server/lib/schedulers/videos-redundancy-scheduler' |
102 | import { isHTTPSignatureDigestValid } from './server/helpers/peertube-crypto' | ||
103 | import { PeerTubeSocket } from './server/lib/peertube-socket' | ||
98 | 104 | ||
99 | // ----------- Command line ----------- | 105 | // ----------- Command line ----------- |
100 | 106 | ||
107 | cli | ||
108 | .option('--no-client', 'Start PeerTube without client interface') | ||
109 | .parse(process.argv) | ||
110 | |||
101 | // ----------- App ----------- | 111 | // ----------- App ----------- |
102 | 112 | ||
103 | // Enable CORS for develop | 113 | // Enable CORS for develop |
@@ -126,7 +136,11 @@ app.use(morgan('combined', { | |||
126 | app.use(bodyParser.urlencoded({ extended: false })) | 136 | app.use(bodyParser.urlencoded({ extended: false })) |
127 | app.use(bodyParser.json({ | 137 | app.use(bodyParser.json({ |
128 | type: [ 'application/json', 'application/*+json' ], | 138 | type: [ 'application/json', 'application/*+json' ], |
129 | limit: '500kb' | 139 | limit: '500kb', |
140 | verify: (req: express.Request, _, buf: Buffer) => { | ||
141 | const valid = isHTTPSignatureDigestValid(buf, req) | ||
142 | if (valid !== true) throw new Error('Invalid digest') | ||
143 | } | ||
130 | })) | 144 | })) |
131 | // Cookies | 145 | // Cookies |
132 | app.use(cookieParser()) | 146 | app.use(cookieParser()) |
@@ -146,12 +160,13 @@ app.use('/', activityPubRouter) | |||
146 | app.use('/', feedsRouter) | 160 | app.use('/', feedsRouter) |
147 | app.use('/', webfingerRouter) | 161 | app.use('/', webfingerRouter) |
148 | app.use('/', trackerRouter) | 162 | app.use('/', trackerRouter) |
163 | app.use('/', botsRouter) | ||
149 | 164 | ||
150 | // Static files | 165 | // Static files |
151 | app.use('/', staticRouter) | 166 | app.use('/', staticRouter) |
152 | 167 | ||
153 | // Client files, last valid routes! | 168 | // Client files, last valid routes! |
154 | app.use('/', clientsRouter) | 169 | if (cli.client) app.use('/', clientsRouter) |
155 | 170 | ||
156 | // ----------- Errors ----------- | 171 | // ----------- Errors ----------- |
157 | 172 | ||
@@ -175,7 +190,7 @@ app.use(function (err, req, res, next) { | |||
175 | return res.status(err.status || 500).end() | 190 | return res.status(err.status || 500).end() |
176 | }) | 191 | }) |
177 | 192 | ||
178 | const server = createWebsocketServer(app) | 193 | const server = createWebsocketTrackerServer(app) |
179 | 194 | ||
180 | // ----------- Run ----------- | 195 | // ----------- Run ----------- |
181 | 196 | ||
@@ -194,16 +209,18 @@ async function startApplication () { | |||
194 | 209 | ||
195 | // Email initialization | 210 | // Email initialization |
196 | Emailer.Instance.init() | 211 | Emailer.Instance.init() |
197 | await Emailer.Instance.checkConnectionOrDie() | ||
198 | 212 | ||
199 | await JobQueue.Instance.init() | 213 | await Promise.all([ |
214 | Emailer.Instance.checkConnectionOrDie(), | ||
215 | JobQueue.Instance.init() | ||
216 | ]) | ||
200 | 217 | ||
201 | // Caches initializations | 218 | // Caches initializations |
202 | VideosPreviewCache.Instance.init(CONFIG.CACHE.PREVIEWS.SIZE, CACHE.PREVIEWS.MAX_AGE) | 219 | VideosPreviewCache.Instance.init(CONFIG.CACHE.PREVIEWS.SIZE, CACHE.PREVIEWS.MAX_AGE) |
203 | VideosCaptionCache.Instance.init(CONFIG.CACHE.VIDEO_CAPTIONS.SIZE, CACHE.VIDEO_CAPTIONS.MAX_AGE) | 220 | VideosCaptionCache.Instance.init(CONFIG.CACHE.VIDEO_CAPTIONS.SIZE, CACHE.VIDEO_CAPTIONS.MAX_AGE) |
204 | 221 | ||
205 | // Enable Schedulers | 222 | // Enable Schedulers |
206 | BadActorFollowScheduler.Instance.enable() | 223 | ActorFollowScheduler.Instance.enable() |
207 | RemoveOldJobsScheduler.Instance.enable() | 224 | RemoveOldJobsScheduler.Instance.enable() |
208 | UpdateVideosScheduler.Instance.enable() | 225 | UpdateVideosScheduler.Instance.enable() |
209 | YoutubeDlUpdateScheduler.Instance.enable() | 226 | YoutubeDlUpdateScheduler.Instance.enable() |
@@ -212,6 +229,8 @@ async function startApplication () { | |||
212 | // Redis initialization | 229 | // Redis initialization |
213 | Redis.Instance.init() | 230 | Redis.Instance.init() |
214 | 231 | ||
232 | PeerTubeSocket.Instance.init(server) | ||
233 | |||
215 | // Make server listening | 234 | // Make server listening |
216 | server.listen(port, hostname, () => { | 235 | server.listen(port, hostname, () => { |
217 | logger.info('Server listening on %s:%d', hostname, port) | 236 | logger.info('Server listening on %s:%d', hostname, port) |