upleb.uk

Public git repos — served from a NIP-34 GRASP relay at git.upleb.uk

summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorDanConwayDev <DanConwayDev@protonmail.com>2026-03-25 07:19:26 +0000
committerDanConwayDev <DanConwayDev@protonmail.com>2026-03-25 07:19:26 +0000
commit28168a7701c897a5b6af13bc472d6f5902e0a96d (patch)
treebbb2ad5e238f118a31d4d1b974c0b391c74a12c1 /src
parent05b7edb5f5797100d8e0f59905e16488680928ec (diff)
chore: remove arbitrary default max connections limit
When NGIT_MAX_CONNECTIONS is unset the relay imposes no connection cap, deferring to OS fd limits and infrastructure controls. The option remains available for operators who want an explicit ceiling.
Diffstat (limited to 'src')
-rw-r--r--src/config.rs9
-rw-r--r--src/nostr/builder.rs13
2 files changed, 12 insertions, 10 deletions
diff --git a/src/config.rs b/src/config.rs
index 5c9303c..30e77ab 100644
--- a/src/config.rs
+++ b/src/config.rs
@@ -466,10 +466,9 @@ pub struct Config {
466 #[arg(long, env = "NGIT_EVENT_BLACKLIST", default_value = "")] 466 #[arg(long, env = "NGIT_EVENT_BLACKLIST", default_value = "")]
467 pub event_blacklist: String, 467 pub event_blacklist: String,
468 468
469 /// Maximum total connections to the relay (default: 4096) 469 /// Maximum total connections to the relay (default: unlimited, defers to OS/infrastructure limits)
470 /// Prevents connection exhaustion DoS attacks 470 #[arg(long, env = "NGIT_MAX_CONNECTIONS")]
471 #[arg(long, env = "NGIT_MAX_CONNECTIONS", default_value_t = 4096)] 471 pub max_connections: Option<usize>,
472 pub max_connections: usize,
473 472
474 /// Log level for application logging 473 /// Log level for application logging
475 #[arg(long, env = "NGIT_LOG_LEVEL", default_value = "info")] 474 #[arg(long, env = "NGIT_LOG_LEVEL", default_value = "info")]
@@ -755,7 +754,7 @@ impl Config {
755 repository_whitelist: String::new(), 754 repository_whitelist: String::new(),
756 repository_blacklist: String::new(), 755 repository_blacklist: String::new(),
757 event_blacklist: String::new(), 756 event_blacklist: String::new(),
758 max_connections: 500, 757 max_connections: None,
759 log_level: "debug".to_string(), 758 log_level: "debug".to_string(),
760 } 759 }
761 } 760 }
diff --git a/src/nostr/builder.rs b/src/nostr/builder.rs
index 03132bf..02ba84b 100644
--- a/src/nostr/builder.rs
+++ b/src/nostr/builder.rs
@@ -736,7 +736,7 @@ pub async fn create_relay(
736 let write_policy = 736 let write_policy =
737 Nip34WritePolicy::new(database.clone(), &git_data_path, purgatory, config.clone()); 737 Nip34WritePolicy::new(database.clone(), &git_data_path, purgatory, config.clone());
738 738
739 let relay = LocalRelayBuilder::default() 739 let mut builder = LocalRelayBuilder::default()
740 .database(database.clone()) 740 .database(database.clone())
741 .write_policy(write_policy.clone()) 741 .write_policy(write_policy.clone())
742 // Explicitly set rate limits (make defaults visible in code) 742 // Explicitly set rate limits (make defaults visible in code)
@@ -744,10 +744,13 @@ pub async fn create_relay(
744 .rate_limit(RateLimit { 744 .rate_limit(RateLimit {
745 max_reqs: 500, // Max concurrent subscriptions per connection 745 max_reqs: 500, // Max concurrent subscriptions per connection
746 notes_per_minute: 60, // Max events per minute per connection 746 notes_per_minute: 60, // Max events per minute per connection
747 }) 747 });
748 // Total connection limit to prevent DoS attacks 748
749 .max_connections(config.max_connections) 749 if let Some(max) = config.max_connections {
750 .build(); 750 builder = builder.max_connections(max);
751 }
752
753 let relay = builder.build();
751 754
752 tracing::info!( 755 tracing::info!(
753 "Relay configured with GRASP-01 validation for domain: {}", 756 "Relay configured with GRASP-01 validation for domain: {}",
generated by cgit v1.2.3 (git 2.39.1) at 2026-06-04 23:40:20 +0000