Got rkhunter working for HIDS; operational fixes for Sharingan

2022-05-03 16:57:52 -05:00
parent d0146770a4
commit 01dde4008d
40 changed files with 299 additions and 580 deletions
--- a/roles/Sharingan/tasks/data.yml
+++ b/roles/Sharingan/tasks/data.yml
@@ -37,7 +37,7 @@
 - name: Sharingan-Data service conf
   become: yes
   copy:
-     src: syslog-ng@sharingan-data
+     src: syslog-ng/syslog-ng@sharingan-data
     dest: /etc/default/syslog-ng@sharingan-data
     owner: root
     group: root
@@ -47,107 +47,8 @@
   become: yes
   register: data_service
   copy:
-     src: "sharingan-data.service/{{ ansible_os_family }}"
+     src: "syslog-ng/sharingan-data.service/{{ ansible_os_family }}"
     dest: /usr/lib/systemd/system/sharingan-data.service
     owner: root
     group: root
     mode: 0750
-
- - name: Sharingan-Eval service
-   become: yes
-   register: eval_service
-   copy:
-     src: sharingan-eval.service
-     dest: /usr/lib/systemd/system/sharingan-eval.service
-     owner: root
-     group: root
-     mode: 0750
-
- - name: Sharingan-Eval monitrc
-   become: yes
-   template:
-     src: monitrc.j2
-     dest: /etc/monitrc
-     owner: root
-     group: root
-     mode: 0700
-
- - name: Sharingan-Eval includes dir
-   become: yes
-   file:
-     path: /etc/monit.d
-     state: directory
-
- - name: Sharingan-Eval monit templates
-   become: yes
-   copy:
-     src: templates
-     dest: /etc/monit.d/templates
-     owner: root
-     group: root
-     mode: 0700
-
- - name: Sharingan-Eval monit scripts
-   become: yes
-   copy:
-     src: templates
-     dest: /etc/monit.d/scripts
-     owner: root
-     group: root
-     mode: 0700
-
-
- - name: Sharingan-Eval monit host config
-   become: yes
-   copy:
-     src: "{{ inventory_hostname }}"
-     dest: "/etc/monit.d/{{ inventory_hostname }}"
-     owner: root
-     group: root
-     mode: 0700
-
- - name: Sharingan-Heartbeat service
-   become: yes
-   register: heartbeat_service
-   copy:
-     src: "{{ item }}"
-     dest: /usr/lib/systemd/system
-     owner: root
-     group: root
-     mode: 0750
-   loop: 
-     - sharingan-heartbeat.timer
-     - sharingan-heartbeat.service 
-
- - name: Sharingan-Data heartbeat timer
-   become: yes
-   copy:
-     src: sharingan-heartbeat.timer
-     dest: /usr/lib/systemd/system
-     owner: root
-     group: root
-     mode: 0750
-
- - systemd:
-     daemon_reload: yes
-   become: yes
-   when: data_service.changed or eval_service.changed or heartbeat_service.changed
-
- - name: Start Sharingan-Data services
-   become: yes
-   service:
-     name: "{{ item }}"
-     state: restarted
-     enabled: yes
-   loop:
-     - sharingan-data.service
-     - sharingan-heartbeat.timer
-     - sharingan-eval.service
-
- - name: Disable default service
-   become: yes
-   ignore_errors: yes
-   service:
-     name: syslog-ng@default.service
-     state: stopped
-     enabled: no