Created
March 11, 2025 09:26
-
-
Save ccallahan/9f04710d6e6eebe501bae2b3a7422064 to your computer and use it in GitHub Desktop.
SELinux module to allow Caddy to connect with tailscaled's socket for automatic TLS
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| module caddy-autotls-tailscaled 1.0; | |
| require { | |
| type var_run_t; | |
| type httpd_t; | |
| type unconfined_service_t; | |
| class sock_file write; | |
| class unix_stream_socket connectto; | |
| } | |
| #============= httpd_t ============== | |
| allow httpd_t var_run_t:sock_file write; | |
| allow httpd_t unconfined_service_t:unix_stream_socket connectto; |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment