---
# selinux_containers/tasks/vpn.yml
# -----------------------------
# SELinux BOOLEANS
# -----------------------------
- name: Allow containers to use devices (needed for Gluetun / /dev/net/tun)
  become: true
  ansible.posix.seboolean:
    name: container_use_devices
    state: true
    persistent: true
  when: selinux_allow_gluetun | default(false)