From 1438e4dbc83353166f30978cf471f05e6c0ecd73 Mon Sep 17 00:00:00 2001
From: Matthew Holt <mholt@users.noreply.github.com>
Date: Wed, 18 Nov 2020 10:57:54 -0700
Subject: caddyhttp: New idle_timeout default of 5m

---
 modules/caddyhttp/app.go | 13 +++++++++++++
 1 file changed, 13 insertions(+)

(limited to 'modules/caddyhttp/app.go')

diff --git a/modules/caddyhttp/app.go b/modules/caddyhttp/app.go
index f5f079c..43cc6f7 100644
--- a/modules/caddyhttp/app.go
+++ b/modules/caddyhttp/app.go
@@ -250,6 +250,13 @@ func (app *App) Provision(ctx caddy.Context) error {
 		if err != nil {
 			return fmt.Errorf("server %s: setting up TLS connection policies: %v", srvName, err)
 		}
+
+		// if there is no idle timeout, set a sane default; users have complained
+		// before that aggressive CDNs leave connections open until the server
+		// closes them, so if we don't close them it leads to resource exhaustion
+		if srv.IdleTimeout == 0 {
+			srv.IdleTimeout = defaultIdleTimeout
+		}
 	}
 
 	return nil
@@ -458,6 +465,12 @@ func (app *App) httpsPort() int {
 	return app.HTTPSPort
 }
 
+// defaultIdleTimeout is the default HTTP server timeout
+// for closing idle connections; useful to avoid resource
+// exhaustion behind hungry CDNs, for example (we've had
+// several complaints without this).
+const defaultIdleTimeout = caddy.Duration(5 * time.Minute)
+
 // Interface guards
 var (
 	_ caddy.App         = (*App)(nil)
-- 
cgit v1.2.3