CONTRIBUTORS.txt

-Eliot Berriot

Makefile

+SHELL := bash
+CPU_CORES := $(shell N=$$(nproc); echo $$(( $$N > 4 ? 4 : $$N )))
+
+BAKE_FILES = \
+	docker-bake.json \
+	docker-bake.api.json \
+	docker-bake.front.json
+
+docker-bake.%.json:
+	./scripts/build_metadata.py --format bake --bake-target $* --bake-image docker.io/funkwhale/$* > $@
+
+docker-metadata: $(BAKE_FILES)
+
+docker-build: docker-metadata
+	docker buildx bake $(foreach FILE,$(BAKE_FILES), --file $(FILE)) --print $(BUILD_ARGS)
+	docker buildx bake $(foreach FILE,$(BAKE_FILES), --file $(FILE)) 		 $(BUILD_ARGS)
+
+build-metadata:
+	./scripts/build_metadata.py --format env | tee build_metadata.env
+
+BUILD_DIR = dist
+package:
+	rm -Rf $(BUILD_DIR)
+	mkdir -p $(BUILD_DIR)
+	tar --create --gunzip --file='$(BUILD_DIR)/funkwhale-api.tar.gz' \
+		--owner='root' \
+		--group='root' \
+		--exclude-vcs \
+		api/config \
+		api/funkwhale_api \
+		api/install_os_dependencies.sh \
+		api/manage.py \
+		api/poetry.lock \
+		api/pyproject.toml \
+		api/Readme.md
+
+	cd '$(BUILD_DIR)' && \
+	tar --extract --gunzip --file='funkwhale-api.tar.gz' && \
+	zip -q 'funkwhale-api.zip' -r api && \
+	rm -Rf api
+
+	tar --create --gunzip --file='$(BUILD_DIR)/funkwhale-front.tar.gz' \
+		--owner='root' \
+		--group='root' \
+		--exclude-vcs \
+		--transform='s/^front\/dist/front/' \
+		front/dist
+
+	cd '$(BUILD_DIR)' && \
+	tar --extract --gunzip --file='funkwhale-front.tar.gz' && \
+	zip -q 'funkwhale-front.zip' -r front && \
+	rm -Rf front
+
+	# cd '$(BUILD_DIR)' && \
+	# cp ../front/tauri/target/release/bundle/appimage/funkwhale_*.AppImage FunkwhaleDesktop.AppImage
+
+	cd '$(BUILD_DIR)' && sha256sum * > SHA256SUMS

README.md

+# Funkwhale
+
+[![The Funkwhale logo](./front/src/assets/logo/logo-full-500.png)](https://funkwhale.audio)
+
+Funkwhale is a platform for uploading, sharing, and publishing audio content across the federated web. Curate your music library, listen to podcasts, or create your own content and share it with the world.
+
+## Contribute
+
+Want to help make Funkwhale even better? We welcome contributions from across the community. Whether you are a designer, a translator, a technical writer, or a developer, we look forward to seeing your work!
+
+You can find contribution information in our [documentation hub](https://docs.funkwhale.audio).
+
+- [Developer guides](https://docs.funkwhale.audio/developer/index.html)
+- [Contributor guides](https://docs.funkwhale.audio/contributing.html)
+
+## Get help
+
+Got a question or need help? Head over to our [forum](https://forum.funkwhale.audio/t/support) and open up a discussion.
+
+## Report a security issue
+
+If you find a security issue or vulnerability, please report it on our [GitLab instance](https://dev.funkwhale.audio/funkwhale/funkwhale/-/issues). When you open your issue, select the **This issue is confidential and should only be visible to team members with at least Reporter access** option. This ensures developers can verify and patch the issue before disclosing it.
+
+## Code of conduct
+
+The Funkwhale collective adheres to a [code of conduct](https://funkwhale.audio/code-of-conduct) in all our community spaces. Please familiarize yourself with this code and follow it when participating in discussions in our spaces.

