--- /dev/null
+# DOC: http://www.postgresql.org/docs/9.1/static/kernel-resources.html
+kernel.shmmax = 17179869184
+kernel.shmall = 4194304
--- /dev/null
+# DOC: http://dak1n1.com/blog/12-nginx-performance-tuning
+
+# NOTE: increase system IPv4 port limits to allow for more connections.
+net.ipv4.ip_local_port_range = 2000 65000
+net.ipv4.tcp_window_scaling = 1
+
+# NOTE: number of packets to keep in backlog before the kernel starts dropping them.
+net.ipv4.tcp_max_syn_backlog = 3240000
+
+# NOTE: increase socket listen backlog.
+net.core.somaxconn = 3240000
+net.ipv4.tcp_max_tw_buckets = 1440000
+
+# NOTE: increase TCP buffer sizes.
+net.core.rmem_default = 8388608
+net.core.rmem_max = 16777216
+net.core.wmem_max = 16777216
+net.ipv4.tcp_congestion_control = cubic
+net.ipv4.tcp_rmem = 4096 87380 16777216
+net.ipv4.tcp_wmem = 4096 65536 16777216
--- /dev/null
+# NOTE: n'utilise le swap qu'en cas d'absolue nécessité
+vm.swappiness = 10
+vm.vfs_cache_pressure = 50
${vm_lvm_lv}_home_deciphered /dev/$vm_lvm_vg/${vm_lvm_lv}_home ${vm_lvm_lv}_root_deciphered luks,lvm=$vm_lvm_vg,keyscript=/lib/cryptsetup/scripts/decrypt_derived
${vm_lvm_lv}_swap_deciphered /dev/$vm_lvm_vg/${vm_lvm_lv}_swap ${vm_lvm_lv}_root_deciphered luks,lvm=$vm_lvm_vg,keyscript=/lib/cryptsetup/scripts/decrypt_derived
EOF
- sudo install -m 644 -o root -g root /dev/stdin /etc/sysctl.d/local-swap.conf <<-EOF
- vm.swappiness = 10 # NOTE: n'utilise le swap qu'en cas d'absolue nécessité
- vm.vfs_cache_pressure=50
- EOF
}
rule_initramfs_configure () {
sudo install -m 644 -o root -g root /dev/stdin /etc/initramfs-tools/initramfs.conf <<-EOF
EOF
sudo service ssh restart
}
+rule_sysctl_configure () {
+ local -; set +f
+ for conf in "$tool"/etc/sysctl.d/*.conf
+ do conf=${conf#"$tool"/etc/sysctl.d/}
+ sudo install -m 660 -o root -g root \
+ "$tool"/etc/sysctl.d/"$conf" \
+ /etc/sysctl.d/"$conf"
+ done
+ sudo sysctl --system
+ }
rule_user_add () { # SYNTAX: $user
rule user_configure
local user=$1
rule ssh_configure
rule user_root_configure
rule boot_configure
+ rule sysctl_configure
rule user_configure
rule mail_configure
#rule apache2_configure