46 lines
799 B
YAML
46 lines
799 B
YAML
|
---
|
||
|
|
||
|
- name: Install lynis
|
||
|
register: lynis_pkg
|
||
|
become: yes
|
||
|
package:
|
||
|
name:
|
||
|
- lynis
|
||
|
- arch-audit
|
||
|
- clamav
|
||
|
state: present
|
||
|
|
||
|
- name: lynis config
|
||
|
register: lynis_conf
|
||
|
become: yes
|
||
|
copy:
|
||
|
src: lynis/custom.prf
|
||
|
dest: /etc/lynis/custom.prf
|
||
|
owner: root
|
||
|
group: root
|
||
|
mode: 0600
|
||
|
|
||
|
- name: lynis services
|
||
|
become: yes
|
||
|
copy:
|
||
|
src: "lynis/{{ item }}"
|
||
|
dest: /usr/lib/systemd/system/
|
||
|
owner: root
|
||
|
group: root
|
||
|
mode: 0664
|
||
|
loop:
|
||
|
- sharingan-vulns.service
|
||
|
- sharingan-vulns.timer
|
||
|
- freshclam.service
|
||
|
- freshclam.timer
|
||
|
|
||
|
- name: Enable timers
|
||
|
become: yes
|
||
|
loop:
|
||
|
- freshclam.timer
|
||
|
- sharingan-vulns.timer
|
||
|
service:
|
||
|
name: "{{ item }}"
|
||
|
state: restarted
|
||
|
enabled: yes
|