Comments (2)
I was trying to understand the logic of setup-selinux.yml:
-
I don't understand why the task that changes state to
permissive
is needed even whennginx_config_selinux_enforcing
istrue
(temporarily set state to permissive to prevent any potential failures while SELinux is being configured?). -
It looks like the second condition of the task that sets SELinux state to
enforcing
may not be met because ansible facts (which were gathered at the beginning of the playbook run) returnsenforcing
despite the actual SELinux mode of the target beingpermissive
at the time the task is evaluating the conditional
from ansible-role-nginx-config.
- I don't understand why the task that changes state to
permissive
is needed even whennginx_config_selinux_enforcing
istrue
(temporarily set state to permissive to prevent any potential failures while SELinux is being configured?).
Yep pretty much.
- It looks like the second condition of the task that sets SELinux state to
enforcing
may not be met because ansible facts (which were gathered at the beginning of the playbook run) returnsenforcing
despite the actual SELinux mode of the target beingpermissive
at the time the task is evaluating the conditional
You are right, I missed that gather facts only runs at launch. I'll have a fix in place shortly.
from ansible-role-nginx-config.
Related Issues (20)
- How to omit load_module: modules/ngx_http_js_module.so HOT 3
- mime.types not included in default nginx configuration HOT 4
- Add `include` support in default.conf.j2 template HOT 1
- Templating error HOT 2
- "mappings" from the "map" directive are not applied to a resulting configuration HOT 2
- Role should restart/reload Nginx when SSL certificates change HOT 3
- How to set "global" variables in the HTTP context HOT 5
- Allow nginx.conf.j2 to create gzip settings HOT 2
- Nested location HOT 2
- Question - nginx-config and proxy rewrite HOT 4
- Question - QUIC config HOT 5
- Enforcing numeric types breaks certain templating patterns. HOT 3
- http2 directive uses enable but http3 uses enabled
- Variables for gzip_static HOT 1
- Logrotate does not format correctly HOT 2
- add map inside stream HOT 3
- Validate configuration HOT 3
- Role version 0.7.1 is not published to the ansible-galaxy repo HOT 1
- set_real_ip_from (ngx_http_realip_module) should be a list HOT 1
- Listen directive in servers['core'] not workign properly HOT 6
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ansible-role-nginx-config.