ttrss: move selinux hack from apache to ttrss role

author: Stonewall Jackson <stonewall@sacredheartsc.com> 2023-04-12 09:00:58 -0400
committer: Stonewall Jackson <stonewall@sacredheartsc.com> 2023-04-12 09:00:58 -0400
commit: 7e4cfba29e7a75a0bc8efa6d07a69eb98d641ce6 (patch)
tree: 77ea323657f8f42c127e8b893aae8710520ecee7 /roles/ttrss/vars/main.yml
parent: 680203a22ae30916b964ebaf2b3053716c5f6869 (diff)
download: selfhosted-7e4cfba29e7a75a0bc8efa6d07a69eb98d641ce6.tar.gz
selfhosted-7e4cfba29e7a75a0bc8efa6d07a69eb98d641ce6.zip
1 files changed, 10 insertions, 0 deletions
diff --git a/roles/ttrss/vars/main.yml b/roles/ttrss/vars/main.yml
index 96bdca4..788008d 100644
--- a/roles/ttrss/vars/main.yml
+++ b/roles/ttrss/vars/main.yml
@@ -44,3 +44,13 @@ ttrss_apache_config: |
       ErrorDocument 401 /index.php?noext=1
     </If>
   </LocationMatch>
+
+ttrss_selinux_policy_te: |
+  require {
+    type unconfined_service_t;
+    type httpd_t;
+    class key { read view write };
+  }
+
+  #============= httpd_t ==============
+  allow httpd_t unconfined_service_t:key { read view write };
author	Stonewall Jackson <stonewall@sacredheartsc.com>	2023-04-12 09:00:58 -0400
committer	Stonewall Jackson <stonewall@sacredheartsc.com>	2023-04-12 09:00:58 -0400
commit	7e4cfba29e7a75a0bc8efa6d07a69eb98d641ce6 (patch)
tree	77ea323657f8f42c127e8b893aae8710520ecee7 /roles/ttrss/vars/main.yml
parent	680203a22ae30916b964ebaf2b3053716c5f6869 (diff)
download	selfhosted-7e4cfba29e7a75a0bc8efa6d07a69eb98d641ce6.tar.gz selfhosted-7e4cfba29e7a75a0bc8efa6d07a69eb98d641ce6.zip