docs(config): warn about federation key query timeout caveat

Signed-off-by: rooot <hey@rooot.gay>

conduwuit-example.toml

@@ -325,6 +325,15 @@
 #
 #well_known_timeout = 10
 
+# Federation client connection timeout (seconds). You should not set this
+# to high values, as dead homeservers can significantly slow down federation,
+# specifically key retrieval, which will take roughly the amount of time
+# you configure here given that a homeserver doesn't respond. This will
+# cause most clients to time out /keys/query, causing E2EE and device
+# verification to fail.
+#
+#federation_conn_timeout = 10
+
 # Federation client request timeout (seconds). You most definitely want
 # this to be high to account for extremely large room joins, slow
 # homeservers, your own resources etc.

src/core/config/mod.rs

@@ -412,6 +412,17 @@ pub struct Config {
 	#[serde(default = "default_well_known_timeout")]
 	pub well_known_timeout: u64,
 
+	/// Federation client connection timeout (seconds). You should not set this
+	/// to high values, as dead homeservers can significantly slow down federation,
+	/// specifically key retrieval, which will take roughly the amount of time
+	/// you configure here given that a homeserver doesn't respond. This will
+	/// cause most clients to time out /keys/query, causing E2EE and device
+	/// verification to fail.
+	///
+	/// default: 10
+	#[serde(default = "default_federation_conn_timeout")]
+	pub federation_conn_timeout: u64,
+
 	/// Federation client request timeout (seconds). You most definitely want
 	/// this to be high to account for extremely large room joins, slow
 	/// homeservers, your own resources etc.
@@ -2193,6 +2204,8 @@ fn default_well_known_conn_timeout() -> u64 { 6 }
 
 fn default_well_known_timeout() -> u64 { 10 }
 
+fn default_federation_conn_timeout() -> u64 { 10 }
+
 fn default_federation_timeout() -> u64 { 25 }
 
 fn default_federation_idle_timeout() -> u64 { 25 }

src/service/client/mod.rs

@@ -66,6 +66,7 @@ impl crate::Service for Service {
 
 			federation: base(config)?
 				.dns_resolver(resolver.resolver.hooked.clone())
+				.connect_timeout(Duration::from_secs(config.federation_conn_timeout))
 				.read_timeout(Duration::from_secs(config.federation_timeout))
 				.pool_max_idle_per_host(config.federation_idle_per_host.into())
 				.pool_idle_timeout(Duration::from_secs(config.federation_idle_timeout))
@@ -74,6 +75,7 @@ impl crate::Service for Service {
 
 			synapse: base(config)?
 				.dns_resolver(resolver.resolver.hooked.clone())
+				.connect_timeout(Duration::from_secs(config.federation_conn_timeout))
 				.read_timeout(Duration::from_secs(305))
 				.pool_max_idle_per_host(0)
 				.redirect(redirect::Policy::limited(3))
@@ -81,6 +83,7 @@ impl crate::Service for Service {
 
 			sender: base(config)?
 				.dns_resolver(resolver.resolver.hooked.clone())
+				.connect_timeout(Duration::from_secs(config.federation_conn_timeout))
 				.read_timeout(Duration::from_secs(config.sender_timeout))
 				.timeout(Duration::from_secs(config.sender_timeout))
 				.pool_max_idle_per_host(1)