Updated all containers (to use unprivileged base and memory limits).

diff --git a/sources/db2.in/config b/sources/db2.in/config
index 02bd2498bb66d3389b516c0209f5df7266bd879a..ad30ede0158c79f7d3258060fd78a380df156a02 100644 (file)
--- a/sources/db2.in/config
+++ b/sources/db2.in/config
@@ -3,7 +3,6 @@ lxc.include = /usr/share/lxc/config/common.conf
 lxc.arch = x86_64
 lxc.uts.name = db2.in.useribm.hu
 lxc.rootfs.path = __CONTAINER_PATH__/rootfs
-lxc.rootfs.options = idmap=container
 lxc.mount.auto = proc:rw sys:ro
 lxc.mount.entry = __CONTAINER_FILESYSTEMS_PATH__ data none bind,create=dir 0 0
 
@@ -15,6 +14,8 @@ lxc.net.0.hwaddr = 02:0c:18:03:6d:a6
 lxc.autodev = 1
 
 lxc.cgroup2.devices.allow = a
+lxc.cgroup2.memory.high = 16G
+lxc.cgroup2.memory.max = 20G
 
 lxc.idmap = u 0 100000 100000
 lxc.idmap = g 0 100000 100000

diff --git a/sources/efg.pm/config b/sources/efg.pm/config
index efbc6a5db42ac3933815225beea0bc6602733d04..ffcbfbc22bcb926375986e06662687dce941027b 100644 (file)
--- a/sources/efg.pm/config
+++ b/sources/efg.pm/config
@@ -3,7 +3,6 @@ lxc.include = /usr/share/lxc/config/common.conf
 lxc.arch = x86_64
 lxc.uts.name = efg.pm.useribm.hu
 lxc.rootfs.path = __CONTAINER_PATH__/rootfs
-lxc.rootfs.options = idmap=container
 lxc.mount.auto = proc:rw sys:ro
 
 lxc.net.0.type = veth
@@ -27,6 +26,8 @@ lxc.net.1.hwaddr = 02:0c:18:03:28:92
 lxc.autodev = 1
 
 lxc.cgroup2.devices.allow = a
+lxc.cgroup2.memory.high = 384M
+lxc.cgroup2.memory.max = 512M
 
 lxc.idmap = u 0 100000 100000
 lxc.idmap = g 0 100000 100000

diff --git a/sources/ens.pm/config b/sources/ens.pm/config
index 4df958fad3317ef9ffeb1b920e4f848e000d71a5..149d7048b794467b2c1cdb8395db078c00e1d094 100644 (file)
--- a/sources/ens.pm/config
+++ b/sources/ens.pm/config
@@ -3,7 +3,6 @@ lxc.include = /usr/share/lxc/config/common.conf
 lxc.arch = x86_64
 lxc.uts.name = ens.pm.useribm.hu
 lxc.rootfs.path = __CONTAINER_PATH__/rootfs
-lxc.rootfs.options = idmap=container
 lxc.mount.auto = proc:rw sys:ro
 
 lxc.net.0.type = veth
@@ -14,6 +13,8 @@ lxc.net.0.hwaddr = 02:0c:18:03:ad:40
 lxc.autodev = 1
 
 lxc.cgroup2.devices.allow = a
+lxc.cgroup2.memory.high = 384M
+lxc.cgroup2.memory.max = 512M
 
 lxc.idmap = u 0 100000 100000
 lxc.idmap = g 0 100000 100000

diff --git a/sources/fdc.in/config b/sources/fdc.in/config
index 50626545138fba1771013f3a9977b9fc8b7a3882..7b966f4018154ee51c9320445691db5f4c5962a5 100644 (file)
--- a/sources/fdc.in/config
+++ b/sources/fdc.in/config
@@ -3,7 +3,6 @@ lxc.include = /usr/share/lxc/config/common.conf
 lxc.arch = x86_64
 lxc.uts.name = fdc.in.useribm.hu
 lxc.rootfs.path = __CONTAINER_PATH__/rootfs
-lxc.rootfs.options = idmap=container
 lxc.mount.auto = proc:rw sys:ro
 
