fix: relax dev template hardening, add docker + docker-compose
This commit is contained in:
parent
ac12e08577
commit
02069d93fd
1 changed files with 5 additions and 3 deletions
|
@ -1,4 +1,4 @@
|
|||
- name: Configure Fedora 42 Gnome Template
|
||||
- name: Configure Fedora 42 Dev Template
|
||||
hosts: 127.0.0.1
|
||||
connection: local
|
||||
tasks:
|
||||
|
@ -6,10 +6,10 @@
|
|||
ansible.builtin.include_role:
|
||||
name: 'baseline'
|
||||
vars:
|
||||
umask_changes: true
|
||||
umask_changes: false
|
||||
manage_network: true
|
||||
allow_ptrace: true
|
||||
use_hardened_malloc: true
|
||||
use_hardened_malloc: false
|
||||
|
||||
- name: 'Gnome package stuff'
|
||||
ansible.builtin.include_role:
|
||||
|
@ -39,6 +39,8 @@
|
|||
- golang-gvisor # outdated, but sufficient for playing around with gvisor
|
||||
- glibc-devel
|
||||
- opentofu
|
||||
- docker
|
||||
- docker-compose
|
||||
state: 'present'
|
||||
|
||||
- name: 'Handle SUID binaries'
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue