From 2e76c946daa01558f9def75d228fbb1e5476c499 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kamil=20Boraty=C5=84ski?= Date: Sat, 2 Apr 2016 15:52:20 +0200 Subject: Initial Lynis Ansible role * Moved to proper location. * Added support for Debian-based distros. * Added manual installation * Modified for older versions compatiblity * Added directory creation. * Added unpack and cleanup tasks. * Changed naming convention. Fixed issue with absent. * Added switch for Lynis source * Changed naming convention. * Added RHEL support. * Made Debian-playbook more readble. * Added missing tags. --- tasks/debian.yml | 11 +++++++++++ tasks/main.yml | 26 ++++++++++++++++++++++++++ tasks/manual.yml | 40 ++++++++++++++++++++++++++++++++++++++++ tasks/rhel.yml | 12 ++++++++++++ 4 files changed, 89 insertions(+) create mode 100644 tasks/debian.yml create mode 100644 tasks/main.yml create mode 100644 tasks/manual.yml create mode 100644 tasks/rhel.yml (limited to 'tasks') diff --git a/tasks/debian.yml b/tasks/debian.yml new file mode 100644 index 0000000..7904de5 --- /dev/null +++ b/tasks/debian.yml @@ -0,0 +1,11 @@ +--- + +- name: Lynis | Install Lynis from apt + apt: + name=lynis + state=present + force=no + install_recommends=no + update_cache=yes + register: lynis_isinstalled + tags: lynis diff --git a/tasks/main.yml b/tasks/main.yml new file mode 100644 index 0000000..fdc0abb --- /dev/null +++ b/tasks/main.yml @@ -0,0 +1,26 @@ +--- + + + +- name: Lynis | Install Lynis (Debian | Ubuntu) + include: debian.yml + when: + (ansible_os_family == 'Debian' or ansible_os_family == 'Ubuntu') and + (lynis_use_packages is defined and lynis_use_packages) + tags: lynis + + + +- name: Lynis | Install Lynis (CentOS | RHEL) + include: rhel.yml + when: + (ansible_os_family == 'CentOS' or ansible_os_family == 'RedHat') and + (lynis_use_packages is defined and lynis_use_packages) + tags: lynis + + + +- name: Lynis | Install Lynis manually (OS-independent) + include: manual.yml + when: lynis_use_packages is defined and not lynis_use_packages + tags: lynis diff --git a/tasks/manual.yml b/tasks/manual.yml new file mode 100644 index 0000000..46274fa --- /dev/null +++ b/tasks/manual.yml @@ -0,0 +1,40 @@ +--- + + + +- name: Lynis | Manual - create directories + file: + dest={{ lynis_tarball_unpackdest_dir }} + recurse=yes + state=directory + owner=root + group=root + tags: lynis + + + +- name: Lynis | Manual - download latest stable version + get_url: + sha256sum={{ lynis_tarball_checksum }} + url={{ lynis_tarball_url }} + dest={{ lynis_tarball_dest }} + force=no + validate_certs=yes + backup=yes + tags: lynis + + + +- name: Lynis | Manual - unpack + unarchive: + dest={{ lynis_tarball_unpackdest }} + src={{ lynis_tarball_dest }} + tags: lynis + + + +- name: Lynis | Manual - remove tarball + file: + dest={{ lynis_tarball_dest }} + state=absent + tags: lynis diff --git a/tasks/rhel.yml b/tasks/rhel.yml new file mode 100644 index 0000000..f3c8827 --- /dev/null +++ b/tasks/rhel.yml @@ -0,0 +1,12 @@ +--- + + + +- name: Lynis | Install Lynis from yum + yum: + name: lynis + state: present + update_cache: yes + disable_gpg_check: no + register: lynis_isinstalled + tags: lynis -- cgit v1.2.3