Externalize role

2018-10-08 19:35:19 +02:00 · 2018-10-08 19:35:19 +02:00 · e6f230be2e
commit e6f230be2e
7 changed files with 100 additions and 0 deletions
--- a/defaults/main.yml
+++ b/defaults/main.yml
@ -0,0 +1,3 @@
+---
+ossec_server: false
+ossec_client: false
--- a/files/yum-atomic.repo
+++ b/files/yum-atomic.repo
@ -0,0 +1,17 @@
+[atomic]
+name=Atomicorp Amazon Linux - atomic
+mirrorlist=https://updates.atomicorp.com/channels/mirrorlist/atomic/centos-7-x86_64
+priority=1
+enabled=1
+gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY.atomicorp.txt
+gpgcheck=1
+
+[atomic-testing]
+name=Atomicorp Amazon Linux - atomic-testing
+mirrorlist=https://updates.atomicorp.com/channels/mirrorlist/atomic-testing/centos-7-x86_64
+priority=1
+enabled=0
+gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY.atomicorp.txt
+gpgcheck=1
+
+
--- a/tasks/add_repo_Debian.yml
+++ b/tasks/add_repo_Debian.yml
@ -0,0 +1,30 @@
+---
+- name: Registering Ubuntu Atomic repository
+  apt_repository:
+    repo: deb https://updates.atomicorp.com/channels/atomic/ubuntu {{ ansible_distribution_name }}
+    filename: microsoft.list
+    state: present
+    update_cache: yes
+    mode: 0644
+#    owner: root
+#    group: root
+  when:
+    - ansible_distribution == "Ubuntu"
+
+- name: Registering Debian Atomic repository
+  apt_repository:
+    repo: deb https://updates.atomicorp.com/channels/atomic/debian {{ ansible_distribution_name }}
+    filename: microsoft.list
+    state: present
+    update_cache: yes
+    mode: 0644
+#    owner: root
+#    group: root
+  when:
+    - ansible_distribution == "Debian"
+
+- name: Install public repository GPG keys
+  apt_key:
+    url: https://www.atomicorp.com/RPM-GPG-KEY.atomicorp.txt
+    state: 
+
--- a/tasks/add_repo_RedHat.yml
+++ b/tasks/add_repo_RedHat.yml
@ -0,0 +1,18 @@
+---
+- name: Registering OSSEC repository
+  copy:
+    src: yum-atomic.repo
+    dest: /etc/yum.repos.d/atomic.repo
+    owner: root
+    group: root
+    mode: 0644
+
+- name: Retreive GPG Key
+  get_url:
+    url: https://www.atomicorp.com/RPM-GPG-KEY.atomicorp.txt
+    dest: /etc/pki/rpm-gpg/RPM-GPG-KEY.atomicorp.txt
+    owner: root
+    group: root
+    mode: 0644
+
+# https://updates.atomicorp.com/channels/atomic/centos/7/x86_64/RPMS/atomic-release-1.0-21.el7.art.noarch.rpm
--- a/tasks/main.yml
+++ b/tasks/main.yml
@ -0,0 +1,16 @@
+---
+- name: Include vars for {{ ansible_os_family }}
+  include_vars: "{{ ansible_os_family }}.yml"
+
+- name: Define repo for {{ ansible_os_family }}
+  include_tasks: add_repo_{{ ansible_os_family }}.yml
+
+- name: Install OSSEC server packages
+  package: name='{{ ossec_server_packages }}' state=latest update_cache=yes
+  when:
+    - ossec_server == true
+
+- name: Install OSSEC client packages
+  package: name='{{ ossec_client_packages }}' state=latest update_cache=yes
+  when:
+    - ossec_client == true
--- a/vars/Debian.yml
+++ b/vars/Debian.yml
@ -0,0 +1,8 @@
+---
+ossec_server_packages:
+  - ossec-hids
+  - ossec-hids-server
+ossec_client_packages:
+  - ossec-hids
+  - ossec-hids-agent
+
--- a/vars/RedHat.yml
+++ b/vars/RedHat.yml
@ -0,0 +1,8 @@
+---
+ossec_server_packages:
+  - ossec-hids
+  - ossec-hids-server
+
+ossec_client_packages:
+  - ossec-hids
+  - ossec-hids-agent