anubis: allow httpd to bind to port 8345

Tell selinux that httpd can use port 8345 in enforcing mode. It needs to do this to listen for post anubis requests coming in on localhost. Signed-off-by: Kevin Fenzi <kevin@scrye.com>
2026-03-20 12:07:34 +08:00 · 2025-09-18 16:29:17 -07:00
parent 134f5675a9
commit 5fa264e63e
1 changed files with 14 additions and 0 deletions
--- a/roles/anubis/tasks/main.yml
+++ b/roles/anubis/tasks/main.yml
@@ -33,6 +33,20 @@
  tags:
    - anubis

+- name: Check semanage ports
+  ansible.builtin.command: semanage port -l
+  register: semanageoutput
+  check_mode: no
+  changed_when: "1 != 1"
+  tags:
+  - anubis
+
+- name: Set ports so httpd can bind to 8345
+  ansible.builtin.command: semanage port -a -t http_port_t -p tcp 8345
+  when: semanageoutput.stdout.find("8345") == -1
+  tags:
+  - anubis
+
 - name: Allow Apache to make network connections for proxy
  ansible.posix.seboolean:
    name: httpd_can_network_connect