quitte: enable memory resource control

Limits the Memory of some important slices via systemd cgroup management. - nix-daemon may not use more than 32 GB of Memory - all users together may not use more than 32GB of Memory See man systemd.resource-control(5) for more detailed information.
fsr · Feb 25, 2024 · 5223519 · 5223519
1 parent be6fbd9
commit 5223519
Showing 1 changed file with 11 additions and 0 deletions.
diff --git a/hosts/quitte/configuration.nix b/hosts/quitte/configuration.nix
@@ -33,6 +33,17 @@
   services.openssh.enable = true;
   services.openssh.settings.PermitRootLogin = "yes";
 
+  systemd = {
+    services.nix-daemon.serviceConfig = {
+      MemoryMax = "32G";
+    };
+    # all users together may not use more than $MemoryMax of RAM
+    slices."user".sliceConfig = {
+      MemoryMax = "32G";
+    };
+  };
+
+
   # Open ports in the firewall.
   networking.firewall.allowedTCPPorts = [ 443 80 ];
   # networking.firewall.allowedUDPPorts = [ ... ];