From 5a980d28adddb481b29247255c71a5a809420898 Mon Sep 17 00:00:00 2001
From: ace <ace@0xace.cc>
Date: Sun, 16 Jun 2024 17:39:08 +0300
Subject: [PATCH] fix selinux for nginx

---
 roles/nginx/tasks/install.yml | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/roles/nginx/tasks/install.yml b/roles/nginx/tasks/install.yml
index bb8209e..7ac710d 100644
--- a/roles/nginx/tasks/install.yml
+++ b/roles/nginx/tasks/install.yml
@@ -10,3 +10,17 @@
     register: install_nginx_result
     tags:
       - nginx-install
+
+  - name: set httpd_can_network_connect flag on and keep it persistent across reboots
+    ansible.posix.seboolean:
+      name: httpd_can_network_connect
+      state: yes
+      persistent: yes
+    when: ansible_selinux is defined and ansible_selinux != False and ansible_selinux.status == 'enabled'
+
+  - name: set httpd_can_network_relay flag on and keep it persistent across reboots
+    ansible.posix.seboolean:
+      name: httpd_can_network_relay
+      state: yes
+      persistent: yes
+    when: ansible_selinux is defined and ansible_selinux != False and ansible_selinux.status == 'enabled'