diff options
| author | Kamil BoratyĆski <kboratynski@users.noreply.github.com> | 2016-04-02 16:52:20 +0300 |
|---|---|---|
| committer | Michael Boelen <michael@cisofy.com> | 2016-04-02 16:52:20 +0300 |
| commit | 2e76c946daa01558f9def75d228fbb1e5476c499 (patch) | |
| tree | aa79ce9d6bc6629b51652202646cd5d5a0f28053 /tasks | |
| parent | c823931923aab02f163b8e5fe3effff3ec87502a (diff) | |
Initial Lynis Ansible role
* Moved to proper location.
* Added support for Debian-based distros.
* Added manual installation
* Modified for older versions compatiblity
* Added directory creation.
* Added unpack and cleanup tasks.
* Changed naming convention.
Fixed issue with absent.
* Added switch for Lynis source
* Changed naming convention.
* Added RHEL support.
* Made Debian-playbook more readble.
* Added missing tags.
Diffstat (limited to 'tasks')
| -rw-r--r-- | tasks/debian.yml | 11 | ||||
| -rw-r--r-- | tasks/main.yml | 26 | ||||
| -rw-r--r-- | tasks/manual.yml | 40 | ||||
| -rw-r--r-- | tasks/rhel.yml | 12 |
4 files changed, 89 insertions, 0 deletions
diff --git a/tasks/debian.yml b/tasks/debian.yml new file mode 100644 index 0000000..7904de5 --- /dev/null +++ b/tasks/debian.yml @@ -0,0 +1,11 @@ +--- + +- name: Lynis | Install Lynis from apt + apt: + name=lynis + state=present + force=no + install_recommends=no + update_cache=yes + register: lynis_isinstalled + tags: lynis diff --git a/tasks/main.yml b/tasks/main.yml new file mode 100644 index 0000000..fdc0abb --- /dev/null +++ b/tasks/main.yml @@ -0,0 +1,26 @@ +--- + + + +- name: Lynis | Install Lynis (Debian | Ubuntu) + include: debian.yml + when: + (ansible_os_family == 'Debian' or ansible_os_family == 'Ubuntu') and + (lynis_use_packages is defined and lynis_use_packages) + tags: lynis + + + +- name: Lynis | Install Lynis (CentOS | RHEL) + include: rhel.yml + when: + (ansible_os_family == 'CentOS' or ansible_os_family == 'RedHat') and + (lynis_use_packages is defined and lynis_use_packages) + tags: lynis + + + +- name: Lynis | Install Lynis manually (OS-independent) + include: manual.yml + when: lynis_use_packages is defined and not lynis_use_packages + tags: lynis diff --git a/tasks/manual.yml b/tasks/manual.yml new file mode 100644 index 0000000..46274fa --- /dev/null +++ b/tasks/manual.yml @@ -0,0 +1,40 @@ +--- + + + +- name: Lynis | Manual - create directories + file: + dest={{ lynis_tarball_unpackdest_dir }} + recurse=yes + state=directory + owner=root + group=root + tags: lynis + + + +- name: Lynis | Manual - download latest stable version + get_url: + sha256sum={{ lynis_tarball_checksum }} + url={{ lynis_tarball_url }} + dest={{ lynis_tarball_dest }} + force=no + validate_certs=yes + backup=yes + tags: lynis + + + +- name: Lynis | Manual - unpack + unarchive: + dest={{ lynis_tarball_unpackdest }} + src={{ lynis_tarball_dest }} + tags: lynis + + + +- name: Lynis | Manual - remove tarball + file: + dest={{ lynis_tarball_dest }} + state=absent + tags: lynis diff --git a/tasks/rhel.yml b/tasks/rhel.yml new file mode 100644 index 0000000..f3c8827 --- /dev/null +++ b/tasks/rhel.yml @@ -0,0 +1,12 @@ +--- + + + +- name: Lynis | Install Lynis from yum + yum: + name: lynis + state: present + update_cache: yes + disable_gpg_check: no + register: lynis_isinstalled + tags: lynis |