From 0d70928df344bac51026e2d0bd142e69ea64ac92 Mon Sep 17 00:00:00 2001
From: irl <iain@learmonth.me>
Date: Mon, 22 Dec 2025 11:20:11 +0000
Subject: [PATCH 1/4] fix: adds dependency on containers.podman

---
 galaxy.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/galaxy.yml b/galaxy.yml
index f52d7ac..0a246aa 100644
--- a/galaxy.yml
+++ b/galaxy.yml
@@ -15,6 +15,7 @@ dependencies:
   ansible.posix: "*"
   community.crypto: "*"
   community.general: "*"
+  containers.podman: "*"
   freeipa.ansible_freeipa: "1.15.1"
 tags:
   - linux

From 2b7226addf0f10ceb909acf34281f8c9827e9ee7 Mon Sep 17 00:00:00 2001
From: irl <iain@learmonth.me>
Date: Sat, 7 Mar 2026 12:32:31 +0000
Subject: [PATCH 2/4] fix(podman_host): remove dangling template

---
 roles/podman_host/templates/subXid.j2 | 4 ----
 1 file changed, 4 deletions(-)
 delete mode 100644 roles/podman_host/templates/subXid.j2

diff --git a/roles/podman_host/templates/subXid.j2 b/roles/podman_host/templates/subXid.j2
deleted file mode 100644
index a8022c6..0000000
--- a/roles/podman_host/templates/subXid.j2
+++ /dev/null
@@ -1,4 +0,0 @@
-# {{ ansible_managed }}
-{% for username in podman_host_rootless_users %}
-{{ username }}:{{ 100000 + ((loop.index - 1) * 65536) }}:65536
-{% endfor %}

From caf00ce4e1b4034484693ff21f3c7b3b8085fb73 Mon Sep 17 00:00:00 2001
From: irl <iain@learmonth.me>
Date: Sat, 7 Mar 2026 12:33:13 +0000
Subject: [PATCH 3/4] feat(podman_host): use /tmp for podman pull temp dir

---
 roles/podman_host/tasks/main.yml                 | 9 +++++++++
 roles/podman_host/templates/etc/containters.conf | 2 ++
 2 files changed, 11 insertions(+)
 create mode 100644 roles/podman_host/templates/etc/containters.conf

diff --git a/roles/podman_host/tasks/main.yml b/roles/podman_host/tasks/main.yml
index 24d9e2e..45ab3e4 100644
--- a/roles/podman_host/tasks/main.yml
+++ b/roles/podman_host/tasks/main.yml
@@ -14,6 +14,15 @@
     state: latest
   become: true
 
+- name: Podman Host | PATCH | Install containers.conf
+  ansible.builtin.template:
+    src: etc/containers.conf
+    dest: /etc/containers.conf
+    owner: root
+    group: root
+    mode: "0644"
+  become: true
+
 - name: Podman Host | AUDIT | Ensure that users exist and have subids configured
   ansible.builtin.include_tasks:
     file: check_users.yml
diff --git a/roles/podman_host/templates/etc/containters.conf b/roles/podman_host/templates/etc/containters.conf
new file mode 100644
index 0000000..af985a1
--- /dev/null
+++ b/roles/podman_host/templates/etc/containters.conf
@@ -0,0 +1,2 @@
+[engine]
+env = ["TMPDIR=/tmp"]
\ No newline at end of file

From 1c7d94284845c8b83ef2beebff495e3865c22567 Mon Sep 17 00:00:00 2001
From: irl <iain@learmonth.me>
Date: Sat, 7 Mar 2026 12:34:49 +0000
Subject: [PATCH 4/4] fix(baseline): adds reload rsyslogd handler

---
 roles/baseline/handlers/main.yml | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/roles/baseline/handlers/main.yml b/roles/baseline/handlers/main.yml
index 032d30f..fa34d18 100644
--- a/roles/baseline/handlers/main.yml
+++ b/roles/baseline/handlers/main.yml
@@ -16,3 +16,9 @@
     name: firewalld
     state: reloaded
   become: true
+
+- name: Reload rsyslog
+  ansible.builtin.systemd_service:
+    name: rsyslog
+    state: reloaded
+  become: true