From 8dc30e9e986eb195db842ff750482891e21179e5 Mon Sep 17 00:00:00 2001
From: pennae <github@quasiparticle.net>
Date: Fri, 26 Aug 2022 19:53:09 +0200
Subject: nixos/firefox-syncserver: set default for oauth verifier threads

the 0.12.1 update introduced a static thread pool for verifying oauth
tokens. set a reasonable default for self-hosted setups (10 threads).
---
 nixos/modules/services/networking/firefox-syncserver.nix | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'nixos')

diff --git a/nixos/modules/services/networking/firefox-syncserver.nix b/nixos/modules/services/networking/firefox-syncserver.nix
index fa8e4fcaed2f..52ed1c361537 100644
--- a/nixos/modules/services/networking/firefox-syncserver.nix
+++ b/nixos/modules/services/networking/firefox-syncserver.nix
@@ -19,6 +19,9 @@ let
       fxa_email_domain = "api.accounts.firefox.com";
       fxa_oauth_server_url = "https://oauth.accounts.firefox.com/v1";
       run_migrations = true;
+      # if JWK caching is not enabled the token server must verify tokens
+      # using the fxa api, on a thread pool with a static size.
+      additional_blocking_threads_for_fxa_requests = 10;
     } // lib.optionalAttrs cfg.singleNode.enable {
       # Single-node mode is likely to be used on small instances with little
       # capacity. The default value (0.1) can only ever release capacity when
-- 
cgit v1.2.3