 lxc.net.0.type = veth
@@ -14,6 +13,8 @@ lxc.net.0.hwaddr = 02:0c:18:03:6d:83
 lxc.autodev = 1
 
 lxc.cgroup2.devices.allow = a
+lxc.cgroup2.memory.high = 384M
+lxc.cgroup2.memory.max = 512M
 
 lxc.idmap = u 0 100000 100000
 lxc.idmap = g 0 100000 100000

diff --git a/sources/fds.in/config b/sources/fds.in/config
index 5868a4bd098c424217d438539029cd0747b9b852..e809cb133427ffe0c1e2ff94a0a993ba31b08861 100644 (file)
--- a/sources/fds.in/config
+++ b/sources/fds.in/config
@@ -3,7 +3,6 @@ lxc.include = /usr/share/lxc/config/common.conf
 lxc.arch = x86_64
 lxc.uts.name = fds.in.useribm.hu
 lxc.rootfs.path = __CONTAINER_PATH__/rootfs
-lxc.rootfs.options = idmap=container
 lxc.mount.auto = proc:rw sys:ro
 
 lxc.net.0.type = veth
@@ -14,6 +13,8 @@ lxc.net.0.hwaddr = 02:0c:18:03:6d:93
 lxc.autodev = 1
 
 lxc.cgroup2.devices.allow = a
+lxc.cgroup2.memory.high = 3G
+lxc.cgroup2.memory.max = 4G
 
 lxc.idmap = u 0 100000 100000
 lxc.idmap = g 0 100000 100000

diff --git a/sources/git.pm/config b/sources/git.pm/config
index 2c03ed1e5c3b4a1b751f87ff5795c068db3ffae0..1447084bae39d00f3f8089b11e5b5341e84229c3 100644 (file)
--- a/sources/git.pm/config
+++ b/sources/git.pm/config
@@ -3,7 +3,6 @@ lxc.include = /usr/share/lxc/config/common.conf
 lxc.arch = x86_64
 lxc.uts.name = git.pm.useribm.hu
 lxc.rootfs.path = __CONTAINER_PATH__/rootfs
-lxc.rootfs.options = idmap=container
 lxc.mount.auto = proc:rw sys:ro
 lxc.mount.entry = __CONTAINER_FILESYSTEMS_PATH__ git none bind,create=dir 0 0
 
@@ -15,6 +14,8 @@ lxc.net.0.hwaddr = 02:0c:18:03:ad:4f
 lxc.autodev = 1
 
 lxc.cgroup2.devices.allow = a
+lxc.cgroup2.memory.high = 384M
+lxc.cgroup2.memory.max = 512M
 
 lxc.idmap = u 0 100000 100000
 lxc.idmap = g 0 100000 100000

diff --git a/sources/gitea.in/config b/sources/gitea.in/config
index a94bae0afae63fc2e5a6ec50e29e8d4769022be0..c86e1032870be39054331cd4686c3bc6551624dd 100644 (file)
--- a/sources/gitea.in/config
+++ b/sources/gitea.in/config
@@ -3,7 +3,6 @@ lxc.include = /usr/share/lxc/config/common.conf
 lxc.arch = x86_64
 lxc.uts.name = gitea.in.useribm.hu
 lxc.rootfs.path = __CONTAINER_PATH__/rootfs
-lxc.rootfs.options = idmap=container
 lxc.mount.auto = proc:rw sys:ro
 lxc.mount.entry = __CONTAINER_FILESYSTEMS_PATH__ gitea none bind,create=dir 0 0
 
