sapoku 0.0.3 → 0.0.4

data/lib/sapoku.rb

@@ -62,7 +62,55 @@ class Gyro
 		@ram = self.ram
 		@name = self.app_name
 
-		erb = ERB.new(File.read('config.erb'))
+		template = %{
+lxc.network.type=veth
+lxc.network.link=lxcbr0
+lxc.network.flags=up
+#lxc.network.hwaddr=00:16:3e:85:68:c1
+lxc.network.ipv4=<%= @ip %>
+
+lxc.devttydir = lxc
+lxc.tty = 4
+lxc.pts = 1024
+lxc.arch = amd64
+lxc.cap.drop = sys_module mac_admin
+lxc.pivotdir = lxc_putold
+
+lxc.cgroup.memory.limit_in_bytes = <%= @ram %>M
+
+# uncomment the next line to run the container unconfined:
+#lxc.aa_profile = unconfined
+
+lxc.cgroup.devices.deny = a
+# Allow any mknod (but not using the node)
+lxc.cgroup.devices.allow = c *:* m
+lxc.cgroup.devices.allow = b *:* m
+# /dev/null and zero
+lxc.cgroup.devices.allow = c 1:3 rwm
+lxc.cgroup.devices.allow = c 1:5 rwm
+# consoles
+lxc.cgroup.devices.allow = c 5:1 rwm
+lxc.cgroup.devices.allow = c 5:0 rwm
+#lxc.cgroup.devices.allow = c 4:0 rwm
+#lxc.cgroup.devices.allow = c 4:1 rwm
+# /dev/{,u}random
+lxc.cgroup.devices.allow = c 1:9 rwm
+lxc.cgroup.devices.allow = c 1:8 rwm
+lxc.cgroup.devices.allow = c 136:* rwm
+lxc.cgroup.devices.allow = c 5:2 rwm
+lxc.cgroup.devices.allow = c 254:0 rwm
+lxc.cgroup.devices.allow = c 10:229 rwm
+lxc.cgroup.devices.allow = c 10:200 rwm
+lxc.cgroup.devices.allow = c 1:7 rwm
+lxc.cgroup.devices.allow = c 10:228 rwm
+lxc.cgroup.devices.allow = c 10:232 rwm
+
+lxc.utsname = <%= @name %>
+lxc.mount = /var/lib/lxc/<%= @name %>/fstab
+lxc.rootfs = /var/lib/lxc/<%= @name %>/rootfs
+}
+
+		erb = ERB.new(template)
 
 		File.open("#{@name}_config", 'w') do |f|
 			f.write erb.result(self.get_binding)

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: sapoku
 version: !ruby/object:Gem::Version
-  version: 0.0.3
+  version: 0.0.4
   prerelease: 
 platform: ruby
 authors: