Skip to content

fix: #15208#15216

Merged
lovesegfault merged 2 commits intomasterfrom
fix-s3-conn-reuse
Feb 13, 2026
Merged

fix: #15208#15216
lovesegfault merged 2 commits intomasterfrom
fix-s3-conn-reuse

Conversation

@lovesegfault
Copy link
Member

@lovesegfault lovesegfault commented Feb 12, 2026

Motivation

  • fix(libstore/filetransfer): enable TCP keep-alive on curl handles
  • feat(libstore/s3): use virtual-hosted-style URLs and add addressing-style option

Context

Fixes: #15208

Add 👍 to pull requests you find important.

The Nix maintainer team uses a GitHub project board to schedule and track reviews.

xokdvium
xokdvium reviewed Feb 12, 2026
View reviewed changes
@lovesegfault
fix(libstore/filetransfer): enable TCP keep-alive on curl handles
736abd5 
Idle connections in libcurl's connection pool can be silently dropped by
the OS or intermediate firewalls/NATs before they can be reused, forcing
new TCP connections to be created. This is especially problematic for
HTTP/1.1 endpoints where multiplexing is unavailable.

Enable TCP keep-alive with a 60-second idle/interval on all curl easy
handles to prevent idle connection drops and improve connection reuse.
xokdvium
xokdvium approved these changes Feb 12, 2026
View reviewed changes
Copy link
Contributor

@xokdvium xokdvium left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Makes sense to me.

@lovesegfault lovesegfault added the backport 2.33-maintenance Automatically creates a PR against the branch label Feb 12, 2026
@lovesegfault lovesegfault force-pushed the fix-s3-conn-reuse branch 2 times, most recently from 32ee842 to a261fef Compare February 12, 2026 23:26
@lovesegfault lovesegfault force-pushed the fix-s3-conn-reuse branch 3 times, most recently from 667ac54 to a0aa580 Compare February 12, 2026 23:48
@lovesegfault
feat(libstore/s3): use virtual-hosted-style URLs and add addressing-s…
759f6c8 
…tyle option

S3 binary caches now use virtual-hosted-style URLs by default for
standard AWS endpoints. Path-style endpoints (s3.region.amazonaws.com)
only serve HTTP/1.1, preventing HTTP/2 multiplexing and causing TCP
TIME_WAIT socket exhaustion under high concurrency. Virtual-hosted-style
endpoints (bucket.s3.region.amazonaws.com) support HTTP/2, enabling
multiplexing with the existing CURLPIPE_MULTIPLEX configuration.

Add a new `addressing-style` store option (auto/path/virtual) to control
this behavior. `auto` (default) uses virtual-hosted-style for standard
AWS endpoints and path-style for custom endpoints. `path` forces
path-style for backwards compatibility. `virtual` forces virtual-hosted-
style for all endpoints including custom ones.

Fixes: #15208
@lovesegfault lovesegfault added this pull request to the merge queue Feb 13, 2026
Merged via the queue into master with commit a8f305a Feb 13, 2026
18 checks passed
@lovesegfault lovesegfault deleted the fix-s3-conn-reuse branch February 13, 2026 01:43
@internal-nix-ci internal-nix-ci bot mentioned this pull request Feb 13, 2026
Merged
@internal-nix-ci
Copy link

internal-nix-ci bot commented Feb 13, 2026

Successfully created backport PR for 2.33-maintenance:

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@xokdvium xokdvium xokdvium approved these changes

@Ericson2314 Ericson2314 Awaiting requested review from Ericson2314 Ericson2314 is a code owner

@edolstra edolstra Awaiting requested review from edolstra edolstra is a code owner

Assignees

No one assigned

Labels

backport 2.33-maintenance Automatically creates a PR against the branch documentation

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Nix 2.33 S3 HTTP client causes TIME_WAIT socket exhaustion due to missing connection reuse

2 participants

@lovesegfault @xokdvium