Re: Don't care (@ A Non e-mouse)
Agreed, many shy away from SELinux, but once you get into it, it's not that hard. I lose a lot of respect for anything that starts "Disable SELinux" - as it usually means the author doesn't know about SELinux and just wants it out the way for the purpose of their guide, which likely isn't best security practice for whatever it is they're guiding you through setting up.
Spend the time to learn SELinux and bake the config into your guide. At most here I reckon you'd need to set the context on the caching data directories and perhaps allow nginx to listen on unusual ports.
Biting the hand that feeds IT