@@ -15,6 +14,8 @@ lxc.net.0.hwaddr = 02:0c:18:03:6d:dc
 lxc.autodev = 1
 
 lxc.cgroup2.devices.allow = a
+lxc.cgroup2.memory.high = 768M
+lxc.cgroup2.memory.max = 1G
 
 lxc.idmap = u 0 100000 100000
 lxc.idmap = g 0 100000 100000

diff --git a/sources/ifg.in/config b/sources/ifg.in/config
index 472ca10fd19f2c3a26204d28a562eacdb3b4808c..44cb922a8f12b656897fd37b9a98587be717b1c8 100644 (file)
--- a/sources/ifg.in/config
+++ b/sources/ifg.in/config
@@ -3,7 +3,6 @@ lxc.include = /usr/share/lxc/config/common.conf
 lxc.arch = x86_64
 lxc.uts.name = ifg.in.useribm.hu
 lxc.rootfs.path = __CONTAINER_PATH__/rootfs
-lxc.rootfs.options = idmap=container
 lxc.mount.auto = proc:rw sys:ro
 
 lxc.net.0.type = veth

diff --git a/sources/kea.in/config b/sources/kea.in/config
index 935e3868eaa2237d7635cdb528b98900ecbe94ef..504697f0fc3b30cda2900d82b1054e0ff5783690 100644 (file)
--- a/sources/kea.in/config
+++ b/sources/kea.in/config
@@ -3,7 +3,6 @@ lxc.include = /usr/share/lxc/config/common.conf
 lxc.arch = x86_64
 lxc.uts.name = kea.in.useribm.hu
 lxc.rootfs.path = __CONTAINER_PATH__/rootfs
-lxc.rootfs.options = idmap=container
 lxc.mount.auto = proc:rw sys:ro
 
 lxc.net.0.type = veth
@@ -14,6 +13,8 @@ lxc.net.0.hwaddr = 02:0c:18:03:6d:7f
 lxc.autodev = 1
 
 lxc.cgroup2.devices.allow = a
+lxc.cgroup2.memory.high = 384M
+lxc.cgroup2.memory.max = 512M
 
 lxc.idmap = u 0 100000 100000
 lxc.idmap = g 0 100000 100000

diff --git a/sources/kms.in/config b/sources/kms.in/config
index 5afc9d283405e1df0675c78446c924de73e69a7f..f2eba7281303937624624639badefb1f9939c225 100644 (file)
--- a/sources/kms.in/config
+++ b/sources/kms.in/config
@@ -3,9 +3,8 @@ lxc.include = /usr/share/lxc/config/common.conf
 lxc.arch = x86_64
 lxc.uts.name = kms.in.useribm.hu
 lxc.rootfs.path = __CONTAINER_PATH__/rootfs
-lxc.rootfs.options = idmap=container
 lxc.mount.auto = proc:rw sys:ro
-lxc.mount.entry = __CONTAINER_FILESYSTEMS_PATH__ kms none bind,create=dir 0 0
+lxc.mount.entry = __CONTAINER_FILESYSTEMS_PATH__       kms     none    bind,create=dir 0 0
 
 lxc.net.0.type = veth
 lxc.net.0.flags = up
@@ -15,6 +14,8 @@ lxc.net.0.hwaddr = 02:0c:18:03:6d:e1
 lxc.autodev = 1
 
 lxc.cgroup2.devices.allow = a
+lxc.cgroup2.memory.high = 384M
+lxc.cgroup2.memory.max = 512M
 
 lxc.idmap = u 0 100000 100000
 lxc.idmap = g 0 100000 100000

diff --git a/sources/log.in/config b/sources/log.in/config
index b3366454af784712826b04738f55070480f3609c..f96ddfb75ec54143a1fcc8ce2fb978946e7ce723 100644 (file)
--- a/sources/log.in/config
+++ b/sources/log.in/config
@@ -3,7 +3,6 @@ lxc.include = /usr/share/lxc/config/common.conf
 lxc.arch = x86_64
 lxc.uts.name = log.in.useribm.hu
 lxc.rootfs.path = __CONTAINER_PATH__/rootfs
-lxc.rootfs.options = idmap=container
 lxc.mount.auto = proc:rw sys:ro
 lxc.mount.entry = __CONTAINER_FILESYSTEMS_PATH__ var/log/remote none bind,create=dir 0 0
 
