camo!: Run camo in rootful usernamespaced container
BREAKING CHANGE
The breaking change is twofold:
-
The smaller part is that the ansible vars used to configure this role have changed to my prefered schema.
-
The bigger part is that camo now runs in a rootful container albeit in a designated usernamespace.
Prerequisites for this 'upgrade':
- cleanup the old useraccount and especially its systemd-user-service
- update the configured ansible vars to reflect the new schema
- make sure that the system you want to deploy this on has a 'containers' user with at least 65535 subuids/subgids available