Ajout : vm_hosted : rule_filesystem_configure : tmpfs .

[lhc/ateliers.git] / vm_hosted

diff --git a/vm_hosted b/vm_hosted
index 6e43c25..7a1e4a7 100755 (executable)
--- a/vm_hosted
+++ b/vm_hosted
@@ -390,7 +390,6 @@ rule_filesystem_configure () {
                LABEL=${vm_lvm_lv}_boot /boot ext2 defaults 0 0
                proc /proc proc defaults 0 0
                sysfs /sys sysfs defaults 0 0
-               tmpfs /tmp tmpfs rw,nosuid,nodev,auto,size=200m,nr_inodes=1000k,mode=1777,noatime,nodiratime 0 0
                /dev/mapper/${vm_lvm_lv}_root_deciphered /     ext4 defaults,errors=remount-ro,acl,barrier=1,noatime 0 1
                /dev/mapper/${vm_lvm_lv}_var_deciphered  /var  ext4 defaults,errors=remount-ro,acl,barrier=1,noatime 0 1
                /dev/mapper/${vm_lvm_lv}_home_deciphered /home ext4 defaults,errors=remount-ro,acl,barrier=1,noatime,usrquota,grpquota 0 0
@@ -404,10 +403,24 @@ rule_filesystem_configure () {
                ${vm_lvm_lv}_home_deciphered /dev/$vm_lvm_vg/${vm_lvm_lv}_home ${vm_lvm_lv}_root_deciphered luks,lvm=$vm_lvm_vg,keyscript=/lib/cryptsetup/scripts/decrypt_derived
                ${vm_lvm_lv}_swap_deciphered /dev/$vm_lvm_vg/${vm_lvm_lv}_swap ${vm_lvm_lv}_root_deciphered luks,lvm=$vm_lvm_vg,keyscript=/lib/cryptsetup/scripts/decrypt_derived
                EOF
-       sudo install -m 644 -o root -g root /dev/stdin /etc/sysctl.d/local-swap.conf <<-EOF
-               vm.swappiness = 10 # NOTE: n'utilise le swap qu'en cas d'absolue nécessité
-               vm.vfs_cache_pressure=50
+       sudo install -m 644 -o root -g root /dev/stdin /etc/default/tmpfs <<-EOF
+               LOCK_SIZE=5242880 # NOTE: 5MiB
+               RAMLOCK=yes
+               RAMSHM=yes
+               RAMTMP=yes
+               RUN_SIZE=10%
+               SHM_SIZE=
+               TMP_MODE=1777,nr_inodes=1000k,noatime
+               TMP_OVERFLOW_LIMIT=1024
+                # NOTE: mount tmpfs on /tmp if there is less than the limit size (in kiB)
+                #       on the root filesystem (overriding RAMTMP).
+               TMP_SIZE=200m
+               TMPFS_SIZE=20%VM
                EOF
+       sudo install -m 775 -o root -g root \
+        "$tool"/etc/init.d/tmpfs \
+               /etc/init.d/tmpfs
+       sudo update-rc.d tmpfs defaults
  }
 rule_initramfs_configure () {
        sudo install -m 644 -o root -g root /dev/stdin /etc/initramfs-tools/initramfs.conf <<-EOF
@@ -1008,6 +1021,16 @@ rule_ssh_configure () {
                EOF
        sudo service ssh restart
  }
+rule_sysctl_configure () {
+       local -; set +f
+       for conf in "$tool"/etc/sysctl.d/*.conf
+        do conf=${conf#"$tool"/etc/sysctl.d/}
+               sudo install -m 660 -o root -g root \
+                "$tool"/etc/sysctl.d/"$conf" \
+                /etc/sysctl.d/"$conf"
+        done
+       sudo sysctl --system
+ }
 rule_user_add () { # SYNTAX: $user
        rule user_configure
        local user=$1
@@ -1125,6 +1148,7 @@ rule_configure () {
        rule ssh_configure
        rule user_root_configure
        rule boot_configure
+       rule sysctl_configure
        rule user_configure
        rule mail_configure
        #rule apache2_configure