@@ -15,6 +14,8 @@ lxc.net.0.hwaddr = 02:0c:18:03:6d:4d
 lxc.autodev = 1
 
 lxc.cgroup2.devices.allow = a
+lxc.cgroup2.memory.high = 384M
+lxc.cgroup2.memory.max = 512M
 
 lxc.idmap = u 0 100000 100000
 lxc.idmap = g 0 100000 100000

diff --git a/sources/mx.in/config b/sources/mx.in/config
index 5466fa7fc83408286e99d4ac038894a24d98a7e5..bf12b9d454a75920c3337c26820d69414984057d 100644 (file)
--- a/sources/mx.in/config
+++ b/sources/mx.in/config
@@ -3,7 +3,6 @@ lxc.include = /usr/share/lxc/config/common.conf
 lxc.arch = x86_64
 lxc.uts.name = mx.in.useribm.hu
 lxc.rootfs.path = __CONTAINER_PATH__/rootfs
-lxc.rootfs.options = idmap=container
 lxc.mount.auto = proc:rw sys:ro
 
 lxc.net.0.type = veth
@@ -14,6 +13,8 @@ lxc.net.0.hwaddr = 02:0c:18:03:6d:9a
 lxc.autodev = 1
 
 lxc.cgroup2.devices.allow = a
+lxc.cgroup2.memory.high = 384M
+lxc.cgroup2.memory.max = 512M
 
 lxc.idmap = u 0 100000 100000
 lxc.idmap = g 0 100000 100000

diff --git a/sources/ns1.in/config b/sources/ns1.in/config
index 0dca839b6a9f0d4361ac823a94b08f60a43823d8..df39ac5a3e2d0887e85c22ce9824df183c8b254c 100644 (file)
--- a/sources/ns1.in/config
+++ b/sources/ns1.in/config
@@ -3,7 +3,6 @@ lxc.include = /usr/share/lxc/config/common.conf
 lxc.arch = x86_64
 lxc.uts.name = ns1.in.useribm.hu
 lxc.rootfs.path = __CONTAINER_PATH__/rootfs
-lxc.rootfs.options = idmap=container
 lxc.mount.auto = proc:rw sys:ro
 
 lxc.net.0.type = veth
@@ -14,6 +13,8 @@ lxc.net.0.hwaddr = 02:0c:18:03:6d:9f
 lxc.autodev = 1
 
 lxc.cgroup2.devices.allow = a
+lxc.cgroup2.memory.high = 384M
+lxc.cgroup2.memory.max = 512M
 
 lxc.idmap = u 0 100000 100000
 lxc.idmap = g 0 100000 100000

diff --git a/sources/ns2.in/config b/sources/ns2.in/config
index e7ea8747b844ce66bf53479446f0653f02ecdfaf..92432ff4b7581d13924a353ac3d7eb8eb8dbc329 100644 (file)
--- a/sources/ns2.in/config
+++ b/sources/ns2.in/config
@@ -3,7 +3,6 @@ lxc.include = /usr/share/lxc/config/common.conf
 lxc.arch = x86_64
 lxc.uts.name = ns2.in.useribm.hu
 lxc.rootfs.path = __CONTAINER_PATH__/rootfs
-lxc.rootfs.options = idmap=container
 lxc.mount.auto = proc:rw sys:ro
 
 lxc.net.0.type = veth
@@ -14,6 +13,8 @@ lxc.net.0.hwaddr = 02:0c:18:03:5c:9f
 lxc.autodev = 1
 
 lxc.cgroup2.devices.allow = a
+lxc.cgroup2.memory.high = 384M
+lxc.cgroup2.memory.max = 512M
 
