Comments (3)
Hi @cleberb, and thanks for the kind words regarding the role.
To be honest, I hadn't given this much thought before your issue and would have recommended writing additional roles to handle the changes you wanted.
I'll add support for template variables as described in the link as soon as possible.
from ansible-role-hardening.
Functional, here's a small test:
requirements.yml
:
roles:
- src: https://github.com/konstruktoid/ansible-role-hardening.git
name: konstruktoid.hardening
scm: git
version: issue391
Install role:
# ansible-galaxy install --force -r requirements.yml
issue.j2
:
____________________________________________________________________________
| |
| !!! ATENCAO !!! |
| |
| A utilizacao do sistema e restrita somente a usuarios autorizados. |
| Todas as acoes executadas sao monitoradas e a utilizacao indevida |
| podera surtir acoes legais! |
| |
| XXXXXX - INFRAESTRUTURA DE TI |
|____________________________________________________________________________|
Playbook playbook_teste.yml
:
---
- name: Initial instance configuration
hosts: all
become: true
tasks:
- name: Configure issue/motd
include_role:
name: konstruktoid.hardening
tasks_from: "issue.yml"
vars:
issue_template: issue.j2
motd_template: issue.j2
Test:
ansible-playbook --check --diff playbook_teste.yml -l teste
PLAY [Initial instance configuration] ***************************************************************************************************************************************************
TASK [Gathering Facts] ******************************************************************************************************************************************************************
sexta 22 setembro 2023 12:21:47 -0300 (0:00:00.087) 0:00:00.087 ********
ok: [teste]
TASK [Configure issue/motd] *************************************************************************************************************************************************************
sexta 22 setembro 2023 12:21:50 -0300 (0:00:03.002) 0:00:03.090 ********
TASK [konstruktoid.hardening : Add motd file] *******************************************************************************************************************************************
sexta 22 setembro 2023 12:21:50 -0300 (0:00:00.109) 0:00:03.199 ********
--- before
+++ after: /home/cleberson/.ansible/tmp/ansible-local-1638653w3muw8/tmpkmwrp64y/issue.j2
@@ -0,0 +1,10 @@
+ ____________________________________________________________________________
+| |
+| !!! ATENCAO !!! |
+| |
+| A utilizacao do sistema e restrita somente a usuarios autorizados. |
+| Todas as acoes executadas sao monitoradas e a utilizacao indevida |
+| podera surtir acoes legais! |
+| |
+| XXXXXX - INFRAESTRUTURA DE TI |
+|____________________________________________________________________________|
changed: [teste]
TASK [konstruktoid.hardening : Add issue and issue.net files] ***************************************************************************************************************************
sexta 22 setembro 2023 12:21:52 -0300 (0:00:01.584) 0:00:04.784 ********
--- before: /etc/issue
+++ after: /home/cleberson/.ansible/tmp/ansible-local-1638653w3muw8/tmpig7bfgob/issue.j2
@@ -1,2 +1,10 @@
-Ubuntu 22.04.3 LTS \n \l
-
+ ____________________________________________________________________________
+| |
+| !!! ATENCAO !!! |
+| |
+| A utilizacao do sistema e restrita somente a usuarios autorizados. |
+| Todas as acoes executadas sao monitoradas e a utilizacao indevida |
+| podera surtir acoes legais! |
+| |
+| XXXXXX - INFRAESTRUTURA DE TI |
+|____________________________________________________________________________|
changed: [teste] => (item=/etc/issue)
--- before: /etc/issue.net
+++ after: /home/cleberson/.ansible/tmp/ansible-local-1638653w3muw8/tmp16guiblg/issue.j2
@@ -1 +1,10 @@
-Ubuntu 22.04.3 LTS
+ ____________________________________________________________________________
+| |
+| !!! ATENCAO !!! |
+| |
+| A utilizacao do sistema e restrita somente a usuarios autorizados. |
+| Todas as acoes executadas sao monitoradas e a utilizacao indevida |
+| podera surtir acoes legais! |
+| |
+| XXXXXX - INFRAESTRUTURA DE TI |
+|____________________________________________________________________________|
changed: [teste] => (item=/etc/issue.net)
PLAY RECAP ******************************************************************************************************************************************************************************
teste : ok=3 changed=2 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
sexta 22 setembro 2023 12:21:55 -0300 (0:00:03.196) 0:00:07.981 ********
===============================================================================
konstruktoid.hardening : Add issue and issue.net files --------------------------------------------------------------------------------------------------------------------------- 3.20s
Gathering Facts ------------------------------------------------------------------------------------------------------------------------------------------------------------------ 3.00s
konstruktoid.hardening : Add motd file ------------------------------------------------------------------------------------------------------------------------------------------- 1.58s
Configure issue/motd ------------------------------------------------------------------------------------------------------------------------------------------------------------- 0.11s
from ansible-role-hardening.
Hi again @cleberb and sorry for the delay.
Can you test #392? You set the templates in defaults/main/templates.yml
I'll update the documentation when merged if it works well.
from ansible-role-hardening.
Related Issues (20)
- Disabeling snap removal on playbook HOT 3
- [Documentation] Source(s) of password list? HOT 1
- [BUG] /var/log/syslog grows with 100KB/s HOT 6
- Auditd configuration
- [BUG] Task: Configure sshd using sshd_config.d] ; Error : AnsibleUndefinedVariable: {{ ansible_user }}: 'ansible_user' is undefined" HOT 5
- [BUG] Errors while running role HOT 5
- [BUG] Debian HOT 8
- [DOCS] Add info regarding hardened images
- [BUG] Interface with vlan name notworking HOT 1
- Replace the deprecated `ChallengeResponseAuthentication`
- [BUG] Idempotence test fails when using match_ in sshd config HOT 3
- [BUG] scorecard-action HOT 1
- [Question] Disable SSHD? HOT 2
- Past commit change altered code inconsistently HOT 3
- rkhunter SSH v1 HOT 2
- [question] Is there a need to update the /etc/resolv.conf symlink? HOT 1
- [BUG] bullseye_vlan Unable to start service usbguard: Job for usbguard.service failed because the control process exited with error code HOT 5
- [BUG] Invalid WEB_CMD configuration option: command is non-existent or not executable: curl in validate configuration HOT 4
- [BUG] Get DSA Key : You need to install \"jmespath\" prior to running json_query filter HOT 13
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ansible-role-hardening.