README.rst

-Funkwhale
-=============
-
-.. image:: ./front/src/assets/logo/logo-full-500.png
-  :alt: Funkwhale logo
-  :target: https://funkwhale.audio
-
-A self-hosted tribute to Grooveshark.com.
-
-LICENSE: AGPL3
-
-Getting help
-------------
-
-We offer various Matrix.org rooms to discuss about Funkwhale:
-
-- `#funkwhale:matrix.org <https://matrix.to/#/#funkwhale:matrix.org>`_ for general questions about funkwhale
-- `#funkwhale-dev:matrix.org <https://matrix.to/#/#funkwhale-dev:matrix.org>`_ for development-focused discussion
-
-Please join those rooms if you have any questions!
-
-You can also contact `@funkwhale@mastodon.eliotberriot.com <https://mastodon.eliotberriot.com/@funkwhale>`_ on the fediverse.
-
-
-Contribute
-----------
-
-Contribution guidelines as well as development installation instructions
-are outlined in `CONTRIBUTING <CONTRIBUTING.rst>`_.
-
-Translate
-^^^^^^^^^
-
-Translators willing to help can refer to `TRANSLATORS <TRANSLATORS.rst>`_ for instructions.
-
-Code of Conduct
----------------
-
-`Our Code of Conduct <https://funkwhale.audio/code-of-conduct/>`_ applies to all the community spaces, including our GitLab instance. Please, take a moment to read it.

TRANSLATORS.rst

-Translating Funkwhale
-=====================
-
-A step-by-step, beginner friendly guide is available at https://contribute.funkwhale.audio/guides/translate/
-
-Thank you for reading this! If you want to help translate Funkwhale,
-you found the proper place :)
-
-Translation is done via our own Weblate instance at https://translate.funkwhale.audio/projects/funkwhale/front/.
-
-You can signup/login using your Gitlab account (from https://dev.funkwhale.audio).
-
-Translation workflow
---------------------
-
-Once you're logged-in on the Weblate instance, you can suggest translations. Your suggestions will then be reviewer
-by the project maintainer or other translators to ensure consistency.
-
-Guidelines
-----------
-
-Respecting those guidelines is mandatory if you want your translation to be included:
-
-- Use gender-neutral language and wording
-
-Submitting a new language
--------------------------
-
-1. Pull the latest version of ``develop``
-2. Create a new branch, e.g ``git checkout -b translations-new-fr-ca``
-3. Add your new language code and name in ``front/src/locales.js``. Use the native language name, as it is what appears in the UI selector.
-4. Create the ``po`` file from template:
-
-.. code-block:: shell
-
-    export LOCALE=fr_CA  # replace with your actual locale code
-    mkdir -p front/locales/$LOCALE/LC_MESSAGES
-    msginit --no-wrap --no-translator --locale=$LOCALE --input=front/locales/app.pot --output-file=front/locales/$LOCALE/LC_MESSAGES/app.po
-
-5. Then commit your changes, push, and submit a pull request on the ``develop`` branch
-
-Requesting a new language
--------------------------
-
-If you cannot submit a new language yourself, you can request it by opening an issue here:
-https://dev.funkwhale.audio/funkwhale/funkwhale/issues
-
-Extracting messages from source
--------------------------------
-
-We offer a script to update existing ``po`` and ``pot`` files with new translations
-from the source code. This action should be run regularly, and in particular before
-lots of translation work is expected (e.g a few weeks before a new release), or when
-the UI code changes a lot. Otherwise, translators end up translating some obsolete messages,
-or not translationg new messages.
-
-1. `Lock the translations on weblate <https://translate.funkwhale.audio/projects/funkwhale/front/#repository>`_ (``Lock`` button in the sidebar). This will prevent translators from working, and help prevent potential conflicts in the source code
-2. `Commit and push changes from weblate <https://translate.funkwhale.audio/projects/funkwhale/front/#repository>`_ (``Commit`` and ``Push`` buttons in the sidebar)
-3. Pull ``develop`` in your local git repository to ensure you have the latest version of the translations
-4. Create a dedicated branch with ``git checkout -b translations-integration``
-5. Extract the translations with ``cd front && ./scripts/i18n-extract.sh``. This will update all ``po`` files as necessary
-6. Review, commit and push the changes, then open a merge request on the ``develop`` branch
-7. When the MR is merged, `Unlock the translations on weblate <https://translate.funkwhale.audio/projects/funkwhale/front/#repository>`_ (``Unlock`` button in the sidebar).

api/.coveragerc

-[run]
-include = funkwhale_api/*
-omit = *migrations*, *tests*
-plugins =
-    django_coverage_plugin

api/.dockerignore

-### OSX ###
-.DS_Store
-.AppleDouble
-.LSOverride
-
-### SublimeText ###
-# cache files for sublime text
-*.tmlanguage.cache
-*.tmPreferences.cache
-*.stTheme.cache
-
-# workspace files are user-specific
-*.sublime-workspace
-
-# project files should be checked into the repository, unless a significant
-# proportion of contributors will probably not be using SublimeText
-# *.sublime-project
-
-# sftp configuration file
-sftp-config.json
-
-# Basics
+# Exclude everything and allow only the necessary files
+*
+!/docker/
+!/config/
+!/funkwhale_api/
+!/manage.py
+!/poetry.lock
+!/pyproject.toml
+
+# Python
 *.py[cod]
 __pycache__
-
-# Logs
-*.log
-pip-log.txt
-
-# Unit test / coverage reports
-.coverage
-.tox
-nosetests.xml
-htmlcov
-
-# Translations
-*.mo
-*.pot
-
-# Pycharm
-.idea
-
-# Vim
-
-*~
-*.swp
-*.swo
-
-# npm
-front/node_modules/
-
-# Compass
-.sass-cache
-
-# virtual environments
-.env
-
-# User-uploaded media
-funkwhale_api/media/
-
-# Hitch directory
-tests/.hitch
-
-# MailHog binary
-mailhog
-
-*.sqlite3
-music
-media

api/.pylintrc

-[MASTER]
-load-plugins=pylint_common, pylint_django, pylint_celery 
-
-[FORMAT]
-max-line-length=120
-
-[MESSAGES CONTROL]
-disable=missing-docstring,invalid-name
-
-[DESIGN]
-max-parents=13
\ No newline at end of file

api/Dockerfile

-FROM alpine:3.8
-
-RUN \
-    echo 'installing dependencies' && \
-    apk add                \
-    bash             \
-    git             \
-    gettext            \
-    musl-dev           \
-    gcc \
-    postgresql-dev \
-    python3-dev        \
-    py3-psycopg2       \
-    py3-pillow         \
-    libldap            \
-    ffmpeg             \
-    libpq              \
-    libmagic           \
-    libffi-dev         \
-    make         \
-    zlib-dev           \
-    openldap-dev && \
-    \
-    \
-    ln -s /usr/bin/python3 /usr/bin/python
-
-RUN mkdir /requirements
-COPY ./requirements/base.txt /requirements/base.txt
-# hack around https://github.com/pypa/pip/issues/6158#issuecomment-456619072
-ENV PIP_DOWNLOAD_CACHE=/noop/
-RUN \
-    echo 'fixing requirements file for alpine' && \
-    sed -i '/Pillow/d' /requirements/base.txt && \
-    \
-    \
-    echo 'installing pip requirements' && \
-    pip3 install --upgrade pip && \
-    pip3 install setuptools wheel && \
-    pip3 install -r /requirements/base.txt && \
-    rm -rf $PIP_DOWNLOAD_CACHE
-
-ARG install_dev_deps=0
-COPY ./requirements/*.txt /requirements/
-RUN \
-    if [ "$install_dev_deps" = "1" ] ; then echo "Installing dev dependencies" && pip3 install --no-cache-dir -r /requirements/local.txt -r /requirements/test.txt ; else echo "Skipping dev deps installation" ; fi
-
-ENTRYPOINT ["./compose/django/entrypoint.sh"]
-CMD ["./compose/django/server.sh"]
-
-COPY . /app
-WORKDIR /app

