From 958f04b45603617a5a6ef227db617472d1cf4f96 Mon Sep 17 00:00:00 2001
From: Kevin Fenzi <kevin@scrye.com>
Date: Fri, 25 Sep 2015 14:31:48 +0000
Subject: [PATCH] Add selinux context for web stuff on batcave

---
 roles/batcave/tasks/main.yml | 26 ++++++++++++++++++++++++++
 1 file changed, 26 insertions(+)

diff --git a/roles/batcave/tasks/main.yml b/roles/batcave/tasks/main.yml
index 1ccffb8c51..b67b49f644 100644
--- a/roles/batcave/tasks/main.yml
+++ b/roles/batcave/tasks/main.yml
@@ -248,3 +248,29 @@
   tags:
   - batcave
   - config
+
+#
+# set selinux context for /srv/web/infra
+#
+
+- name: check the selinux context of webdir
+  command: matchpathcon /srv/web
+  register: webdir
+  always_run: yes
+  changed_when: "1 != 1"
+  tags:
+  - config
+  - batcave
+  - selinux
+  - httpd
+  - httpd/website
+
+- name: /srv/web file contexts
+  command: semanage fcontext -a -t httpd_sys_content_t "/srv/web(/.*)?"
+  when: webdir.stdout.find('httpd_sys_content_t') == -1
+  tags:
+  - config
+  - batcave
+  - selinux
+  - httpd
+  - httpd/website