diff options
| author | mboelen <michael.boelen@cisofy.com> | 2016-03-31 22:18:50 +0300 |
|---|---|---|
| committer | mboelen <michael.boelen@cisofy.com> | 2016-03-31 22:18:50 +0300 |
| commit | 3691600aee6de6c071dab04c8c1888a61b2870cf (patch) | |
| tree | d566977c0cb3cc1e0479999d86b04a01c6696154 | |
| parent | d9eb544ac1733b074d101a05531ab3ddb5d2198c (diff) | |
Added initial playbook
| -rw-r--r-- | lynis.yml | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/lynis.yml b/lynis.yml new file mode 100644 index 0000000..6f98dfd --- /dev/null +++ b/lynis.yml @@ -0,0 +1,19 @@ +# Ansible Playbook for Lynis deployment + +- name: Lynis | Create /usr/local/lynis + file: path=/usr/local/lynis state=directory + +- name: Lynis | Unarchive copied package + unarchive: src=/etc/ansible/files/packages/lynis-latest.tar.gz dest=/usr/local copy=yes + register: result + +- name: Lynis | Copy default Lynis profile from master to destination + copy: src=/etc/ansible/files/configs/lynis_custom.prf dest=/usr/local/lynis/custom.prf force=yes + when: result.changed == True + +- name: Lynis | Add Lynis to crontab if package files still exists (normally ran once) + cron: name="Run Lynis" hour="{{ 4|random }}" minute="{{ 59 |random }}" job="/usr/local/lynis/lynis -c --cronjob --upload --profile /usr/local/lynis/custom.prf" state=present + when: result.changed == True + +- name: Lynis | Delete Lynis tarball + file: path=/usr/local/lynis-latest.tar.gz state=absent |