api/Dockerfile

+Dockerfile.alpine
\ No newline at end of file

api/Dockerfile.alpine

+FROM alpine:3.21 AS requirements
+
+RUN set -eux; \
+  apk add --no-cache \
+  poetry \
+  py3-cryptography \
+  py3-pip \
+  python3
+
+COPY pyproject.toml poetry.lock /
+RUN set -eux; \
+  poetry export --without-hashes --extras typesense > requirements.txt; \
+  poetry export --without-hashes --with dev > dev-requirements.txt;
+
+FROM alpine:3.21 AS builder
+
+ENV PYTHONDONTWRITEBYTECODE=1
+ENV PYTHONUNBUFFERED=1
+ARG PIP_NO_CACHE_DIR=1
+ENV CARGO_NET_GIT_FETCH_WITH_CLI=true
+
+RUN set -eux; \
+  apk add --no-cache \
+  cargo \
+  curl \
+  gcc \
+  g++ \
+  git \
+  jpeg-dev \
+  libffi-dev \
+  libldap \
+  libxml2-dev \
+  libxslt-dev \
+  make \
+  musl-dev \
+  openldap-dev \
+  openssl-dev \
+  postgresql-dev \
+  zlib-dev \
+  py3-cryptography \
+  py3-lxml \
+  py3-pillow \
+  py3-psycopg2 \
+  py3-watchfiles \
+  python3-dev \
+  gfortran \
+  libgfortran \
+  openblas-dev \
+  py3-scipy \
+  py3-scikit-learn;
+
+# Create virtual env
+RUN python3 -m venv --system-site-packages /venv
+ENV PATH="/venv/bin:$PATH"
+
+COPY --from=requirements /requirements.txt /requirements.txt
+COPY --from=requirements /dev-requirements.txt /dev-requirements.txt
+
+RUN --mount=type=cache,target=~/.cache/pip; \
+  set -eux; \
+  pip3 install --upgrade pip;
+
+
+RUN --mount=type=cache,target=~/.cache/pip; \
+  set -eux; \
+  pip3 install setuptools wheel;
+
+RUN --mount=type=cache,target=~/.cache/pip; \
+  set -eux; \
+  # Currently we are unable to relieably build rust-based packages on armv7. This
+  # is why we need to use the packages shipped by Alpine Linux.
+  # Since poetry does not allow in-place dependency pinning, we need
+  # to install the deps using pip.
+  grep -Ev 'cryptography|lxml|pillow|psycopg2|watchfiles|scipy|scikit-learn' /requirements.txt \
+  | pip3 install -r /dev/stdin \
+  cryptography \
+  lxml \
+  pillow \
+  psycopg2 \
+  watchfiles \
+  scipy \
+  scikit-learn;
+
+ARG install_dev_deps=0
+RUN --mount=type=cache,target=~/.cache/pip; \
+  set -eux; \
+  if [ "$install_dev_deps" = "1" ] ; then \
+    grep -Ev 'cryptography|lxml|pillow|psycopg2|watchfiles' /dev-requirements.txt \
+    | pip3 install -r /dev/stdin \
+    cryptography \
+    lxml \
+    pillow \
+    psycopg2 \
+    watchfiles; \
+  fi
+
+FROM alpine:3.21 AS production
+
+ENV PYTHONDONTWRITEBYTECODE=1
+ENV PYTHONUNBUFFERED=1
+ARG PIP_NO_CACHE_DIR=1
+
+RUN set -eux; \
+  apk add --no-cache \
+  bash \
+  ffmpeg \
+  gettext \
+  jpeg-dev \
+  libldap \
+  libmagic \
+  libpq \
+  libxml2 \
+  libxslt \
+  py3-cryptography \
+  py3-lxml \
+  py3-pillow \
+  py3-psycopg2 \
+  py3-watchfiles \
+  py3-scipy \
+  py3-scikit-learn \
+  python3 \
+  tzdata
+
+COPY --from=builder /venv /venv
+ENV PATH="/venv/bin:$PATH"
+
+COPY . /app
+WORKDIR /app
+
+RUN apk add --no-cache gfortran
+RUN --mount=type=cache,target=~/.cache/pip; \
+  set -eux; \
+  pip3 install --no-deps --editable .
+
+ENV IS_DOCKER_SETUP=true
+
+CMD ["./docker/server.sh"]

