Ansible Role Lynis

THIS ROLE HAS BEEN ARCHIVED AS OF DEC 2023.

This role helps you install and set up Lynis on your system.

GitHub	GitLab	Downloads	Version

Example Playbook

Here's a simple example from molecule/default/converge.yml that is tested regularly.

---
- name: Converge
  hosts: all
  become: yes
  gather_facts: yes

  roles:
    - role: robertdebock.lynis

Before running Lynis, prepare your machine using molecule/default/prepare.yml:

---
- name: Prepare
  hosts: all
  become: yes
  gather_facts: no

  roles:
    - role: robertdebock.bootstrap
    - role: robertdebock.cron
    - role: robertdebock.git

For more details, check this full explanation and example.

Role Variables

Default variable values are in defaults/main.yml:

---
# defaults for lynis

# Installation location for lynis
lynis_destination: "/tmp/lynis"

# Version to install
lynis_version: "3.0.6"

# Report output location
lynis_output: "{{ lynis_destination }}/{{ ansible_date_time.date }}-audit_system.txt"

# Should lynis run immediately after the playbook executes?
lynis_run_now: yes

# Schedule lynis to run as a repeating job?
lynis_cronjob: yes

Requirements

• Install the pip packages mentioned in requirements.txt.

Used Roles

The roles listed below are used to prepare your system, but you can use different methods if you prefer.

Requirement	GitHub	GitLab
robertdebock.bootstrap
robertdebock.cron
robertdebock.git

Context

This role is part of various other compatible roles. For further information, check out the documentation for these roles.

Here's a visual of related roles:

Compatibility

This role works with the following Docker container images:

Ansible version 2.12 is the minimum needed. Tests have been done for:

• Previous versions.
• Current versions.
• Development versions.

If you find any issues, please report them on GitHub.

License

Licensed under Apache-2.0.

Author Information

Created by robertdebock.

Consider sponsoring me if you find this useful.