X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=server.ts;h=9fe7411755db749c35f8194754a8b62ed5578f7f;hb=978c9d497b36e52196eb7e755406571e5d57cbc7;hp=80bf118c010aa582e9f2c02e2036df7226051b12;hpb=3482688cce11495b51970f680f375ed56deb4464;p=oweals%2Fpeertube.git

diff --git a/server.ts b/server.ts
index 80bf118c0..9fe741175 100644
--- a/server.ts
+++ b/server.ts
@@ -1,3 +1,6 @@
+// FIXME: https://github.com/nodejs/node/pull/16853
+require('tls').DEFAULT_ECDH_CURVE = 'auto'
+
 import { isTestInstance } from './server/helpers/core-utils'
 
 if (isTestInstance()) {
@@ -7,16 +10,13 @@ if (isTestInstance()) {
 // ----------- Node modules -----------
 import * as bodyParser from 'body-parser'
 import * as express from 'express'
-// FIXME: cannot import express-validator
-const expressValidator = require('express-validator')
-import * as http from 'http'
 import * as morgan from 'morgan'
-import * as path from 'path'
-import * as bittorrentTracker from 'bittorrent-tracker'
 import * as cors from 'cors'
-import { Server as WebSocketServer } from 'ws'
-
-const TrackerServer = bittorrentTracker.Server
+import * as cookieParser from 'cookie-parser'
+import * as helmet from 'helmet'
+import * as useragent from 'useragent'
+import * as anonymize from 'ip-anonymize'
+import * as cli from 'commander'
 
 process.title = 'peertube'
 
@@ -24,67 +24,130 @@ process.title = 'peertube'
 const app = express()
 
 // ----------- Core checker -----------
-import { checkMissedConfig, checkFFmpeg, checkConfig } from './server/initializers/checker'
+import { checkMissedConfig, checkFFmpeg } from './server/initializers/checker-before-init'
+
+// Do not use barrels because we don't want to load all modules here (we need to initialize database first)
+import { logger } from './server/helpers/logger'
+import { API_VERSION, CONFIG, CACHE } from './server/initializers/constants'
 
 const missed = checkMissedConfig()
 if (missed.length !== 0) {
-  throw new Error('Your configuration files miss keys: ' + missed)
+  logger.error('Your configuration files miss keys: ' + missed)
+  process.exit(-1)
 }
 
-import { API_VERSION, CONFIG, STATIC_PATHS } from './server/initializers/constants'
 checkFFmpeg(CONFIG)
+  .catch(err => {
+    logger.error('Error in ffmpeg check.', { err })
+    process.exit(-1)
+  })
+
+import { checkConfig, checkActivityPubUrls } from './server/initializers/checker-after-init'
 
 const errorMessage = checkConfig()
 if (errorMessage !== null) {
   throw new Error(errorMessage)
 }
 
+// Trust our proxy (IP forwarding...)
+app.set('trust proxy', CONFIG.TRUST_PROXY)
+
+// Security middleware
+import { baseCSP } from './server/middlewares/csp'
+
+if (CONFIG.CSP.ENABLED) {
+  app.use(baseCSP)
+  app.use(helmet({
+    frameguard: {
+      action: 'deny' // we only allow it for /videos/embed, see server/controllers/client.ts
+    },
+    hsts: false
+  }))
+}
+
 // ----------- Database -----------
-// Do not use barrels because we don't want to load all modules here (we need to initialize database first)
-import { logger } from './server/helpers/logger'
+
 // Initialize database and models
-import { database as db } from './server/initializers/database'
-db.init(false).then(() => onDatabaseInitDone())
+import { initDatabaseModels } from './server/initializers/database'
+import { migrate } from './server/initializers/migrator'
+migrate()
+  .then(() => initDatabaseModels(false))
+  .then(() => startApplication())
+  .catch(err => {
+    logger.error('Cannot start application.', { err })
+    process.exit(-1)
+  })
 
