Handler neu organisiert
This commit is contained in:
@@ -1,20 +1,34 @@
|
|||||||
---
|
---
|
||||||
- name: Update_aide_database
|
- name: apt_update
|
||||||
tags: aide,hardening,system
|
apt:
|
||||||
block:
|
update_cache: yes
|
||||||
- name: system setup | aide | run aide --update to check for legitimate changes
|
when: ansible_os_family == "Debian"
|
||||||
command: aide --config /etc/aide/aide.conf --update
|
|
||||||
register: aide_update_result
|
|
||||||
changed_when: "'new database written to' in aide_update_result.stdout"
|
|
||||||
async: 1800 # Allow up to 30 minutes for update
|
|
||||||
poll: 15
|
|
||||||
|
|
||||||
- name: system setup | aide | activate updated database
|
- name: restart_sshd
|
||||||
copy:
|
service:
|
||||||
src: /var/lib/aide/aide.db.new
|
name: "{{ openssh_service }}"
|
||||||
dest: /var/lib/aide/aide.db
|
state: restarted
|
||||||
remote_src: true
|
|
||||||
owner: root
|
- name: restart_fail2ban
|
||||||
group: root
|
service:
|
||||||
mode: '0600'
|
name: "fail2ban"
|
||||||
when: aide_update_result.changed
|
state: restarted
|
||||||
|
|
||||||
|
- name: restart_logind
|
||||||
|
service:
|
||||||
|
name: "logind"
|
||||||
|
state: restarted
|
||||||
|
|
||||||
|
- name: reload ufw
|
||||||
|
command: ufw reload
|
||||||
|
listen: "reload ufw firewall"
|
||||||
|
|
||||||
|
- name: restart auditd
|
||||||
|
service:
|
||||||
|
name: auditd
|
||||||
|
state: restarted
|
||||||
|
|
||||||
|
- name: restart rsyslog
|
||||||
|
ansible.builtin.service:
|
||||||
|
name: rsyslog
|
||||||
|
state: restarted
|
||||||
@@ -1,22 +1,4 @@
|
|||||||
---
|
---
|
||||||
- name: apt_update
|
|
||||||
apt: update_cache=yes
|
|
||||||
|
|
||||||
- name: restart_sshd
|
|
||||||
service:
|
|
||||||
name: "{{ openssh_service }}"
|
|
||||||
state: restarted
|
|
||||||
|
|
||||||
- name: restart_fail2ban
|
|
||||||
service:
|
|
||||||
name: "fail2ban"
|
|
||||||
state: restarted
|
|
||||||
|
|
||||||
- name: restart_logind
|
|
||||||
service:
|
|
||||||
name: "logind"
|
|
||||||
state: restarted
|
|
||||||
|
|
||||||
- name: update_tmux_plugin_perms
|
- name: update_tmux_plugin_perms
|
||||||
file:
|
file:
|
||||||
path: /home/rene/.tmux/plugins
|
path: /home/rene/.tmux/plugins
|
||||||
|
|||||||
@@ -1,18 +1,4 @@
|
|||||||
---
|
---
|
||||||
- name: reload ufw
|
|
||||||
command: ufw reload
|
|
||||||
listen: "reload ufw firewall"
|
|
||||||
|
|
||||||
- name: restart auditd
|
|
||||||
service:
|
|
||||||
name: auditd
|
|
||||||
state: restarted
|
|
||||||
|
|
||||||
- name: restart rsyslog
|
|
||||||
ansible.builtin.service:
|
|
||||||
name: rsyslog
|
|
||||||
state: restarted
|
|
||||||
|
|
||||||
- name: Update_aide_database
|
- name: Update_aide_database
|
||||||
block: # This block is now a task within the handler
|
block: # This block is now a task within the handler
|
||||||
- name: system setup | aide | run aide --update to check for legitimate changes
|
- name: system setup | aide | run aide --update to check for legitimate changes
|
||||||
|
|||||||
@@ -1,7 +1,4 @@
|
|||||||
---
|
---
|
||||||
- name: apt_update
|
|
||||||
apt: update_cache=yes
|
|
||||||
|
|
||||||
- name: restart_jitsi
|
- name: restart_jitsi
|
||||||
service:
|
service:
|
||||||
name: "prosody jicofo jitsi-videobridge2"
|
name: "prosody jicofo jitsi-videobridge2"
|
||||||
|
|||||||
Reference in New Issue
Block a user