api/Dockerfile.debian

+FROM python:3.13-slim AS builder
+
+ARG POETRY_VERSION=1.8
+
+ENV DEBIAN_FRONTEND=noninteractive
+
+ENV VIRTUAL_ENV=/venv
+ENV PATH="/venv/bin:$PATH"
+
+ENV POETRY_HOME=/opt/poetry
+ENV POETRY_NO_INTERACTION=1
+ENV POETRY_VIRTUALENVS_IN_PROJECT=1
+ENV POETRY_VIRTUALENVS_CREATE=1
+ENV PYTHONDONTWRITEBYTECODE=1
+ENV PYTHONUNBUFFERED=1
+# Tell Poetry where to place its cache and virtual environment
+ENV POETRY_CACHE_DIR=/opt/.cache
+
+RUN pip install "poetry==${POETRY_VERSION}"
+
+RUN --mount=type=cache,target=/var/lib/apt/lists \
+      apt update; \
+      apt install -y \
+        build-essential \
+        python3-dev \
+        libldap-dev \
+        libsasl2-dev \
+        slapd \
+        ldap-utils \
+        tox \
+        lcov \
+        valgrind
+
+WORKDIR /app
+
+COPY pyproject.toml .
+
+RUN python3 -m venv --system-site-packages ${VIRTUAL_ENV} && . ${VIRTUAL_ENV}/bin/activate
+RUN --mount=type=cache,target=/opt/.cache \
+      poetry install --no-root --extras typesense
+
+FROM python:3.13-slim AS runtime
+
+ARG POETRY_VERSION=1.8
+
+ENV DEBIAN_FRONTEND=noninteractive
+
+ENV VIRTUAL_ENV=/venv
+ENV PATH="/venv/bin:$PATH"
+
+RUN --mount=type=cache,target=/var/lib/apt/lists \
+      apt update; \
+      apt install -y \
+        ffmpeg \
+        gettext \
+        libjpeg-dev \
+        libldap-2.5-0 \
+        libmagic1 \
+        libpq5 \
+        libxml2 \
+        libxslt1.1
+RUN pip install "poetry==${POETRY_VERSION}"
+
+COPY --from=builder ${VIRTUAL_ENV} ${VIRTUAL_ENV}
+
+WORKDIR /app
+
+COPY . /app
+RUN poetry install --extras typesense
+
+CMD ["./docker/server.sh"]

api/Makefile

+SHELL := bash
+CPU_CORES := $(shell N=$$(nproc); echo $$(( $$N > 4 ? 4 : $$N )))
+
+.PHONY: install lint
+
+install:
+	poetry install --all-extras
+
+lint:
+	poetry run pylint \
+		--jobs=$(CPU_CORES) \
+		--output-format=colorized \
+		--recursive=true \
+		--disable=C,R,W,I \
+		config funkwhale_api tests

api/Readme.md

+# Funkwhale API
+
+This is the Funkwhale API. Check out our [API explorer](https://docs.funkwhale.audio/swagger/) for interactive documentation.
+
+## OAuth Authentication
+
+Funkwhale uses the OAuth [authorization grant flow](https://tools.ietf.org/html/rfc6749#section-4.1) for external apps. This flow is a secure way to authenticate apps that requires a user's explicit consent to perform actions. You can use our demo server at <https://demo.funkwhale.audio> for testing purposes.
+
+To authenticate with the Funkwhale API:
+
+1. Create an application by sending a `POST` request to `api/v1/oauth/apps`. Include your scopes and redirect URI (use `urn:ietf:wg:oauth:2.0:oob`
+   to get an authorization code you can copy)
+2. Send an [authorization request](https://www.rfc-editor.org/rfc/rfc6749#section-4.1.2) to the `/authorize` endpoint to receive an authorization code
+3. [Request an access token](https://www.rfc-editor.org/rfc/rfc6749#section-4.1.3) from `/api/v1/oauth/token`
+4. Use your access token to authenticate your calls with the following format: `Authorization: Bearer <token>`
+5. Refresh your access token by sending a refresh request to `/api/v1/oauth/token`
+
+For more detailed instructions, see [our API authentication documentation](https://docs.funkwhale.audio/developers/authentication.html).
+
+## Application token authentication
+
+If you have an account on your target pod, you can create an application at `/settings/applications/new`. Once you authorize the application you can retrieve an access token. Use your access token to authenticate your calls with the following format: `Authorization: Bearer <token>`
+
+## Rate limiting
+
+Funkwhale supports rate-limiting as of version 0.2.0. Pod admins can choose to rate limit specific endpoints to prevent abuse and improve the stability of the service. If the server drops a request due to rate-limiting, it returns a `429` status code.
+
+Each API call returns HTTP headers to pass the following information:
+
+- What was the scope of the request (`X-RateLimit-Scope`)
+- What is the rate-limit associated with the request scope (`X-RateLimit-Limit`)
+- How many more requests in the scope can be made within the rate-limit timeframe (`X-RateLimit-Remaining`)
+- How much time does the client need to wait to send another request (`Retry-After`)
+
+For more information, check our [rate limit documentation](https://docs.funkwhale.audio/developer/api/rate-limit.html)
+
+## Resources
+
+For more information about API usage, refer to [our API documentation](https://docs.funkwhale.audio/api.html).

