puppet: Switch to an included limits.d file.

2025-11-03 21:43:21 +00:00 · 2024-08-20 01:31:55 +00:00
parent 64516ab9f4
commit 47ebef057e
3 changed files with 6 additions and 62 deletions
--- a/puppet/zulip/files/limits.d/zulip.conf
+++ b/puppet/zulip/files/limits.d/zulip.conf
@@ -0,0 +1,4 @@
+zulip		 soft	 nofile		1000000
+zulip		 hard	 nofile		1048576
+root		 soft	 nofile		1000000
+root		 hard	 nofile		1048576
--- a/puppet/zulip/files/security/limits.conf
+++ b/puppet/zulip/files/security/limits.conf
@@ -1,60 +0,0 @@
-# /etc/security/limits.conf
-#
-#Each line describes a limit for a user in the form:
-#
-#<domain>        <type>  <item>  <value>
-#
-#Where:
-#<domain> can be:
-#        - an user name
-#        - a group name, with @group syntax
-#        - the wildcard *, for default entry
-#        - the wildcard %, can be also used with %group syntax,
-#                 for maxlogin limit
-#        - NOTE: group and wildcard limits are not applied to root.
-#          To apply a limit to the root user, <domain> must be
-#          the literal username root.
-#
-#<type> can have the two values:
-#        - "soft" for enforcing the soft limits
-#        - "hard" for enforcing hard limits
-#
-#<item> can be one of the following:
-#        - core - limits the core file size (KB)
-#        - data - max data size (KB)
-#        - fsize - maximum filesize (KB)
-#        - memlock - max locked-in-memory address space (KB)
-#        - nofile - max number of open files
-#        - rss - max resident set size (KB)
-#        - stack - max stack size (KB)
-#        - cpu - max CPU time (MIN)
-#        - nproc - max number of processes
-#        - as - address space limit (KB)
-#        - maxlogins - max number of logins for this user
-#        - maxsyslogins - max number of logins on the system
-#        - priority - the priority to run user process with
-#        - locks - max number of file locks the user can hold
-#        - sigpending - max number of pending signals
-#        - msgqueue - max memory used by POSIX message queues (bytes)
-#        - nice - max nice priority allowed to raise to values: [-20, 19]
-#        - rtprio - max realtime priority
-#        - chroot - change root to directory (Debian-specific)
-#
-#<domain>      <type>  <item>         <value>
-#
-
-#*               soft    core            0
-#root            hard    core            100000
-#*               hard    rss             10000
-#@student        hard    nproc           20
-#@faculty        soft    nproc           20
-#@faculty        hard    nproc           50
-#ftp             hard    nproc           0
-#ftp             -       chroot          /ftp
-#@student        -       maxlogins       4
-zulip		 soft	 nofile		1000000
-zulip		 hard	 nofile		1048576
-root		 soft	 nofile		1000000
-root		 hard	 nofile		1048576
-
-# End of file
--- a/puppet/zulip/manifests/profile/base.pp
+++ b/puppet/zulip/manifests/profile/base.pp
@@ -95,12 +95,12 @@ class zulip::profile::base {
    group   => 'zulip',
  }

-  file { '/etc/security/limits.conf':
+  file { '/etc/security/limits.d/zulip.conf':
    ensure => file,
    mode   => '0640',
    owner  => 'root',
    group  => 'root',
-    source => 'puppet:///modules/zulip/security/limits.conf',
+    source => 'puppet:///modules/zulip/limits.d/zulip.conf',
  }
  file { '/etc/systemd/system.conf.d/':
    ensure => directory,