 // ----------- PeerTube modules -----------
-import { migrate, installApplication } from './server/initializers'
-import { JobScheduler, activateSchedulers, VideosPreviewCache } from './server/lib'
-import * as customValidators from './server/helpers/custom-validators'
-import { apiRouter, clientsRouter, staticRouter } from './server/controllers'
+import { installApplication } from './server/initializers'
+import { Emailer } from './server/lib/emailer'
+import { JobQueue } from './server/lib/job-queue'
+import { VideosPreviewCache, VideosCaptionCache } from './server/lib/cache'
+import {
+  activityPubRouter,
+  apiRouter,
+  clientsRouter,
+  feedsRouter,
+  staticRouter,
+  servicesRouter,
+  webfingerRouter,
+  trackerRouter,
+  createWebsocketTrackerServer, botsRouter
+} from './server/controllers'
+import { advertiseDoNotTrack } from './server/middlewares/dnt'
+import { Redis } from './server/lib/redis'
+import { ActorFollowScheduler } from './server/lib/schedulers/actor-follow-scheduler'
+import { RemoveOldJobsScheduler } from './server/lib/schedulers/remove-old-jobs-scheduler'
+import { UpdateVideosScheduler } from './server/lib/schedulers/update-videos-scheduler'
+import { YoutubeDlUpdateScheduler } from './server/lib/schedulers/youtube-dl-update-scheduler'
+import { VideosRedundancyScheduler } from './server/lib/schedulers/videos-redundancy-scheduler'
+import { isHTTPSignatureDigestValid } from './server/helpers/peertube-crypto'
+import { PeerTubeSocket } from './server/lib/peertube-socket'
 
 // ----------- Command line -----------
 
+cli
+  .option('--no-client', 'Start PeerTube without client interface')
+  .parse(process.argv)
+
 // ----------- App -----------
 
 // Enable CORS for develop
 if (isTestInstance()) {
-  app.use((req, res, next) => {
-    // These routes have already cors
-    if (
-      req.path.indexOf(STATIC_PATHS.TORRENTS) === -1 &&
-      req.path.indexOf(STATIC_PATHS.WEBSEED) === -1
-    ) {
-      return (cors({
-        origin: 'http://localhost:3000',
-        credentials: true
-      }))(req, res, next)
-    }
-
-    return next()
-  })
+  app.use(cors({
+    origin: '*',
+    exposedHeaders: 'Retry-After',
+    credentials: true
+  }))
 }
-
 // For the logger
+morgan.token('remote-addr', req => {
+  return (req.get('DNT') === '1') ?
+    anonymize(req.ip || (req.connection && req.connection.remoteAddress) || undefined,
+    16, // bitmask for IPv4
+    16  // bitmask for IPv6
+    ) :
+    req.ip
+})
+morgan.token('user-agent', req => (req.get('DNT') === '1') ?
+  useragent.parse(req.get('user-agent')).family : req.get('user-agent'))
 app.use(morgan('combined', {
-  stream: { write: logger.info }
+  stream: { write: logger.info.bind(logger) }
 }))
 // For body requests
-app.use(bodyParser.json({ limit: '500kb' }))
 app.use(bodyParser.urlencoded({ extended: false }))
-// Validate some params for the API
-app.use(expressValidator({
-  customValidators: customValidators
+app.use(bodyParser.json({
+  type: [ 'application/json', 'application/*+json' ],
+  limit: '500kb',
+  verify: (req: express.Request, _, buf: Buffer) => {
+    const valid = isHTTPSignatureDigestValid(buf, req)
+    if (valid !== true) throw new Error('Invalid digest')
+  }
 }))
+// Cookies
+app.use(cookieParser())
+// W3C DNT Tracking Status
+app.use(advertiseDoNotTrack)
 
 // ----------- Views, routes and static files -----------
 
@@ -92,39 +155,20 @@ app.use(expressValidator({
 const apiRoute = '/api/' + API_VERSION
 app.use(apiRoute, apiRouter)
 
-// Client files
-app.use('/', clientsRouter)
+// Services (oembed...)
+app.use('/services', servicesRouter)
+
+app.use('/', activityPubRouter)
+app.use('/', feedsRouter)
+app.use('/', webfingerRouter)
+app.use('/', trackerRouter)
+app.use('/', botsRouter)
 
 // Static files
 app.use('/', staticRouter)
 
-// Always serve index client page (the client is a single page application, let it handle routing)
-app.use('/*', function (req, res, next) {
-  res.sendFile(path.join(__dirname, '../client/dist/index.html'))
-})
-
-// ----------- Tracker -----------
-
-const trackerServer = new TrackerServer({
-  http: false,
-  udp: false,
-  ws: false,
-  dht: false
-})
-
-trackerServer.on('error', function (err) {
-  logger.error(err)
-})
-
-trackerServer.on('warning', function (err) {
-  logger.error(err)
-})
-
-const server = http.createServer(app)
-const wss = new WebSocketServer({ server: server, path: '/tracker/socket' })
-wss.on('connection', function (ws) {
-  trackerServer.onWebSocketConnection(ws)
-})
+// Client files, last valid routes!
+if (cli.client) app.use('/', clientsRouter)
 
 // ----------- Errors -----------
 
@@ -136,32 +180,68 @@ app.use(function (req, res, next) {
 })
 
 app.use(function (err, req, res, next) {
-  logger.error(err)
-  res.sendStatus(err.status || 500)
+  let error = 'Unknown error.'
+  if (err) {
+    error = err.stack || err.message || err
+  }
+
+  // Sequelize error
+  const sql = err.parent ? err.parent.sql : undefined
+
+  logger.error('Error in controller.', { err: error, sql })
+  return res.status(err.status || 500).end()
 })
 
+const server = createWebsocketTrackerServer(app)
+
 // ----------- Run -----------
 
-function onDatabaseInitDone () {
+async function startApplication () {
   const port = CONFIG.LISTEN.PORT
-    // Run the migration scripts if needed
-  migrate()
-    .then(() => {
-      return installApplication()
+  const hostname = CONFIG.LISTEN.HOSTNAME
+
+  await installApplication()
+
+  // Check activity pub urls are valid
+  checkActivityPubUrls()
+    .catch(err => {
+      logger.error('Error in ActivityPub URLs checker.', { err })
+      process.exit(-1)
     })
-    .then(() => {
-      // ----------- Make the server listening -----------
-      server.listen(port, function () {
-        // Activate the communication with friends
-        activateSchedulers()
 
-        // Activate job scheduler
-        JobScheduler.Instance.activate()
+  // Email initialization
+  Emailer.Instance.init()
 
-        VideosPreviewCache.Instance.init(CONFIG.CACHE.PREVIEWS.SIZE)
+  await Promise.all([
+    Emailer.Instance.checkConnectionOrDie(),
+    JobQueue.Instance.init()
+  ])
 
-        logger.info('Server listening on port %d', port)
-        logger.info('Web server: %s', CONFIG.WEBSERVER.URL)
-      })
-    })
+  // Caches initializations
+  VideosPreviewCache.Instance.init(CONFIG.CACHE.PREVIEWS.SIZE, CACHE.PREVIEWS.MAX_AGE)
+  VideosCaptionCache.Instance.init(CONFIG.CACHE.VIDEO_CAPTIONS.SIZE, CACHE.VIDEO_CAPTIONS.MAX_AGE)
+
+  // Enable Schedulers
+  ActorFollowScheduler.Instance.enable()
+  RemoveOldJobsScheduler.Instance.enable()
+  UpdateVideosScheduler.Instance.enable()
+  YoutubeDlUpdateScheduler.Instance.enable()
+  VideosRedundancyScheduler.Instance.enable()
+
+  // Redis initialization
+  Redis.Instance.init()
+
+  PeerTubeSocket.Instance.init(server)
+
+  // Make server listening
+  server.listen(port, hostname, () => {
+    logger.info('Server listening on %s:%d', hostname, port)
+    logger.info('Web server: %s', CONFIG.WEBSERVER.URL)
+  })
+
+  process.on('exit', () => {
+    JobQueue.Instance.terminate()
+  })
+
+  process.on('SIGINT', () => process.exit(0))
 }