 lxc.idmap = u 0 100000 100000
 lxc.idmap = g 0 100000 100000

diff --git a/sources/pki.in/config b/sources/pki.in/config
index 3a342844bd39226ed556ecd0fb7d749f00cfc39d..360594c6b6e451537d66a2702e812c41ceeaa971 100644 (file)
--- a/sources/pki.in/config
+++ b/sources/pki.in/config
@@ -3,7 +3,6 @@ lxc.include = /usr/share/lxc/config/common.conf
 lxc.arch = x86_64
 lxc.uts.name = pki.in.useribm.hu
 lxc.rootfs.path = __CONTAINER_PATH__/rootfs
-lxc.rootfs.options = idmap=container
 lxc.mount.auto = proc:rw sys:ro
 
 lxc.net.0.type = veth
@@ -14,6 +13,8 @@ lxc.net.0.hwaddr = 02:0c:18:03:6d:b7
 lxc.autodev = 1
 
 lxc.cgroup2.devices.allow = a
+lxc.cgroup2.memory.high = 384M
+lxc.cgroup2.memory.max = 512M
 
 lxc.idmap = u 0 100000 100000
 lxc.idmap = g 0 100000 100000

diff --git a/sources/pns.pm/config b/sources/pns.pm/config
index e4b621489094081e8631e4494a408926e4592a25..8803926094eb9b3ed2d4c5c57fd7bd679b49aeb0 100644 (file)
--- a/sources/pns.pm/config
+++ b/sources/pns.pm/config
@@ -3,7 +3,6 @@ lxc.include = /usr/share/lxc/config/common.conf
 lxc.arch = x86_64
 lxc.uts.name = pns.pm.useribm.hu
 lxc.rootfs.path = __CONTAINER_PATH__/rootfs
-lxc.rootfs.options = idmap=container
 lxc.mount.auto = proc:rw sys:ro
 
 lxc.net.0.type = veth
@@ -14,6 +13,8 @@ lxc.net.0.hwaddr = 02:0c:18:03:ad:df
 lxc.autodev = 1
 
 lxc.cgroup2.devices.allow = a
+lxc.cgroup2.memory.high = 384M
+lxc.cgroup2.memory.max = 512M
 
 lxc.idmap = u 0 100000 100000
 lxc.idmap = g 0 100000 100000

diff --git a/sources/slycpx.in/config b/sources/slycpx.in/config
new file mode 100644 (file)
index 0000000..95d225b
--- /dev/null
+++ b/sources/slycpx.in/config
@@ -0,0 +1,27 @@
+lxc.include = /usr/share/lxc/config/common.conf
+
+lxc.arch = x86_64
+lxc.uts.name = slycpx.in.useribm.hu
+lxc.rootfs.path = __CONTAINER_PATH__/rootfs
+lxc.mount.auto = proc:rw sys:ro
+lxc.mount.entry = __CONTAINER_FILESYSTEMS_PATH__ opt/slycpx none bind,create=dir 0 0
+
+lxc.net.0.type = veth
+lxc.net.0.flags = up
+lxc.net.0.link = brci-dev
+lxc.net.0.hwaddr = 02:0c:18:03:6d:2c
+
+lxc.autodev = 1
+
+lxc.cgroup2.devices.allow = a
+lxc.cgroup2.memory.high = 4G
+lxc.cgroup2.memory.max = 5G
+
+lxc.idmap = u 0 100000 100000
+lxc.idmap = g 0 100000 100000
+
+lxc.signal.halt = SIGRTMIN+4
+
+lxc.start.auto = 1
+lxc.start.order = __CONTAINER_START_ORDER__
+lxc.start.delay = 5

diff --git a/sources/slycrm.in/config b/sources/slycrm.in/config
index e2c827d75ffb6e8a7b6333ec071831ae62696a68..dc502b80a0b9f73f1b562c9bc6607674f842a183 100644 (file)
--- a/sources/slycrm.in/config
+++ b/sources/slycrm.in/config
@@ -3,7 +3,6 @@ lxc.include = /usr/share/lxc/config/common.conf
 lxc.arch = x86_64
 lxc.uts.name = slycrm.in.useribm.hu
 lxc.rootfs.path = __CONTAINER_PATH__/rootfs
-lxc.rootfs.options = idmap=container
 lxc.mount.auto = proc:rw sys:ro
 lxc.mount.entry = __CONTAINER_FILESYSTEMS_PATH__ opt/slycrm none bind,create=dir 0 0
 
