diff --git a/fedora-42-dev.yaml b/fedora-42-dev.yaml index f786b03..b77c3a7 100644 --- a/fedora-42-dev.yaml +++ b/fedora-42-dev.yaml @@ -1,4 +1,4 @@ -- name: Configure Fedora 42 Dev Template +- name: Configure Fedora 42 Gnome Template hosts: 127.0.0.1 connection: local tasks: @@ -6,10 +6,10 @@ ansible.builtin.include_role: name: 'baseline' vars: - umask_changes: false + umask_changes: true manage_network: true allow_ptrace: true - use_hardened_malloc: false + use_hardened_malloc: true - name: 'Gnome package stuff' ansible.builtin.include_role: @@ -30,18 +30,10 @@ name: - wireguard-tools - neovim - - clangd - - cmake - - sequoia-sq - gdb - podman - - golang - - golang-gvisor # outdated, but sufficient for playing around with gvisor - glibc-devel - opentofu - - podman-compose - - java-21-openjdk-devel - - python3-pip state: 'present' - name: 'Handle SUID binaries' diff --git a/fedora-42-gnome.yaml b/fedora-42-gnome.yaml index ac5e443..409098e 100644 --- a/fedora-42-gnome.yaml +++ b/fedora-42-gnome.yaml @@ -25,13 +25,11 @@ vars: enable_webgl: false - - name: 'Install wireguard-tools and neovim and PGP tooling and opentofu' + - name: 'Install wireguard-tools and neovim' ansible.builtin.dnf5: name: - wireguard-tools - neovim - - sequoia-sq - - opentofu state: 'present' - name: 'Handle SUID binaries' diff --git a/roles/baseline/tasks/main.yaml b/roles/baseline/tasks/main.yaml index c5c5331..b522c4b 100644 --- a/roles/baseline/tasks/main.yaml +++ b/roles/baseline/tasks/main.yaml @@ -99,12 +99,6 @@ - 'etc/dconf/db/local.d/locks/privacy' - 'etc/dconf/db/local.d/privacy' -- name: Fix dconf perms - ansible.builtin.file: - path: '/etc/dconf' - state: 'directory' - mode: '0755' - - name: Update dconf shell: 'dconf update' @@ -186,9 +180,3 @@ regexp: '^(metalink=.*)$' line: '\1&protocol=https' loop: '{{ found_files.files }}' - -- name: 'Install zram' - ansible.builtin.dnf5: - name: - - zram-generator - - zram-generator-defaults