| 1 | #!/usr/bin/perl |
| 2 | use v5.14; |
| 3 | use warnings; |
| 4 | |
| 5 | use Gruntmaster::Data; |
| 6 | use Plack::App::Gruntmaster; |
| 7 | use Plack::Builder; |
| 8 | use Plack::Util; |
| 9 | use Log::Log4perl; |
| 10 | |
| 11 | sub CONTENT_SECURITY_POLICY () { |
| 12 | my $csp = <<CSP; |
| 13 | default-src 'none' |
| 14 | connect-src 'self' |
| 15 | form-action 'self' |
| 16 | frame-ancestors 'none' |
| 17 | img-src 'self' |
| 18 | referrer origin-when-cross-origin |
| 19 | script-src 'self' |
| 20 | style-src 'self' |
| 21 | CSP |
| 22 | chomp $csp; |
| 23 | $csp =~ s/\n/; /gr; |
| 24 | } |
| 25 | |
| 26 | sub add_database { |
| 27 | my $app = $_[0]; |
| 28 | sub { |
| 29 | dbinit $ENV{GRUNTMASTER_DSN} // 'dbi:Pg:' unless db; |
| 30 | $app->(@_) |
| 31 | } |
| 32 | } |
| 33 | |
| 34 | sub add_headers { |
| 35 | my $app = $_[0]; |
| 36 | sub { |
| 37 | my $resp = $app->($_[0]); |
| 38 | my $hdrs = Plack::Util::headers($resp->[1]); |
| 39 | $hdrs->set('Content-Security-Policy', CONTENT_SECURITY_POLICY); |
| 40 | $hdrs->set('Cache-Control', 'public, max-age=604800') if $_[0]->{PATH_INFO} =~ qr,^/static/,; |
| 41 | $resp->[1] = $hdrs->headers; |
| 42 | $resp; |
| 43 | } |
| 44 | } |
| 45 | |
| 46 | Log::Log4perl->init_once('log.conf'); |
| 47 | $ENV{DBIC_NULLABLE_KEY_NOWARN} = 1; |
| 48 | |
| 49 | builder { |
| 50 | enable_if { $_[0]->{PATH_INFO} eq '/ok' } sub { sub{ [200, [], []] }}; |
| 51 | enable 'ContentLength'; |
| 52 | enable \&add_headers; |
| 53 | enable 'Static', path => qr,^/static/,; |
| 54 | enable 'Log4perl', category => 'plack'; |
| 55 | enable \&add_database; |
| 56 | enable '+Plack::App::Gruntmaster::Auth', |
| 57 | dbi_connect => [$ENV{GRUNTMASTER_DSN} // 'dbi:Pg:', '', ''], |
| 58 | realm => 'Gruntmaster 6000', |
| 59 | mail_from => $ENV{GRUNTMASTER_RESET_FROM}; |
| 60 | Plack::App::Gruntmaster->run_if_script |
| 61 | } |