From 3c73d234ad0f6c43265c1b7089e65014d0dafebc Mon Sep 17 00:00:00 2001
From: Jason Rothstein <fdragon@fdragon.org>
Date: Mon, 25 Oct 2021 23:14:58 -0500
Subject: [PATCH] Set SELinux Context per mod_md issue #253

---
 tasks/main.yml | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/tasks/main.yml b/tasks/main.yml
index f10cbc2..2538041 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -125,6 +125,19 @@
   loop: '{{ http_vhost }}'
   loop_control:
     label: '{{ item.fqdn }} will be ensured'
+- name: 'base mod_md store'
+  when:
+    - ansible_system == 'Linux'
+    - ensure_apache is defined
+    - http_vhost is defined
+    - http_vhost is iterable
+  ansible.builtin.file:
+    group: 'root'
+    owner: 'root'
+    mode: '0770'
+    path: '/etc/httpd/md'
+    state: 'directory'
+    setype: 'system_u:object_r:httpd_var_lib_t:s0'
 - name: 'base vhost document root'
   when:
     - ansible_system == 'Linux'