๐Ÿ“— Ansible playbooks and roles for building an idempotent, interconnected and scalable infrastructure
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
ansible-playbooks/roles/clamav/tasks/main.yml

98 lines
2.1 KiB

2 years ago
- name: set clamav_cfg
set_fact:
clamav_cfg: "{{ clamav_default_config | d({}) | combine(clamav_config | d({}), recursive=true) }}"
- name: install dependencies
include_tasks: tasks/install_packages.yml
vars:
package:
- clamav-daemon
- alpine: clamav-daemon-openrc
- clamav-milter
- name: create user and group
include_tasks: tasks/create_user.yml
vars:
user:
name: "{{ clamav_user }}"
group: "{{ clamav_group }}"
- name: create directories
file:
path: "{{ item }}"
state: directory
mode: 0700
owner: "{{ clamav_user }}"
group: "{{ clamav_group }}"
loop:
- "{{ clamav_conf_dir }}"
- "{{ clamav_db_dir }}"
- name: template clamav configs
template:
src: config.j2
dest: "{{ item.dest }}"
force: yes
mode: 0400
owner: "{{ clamav_user }}"
group: "{{ clamav_group }}"
lstrip_blocks: yes
notify: "{{ item.notify }}"
loop:
- { dest: "{{ clamav_conf_file }}", section: "clamav", notify: "restart clamd" }
- { dest: "{{ clamav_freshclam_conf_file }}", section: "freshclam", notify: "restart freshclam" }
- { dest: "{{ clamav_milter_conf_file }}", section: "milter", notify: "restart clamav milter" }
- name: edit init script for clamd
lineinfile:
path: /etc/init.d/clamd
regexp: '^CONF='
line: 'CONF={{ clamav_conf_file | quote }}'
notify: restart clamd
- name: edit init script for freshclam
lineinfile:
path: /etc/init.d/freshclam
regexp: '^CONF='
line: 'CONF={{ clamav_freshclam_conf_file | quote }}'
notify: restart freshclam
- name: template init script for clamav milter
template:
src: milter_init.j2
dest: /etc/init.d/clamav-milter
force: yes
mode: "+x"
notify: restart clamav milter
- name: flush handlers
meta: flush_handlers
- name: add directories to backup plan
include_role:
name: backup
vars:
function: add
backup_items:
- "{{ clamav_conf_dir }}"
- name: enable and start services
service:
name: "{{ item }}"
enabled: yes
state: started
loop:
- clamd
- freshclam
- clamav-milter