sapoku 0.0.3 → 0.0.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/lib/sapoku.rb +49 -1
- metadata +1 -1
data/lib/sapoku.rb
CHANGED
|
@@ -62,7 +62,55 @@ class Gyro
|
|
|
62
62
|
@ram = self.ram
|
|
63
63
|
@name = self.app_name
|
|
64
64
|
|
|
65
|
-
|
|
65
|
+
template = %{
|
|
66
|
+
lxc.network.type=veth
|
|
67
|
+
lxc.network.link=lxcbr0
|
|
68
|
+
lxc.network.flags=up
|
|
69
|
+
#lxc.network.hwaddr=00:16:3e:85:68:c1
|
|
70
|
+
lxc.network.ipv4=<%= @ip %>
|
|
71
|
+
|
|
72
|
+
lxc.devttydir = lxc
|
|
73
|
+
lxc.tty = 4
|
|
74
|
+
lxc.pts = 1024
|
|
75
|
+
lxc.arch = amd64
|
|
76
|
+
lxc.cap.drop = sys_module mac_admin
|
|
77
|
+
lxc.pivotdir = lxc_putold
|
|
78
|
+
|
|
79
|
+
lxc.cgroup.memory.limit_in_bytes = <%= @ram %>M
|
|
80
|
+
|
|
81
|
+
# uncomment the next line to run the container unconfined:
|
|
82
|
+
#lxc.aa_profile = unconfined
|
|
83
|
+
|
|
84
|
+
lxc.cgroup.devices.deny = a
|
|
85
|
+
# Allow any mknod (but not using the node)
|
|
86
|
+
lxc.cgroup.devices.allow = c *:* m
|
|
87
|
+
lxc.cgroup.devices.allow = b *:* m
|
|
88
|
+
# /dev/null and zero
|
|
89
|
+
lxc.cgroup.devices.allow = c 1:3 rwm
|
|
90
|
+
lxc.cgroup.devices.allow = c 1:5 rwm
|
|
91
|
+
# consoles
|
|
92
|
+
lxc.cgroup.devices.allow = c 5:1 rwm
|
|
93
|
+
lxc.cgroup.devices.allow = c 5:0 rwm
|
|
94
|
+
#lxc.cgroup.devices.allow = c 4:0 rwm
|
|
95
|
+
#lxc.cgroup.devices.allow = c 4:1 rwm
|
|
96
|
+
# /dev/{,u}random
|
|
97
|
+
lxc.cgroup.devices.allow = c 1:9 rwm
|
|
98
|
+
lxc.cgroup.devices.allow = c 1:8 rwm
|
|
99
|
+
lxc.cgroup.devices.allow = c 136:* rwm
|
|
100
|
+
lxc.cgroup.devices.allow = c 5:2 rwm
|
|
101
|
+
lxc.cgroup.devices.allow = c 254:0 rwm
|
|
102
|
+
lxc.cgroup.devices.allow = c 10:229 rwm
|
|
103
|
+
lxc.cgroup.devices.allow = c 10:200 rwm
|
|
104
|
+
lxc.cgroup.devices.allow = c 1:7 rwm
|
|
105
|
+
lxc.cgroup.devices.allow = c 10:228 rwm
|
|
106
|
+
lxc.cgroup.devices.allow = c 10:232 rwm
|
|
107
|
+
|
|
108
|
+
lxc.utsname = <%= @name %>
|
|
109
|
+
lxc.mount = /var/lib/lxc/<%= @name %>/fstab
|
|
110
|
+
lxc.rootfs = /var/lib/lxc/<%= @name %>/rootfs
|
|
111
|
+
}
|
|
112
|
+
|
|
113
|
+
erb = ERB.new(template)
|
|
66
114
|
|
|
67
115
|
File.open("#{@name}_config", 'w') do |f|
|
|
68
116
|
f.write erb.result(self.get_binding)
|