api/compose/django/dev-entrypoint.sh

-#!/bin/sh
-set -e
-exec "$@"

api/compose/django/entrypoint.sh

-#!/bin/sh
-set -e
-# This entrypoint is used to play nicely with the current cookiecutter configuration.
-# Since docker-compose relies heavily on environment variables itself for configuration, we'd have to define multiple
-# environment variables just to support cookiecutter out of the box. That makes no sense, so this little entrypoint
-# does all this for us.
-export CACHE_URL=${CACHE_URL:="redis://redis:6379/0"}
-
-if [ -z "$DATABASE_URL" ]; then
-  # the official postgres image uses 'postgres' as default user if not set explictly.
-  if [ -z "$POSTGRES_ENV_POSTGRES_USER" ]; then
-    export POSTGRES_ENV_POSTGRES_USER=postgres
-  fi
-  export DATABASE_URL=postgres://$POSTGRES_ENV_POSTGRES_USER:$POSTGRES_ENV_POSTGRES_PASSWORD@postgres:5432/$POSTGRES_ENV_POSTGRES_USER
-fi
-
-if [ -z "$CELERY_BROKER_URL" ]; then
-  export CELERY_BROKER_URL=$CACHE_URL
-fi
-
-# we copy the frontend files, if any so we can serve them from the outside
-if [ -d "frontend" ]; then
-  mkdir -p /frontend
-  cp -r frontend/* /frontend/
-  export FUNKWHALE_SPA_HTML_ROOT=/frontend/index.html
-fi
-exec "$@"

api/compose/django/server.sh

-#!/bin/bash -eux
-python /app/manage.py collectstatic --noinput
-gunicorn config.asgi:application -w ${FUNKWHALE_WEB_WORKERS-1} -k uvicorn.workers.UvicornWorker -b 0.0.0.0:5000

api/config/asgi.py

 import os
 
 os.environ.setdefault("DJANGO_SETTINGS_MODULE", "config.settings.production")
+os.environ.setdefault("ASGI_THREADS", "5")
 
