From 701b0d2eb11e7457a26d21d351f83780b7214a58 Mon Sep 17 00:00:00 2001 From: Johannes Stoelp Date: Sat, 17 Dec 2022 22:53:41 +0100 Subject: nginx: relabe www selinux shared ctx --- roles/webserver/tasks/main.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'roles') diff --git a/roles/webserver/tasks/main.yml b/roles/webserver/tasks/main.yml index 6f97c60..e2624c4 100644 --- a/roles/webserver/tasks/main.yml +++ b/roles/webserver/tasks/main.yml @@ -26,7 +26,8 @@ volumes: # Use 'Z' to privately relable selinux contexts. - "{{ DATA_ROOT }}/nginx/user_conf.d:/etc/nginx/user_conf.d:ro,Z" - - "{{ DATA_ROOT }}/nginx/www:/www:ro,Z" + # Use 'z' to shared-ly relable selinux contexts. + - "{{ DATA_ROOT }}/nginx/www:/www:ro,z" # All services run in rootless-podman and nginx is the only entry point from # the outside acting as webserver and reverse proxy. -- cgit v1.2.3