diff --git a/fedora-42-dev.yaml b/fedora-42-dev.yaml new file mode 100644 index 0000000..7147c2a --- /dev/null +++ b/fedora-42-dev.yaml @@ -0,0 +1,42 @@ +- name: Configure Fedora 42 Gnome Template + hosts: 127.0.0.1 + connection: local + tasks: + - name: 'Baseline hardening' + ansible.builtin.include_role: + name: 'baseline' + vars: + umask_changes: true + manage_network: true + allow_ptrace: true + use_hardened_malloc: true + + - name: 'Gnome package stuff' + ansible.builtin.include_role: + name: gnome + + - name: 'Install trivalent' + ansible.builtin.include_role: + name: trivalent + + - name: 'Setup arkenfox' + ansible.builtin.include_role: + name: arkenfox + vars: + enable_webgl: false + + - name: 'Install wireguard-tools and neovim' + ansible.builtin.dnf5: + name: + - wireguard-tools + - neovim + state: 'present' + + - name: 'Install devtools' + ansible.builtin.include_role: + name: devtools + + - name: 'Handle SUID binaries' + ansible.builtin.script: + cmd: ./remove_suid.sh + diff --git a/fedora-42-media.yaml b/fedora-42-media.yaml new file mode 100644 index 0000000..6532e5c --- /dev/null +++ b/fedora-42-media.yaml @@ -0,0 +1,39 @@ +- name: Configure Fedora 42 Gnome Template + hosts: 127.0.0.1 + connection: local + tasks: + - name: 'Baseline hardening' + ansible.builtin.include_role: + name: 'baseline' + vars: + umask_changes: true + manage_network: true + allow_ptrace: false + use_hardened_malloc: false + + - name: 'Gnome package stuff' + ansible.builtin.include_role: + name: gnome + + - name: 'Install trivalent' + ansible.builtin.include_role: + name: trivalent + + - name: 'Setup arkenfox' + ansible.builtin.include_role: + name: arkenfox + vars: + enable_webgl: true + + - name: 'Install wireguard-tools and neovim and mpv' + ansible.builtin.dnf5: + name: + - wireguard-tools + - neovim + - mpv + state: 'present' + + - name: 'Handle SUID binaries' + ansible.builtin.script: + cmd: ./remove_suid.sh +