From b6a2e86d811f2823daa42d9d7b78dd6702821a04 Mon Sep 17 00:00:00 2001
From: Guilhem Moulin <guilhem@fripost.org>
Date: Sun, 24 Nov 2013 04:04:59 +0100
Subject: Configure debsecan.

---
 roles/common/tasks/apt.yml                     |  6 ++++++
 roles/common/templates/etc/default/debsecan.j2 | 17 +++++++++++++++++
 2 files changed, 23 insertions(+)
 create mode 100644 roles/common/templates/etc/default/debsecan.j2

(limited to 'roles')

diff --git a/roles/common/tasks/apt.yml b/roles/common/tasks/apt.yml
index d172384..57a4d10 100644
--- a/roles/common/tasks/apt.yml
+++ b/roles/common/tasks/apt.yml
@@ -35,6 +35,12 @@
     - apt.conf.d/10periodic
     - apt.conf.d/50unattended-upgrades
 
+- name: Configure the Debian Security Analyzer
+  template: src=etc/default/debsecan.j2
+            dest=/etc/default/debsecan
+            owner=root group=root
+            mode=0644
+
 - name: Start cron
   service: name=cron state=started
   tags:
diff --git a/roles/common/templates/etc/default/debsecan.j2 b/roles/common/templates/etc/default/debsecan.j2
new file mode 100644
index 0000000..71fee1c
--- /dev/null
+++ b/roles/common/templates/etc/default/debsecan.j2
@@ -0,0 +1,17 @@
+# Configuration file for debsecan.  Contents of this file should
+# adhere to the KEY=VALUE shell syntax.  This file may be edited by
+# debsecan's scripts, but your modifications are preserved.
+
+# If true, enable daily reports, sent by email.
+REPORT=true
+
+# For better reporting, specify the correct suite here, using the code
+# name (that is, "sid" instead of "unstable").
+SUITE={{ ansible_lsb.codename }}
+
+# Mail address to which reports are sent.
+MAILTO=admin@fripost.org
+
+# The URL from which vulnerability data is downloaded.  Empty for the
+# built-in default.
+SOURCE=
-- 
cgit v1.2.3