From 1d861d6b28a637ff802d350519e834db31d2b91f Mon Sep 17 00:00:00 2001
From: clime <clime@redhat.com>
Date: Wed, 10 Oct 2018 18:33:39 +0200
Subject: [PATCH] libravatar: set selinux contexts on /srv/libravatar and
 /srv/.well-known

---
 roles/libravatar/tasks/main.yml | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/roles/libravatar/tasks/main.yml b/roles/libravatar/tasks/main.yml
index a9f82f06d9..34608dcefa 100644
--- a/roles/libravatar/tasks/main.yml
+++ b/roles/libravatar/tasks/main.yml
@@ -21,6 +21,18 @@
 - group: name=www
 - user: name=www group=www
 
+- name: Allow apache to modify files in /srv/.well-known
+  sefcontext:
+    target: '/srv/.well-known(/.*)?'
+    setype: httpd_git_rw_content_t
+    state: present
+
+- name: Allow apache to read files in /srv/libravatar
+  sefcontext:
+    target: '/srv/libravatar(/.*)?'
+    setype: httpd_git_sys_content_t
+    state: present
+
 - git:
     repo: https://git.linux-kernel.at/oliver/ivatar.git
     dest: /srv/libravatar