Created
May 11, 2018 15:00
-
-
Save naavveenn/cd69156ea1d00acc48b973ada754e779 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| - hosts: demo #list of servers | |
| become: yes | |
| tasks: | |
| - name: Check if Git is installed or not for Debian distro | |
| shell: dpkg -s git #check if git is installed or not | |
| ignore_errors: True | |
| register: output | |
| when: ansible_os_family == "Debian" | |
| - name: install git | |
| apt: | |
| pkg: git | |
| state: present | |
| when: (output is failed and ansible_os_family == "Debian") | |
| - name: Check if Git is installed or not for RedHat distro | |
| shell: yum list installed | grep -i git #check if git is installed or not | |
| ignore_errors: True | |
| register: out | |
| when: ansible_os_family == "RedHat" | |
| - name: install git | |
| yum: | |
| pkg: git | |
| state: present | |
| when: (out is failed and ansible_os_family == "RedHat") | |
| - name: Cloning Lynis git repo | |
| command: chdir=/opt/ git clone https://github.com/CISOfy/lynis.git | |
| register: git_output | |
| - name: Perform audit | |
| shell: chdir=/opt/lynis ./lynis audit system | |
| - name: Fetching warnings and suggestions from the report | |
| shell: grep Warning /var/log/lynis.log > /opt/warning.txt && grep Suggestion /var/log/lynis.log > /opt/suggestion.txt | |
| - fetch: | |
| src: /opt/{{ item }} | |
| dest: /tmp/ | |
| with_items: | |
| - warning.txt | |
| - suggestion.txt |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment