diff options
| author |  Johannes Christ <[email protected]> | 2024-05-04 07:40:24 +0200 |
|---|---|---|
| committer | jchristgit <[email protected]> | 2024-05-04 11:51:51 +0200 |
| commit | 6ca6d383b1233a678b7b2d3767f305263a2cbb00 (patch) | |
| tree | f3fba773c8e4da740e96ae3e10588218c4aed12a | |
| parent | set backend to systemd (diff) | |
Configure default security limits
The new limits allow each user to run a maximum of 100 processes by
default, allowing to manually raise this number to 200.
When a custom "pydis" group or similar is introduced, I plan to expand
this to also specify other limits to prevent user error from causing
problems on the system.
| -rw-r--r-- | ansible/roles/common/tasks/main.yml | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/ansible/roles/common/tasks/main.yml b/ansible/roles/common/tasks/main.yml index 8b5fd19..d23c6e0 100644 --- a/ansible/roles/common/tasks/main.yml +++ b/ansible/roles/common/tasks/main.yml @@ -47,6 +47,21 @@ tags: - role::common +- name: Configure default security limits + ansible.builtin.copy: + content: | + # Ansible managed + + # <domain> <type> <item> <value> + * soft nproc 100 + * hard nproc 200 + dest: /etc/security/limits.d/pydis.conf + owner: root + group: root + mode: "0444" + tags: + - role::common + - name: Set timezone to UTC file: src: /usr/share/zoneinfo/Etc/UTC |