cellinfo
/
ansible.debian_security
2
0
Fork 0
Code Issues Pull Requests Releases Activity
ansible.debian_security/README.md

68 lines
2.5 KiB
Markdown
Raw Permalink Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# Debian Security
1. [Overview](#overview)
2. [Role Variables](#role-variables)
3. [Example Playbook](#example-playbook)
4. [Configuration](#configuration)
5. [Known Issues](#known-issues)
6. [Development](#development)
7. [License](#license)
8. [Author Information](#author-information)
## Overview
A role that provide some security tools for Debian.
## Role Variables
* **deb_sec__required_packages**: List of required packages [default: `debsecan`].
* **deb_sec__deploy_state**: The desired state this role should achieve [default: `present`].
* **deb_sec__debsecan_report**: If daily reports should be enable [default: `true`].
* **deb_sec__debsecan_suite**: Suite name used to produce more informative output [default: `{{ ansible_distribution_release }}`].
* **deb_sec__debsecan_mailto**: Mail address to which reports are sent [default: `root`].
* **deb_sec__debsecan_source**: The URL from which vulnerability data is downloaded [default: `''`].
* **deb_sec__debsecan_cron_disabled**: If the Debsecan job should be disabled [default: `false`].
* **deb_sec__debsecan_cron_job**: The command to execute for Debsecan cron [default: `test -x /usr/bin/debsecan && /usr/bin/debsecan --cron`].
* **deb_sec__debsecan_cron_special_time**: Periodicity of the cron job for Debsecan [default: `daily`].
* **deb_sec__debsecan_cron_user**: User whose run the job [default: `daemon`].
## Example Playbook
* Default behaviour:
``` yaml
- hosts: my.debian.host
roles:
- role: ipr-cnrs.debian_security
```
## Configuration
This role will:
* Install some security tools (eg. Debsecan,…).
* Configure and set a cron job for Debsecan.
## Development
This source code comes from our [Gogs instance][debian_security source] and the [Github repo][debian_security github] exist just to be able to send the role to Ansible Galaxy…
But feel free to send issue/PR anywhere :)
Thanks to this [hook][gogs to github hook], Github automatically got updates from our [Gogs instance][debian_security source] :)
## License
[WTFPL][wtfpl website]
## Author Information
Jérémy Gardais
* Source: [on IPR's Gogs][debian_security source]
* [IPR][ipr website] (Institut de Physique de Rennes)
[gogs to github hook]: https://stackoverflow.com/a/21998477
[debian_security source]: https://git.ipr.univ-rennes.fr/cellinfo/ansible.debian_security
[debian_security github]: https://github.com/ipr-cnrs.debian_security
[wtfpl website]: http://www.wtfpl.net/about/
[ipr website]: https://ipr.univ-rennes1.fr/
Reference in New Issue View Git Blame Copy Permalink