 import django  # noqa
 

api/config/plugins.py

+import copy
+import logging
+import os
+import subprocess
+import sys
+
+import persisting_theory
+from django.core.cache import cache
+from django.db.models import Q
+from rest_framework import serializers
+
+logger = logging.getLogger("plugins")
+
+
+class Startup(persisting_theory.Registry):
+    look_into = "persisting_theory"
+
+
+class Ready(persisting_theory.Registry):
+    look_into = "persisting_theory"
+
+
+startup = Startup()
+ready = Ready()
+
+_plugins = {}
+_filters = {}
+_hooks = {}
+
+
+class PluginCache:
+    def __init__(self, prefix):
+        self.prefix = prefix
+
+    def get(self, key, default=None):
+        key = ":".join([self.prefix, key])
+        return cache.get(key, default)
+
+    def set(self, key, value, duration=None):
+        key = ":".join([self.prefix, key])
+        return cache.set(key, value, duration)
+
+
+def get_plugin_config(
+    name,
+    user=False,
+    source=False,
+    registry=_plugins,
+    conf={},
+    settings={},
+    description=None,
+    version=None,
+    label=None,
+    homepage=None,
+):
+    conf = {
+        "name": name,
+        "label": label or name,
+        "logger": logger,
+        # conf is for dynamic settings
+        "conf": conf,
+        # settings is for settings hardcoded in .env
+        "settings": settings,
+        "user": True if source else user,
+        # source plugins are plugins that provide audio content
+        "source": source,
+        "description": description,
+        "version": version,
+        "cache": PluginCache(name),
+        "homepage": homepage,
+    }
+    registry[name] = conf
+    return conf
+
+
+def load_settings(name, settings):
+    from django.conf import settings as django_settings
+
+    mapping = {
+        "boolean": django_settings.ENV.bool,
+        "text": django_settings.ENV,
+    }
+    values = {}
+    prefix = f"FUNKWHALE_PLUGIN_{name.upper()}"
+    for s in settings:
+        key = "_".join([prefix, s["name"].upper()])
+        value = mapping[s["type"]](key, default=s.get("default", None))
+        values[s["name"]] = value
+
+    logger.debug("Plugin %s running with settings %s", name, values)
+    return values
+
+
+def get_session():
+    from funkwhale_api.common import session
+
+    return session.get_session()
+
+
+def register_filter(name, plugin_config, registry=_filters):
+    def decorator(func):
+        handlers = registry.setdefault(name, [])
+
+        def inner(*args, **kwargs):
+            plugin_config["logger"].debug("Calling filter for %s", name)
+            rval = func(*args, **kwargs)
+            return rval
+
+        handlers.append((plugin_config["name"], inner))
+        return inner
+
+    return decorator
+
+
+def register_hook(name, plugin_config, registry=_hooks):
+    def decorator(func):
+        handlers = registry.setdefault(name, [])
+
+        def inner(*args, **kwargs):
+            plugin_config["logger"].debug("Calling hook for %s", name)
+            func(*args, **kwargs)
+
+        handlers.append((plugin_config["name"], inner))
+        return inner
+
+    return decorator
+
+
+class Skip(Exception):
+    pass
+
+
+def trigger_filter(name, value, enabled=False, **kwargs):
+    """
+    Call filters registered for "name" with the given
+    args and kwargs.
+
+    Return the value (that could be modified by handlers)
+    """
+    logger.debug("Calling handlers for filter %s", name)
+    registry = kwargs.pop("registry", _filters)
+    confs = kwargs.pop("confs", {})
+    for plugin_name, handler in registry.get(name, []):
+        if not enabled and confs.get(plugin_name, {}).get("enabled") is False:
+            continue
+        try:
+            value = handler(value, conf=confs.get(plugin_name, {}), **kwargs)
+        except Skip:
+            pass
+        except Exception as e:
+            logger.warn("Plugin %s errored during filter %s: %s", plugin_name, name, e)
+    return value
+
+
+def trigger_hook(name, enabled=False, **kwargs):
+    """
+    Call hooks registered for "name" with the given
+    args and kwargs.
+
+    Returns nothing
+    """
+    logger.debug("Calling handlers for hook %s", name)
+    registry = kwargs.pop("registry", _hooks)
+    confs = kwargs.pop("confs", {})
+    for plugin_name, handler in registry.get(name, []):
+        if not enabled and confs.get(plugin_name, {}).get("enabled") is False:
+            continue
+        try:
+            handler(conf=confs.get(plugin_name, {}).get("conf"), **kwargs)
+        except Skip:
+            pass
+        except Exception as e:
+            logger.warn("Plugin %s errored during hook %s: %s", plugin_name, name, e)
+
+
+def set_conf(name, conf, user=None, registry=_plugins):
+    from funkwhale_api.common import models
+
+    if not registry[name]["conf"] and not registry[name]["source"]:
+        return
+    conf_serializer = get_serializer_from_conf_template(
+        registry[name]["conf"],
+        user=user,
+        source=registry[name]["source"],
+    )(data=conf)
+    conf_serializer.is_valid(raise_exception=True)
+    if "library" in conf_serializer.validated_data:
+        conf_serializer.validated_data["library"] = str(
+            conf_serializer.validated_data["library"]
+        )
+    conf, _ = models.PluginConfiguration.objects.update_or_create(
+        user=user, code=name, defaults={"conf": conf_serializer.validated_data}
+    )
+
+
+def get_confs(user=None):
+    from funkwhale_api.common import models
+
+    qs = models.PluginConfiguration.objects.filter(code__in=list(_plugins.keys()))
+    if user:
+        qs = qs.filter(Q(user=None) | Q(user=user))
+    else:
+        qs = qs.filter(user=None)
+    confs = {
+        v["code"]: {"conf": v["conf"], "enabled": v["enabled"]}
+        for v in qs.values("code", "conf", "enabled")
+    }
+    for p, v in _plugins.items():
+        if p not in confs:
+            confs[p] = {"conf": None, "enabled": False}
+    return confs
+
+
+def get_conf(plugin, user=None):
+    return get_confs(user=user)[plugin]
+
+
+def enable_conf(code, value, user):
+    from funkwhale_api.common import models
+
+    models.PluginConfiguration.objects.update_or_create(
+        code=code, user=user, defaults={"enabled": value}
+    )
+
+
+class LibraryField(serializers.UUIDField):
+    def __init__(self, *args, **kwargs):
+        self.actor = kwargs.pop("actor")
+        super().__init__(*args, **kwargs)
+
+    def to_internal_value(self, v):
+        v = super().to_internal_value(v)
+        if not self.actor.libraries.filter(uuid=v).first():
+            raise serializers.ValidationError("Invalid library id")
+        return v
+
+
+def get_serializer_from_conf_template(conf, source=False, user=None):
+    conf = copy.deepcopy(conf)
+    validators = {f["name"]: f.pop("validator") for f in conf if "validator" in f}
+    mapping = {
+        "url": serializers.URLField,
+        "boolean": serializers.BooleanField,
+        "text": serializers.CharField,
+        "long_text": serializers.CharField,
+        "password": serializers.CharField,
+        "number": serializers.IntegerField,
+    }
+
+    for attr in ["label", "help"]:
+        for c in conf:
+            c.pop(attr, None)
+
+    class Serializer(serializers.Serializer):
+        def __init__(self, *args, **kwargs):
+            super().__init__(*args, **kwargs)
+            for field_conf in conf:
+                field_kwargs = copy.copy(field_conf)
+                name = field_kwargs.pop("name")
+                self.fields[name] = mapping[field_kwargs.pop("type")](**field_kwargs)
+            if source:
+                self.fields["library"] = LibraryField(actor=user.actor)
+
+    for vname, v in validators.items():
+        setattr(Serializer, f"validate_{vname}", v)
+    return Serializer
+
+
+def serialize_plugin(plugin_conf, confs):
+    return {
+        "name": plugin_conf["name"],
+        "label": plugin_conf["label"],
+        "description": plugin_conf.get("description") or None,
+        "user": plugin_conf.get("user", False),
+        "source": plugin_conf.get("source", False),
+        "conf": plugin_conf.get("conf", None),
+        "values": confs.get(plugin_conf["name"], {"conf"}).get("conf"),
+        "enabled": plugin_conf["name"] in confs
+        and confs[plugin_conf["name"]]["enabled"],
+        "homepage": plugin_conf["homepage"],
+    }
+
+
+def install_dependencies(deps):
+    if not deps:
+        return
+    logger.info("Installing plugins dependencies %s", deps)
+    pip_path = os.path.join(os.path.dirname(sys.executable), "pip")
+    subprocess.check_call([pip_path, "install"] + deps)
+
+
+def background_task(name):
+    from funkwhale_api.taskapp import celery
+
+    def decorator(func):
+        return celery.app.task(func, name=name)
+
+    return decorator
+
+
+# HOOKS
+TRIGGER_THIRD_PARTY_UPLOAD = "third_party_upload"
+"""
+Called when a track is being listened
+"""
+LISTENING_CREATED = "listening_created"
+"""
+Called when a track is being listened
+"""
+LISTENING_SYNC = "listening_sync"
+"""
+Called by the task manager to trigger listening sync
+"""
+FAVORITE_CREATED = "favorite_created"
+"""
+Called when a track is being favorited
+"""
+FAVORITE_DELETED = "favorite_deleted"
+"""
+Called when a favorited track is being unfavorited
+"""
+FAVORITE_SYNC = "favorite_sync"
+"""
+Called by the task manager to trigger favorite sync
+"""
+
+SCAN = "scan"
+"""
+
+"""
+# FILTERS
+PLUGINS_DEPENDENCIES = "plugins_dependencies"
+"""
+Called with an empty list, use this filter to append pip dependencies
+to the list for installation.
+"""
+PLUGINS_APPS = "plugins_apps"
+"""
+Called with an empty list, use this filter to append apps to INSTALLED_APPS
+"""
+MIDDLEWARES_BEFORE = "middlewares_before"
+"""
+Called with an empty list, use this filter to prepend middlewares
+to MIDDLEWARE
+"""
+MIDDLEWARES_AFTER = "middlewares_after"
+"""
+Called with an empty list, use this filter to append middlewares
+to MIDDLEWARE
+"""
+URLS = "urls"
+"""
+Called with an empty list, use this filter to register new urls and views
+"""

api/config/routing.py

+from channels.auth import AuthMiddlewareStack
 from channels.routing import ProtocolTypeRouter, URLRouter
-from django.conf.urls import url
+from django.core.asgi import get_asgi_application
+from django.urls import re_path
 
-from funkwhale_api.common.auth import TokenAuthMiddleware
 from funkwhale_api.instance import consumers
 
 application = ProtocolTypeRouter(
     {
         # Empty for now (http->django views is added by default)
-        "websocket": TokenAuthMiddleware(
-            URLRouter([url("^api/v1/activity$", consumers.InstanceActivityConsumer)])
-        )
+        "websocket": AuthMiddlewareStack(
+            URLRouter(
+                [
+                    re_path(
+                        "^api/v1/activity$",
+                        consumers.InstanceActivityConsumer.as_asgi(),
+                    )
+                ]
+            )
+        ),
+        "http": get_asgi_application(),
     }
 )