ClamAV (FreshClam): use a localized Database Mirror.

As db.local.clamav.net is not always properly localized.  Furthermore,
our previous Ansiblee script did not ensure ordering of the
DatabaseMirror lines.

1 files changed, 32 insertions, 0 deletions

diff --git a/roles/common/templates/etc/clamav/freshclam.conf.j2 b/roles/common/templates/etc/clamav/freshclam.conf.j2
new file mode 100644
index 0000000..06cebd1
--- /dev/null
+++ b/roles/common/templates/etc/clamav/freshclam.conf.j2
@@ -0,0 +1,32 @@
+# Automatically created by the clamav-freshclam postinst
+# Comments will get lost when you reconfigure the clamav-freshclam package
+
+DatabaseOwner clamav
+UpdateLogFile /var/log/clamav/freshclam.log
+LogVerbose false
+LogSyslog false
+LogFacility LOG_LOCAL6
+LogFileMaxSize 0
+LogRotate true
+LogTime true
+Foreground false
+Debug false
+MaxAttempts 5
+DatabaseDirectory /var/lib/clamav
+DNSDatabaseInfo current.cvd.clamav.net
+ConnectTimeout 30
+ReceiveTimeout 30
+TestDatabases yes
+ScriptedUpdates yes
+CompressLocalDatabase no
+SafeBrowsing false
+Bytecode true
+NotifyClamd /etc/clamav/clamd.conf
+# Check for new database 24 times a day
+Checks 24
+DatabaseMirror db.{{ geoip | default('local') }}.clamav.net
+{% if geoip is defined and ansible_default_ipv6 %}
+DatabaseMirror db.{{ geoip }}.ipv6.clamav.net
+{% endif %}
+DatabaseMirror database.clamav.net
+DatabaseMirror db.other.clamav.net