From 4f55153783917289472640bdb1a3b745b07ec3e3 Mon Sep 17 00:00:00 2001
From: Sam Al-Sapti <sam@sapti.me>
Date: Sun, 7 Jan 2024 19:24:04 +0100
Subject: [PATCH] Fix SELinux context for PostgreSQL

---
 roles/postgresql/tasks/main.yml | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/roles/postgresql/tasks/main.yml b/roles/postgresql/tasks/main.yml
index 4881520..1aa1dcd 100644
--- a/roles/postgresql/tasks/main.yml
+++ b/roles/postgresql/tasks/main.yml
@@ -41,14 +41,24 @@
   ansible.builtin.file:
     path: "{{ postgresql_pgdata }}"
     owner: postgres
+    group: postgres
     mode: u=rwx,go=
+    seuser: system_u
+    serole: object_r
+    setype: postgresql_db_t
+    selevel: s0
     state: directory
 
 - name: Create WAL archive directory
   ansible.builtin.file:
     path: "{{ postgresql_wal_archive }}"
     owner: postgres
+    group: postgres
     mode: u=rwx,go=
+    seuser: system_u
+    serole: object_r
+    setype: postgresql_db_t
+    selevel: s0
     state: directory
 
 - name: Initialize database