blob: 6f98dfd82495f54c403bb5d8bedcbf4ca5532842 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
|
# Ansible Playbook for Lynis deployment
- name: Lynis | Create /usr/local/lynis
file: path=/usr/local/lynis state=directory
- name: Lynis | Unarchive copied package
unarchive: src=/etc/ansible/files/packages/lynis-latest.tar.gz dest=/usr/local copy=yes
register: result
- name: Lynis | Copy default Lynis profile from master to destination
copy: src=/etc/ansible/files/configs/lynis_custom.prf dest=/usr/local/lynis/custom.prf force=yes
when: result.changed == True
- name: Lynis | Add Lynis to crontab if package files still exists (normally ran once)
cron: name="Run Lynis" hour="{{ 4|random }}" minute="{{ 59 |random }}" job="/usr/local/lynis/lynis -c --cronjob --upload --profile /usr/local/lynis/custom.prf" state=present
when: result.changed == True
- name: Lynis | Delete Lynis tarball
file: path=/usr/local/lynis-latest.tar.gz state=absent
|
