commit 069cb9b8ee8a6f85b8b2affb0ed26beee0e3a9c6
Author: ikerbs <ikerbs@croc.ru>
Date:   Tue Nov 2 17:07:34 2021 +0300

    add SELinux role

diff --git a/README.md b/README.md
new file mode 100644
index 0000000..0e6d737
--- /dev/null
+++ b/README.md
@@ -0,0 +1,8 @@
+Configure SELinux
+
+Default values:
+
+    selinux_policy: 'targeted'
+    selinux_state: 'permissive'
+    reboot_requirement: false
+
diff --git a/defaults/main.yml b/defaults/main.yml
new file mode 100644
index 0000000..2e1e590
--- /dev/null
+++ b/defaults/main.yml
@@ -0,0 +1,4 @@
+---
+selinux_policy: 'targeted'
+selinux_state: 'permissive'
+reboot_requirement: false
diff --git a/handlers/main.yml b/handlers/main.yml
new file mode 100644
index 0000000..7c564ce
--- /dev/null
+++ b/handlers/main.yml
@@ -0,0 +1,5 @@
+---
+
+- name: Reboot
+  reboot:
+  when: reboot_requirement
diff --git a/tasks/main.yml b/tasks/main.yml
new file mode 100644
index 0000000..17fb922
--- /dev/null
+++ b/tasks/main.yml
@@ -0,0 +1,18 @@
+---
+- name: Install libselinux-python
+  package: name=libselinux-python state=present
+  when:
+    - ansible_os_family == 'RedHat'
+    - ansible_distribution_major_version <= '7'
+
+- name: Install python3-libselinux
+  package: name=python3-libselinux state=present
+  when:
+    - ansible_os_family == 'RedHat'
+    - ansible_distribution_major_version == '8'
+
+- name: 'Set selinux state'
+  selinux:
+    policy: "{{ selinux_policy }}"
+    state: "{{ selinux_state }}"
+  notify: Reboot