From 21824949be3746741ca2d2f1d6b242554fa2dd33 Mon Sep 17 00:00:00 2001
From: Adam Miller <admiller@redhat.com>
Date: Fri, 8 Apr 2016 20:10:05 +0000
Subject: [PATCH] enable selinux httpd_can_network_connect for
 docker-distribution-proxy revproxy

Signed-off-by: Adam Miller <admiller@redhat.com>
---
 roles/docker-distribution-proxy/tasks/main.yml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/roles/docker-distribution-proxy/tasks/main.yml b/roles/docker-distribution-proxy/tasks/main.yml
index 2bc0a915af..6c9a2a19bb 100644
--- a/roles/docker-distribution-proxy/tasks/main.yml
+++ b/roles/docker-distribution-proxy/tasks/main.yml
@@ -7,6 +7,9 @@
 - name: Make sure mod_ssl is installed
   action: "{{ ansible_pkg_mgr }} name=mod_ssl state=installed"
 
+- name: enable httpd_can_network_connect SELinux boolean for reverse proxy
+  seboolean: name=httpd_can_network_connect state=yes persistent=yes
+
 - name: ensure pki destination directory exists
   file:
     path: "{{ ssl.destdir }}"