@@ -15,6 +14,8 @@ lxc.net.0.hwaddr = 02:0c:18:03:6d:35
 lxc.autodev = 1
 
 lxc.cgroup2.devices.allow = a
+lxc.cgroup2.memory.high = 12G
+lxc.cgroup2.memory.max = 16G
 
 lxc.idmap = u 0 100000 100000
 lxc.idmap = g 0 100000 100000

diff --git a/sources/sns.in/config b/sources/sns.in/config
index 9966441380166c15e3b5c3231440d554983185fc..4457aa53f877608295cf5c2877f1f025e80209e0 100644 (file)
--- a/sources/sns.in/config
+++ b/sources/sns.in/config
@@ -3,7 +3,6 @@ lxc.include = /usr/share/lxc/config/common.conf
 lxc.arch = x86_64
 lxc.uts.name = sns.in.useribm.hu
 lxc.rootfs.path = __CONTAINER_PATH__/rootfs
-lxc.rootfs.options = idmap=container
 lxc.mount.auto = proc:rw sys:ro
 
 lxc.net.0.type = veth
@@ -14,6 +13,8 @@ lxc.net.0.hwaddr = 02:0c:18:03:6d:0b
 lxc.autodev = 1
 
 lxc.cgroup2.devices.allow = a
+lxc.cgroup2.memory.high = 384M
+lxc.cgroup2.memory.max = 512M
 
 lxc.idmap = u 0 100000 100000
 lxc.idmap = g 0 100000 100000

diff --git a/sources/vpn.in/config b/sources/vpn.in/config
index 1fd72850898a12f1228221a9bad56633b89e9650..6fbae63a456314e66c9f5923fa3beea2813ece41 100644 (file)
--- a/sources/vpn.in/config
+++ b/sources/vpn.in/config
@@ -3,7 +3,6 @@ lxc.include = /usr/share/lxc/config/common.conf
 lxc.arch = x86_64
 lxc.uts.name = vpn.in.useribm.hu
 lxc.rootfs.path = __CONTAINER_PATH__/rootfs
-lxc.rootfs.options = idmap=container
 lxc.mount.auto = proc:rw sys:ro
 
 lxc.net.0.type = veth
@@ -14,6 +13,8 @@ lxc.net.0.hwaddr = 02:0c:18:03:6d:ec
 lxc.autodev = 1
 
 lxc.cgroup2.devices.allow = a
+lxc.cgroup2.memory.high = 384M
+lxc.cgroup2.memory.max = 512M
 
 lxc.idmap = u 0 100000 100000
 lxc.idmap = g 0 100000 100000

diff --git a/sources/wdt.in/config b/sources/wdt.in/config
new file mode 100644 (file)
index 0000000..528be00
--- /dev/null
+++ b/sources/wdt.in/config
@@ -0,0 +1,26 @@
+lxc.include = /usr/share/lxc/config/common.conf
+
+lxc.arch = x86_64
+lxc.uts.name = wdt.in.useribm.hu
+lxc.rootfs.path = __CONTAINER_PATH__/rootfs
+lxc.mount.auto = proc:rw sys:ro
+
+lxc.net.0.type = veth
+lxc.net.0.flags = up
+lxc.net.0.link = brci-dev
+lxc.net.0.hwaddr = 02:0c:18:03:6d:38
+
+lxc.autodev = 1
+
+lxc.cgroup2.devices.allow = a
+lxc.cgroup2.memory.high = 384M
+lxc.cgroup2.memory.max = 512M
+
+lxc.idmap = u 0 100000 100000
+lxc.idmap = g 0 100000 100000
+
+lxc.signal.halt = SIGRTMIN+4
+
+lxc.start.auto = 1
+lxc.start.order = __CONTAINER_START_ORDER__
+lxc.start.delay = 5

