SELinux to allow puppet-server at https://puppet-server:8140

sndlt

My puppet-server is currently resides at "https://puppet-server:8140"

I make "sudo setenforce permissive" on the server to make puppet-server's 8140 get through. After that "sudo service httpd restart" to get the puppet-server going.

But I need to do this each time the server is rebooted.

How can I either (1) Make a rule in SELinux to allow puppet-server at https port 8140 and to survive reboot, OR (2) Make "sudo setenforce permissive" to survive reboot?

SELinux is so tricky for me.

Thanks.