Struct OutboxWorkerConfig 

pub struct OutboxWorkerConfig {
    pub poll_interval: Duration,
    pub batch_size: usize,
    pub max_attempts: u32,
    pub retry_base_delay: Duration,
    pub retry_max_delay: Duration,
    pub jitter: bool,
    pub min_cycle_delay: Duration,
    pub dispatch_timeout: Duration,
}

Tuning parameters for an OutboxWorker.

Fields

poll_interval: Duration

Sleep duration between empty polls.

batch_size: usize

Maximum number of envelopes returned by a single poll.

max_attempts: u32

Number of attempts allowed before an envelope stops being polled.

retry_base_delay: Duration

Base delay for the exponential backoff applied after a failed dispatch.

The actual delay before attempt n is: min(retry_max_delay, retry_base_delay × 2^n)

When Self::jitter is true (the default), a uniform random value in [0, computed_delay] is drawn instead (full-jitter strategy), which spreads retries across the window and avoids thundering-herd spikes.

retry_max_delay: Duration

Upper bound on the computed backoff delay.

Caps retry_base_delay × 2^n so retries never wait longer than this value regardless of the attempt count.

jitter: bool

Apply full jitter to the backoff delay.

When true (the default), the worker draws a uniform random value in [0, capped_delay] instead of using the deterministic exponential. Set to false to get a predictable delay (useful in tests or environments where all workers share the same retry schedule).

min_cycle_delay: Duration

Minimum delay applied between consecutive non-empty poll cycles.

A full batch otherwise loops with no delay, busy-spinning the store under a sustained backlog. This floor paces back-to-back non-empty cycles without affecting the empty-poll path (which still waits for Self::poll_interval). Set it to Duration::ZERO to disable pacing and restore the previous tight-loop behavior.

dispatch_timeout: Duration

Per-envelope handler deadline and soft-lease unit.

Two related roles:

• Hard timeout. Each handler invocation is wrapped in a tokio::time::timeout of this duration. A handler that exceeds it has its cancellation token signalled and the dispatch is recorded as a failed attempt (OutboxError::DispatchTimeout), so a hung handler cannot stall the worker.
• Lease unit. After polling a batch, the worker leases the whole batch by setting next_retry_at to the database clock plus batch_size x dispatch_timeout, then commits immediately. This releases the FOR UPDATE SKIP LOCKED row-level locks before dispatch begins while keeping the lease alive across the worst-case sequential dispatch of every envelope in the batch, so competing workers do not re-pick a tail envelope mid-batch.

Set it to the worst-case duration of a single handler; the batch_size multiplier for the lease is applied internally, so do not pre-multiply it yourself.

Implementations

impl OutboxWorkerConfig

pub fn next_retry_delay(&self, attempts: u32) -> Duration

Compute the next retry delay for an envelope that has failed attempts times.

Uses bounded exponential backoff: min(retry_max_delay, retry_base_delay × 2^attempts). When Self::jitter is true, returns a uniform random value in [0, computed_delay] (full-jitter strategy).

The computation is overflow-safe: checked_shl returns None when the shift overflows, in which case the factor falls back to u32::MAX, and Duration::saturating_mul clamps the result instead of panicking.

Trait Implementations

impl Clone for OutboxWorkerConfig

fn clone(&self) -> OutboxWorkerConfig

Returns a duplicate of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Debug for OutboxWorkerConfig

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl Default for OutboxWorkerConfig

fn default() -> Self

Returns the “default value” for a type.