From dc43c2aacfe40b995484e903a689bf17c35f7de4 Mon Sep 17 00:00:00 2001
From: Tim Flink <tflink@fedoraproject.org>
Date: Wed, 30 Nov 2016 03:34:40 +0000
Subject: [PATCH] tweaking phabricator role so that the selinux tweaks for
 alternate ssh port can be run separately

---
 roles/phabricator/tasks/main.yml | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/roles/phabricator/tasks/main.yml b/roles/phabricator/tasks/main.yml
index b69ebf5f06..ef5273e03a 100644
--- a/roles/phabricator/tasks/main.yml
+++ b/roles/phabricator/tasks/main.yml
@@ -41,6 +41,11 @@
     - libphutil
     - arcanist
     - phabricator
+  when: ansible_distribution_major_version|int > 21 and ansible_cmdline.ostree is not defined
+
+- name: ensure packages required to make selinux changes for phabricator are installed
+  dnf: name={{ item }} state=present enablerepo={{ extra_enablerepos }}
+  with_items:
     - libsemanage-python
     - libselinux-python
     - policycoreutils-python
@@ -152,10 +157,19 @@
   register: sshd_selinux_port
   check_mode: no
   changed_when: false
+  tags:
+  - sshd_config
+  - config
+  - sshd
+
 
 - name: allow alternate sshd port
   command: semanage port -a -t ssh_port_t -p tcp {{ sshd_port }}
   when: sshd_selinux_port.stdout.find('{{ sshd_port }}') == -1
+  tags:
+  - sshd_config
+  - config
+  - sshd
 
 - name: generate phabricator phd service file
   template: src=phd.service.j2 dest=/lib/systemd/system/phd.service owner=root group=root mode=0644