From 36577c5bba7ea556ab7890ef09d7f96da082deaa Mon Sep 17 00:00:00 2001 From: Luke Granger-Brown Date: Sun, 14 Mar 2021 14:38:56 +0000 Subject: [PATCH] nix/pkgs/pomerium: add timeouts to policy --- nix/pkgs/pomerium/module.nix | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/nix/pkgs/pomerium/module.nix b/nix/pkgs/pomerium/module.nix index dd886185bf..022a98f9e9 100644 --- a/nix/pkgs/pomerium/module.nix +++ b/nix/pkgs/pomerium/module.nix @@ -540,6 +540,21 @@ in default = false; description = "If set, enables proxying of websocket connections. NOTE: global timeouts are not enforced, although the policy-specific timeout is still enforced."; }; + timeout_read = mkOption { + type = with types; nullOr goDuration; + default = null; + description = "Sets the global read timeout (i.e. the time from when the connection is accepted to when the request body is fully read)."; + }; + timeout_write = mkOption { + type = with types; nullOr goDuration; + default = null; + description = "Sets the global write timeout (i.e. the time from when the request body is read to the end of the response being written)."; + }; + timeout_idle = mkOption { + type = with types; nullOr goDuration; + default = null; + description = "Sets the global idle timeout (i.e. the time an idle Keep-Alive connection will be kept)."; + }; }; }); };