From b7e0ef18c56cfbc02960e10475636f917e4f51e3 Mon Sep 17 00:00:00 2001
From: Timo Makinen <tmakinen@foo.sh>
Date: Wed, 26 Aug 2020 21:53:48 +0300
Subject: [PATCH] Reorder installs to get selinux support earlier

Ansible cannot set file contexts unless selinux python bindings are installed.
---
 roles/base/tasks/RedHat.yml | 21 ++++++++++-----------
 1 file changed, 10 insertions(+), 11 deletions(-)

diff --git a/roles/base/tasks/RedHat.yml b/roles/base/tasks/RedHat.yml
index 2241211..ed243a2 100644
--- a/roles/base/tasks/RedHat.yml
+++ b/roles/base/tasks/RedHat.yml
@@ -4,13 +4,22 @@
     name: epel-release
     state: installed
 
+- name: install os specific roles
+  include_role:
+    name: "{{ role }}"
+  with_items:
+    - selinux        # selinux first to get fcontexts working
+    - iptables
+    - rsyslog
+  loop_control:
+    loop_var: role
+
 - name: install packages
   package:
     name: "{{ item }}"
     state: installed
   with_items:
     - bind-utils     # dig
-    - emacs          # better editor :)
     - htop           # system monitoring
     - iftop          # monitor interfaces
     - iotop          # monitor io usage
@@ -36,13 +45,3 @@
     hour: "3"
     minute: "{{ 59 | random(seed=inventory_hostname) }}"
     job: "yum -d 0 -e 0 -y --downloadonly update > /dev/null"
-
-- name: install os specific roles
-  include_role:
-    name: "{{ role }}"
-  with_items:
-    - iptables
-    - rsyslog
-    - selinux
-  loop_control:
-    loop_var: role