From 250089b22f51b86f94e727d5413ee95833da21c6 Mon Sep 17 00:00:00 2001
From: Astro <astro@spaceboyz.net>
Date: Fri, 18 Jun 2021 20:20:04 +0200
Subject: [PATCH] nixos-module/server/lxc-containers: bump kernel limits

---
 nix/nixos-module/server/lxc-containers.nix | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/nix/nixos-module/server/lxc-containers.nix b/nix/nixos-module/server/lxc-containers.nix
index 9992abb..81bb625 100644
--- a/nix/nixos-module/server/lxc-containers.nix
+++ b/nix/nixos-module/server/lxc-containers.nix
@@ -141,6 +141,17 @@ let
   '';
 in
 {
+  boot.kernel.sysctl = {
+    "fs.inotify.max_queued_events" = 1048576;
+    "fs.inotify.max_user_instances" = 1048576;
+    "fs.inotify.max_user_watches" = 1048576;
+    "vm.max_map_count" = 262144;
+    "kernel.dmesg_restrict" = 1;
+    "net.ipv4.neigh.default.gc_thresh3" = 8192;
+    "net.ipv6.neigh.default.gc_thresh3" = 8192;
+    "kernel.keys.maxkeys" = 2000;
+  };
+
   virtualisation.lxc = lib.mkIf enabled {
     enable = true;
     # Container configs live in /etc so that they can be created