diff --git a/defaults/main.yml b/defaults/main.yml index ffc1b98..6bfcf01 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -1,3 +1,4 @@ --- ossec_server: false ossec_client: false +ossec_uninstall: false diff --git a/tasks/add_repo_Debian.yml b/tasks/add_repo_Debian.yml index 49229d2..ff1a85f 100644 --- a/tasks/add_repo_Debian.yml +++ b/tasks/add_repo_Debian.yml @@ -2,7 +2,7 @@ - name: Registering Ubuntu Atomic repository apt_repository: repo: deb https://updates.atomicorp.com/channels/atomic/ubuntu {{ ansible_distribution_name }} - filename: microsoft.list + filename: atomic.list state: present update_cache: yes mode: 0644 @@ -14,7 +14,7 @@ - name: Registering Debian Atomic repository apt_repository: repo: deb https://updates.atomicorp.com/channels/atomic/debian {{ ansible_distribution_name }} - filename: microsoft.list + filename: atomic.list state: present update_cache: yes mode: 0644 diff --git a/tasks/install.yml b/tasks/install.yml new file mode 100644 index 0000000..d2bf103 --- /dev/null +++ b/tasks/install.yml @@ -0,0 +1,13 @@ +--- +- name: Define repo for {{ ansible_os_family }} + include_tasks: add_repo_{{ ansible_os_family }}.yml + +- name: Install OSSEC server packages + package: name='{{ ossec_server_packages }}' state=latest update_cache=yes + when: + - ossec_server == true + +- name: Install OSSEC client packages + package: name='{{ ossec_client_packages }}' state=latest update_cache=yes + when: + - ossec_client == true diff --git a/tasks/main.yml b/tasks/main.yml index 287f823..a4c1afc 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -1,16 +1,23 @@ --- -- name: Include vars for {{ ansible_os_family }} - include_vars: "{{ ansible_os_family }}.yml" +- block: + - name: Include vars for {{ ansible_os_family }} + include_vars: "{{ ansible_os_family }}.yml" + tags: + - config -- name: Define repo for {{ ansible_os_family }} - include_tasks: add_repo_{{ ansible_os_family }}.yml + - name: Install OSsec + include_tasks: "install.yml" + when: + - not ossec_uninstall|bool + tags: + - install -- name: Install OSSEC server packages - package: name='{{ ossec_server_packages }}' state=latest update_cache=yes - when: - - ossec_server == true + - name: Uninstall OSsec + include_tasks: "uninstall.yml" + when: + - ossec_uninstall|bool + tags: + - uninstall -- name: Install OSSEC client packages - package: name='{{ ossec_client_packages }}' state=latest update_cache=yes - when: - - ossec_client == true + tags: + - ossec \ No newline at end of file diff --git a/tasks/uninstall.yml b/tasks/uninstall.yml new file mode 100644 index 0000000..6e0bab2 --- /dev/null +++ b/tasks/uninstall.yml @@ -0,0 +1,44 @@ +--- + - name: Remove OSSEC server packages + package: + name: '{{ ossec_server_packages }}' + state: absent + update_cache: yes + when: + - ossec_server == true + + - name: Remove OSSEC client packages + package: + name: '{{ ossec_client_packages }}' + state: absent + update_cache: yes + when: + - ossec_client == true + + - name: Remove yum repository definition + file: + path: "{{ item }}" + state: absent + with_items: + - "/etc/yum.repos.d/atomic.repo" + - "/etc/pki/rpm-gpg/RPM-GPG-KEY.atomicorp.txt" + when: + - ansible_os_family == 'RedHat' + + - name: Remove Ubuntu Atomic repository + apt_repository: + repo: deb https://updates.atomicorp.com/channels/atomic/ubuntu {{ ansible_distribution_name }} + filename: atomic.list + state: absent + update_cache: yes + when: + - ansible_distribution == "Ubuntu" + + - name: Remove Debian Atomic repository + apt_repository: + repo: deb https://updates.atomicorp.com/channels/atomic/debian {{ ansible_distribution_name }} + filename: atomic.list + state: absent + update_cache: yes + when: + - ansible_distribution == "Debian"