diff --git a/sources/wiki.in/config b/sources/wiki.in/config
index 6dcbb60625f1900f63a0c6e5e4b418644789c0e7..74f3f706ba562b0a15f1d63bb163705f9d5898f4 100644 (file)
--- a/sources/wiki.in/config
+++ b/sources/wiki.in/config
@@ -3,7 +3,6 @@ lxc.include = /usr/share/lxc/config/common.conf
 lxc.arch = x86_64
 lxc.uts.name = wiki.in.useribm.hu
 lxc.rootfs.path = __CONTAINER_PATH__/rootfs
-lxc.rootfs.options = idmap=container
 lxc.mount.auto = proc:rw sys:ro
 lxc.mount.entry = __CONTAINER_FILESYSTEMS_PATH__ data none bind,create=dir 0 0
 
@@ -15,6 +14,8 @@ lxc.net.0.hwaddr = 02:0c:18:03:6d:d3
 lxc.autodev = 1
 
 lxc.cgroup2.devices.allow = a
+lxc.cgroup2.memory.high = 384M
+lxc.cgroup2.memory.max = 512M
 
 lxc.idmap = u 0 100000 100000
 lxc.idmap = g 0 100000 100000

diff --git a/sources/ws.pm/config b/sources/ws.pm/config
index 4b5cc5151bf6b70a68b1a251260cafda296619b2..f4bd587807f3c8257bcaccef80adc9d405512779 100644 (file)
--- a/sources/ws.pm/config
+++ b/sources/ws.pm/config
@@ -3,7 +3,6 @@ lxc.include = /usr/share/lxc/config/common.conf
 lxc.arch = x86_64
 lxc.uts.name = ws.pm.useribm.hu
 lxc.rootfs.path = __CONTAINER_PATH__/rootfs
-lxc.rootfs.options = idmap=container
 lxc.mount.auto = proc:rw sys:ro
 lxc.mount.entry = __CONTAINER_FILESYSTEMS_PATH__/htdocs.useribm.hu.443 var/www/htdocs.useribm.hu.443 none bind,create=dir 0 0
 lxc.mount.entry = __CONTAINER_FILESYSTEMS_PATH__/htdocs.useribm.hu.80 var/www/htdocs.useribm.hu.80 none bind,create=dir 0 0

diff --git a/sources/xfr.pm/config b/sources/xfr.pm/config
index 3d107dfa062cbf3923f7ce820d4566b1fb97cf92..eae4bf44fe72a6f15d7b853260fea2adf265396d 100644 (file)
--- a/sources/xfr.pm/config
+++ b/sources/xfr.pm/config
@@ -3,7 +3,6 @@ lxc.include = /usr/share/lxc/config/common.conf
 lxc.arch = x86_64
 lxc.uts.name = xfr.pm.useribm.hu
 lxc.rootfs.path = __CONTAINER_PATH__/rootfs
-lxc.rootfs.options = idmap=container
 lxc.mount.auto = proc:rw sys:ro
 lxc.mount.entry = __CONTAINER_FILESYSTEMS_PATH__/www.xfr var/www.xfr none bind,create=dir 0 0
 
@@ -15,6 +14,8 @@ lxc.net.0.hwaddr = 02:0c:18:03:ad:ae
 lxc.autodev = 1
 
 lxc.cgroup2.devices.allow = a
+lxc.cgroup2.memory.high = 384M
+lxc.cgroup2.memory.max = 512M
 
 lxc.idmap = u 0 100000 100000
 lxc.idmap = g 0 100000 100000