mirror of
https://git.lapiole.org/dani/ansible-roles.git
synced 2025-07-26 15:55:56 +02:00
Update to 2021-12-01 19:13
This commit is contained in:
57
roles/clamav/tasks/main.yml
Normal file
57
roles/clamav/tasks/main.yml
Normal file
@@ -0,0 +1,57 @@
|
||||
---
|
||||
|
||||
- name: Install packages
|
||||
yum:
|
||||
name:
|
||||
- clamav
|
||||
- clamav-data-empty
|
||||
- clamav-server-systemd
|
||||
- clamav-update
|
||||
|
||||
- name: Create clamav user account
|
||||
user:
|
||||
name: clamav
|
||||
system: True
|
||||
shell: /sbin/nologin
|
||||
comment: "ClamAV antivirus user account"
|
||||
|
||||
- name: Set SELinux
|
||||
seboolean: name={{ item }} state=True persistent=True
|
||||
with_items:
|
||||
- clamd_use_jit
|
||||
- antivirus_can_scan_system
|
||||
when: ansible_selinux.status == 'enabled'
|
||||
|
||||
- name: Deploy freshclam configuration
|
||||
template: src=freshclam.conf.j2 dest=/etc/freshclam.conf mode=644
|
||||
notify: restart freshclam
|
||||
|
||||
- name: Deploy clamd configuration
|
||||
template: src=clamd.conf.j2 dest=/etc/clamd.conf
|
||||
notify: restart clamd
|
||||
|
||||
- name: Deploy systemd units
|
||||
template: src={{ item }}.j2 dest=/etc/systemd/system/{{ item }}
|
||||
with_items:
|
||||
- freshclam.service
|
||||
- clamd.service
|
||||
notify:
|
||||
- restart freshclam
|
||||
- restart clamd
|
||||
register: clamav_units
|
||||
|
||||
- name: Deploy tmpfiles.d fragment
|
||||
copy:
|
||||
content: 'd /run/clamav 755 {{ clam_user }} {{ clam_group }}'
|
||||
dest: /etc/tmpfiles.d/clamav.conf
|
||||
notify: systemd-tmpfiles
|
||||
|
||||
- name: Reload systemd
|
||||
command: systemctl daemon-reload
|
||||
when: clamav_units.changed
|
||||
|
||||
- name: Start and enable freshclam
|
||||
service: name=freshclam state=started enabled=True
|
||||
|
||||
- name: Handle clamd service
|
||||
service: name=clamd state={{ clam_enable_clamd | ternary('started','stopped') }} enabled={{ clam_enable_clamd }}
|
Reference in New Issue
Block a user