Enable SELinux, by default to enforce the targeted policy

defaults/main.yml

@@ -1,2 +1,5 @@
 ---
-# defaults file for ensure_selinux
+# defaults file for ensure_selinux
+selinux_policy: 'targeted'
+selinux_state: 'enforcing'
+

tasks/main.yml

@@ -1,2 +1,12 @@
 ---
-# tasks file for ensure_selinux
+# tasks file for ensure_selinux
+- name: 'Ensure SELinux is enforcing'
+  ansible.posix.selinux:
+    policy: '{{ selinux_policy }}'
+    state: '{{ selinux_state }}'
+  register: 'results'
+- name: 'Reboot if required'
+  when:
+    - results.reboot_required
+  reboot:
+