---
  #------------------------------------------------------------------------------------ 
  # configuration Linux : Paramètres du kernel
  #------------------------------------------------------------------------------------
  - name: Ajustement des paramètres du Kernel sysctl.conf
    sysctl: name={{ item.name }} value="{{ item.value }}" state=present reload=yes ignoreerrors=yes sysctl_file=/etc/sysctl.conf
    with_items: 
      - { name: kernel.shmall, value: "{{ ((0.4 * ansible_memtotal_mb)*1024*1024)|round|int  }}" }
      - { name: kernel.shmmax, value: "{{ ((0.55 * ansible_memtotal_mb)*1024*1024)|round|int  }}" }
      - { name: kernel.shmmni, value: 4096 }
      - { name: kernel.sem, value: "250 32000 100 128" }
      - { name: fs.file-max, value: 6815744 }
      - { name: fs.aio-max-nr, value: 1048576 }
      - { name: net.ipv4.ip_local_port_range, value: "9000 65500" }
      - { name: net.core.rmem_default, value: 262144 }
      - { name: net.core.rmem_max, value: 4194304 }
      - { name: net.core.wmem_default, value: 262144 }
      - { name: net.core.wmem_max, value: 1048576 }
    tags: sysconfig
  
  - name: Configuration PAM
    lineinfile: dest=/etc/pam.d/login state=present line="session required pam_limits.so"
    tags: pamconfig
  
  - name: Ajustement des limits pour Oracle limits.conf
    lineinfile: dest=/etc/security/limits.conf state=present line="{{ item }}"
    with_items: 
      - "* soft nproc 2047"
      - "* hard nproc 16384"
      - "* soft nofile 1024"
      - "* hard nofile 65536"
      - "* soft memlock {{ ((0.9 * ansible_memtotal_mb)*1024)|round|int }}"
      - "* hard memlock {{ ((0.9 * ansible_memtotal_mb)*1024)|round|int }}"
      - "* soft stack 10240"
      - "* hard stack 32768"
      - "* soft core  unlimited"
      - "* hard core  unlimited"
    tags: seclimit