From b6a2e86d811f2823daa42d9d7b78dd6702821a04 Mon Sep 17 00:00:00 2001 From: Guilhem Moulin Date: Sun, 24 Nov 2013 04:04:59 +0100 Subject: Configure debsecan. --- roles/common/tasks/apt.yml | 6 ++++++ roles/common/templates/etc/default/debsecan.j2 | 17 +++++++++++++++++ 2 files changed, 23 insertions(+) create mode 100644 roles/common/templates/etc/default/debsecan.j2 (limited to 'roles') diff --git a/roles/common/tasks/apt.yml b/roles/common/tasks/apt.yml index d172384..57a4d10 100644 --- a/roles/common/tasks/apt.yml +++ b/roles/common/tasks/apt.yml @@ -35,6 +35,12 @@ - apt.conf.d/10periodic - apt.conf.d/50unattended-upgrades +- name: Configure the Debian Security Analyzer + template: src=etc/default/debsecan.j2 + dest=/etc/default/debsecan + owner=root group=root + mode=0644 + - name: Start cron service: name=cron state=started tags: diff --git a/roles/common/templates/etc/default/debsecan.j2 b/roles/common/templates/etc/default/debsecan.j2 new file mode 100644 index 0000000..71fee1c --- /dev/null +++ b/roles/common/templates/etc/default/debsecan.j2 @@ -0,0 +1,17 @@ +# Configuration file for debsecan. Contents of this file should +# adhere to the KEY=VALUE shell syntax. This file may be edited by +# debsecan's scripts, but your modifications are preserved. + +# If true, enable daily reports, sent by email. +REPORT=true + +# For better reporting, specify the correct suite here, using the code +# name (that is, "sid" instead of "unstable"). +SUITE={{ ansible_lsb.codename }} + +# Mail address to which reports are sent. +MAILTO=admin@fripost.org + +# The URL from which vulnerability data is downloaded. Empty for the +# built-in default. +SOURCE= -- cgit v1.2.3