fix: relax dev template hardening, add docker + docker-compose

2025-10-22 17:07:18 +02:00 · 2025-10-22 17:07:18 +02:00 · 02069d93fd
commit 02069d93fd
parent ac12e08577
1 changed files with 5 additions and 3 deletions
--- a/fedora-42-dev.yaml
+++ b/fedora-42-dev.yaml
@ -1,4 +1,4 @@
- name: Configure Fedora 42 Gnome Template
+- name: Configure Fedora 42 Dev Template
  hosts: 127.0.0.1
  connection: local
  tasks:
@ -6,10 +6,10 @@
      ansible.builtin.include_role:
        name: 'baseline'
      vars:
-        umask_changes: true
+        umask_changes: false
        manage_network: true
        allow_ptrace: true
-        use_hardened_malloc: true
+        use_hardened_malloc: false

    - name: 'Gnome package stuff'
      ansible.builtin.include_role:
@ -39,6 +39,8 @@
          - golang-gvisor # outdated, but sufficient for playing around with gvisor
          - glibc-devel
          - opentofu
+          - docker
+          - docker-compose
        state: 'present'
  
    - name: 'Handle SUID binaries'