add selinux handling

tasks/main.yml

@@ -1,6 +1,8 @@
 ---
 - include_tasks: prepare.yml
 - include_tasks: install.yml
+- include_tasks: selinux.yml
+  when: ansible_selinux.status == "enabled"
 - import_tasks: tls.yml
   when: gitea_tls_enabled | bool
   tags: tls_renewal

tasks/selinux.yml

@@ -0,0 +1,15 @@
+---
+- block:
+    - name: Add SELinux file context mapping definitions
+      sefcontext:
+        target: "{{ item.target }}"
+        setype: "{{ item.setype }}"
+        state: present
+      loop: "{{ gitea_selinux_fcontext }}"
+
+    - name: Apply new SELinux file context to filesystem
+      command: "restorecon {{ item }}"
+      loop: "{{ gitea_selinux_restorecon }}"
+      changed_when: False
+  become: True
+  become_user: root