mirror of
https://github.com/0xJacky/nginx-ui.git
synced 2026-05-06 14:03:40 +08:00
535c8efb38
The site checker created a fresh http.Transport per request and per EnhancedSiteChecker, with Go's default Happy-Eyeballs dialer. When server_name entries resolved to ingress services returning many A records (ngrok, AWS ALB, Cloudflare), each sweep opened enough flows to exhaust conntrack tables on consumer routers (UniFi). Introduce a package-level shared http.Transport with MaxConnsPerHost=2, MaxIdleConnsPerHost=2 and FallbackDelay=-1 (disables IPv6 dial races), plumb it through SiteChecker and EnhancedSiteChecker, and only build a custom client when the per-site HealthCheckConfig truly diverges on TLS. Reuse the response body fetched by the health check for favicon extraction so each site is hit at most once per sweep, and dedupe sites sharing the same host:port before fan-out. Add a [site_check] settings section (Enabled, Concurrency, Interval- Seconds) so operators can disable the checker entirely or tune the sweep cadence; clamp Concurrency to [1, 20] and IntervalSeconds to >=30. Document the new section in en, zh_CN and zh_TW guides and add sidebar entries. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>