diff options
Diffstat (limited to 'roles/common/tasks')
| -rw-r--r-- | roles/common/tasks/main.yml | 2 | ||||
| -rw-r--r-- | roles/common/tasks/samhain.yml | 26 |
2 files changed, 0 insertions, 28 deletions
diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml index b3ed8a0..c978e91 100644 --- a/roles/common/tasks/main.yml +++ b/roles/common/tasks/main.yml @@ -1,40 +1,38 @@ --- - import_tasks: sysctl.yml tags: sysctl - import_tasks: hosts.yml - import_tasks: apt.yml tags: apt - name: Install intel-microcode apt: pkg=intel-microcode when: "ansible_processor[1] is search('^(Genuine)?Intel.*') and not ansible_virtualization_role == 'guest'" tags: intel - import_tasks: firewall.yml tags: - firewall - iptables - import_tasks: stunnel.yml tags: stunnel when: "'webmail' in group_names and 'LDAP-provider' not in group_names" -- import_tasks: samhain.yml - tags: samhain - import_tasks: auditd.yml tags: auditd - import_tasks: rkhunter.yml tags: rkhunter - import_tasks: clamav.yml tags: clamav - import_tasks: fail2ban.yml tags: fail2ban - import_tasks: smart.yml tags: - smartmontools - smart when: "not ansible_virtualization_role == 'guest'" - import_tasks: haveged.yml tags: - haveged - entropy - name: Copy genkeypair.sh and gendhparam.sh copy: src=usr/local/bin/{{ item }} dest=/usr/local/bin/{{ item }} diff --git a/roles/common/tasks/samhain.yml b/roles/common/tasks/samhain.yml deleted file mode 100644 index dd5c09b..0000000 --- a/roles/common/tasks/samhain.yml +++ /dev/null @@ -1,26 +0,0 @@ -- name: Install samhain - apt: pkg=samhain - # XXX: Doesn't work out of the box, see #660197. - # Every once in a while, or after a major upgrade, you may want to - # update Samhain's database: - # - # sudo samhain -t update --foreground -l none - # - # To update the database interactively, without sending mails: - # - # sudo samhain -t update --interactive -l none -m none - -- name: Configure samhain - copy: src=etc/samhain/samhainrc - dest=/etc/samhain/samhainrc - owner=root group=root - mode=0644 - notify: - - Reload samhain - -- name: Start samhain - # This task is inconditional because samhain is reloaded not - # restarted. - service: name=samhain state=started - -- meta: flush_handlers |