#state表示当前区域的有效性： 1 表示启用，0不启用;如果为0，那么将会忽略此区域
#service.off 和 service.on 为固定标签;label也为固定，辅助解析
[service]
    [service.off]
    state = 1
    label = "off"
    name = [
        "cups.path",
        "cups.service",
        "abrt-ccpp.service",
        "abrt-oops.service",
        "abrt-vmcore.service",
        "abrtd.service",
        "abrtd-xorg.service",
        "avahi-daemon.service",
        "bluetooth.service",
        "chronyd.service",
        "dbus-org.bluez.service",
        "dbus-org.freedesktop.Avahi.service",
        "dbus-org.freedesktop.ModemManager1.service",
        "display-manager.service",
        "dmraid-activation.service",
        "gdm.service",
        "iscsi-onboot.service",
        "iscsi.service",
        "ksm.service",
        "ksmtuned.service",
        "lvm2-monitor.service",
        "mdmonitor.service",
        "ModemManager.service",
        "postfix.service",
        "qemu-guest-agent.service",
        "rpcbind.service",
        "tuned.service ",
        "NetworkManager-wait-online.service",
        "NetworkManager.service"
    ]
    [service.on]
    state = 1
    label = "on"
    name = [
        "ntpd.service",
        "iptables.service"
    ]

#label 可以指定版本，如python2时，可以为pip或pip2，python3时为pip3
[package]
    [package.yum]
    state = 1
    label = "yum"
    name = [
        "ntpd"
    ]
    [package.pip]
    state = 1
    label  = "pip3"
    name = [
        "sh"
    ]
     [package.perl]
    state = 1
    label = "perl"
    name = [
        "XML::Parser"
    ]

#目录信息，"directory.export"的export为任意标识，主要以”path“为准
[directory]
    [directory.export]
    state = 1
    path = "/export"
    mode = 0755
    owner = "root"
    [directory.logs]
    state = 1
    path = "/export/logs"
    mode = 0755
    owner = "root"

#ulimted 参数；常用的只有nofile，nproc，core；定义时只需要修改相关元素即可
[ulimit]
    [ulimit.core]
    state = 1
        [ulimit.core.soft]
        domain = "root"
        type = "soft"
        item = "core"
        value = "unlimited"
        [ulimit.core.hard]
        domain = "root"
        type = "hard"
        item = "core"
        value = "unlimited"
    [ulimit.nofile]
    state = 1
        [ulimit.nofile.soft]
        domain = "youkia"
        type = "soft"
        item = "nofile"
        value = "4000000"
        [ulimit.nofile.hard]
        domain = "youkia"
        type = "hard"
        item = "nofile"
        value = "4000000"
    [ulimit.nproc]
    state = 1
        [ulimit.nproc.soft]
        domain = "youkia"
        type = "soft"
        item = "nproc"
        value = "65535"
        [ulimit.nproc.hard]
        domain = "zack"
        type = "hard"
        item = "nproc"
        value = "65535"
        
 #内核参数，增删按照下面的格式即可，注意""不要有空格
[[syskernel]]
# state 依旧为是否有效标志位
name = "state"
value = 1
[[syskernel]]
name = "kernel.msgmnb"
value = 65536
[[syskernel]]
name = "kernel.msgmax"
value = 65536
[[syskernel]]
name = "kernel.shmmax"
value = 268435455999
[[syskernel]]
name = "kernel.shmall"
value = 429496729
[[syskernel]]
name = "vm.swappiness"
value = 0
[[syskernel]]
name = "net.netfilter.nf_conntrack_max"
value = 6553560
[[syskernel]]
name = "net.ipv4.icmp_echo_ignore_broadcasts"
value = 1
[[syskernel]]
name = "net.ipv4.tcp_tw_recycle"
value = 0
[[syskernel]]
name = "net.core.somaxconn"
value = 65535
[[syskernel]]
name = "net.core.optmem_max"
value = 81920
[[syskernel]]
name = "net.core.wmem_max"
value = 8388608
[[syskernel]]
name = "fs.file-max"
value = 6553560

#dns校验
[dns]
state = 1
nameserver = ["10.33.255.1","10.33.255.2","8.8.8.8"]