Set max-conns to 0 by default, making concurrency limit opt-inmax-conns-default-zero

2 files changed, 5 insertions, 2 deletions

diff --git a/app.go b/app.go
index b516ab15..3df55b3e 100644
--- a/app.go
+++ b/app.go
@@ -359,7 +359,10 @@ func (a *theApp) buildHandlerPipeline() (http.Handler, error) {
 func (a *theApp) Run() {
 	var wg sync.WaitGroup
 
-	limiter := netutil.NewLimiter(a.config.General.MaxConns)
+	var limiter *netutil.Limiter
+	if a.config.General.MaxConns > 0 {
+		limiter = netutil.NewLimiter(a.config.General.MaxConns)
+	}
 
 	// Use a common pipeline to use a single instance of each handler,
 	// instead of making two nearly identical pipelines
diff --git a/internal/config/flags.go b/internal/config/flags.go
index 820218f5..30fa58ec 100644
--- a/internal/config/flags.go
+++ b/internal/config/flags.go
@@ -47,7 +47,7 @@ var (
 	clientSecret       = flag.String("auth-client-secret", "", "GitLab application Client Secret")
 	redirectURI        = flag.String("auth-redirect-uri", "", "GitLab application redirect URI")
 	authScope          = flag.String("auth-scope", "api", "Scope to be used for authentication (must match GitLab Pages OAuth application settings)")
-	maxConns           = flag.Int("max-conns", 5000, "Limit on the number of concurrent connections to the HTTP, HTTPS or proxy listeners")
+	maxConns           = flag.Int("max-conns", 0, "Limit on the number of concurrent connections to the HTTP, HTTPS or proxy listeners, 0 for no limit")
 	insecureCiphers    = flag.Bool("insecure-ciphers", false, "Use default list of cipher suites, may contain insecure ones like 3DES and RC4")
 	tlsMinVersion      = flag.String("tls-min-version", "tls1.2", tls.FlagUsage("min"))
 	tlsMaxVersion      = flag.String("tls-max-version", "", tls.FlagUsage("max"))