Ansible role lynis

Install and configure lynis on your system.

GitHub	Version	Issues	Pull Requests	Downloads

Example Playbook

This example is taken from molecule/default/converge.yml and is tested on each push, pull request and release.

---
- name: Converge
  hosts: all
  become: true
  gather_facts: true

  pre_tasks:
    - name: Update apt cache.
      apt: update_cache=yes cache_valid_time=600
      when: ansible_os_family == 'Debian'
      changed_when: false

  roles:
    - role: buluma.cron
    - role: buluma.git
    - role: buluma.lynis

The machine needs to be prepared. In CI this is done using molecule/default/prepare.yml:

---
- name: Prepare
  hosts: all
  gather_facts: false
  become: true

  roles:
    - role: buluma.bootstrap

Also see a full explanation and example on how to use these roles.

Role Variables

The default values for the variables are set in defaults/main.yml:

---
# defaults file for lynis

# Where to install lynis
lynis_destination: "/tmp/lynis"

# The version to install
lynis_version: "3.0.6"

# Where to save the output of a report.
lynis_output: "{{ lynis_destination }}/{{ ansible_date_time.date }}-audit_system.txt"

# Run lynis on execution of the playbook?
lynis_run_now: true

# Schedule a repetetive job?
lynis_cronjob: true

Requirements

• pip packages listed in requirements.txt.

State of used roles

The following roles are used to prepare a system. You can prepare your system in another way.

Requirement	GitHub	Version
buluma.bootstrap
buluma.cron
buluma.git

Context

This role is a part of many compatible roles. Have a look at the documentation of these roles for further information.

Here is an overview of related roles:

Compatibility

This role has been tested on these container images:

The minimum version of Ansible required is 2.12, tests have been done to:

• The previous version.
• The current version.
• The development version.

If you find issues, please register them in GitHub

Changelog

Role History

License

Apache-2.0

Author Information

Shadow Walker