From 89c45beb9f2edb55b7fa3d26e96d0bd433cb6593 Mon Sep 17 00:00:00 2001
From: Michal Konecny <mkonecny@redhat.com>
Date: Fri, 26 Apr 2024 15:27:53 +0200
Subject: [PATCH] [mailman3] Fix the remaining SELinux issues

Signed-off-by: Michal Konecny <mkonecny@redhat.com>
---
 roles/mailman3/tasks/main.yml | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/roles/mailman3/tasks/main.yml b/roles/mailman3/tasks/main.yml
index 36687f2861..bed743b01b 100644
--- a/roles/mailman3/tasks/main.yml
+++ b/roles/mailman3/tasks/main.yml
@@ -468,6 +468,17 @@
     - mailman
     - selinux
 
+- name: Allow Apache to connect to localhost gunicorn
+  ansible.posix.seboolean:
+    name: httpd_can_network_connect
+    state: yes
+    persistent: yes
+  notify:
+    - restart apache
+  tags:
+    - mailman
+    - selinux
+
 - name: Set the SELinux policy for the static files directory
   community.general.sefcontext:
     target: "{{ mailman_webui_basedir }}/static(/.*)?"
@@ -486,6 +497,9 @@
   - mailman
   - selinux
 
+- name: Apply SELinux changes
+  command: restorecon -irv "{{ mailman_webui_basedir}}"
+
 # Start services
 - name: Start services
   ansible.builtin.systemd: