Merge branch 'main' of github.com:CloudMOA/dsk-iac into main

ansible/security_check/README.md

@@ -0,0 +1,78 @@
+| 이름 | 아이피 | 상태 요약 | 상세 보기 |
+| --- | --- | --- | --- |
+| cmoa-jaeger-master | 10.10.43.203 | 취약 | http://10.10.43.42:8080/cmoa-jaeger-master.10.10.43.203.txt |
+| cmoa-jaeger-master | 10.10.43.213 | 취약 | http://10.10.43.42:8080/cmoa-jaeger-master.10.10.43.213.txt |
+| cmoa-jaeger-worker1 | 10.10.43.204 | 취약 | http://10.10.43.42:8080/cmoa-jaeger-worker1.10.10.43.204.txt |
+| cmoa-jaeger-worker1 | 10.10.43.214 | 취약 | http://10.10.43.42:8080/cmoa-jaeger-worker1.10.10.43.214.txt |
+| cmoa-jaeger-worker2-crio | 10.10.43.205 | 취약 | http://10.10.43.42:8080/cmoa-jaeger-worker2-crio.10.10.43.205.txt |
+| cmoa-jaeger-worker2 | 10.10.43.215 | 취약 | http://10.10.43.42:8080/cmoa-jaeger-worker2.10.10.43.215.txt |
+| cmoa-jspd-master | 10.10.43.206 | 취약 | http://10.10.43.42:8080/cmoa-jspd-master.10.10.43.206.txt |
+| cmoa-jspd-master | 10.10.43.216 | 취약 | http://10.10.43.42:8080/cmoa-jspd-master.10.10.43.216.txt |
+| cmoa-jspd-worker1 | 10.10.43.207 | 취약 | http://10.10.43.42:8080/cmoa-jspd-worker1.10.10.43.207.txt |
+| cmoa-jspd-worker1 | 10.10.43.217 | 취약 | http://10.10.43.42:8080/cmoa-jspd-worker1.10.10.43.217.txt |
+| cmoa-jspd-worker2 | 10.10.43.208 | 취약 | http://10.10.43.42:8080/cmoa-jspd-worker2.10.10.43.208.txt |
+| cmoa-jspd-worker2 | 10.10.43.218 | 취약 | http://10.10.43.42:8080/cmoa-jspd-worker2.10.10.43.218.txt |
+| cmoa-master-1 | 10.10.43.200 | 취약 | http://10.10.43.42:8080/cmoa-master-1.10.10.43.200.txt |
+| cmoa-master-2 | 10.10.43.210 | 취약 | http://10.10.43.42:8080/cmoa-master-2.10.10.43.210.txt |
+| cmoa-worker1-1 | 10.10.43.201 | 취약 | http://10.10.43.42:8080/cmoa-worker1-1.10.10.43.201.txt |
+| cmoa-worker1-2 | 10.10.43.211 | 취약 | http://10.10.43.42:8080/cmoa-worker1-2.10.10.43.211.txt |
+| cmoa-worker2-1 | 10.10.43.202 | 취약 | http://10.10.43.42:8080/cmoa-worker2-1.10.10.43.202.txt |
+| cmoa-worker2-2 | 10.10.43.212 | 취약 | http://10.10.43.42:8080/cmoa-worker2-2.10.10.43.212.txt |
+| cmoamgmtmaster | 10.10.43.227 | 취약 | http://10.10.43.42:8080/cmoamgmtmaster.10.10.43.227.txt |
+| cmoamgmtworker | 10.10.43.228 | 취약 | http://10.10.43.42:8080/cmoamgmtworker.10.10.43.228.txt |
+| docker | 10.10.43.180 | 취약 | http://10.10.43.42:8080/docker.10.10.43.180.txt |
+| dsk-dev-data-common-a1 | 10.10.43.133 | 취약 | http://10.10.43.42:8080/dsk-dev-data-common-a1.10.10.43.133.txt |
+| dsk-dev-data-common-b1 | 10.10.43.134 | 취약 | http://10.10.43.42:8080/dsk-dev-data-common-b1.10.10.43.134.txt |
+| dsk-dev-data-common-c1 | 10.10.43.135 | 취약 | http://10.10.43.42:8080/dsk-dev-data-common-c1.10.10.43.135.txt |
+| dsk-dev-data-druid-a1 | 10.10.43.114 | 취약 | http://10.10.43.42:8080/dsk-dev-data-druid-a1.10.10.43.114.txt |
+| dsk-dev-data-druid-a3 | 10.10.43.139 | 취약 | http://10.10.43.42:8080/dsk-dev-data-druid-a3.10.10.43.139.txt |
+| dsk-dev-data-druid-b1 | 10.10.43.115 | 취약 | http://10.10.43.42:8080/dsk-dev-data-druid-b1.10.10.43.115.txt |
+| dsk-dev-data-druid-c2 | 10.10.43.138 | 취약 | http://10.10.43.42:8080/dsk-dev-data-druid-c2.10.10.43.138.txt |
+| dsk-dev-data-druid-n1 | 10.10.43.117 | 취약 | http://10.10.43.42:8080/dsk-dev-data-druid-n1.10.10.43.117.txt |
+| dsk-dev-data-druid-n2 | 10.10.43.118 | 취약 | http://10.10.43.42:8080/dsk-dev-data-druid-n2.10.10.43.118.txt |
+| dsk-dev-data-druid-n3 | 10.10.43.119 | 취약 | http://10.10.43.42:8080/dsk-dev-data-druid-n3.10.10.43.119.txt |
+| dsk-dev-data-druid-small | 10.10.43.147 | 취약 | http://10.10.43.42:8080/dsk-dev-data-druid-small.10.10.43.147.txt |
+| dsk-dev-data-kafka-a1 | 10.10.43.120 | 취약 | http://10.10.43.42:8080/dsk-dev-data-kafka-a1.10.10.43.120.txt |
+| dsk-dev-data-kafka-b1 | 10.10.43.121 | 취약 | http://10.10.43.42:8080/dsk-dev-data-kafka-b1.10.10.43.121.txt |
+| dsk-dev-data-kafka-c1 | 10.10.43.122 | 취약 | http://10.10.43.42:8080/dsk-dev-data-kafka-c1.10.10.43.122.txt |
+| dsk-dev-data-kafka-n1 | 10.10.43.148 | 취약 | http://10.10.43.42:8080/dsk-dev-data-kafka-n1.10.10.43.148.txt |
+| dsk-dev-demo-master | 10.10.43.105 | 취약 | http://10.10.43.42:8080/dsk-dev-demo-master.10.10.43.105.txt |
+| dsk-dev-demo-worker | 10.10.43.106 | 취약 | http://10.10.43.42:8080/dsk-dev-demo-worker.10.10.43.106.txt |
+| dsk-dev-master-a1 | 10.10.43.111 | 취약 | http://10.10.43.42:8080/dsk-dev-master-a1.10.10.43.111.txt |
+| dsk-dev-master-b1 | 10.10.43.112 | 취약 | http://10.10.43.42:8080/dsk-dev-master-b1.10.10.43.112.txt |
+| dsk-dev-master-c1 | 10.10.43.113 | 취약 | http://10.10.43.42:8080/dsk-dev-master-c1.10.10.43.113.txt |
+| dsk-dev-process-a1 | 10.10.43.123 | 취약 | http://10.10.43.42:8080/dsk-dev-process-a1.10.10.43.123.txt |
+| dsk-dev-process-a2 | 10.10.43.126 | 취약 | http://10.10.43.42:8080/dsk-dev-process-a2.10.10.43.126.txt |
+| dsk-dev-process-a3 | 10.10.43.129 | 취약 | http://10.10.43.42:8080/dsk-dev-process-a3.10.10.43.129.txt |
+| dsk-dev-process-a4 | 10.10.43.116 | 취약 | http://10.10.43.42:8080/dsk-dev-process-a4.10.10.43.116.txt |
+| dsk-dev-process-b1 | 10.10.43.124 | 취약 | http://10.10.43.42:8080/dsk-dev-process-b1.10.10.43.124.txt |
+| dsk-dev-process-b2 | 10.10.43.127 | 취약 | http://10.10.43.42:8080/dsk-dev-process-b2.10.10.43.127.txt |
+| dsk-dev-process-b3 | 10.10.43.130 | 취약 | http://10.10.43.42:8080/dsk-dev-process-b3.10.10.43.130.txt |
+| dsk-dev-process-b4 | 10.10.43.136 | 취약 | http://10.10.43.42:8080/dsk-dev-process-b4.10.10.43.136.txt |
+| dsk-dev-process-c1 | 10.10.43.125 | 취약 | http://10.10.43.42:8080/dsk-dev-process-c1.10.10.43.125.txt |
+| dsk-dev-process-c2 | 10.10.43.128 | 취약 | http://10.10.43.42:8080/dsk-dev-process-c2.10.10.43.128.txt |
+| dsk-dev-process-c3 | 10.10.43.131 | 취약 | http://10.10.43.42:8080/dsk-dev-process-c3.10.10.43.131.txt |
+| dsk-dev-process-c4 | 10.10.43.137 | 취약 | http://10.10.43.42:8080/dsk-dev-process-c4.10.10.43.137.txt |
+| dsk-dev-prometheus | 10.10.43.142 | 취약 | http://10.10.43.42:8080/dsk-dev-prometheus.10.10.43.142.txt |
+| dsk-dev-temp-a1 | 10.10.43.132 | 취약 | http://10.10.43.42:8080/dsk-dev-temp-a1.10.10.43.132.txt |
+| dsk-dev-temp-b1 | 10.10.43.140 | 취약 | http://10.10.43.42:8080/dsk-dev-temp-b1.10.10.43.140.txt |
+| dsk-dev-temp-c1 | 10.10.43.141 | 취약 | http://10.10.43.42:8080/dsk-dev-temp-c1.10.10.43.141.txt |
+| dsk-minio-master1 | 10.10.43.235 | 취약 | http://10.10.43.42:8080/dsk-minio-master1.10.10.43.235.txt |
+| dsk-minio-worker1 | 10.10.43.236 | 취약 | http://10.10.43.42:8080/dsk-minio-worker1.10.10.43.236.txt |
+| infra-master | 10.10.43.224 | 취약 | http://10.10.43.42:8080/infra-master.10.10.43.224.txt |
+| infra-worker001 | 10.10.43.225 | 취약 | http://10.10.43.42:8080/infra-worker001.10.10.43.225.txt |
+| infra-worker002 | 10.10.43.226 | 취약 | http://10.10.43.42:8080/infra-worker002.10.10.43.226.txt |
+| kafka-multi-0 | 10.10.43.151 | 취약 | http://10.10.43.42:8080/kafka-multi-0.10.10.43.151.txt |
+| kafka-multi-1 | 10.10.43.152 | 취약 | http://10.10.43.42:8080/kafka-multi-1.10.10.43.152.txt |
+| kafka-multi-2 | 10.10.43.153 | 취약 | http://10.10.43.42:8080/kafka-multi-2.10.10.43.153.txt |
+| opensearch-data-0 | 10.10.43.144 | 취약 | http://10.10.43.42:8080/opensearch-data-0.10.10.43.144.txt |
+| opensearch-data-1 | 10.10.43.145 | 취약 | http://10.10.43.42:8080/opensearch-data-1.10.10.43.145.txt |
+| opensearch-master-0 | 10.10.43.143 | 취약 | http://10.10.43.42:8080/opensearch-master-0.10.10.43.143.txt |
+| opensearch-search-0 | 10.10.43.146 | 취약 | http://10.10.43.42:8080/opensearch-search-0.10.10.43.146.txt |
+| release-master | 10.10.43.100 | 취약 | http://10.10.43.42:8080/release-master.10.10.43.100.txt |
+| releaseworker | 10.10.43.101 | 취약 | http://10.10.43.42:8080/releaseworker.10.10.43.101.txt |
+| ubuntu-18-04 | 10.10.43.164 | 취약 | http://10.10.43.42:8080/ubuntu-18-04.10.10.43.164.txt |
+| ubuntu-20-04 | 10.10.43.165 | 취약 | http://10.10.43.42:8080/ubuntu-20-04.10.10.43.165.txt |
+| ubuntu-22-04 | 10.10.43.166 | 취약 | http://10.10.43.42:8080/ubuntu-22-04.10.10.43.166.txt |
+| ubuntu2004 | 10.10.43.181 | 취약 | http://10.10.43.42:8080/ubuntu2004.10.10.43.181.txt |
+| ubuntu2204 | 10.10.43.182 | 취약 | http://10.10.43.42:8080/ubuntu2204.10.10.43.182.txt |

ansible/security_check/ansible.cfg

@@ -0,0 +1,10 @@
+[defaults]
+become = true
+inventory = checklist
+roles_path = roles
+deprecation_warnings = false
+display_skipped_hosts = no
+ansible_home = .
+stdout_callback = debug
+host_key_checking = false
+

ansible/security_check/checklist

@@ -0,0 +1,111 @@
+[all:children]
+server
+nas
+
+[server]
+10.10.43.100 ansible_port=2222 ansible_user=dev2 
+10.10.43.101 ansible_port=2222 ansible_user=dev2
+10.10.43.105 ansible_port=2222 ansible_user=dev2
+10.10.43.106 ansible_port=2222 ansible_user=dev2
+10.10.43.111 ansible_port=2222 ansible_user=dev2
+10.10.43.112 ansible_port=2222 ansible_user=dev2
+10.10.43.113 ansible_port=2222 ansible_user=dev2
+10.10.43.114 ansible_port=2222 ansible_user=dev2
+10.10.43.115 ansible_port=2222 ansible_user=dev2
+10.10.43.116 ansible_port=2222 ansible_user=dev2
+10.10.43.117 ansible_port=2222 ansible_user=dev2
+10.10.43.118 ansible_port=2222 ansible_user=dev2
+10.10.43.119 ansible_port=2222 ansible_user=dev2
+10.10.43.120 ansible_port=2222 ansible_user=dev2
+10.10.43.121 ansible_port=2222 ansible_user=dev2
+10.10.43.122 ansible_port=2222 ansible_user=dev2
+10.10.43.123 ansible_port=2222 ansible_user=dev2
+10.10.43.124 ansible_port=2222 ansible_user=dev2
+10.10.43.125 ansible_port=2222 ansible_user=dev2
+10.10.43.126 ansible_port=2222 ansible_user=dev2
+10.10.43.127 ansible_port=2222 ansible_user=dev2
+10.10.43.128 ansible_port=2222 ansible_user=dev2
+10.10.43.129 ansible_port=2222 ansible_user=dev2
+10.10.43.130 ansible_port=2222 ansible_user=dev2
+10.10.43.131 ansible_port=2222 ansible_user=dev2
+10.10.43.132 ansible_port=2222 ansible_user=dev2
+10.10.43.133 ansible_port=2222 ansible_user=dev2
+10.10.43.134 ansible_port=2222 ansible_user=dev2
+10.10.43.135 ansible_port=2222 ansible_user=dev2
+10.10.43.136 ansible_port=2222 ansible_user=dev2
+10.10.43.137 ansible_port=2222 ansible_user=dev2
+10.10.43.138 ansible_port=2222 ansible_user=dev2
+10.10.43.139 ansible_port=2222 ansible_user=dev2
+10.10.43.140 ansible_port=2222 ansible_user=dev2
+10.10.43.141 ansible_port=2222 ansible_user=dev2
+10.10.43.142 ansible_port=2222 ansible_user=dev2
+10.10.43.143 ansible_port=2222 ansible_user=dev2
+10.10.43.144 ansible_port=2222 ansible_user=dev2
+10.10.43.145 ansible_port=2222 ansible_user=dev2
+10.10.43.146 ansible_port=2222 ansible_user=dev2
+10.10.43.147 ansible_port=2222 ansible_user=dev2
+10.10.43.148 ansible_port=2222 ansible_user=dev2
+10.10.43.151 ansible_port=2222 ansible_user=dev2
+10.10.43.152 ansible_port=2222 ansible_user=dev2
+10.10.43.153 ansible_port=2222 ansible_user=dev2
+10.10.43.164 ansible_port=2222 ansible_user=dev2
+10.10.43.165 ansible_port=2222 ansible_user=dev2
+10.10.43.166 ansible_port=2222 ansible_user=dev2
+10.10.43.167 ansible_port=2222 ansible_user=dev2
+10.10.43.168 ansible_port=2222 ansible_user=dev2
+10.10.43.169 ansible_port=2222 ansible_user=dev2
+10.10.43.171 ansible_port=2222 ansible_user=dev2
+10.10.43.172 ansible_port=2222 ansible_user=dev2
+10.10.43.173 ansible_port=2222 ansible_user=dev2
+10.10.43.174 ansible_port=2222 ansible_user=dev2
+10.10.43.175 ansible_port=2222 ansible_user=dev2
+10.10.43.176 ansible_port=2222 ansible_user=dev2
+10.10.43.177 ansible_port=2222 ansible_user=dev2
+10.10.43.178 ansible_port=2222 ansible_user=dev2
+10.10.43.179 ansible_port=2222 ansible_user=dev2
+10.10.43.180 ansible_port=2222 ansible_user=dev2
+10.10.43.181 ansible_port=2222 ansible_user=dev2
+10.10.43.182 ansible_port=2222 ansible_user=dev2
+10.10.43.185 ansible_port=2222 ansible_user=dev2
+10.10.43.186 ansible_port=2222 ansible_user=dev2
+10.10.43.187 ansible_port=2222 ansible_user=dev2
+10.10.43.188 ansible_port=2222 ansible_user=dev2
+10.10.43.189 ansible_port=2222 ansible_user=dev2
+10.10.43.190 ansible_port=2222 ansible_user=dev2
+10.10.43.191 ansible_port=2222 ansible_user=dev2
+10.10.43.192 ansible_port=2222 ansible_user=dev2
+10.10.43.193 ansible_port=2222 ansible_user=dev2
+10.10.43.194 ansible_port=2222 ansible_user=dev2
+10.10.43.199 ansible_port=2222 ansible_user=dev2
+10.10.43.195 ansible_port=2222 ansible_user=dev2
+10.10.43.196 ansible_port=2222 ansible_user=dev2
+10.10.43.197 ansible_port=2222 ansible_user=dev2
+10.10.43.200 ansible_port=2222 ansible_user=dev2
+10.10.43.201 ansible_port=2222 ansible_user=dev2
+10.10.43.202 ansible_port=2222 ansible_user=dev2
+10.10.43.203 ansible_port=2222 ansible_user=dev2
+10.10.43.204 ansible_port=2222 ansible_user=dev2
+10.10.43.205 ansible_port=2222 ansible_user=dev2
+10.10.43.206 ansible_port=2222 ansible_user=dev2
+10.10.43.207 ansible_port=2222 ansible_user=dev2
+10.10.43.208 ansible_port=2222 ansible_user=dev2
+10.10.43.210 ansible_port=2222 ansible_user=dev2
+10.10.43.211 ansible_port=2222 ansible_user=dev2
+10.10.43.212 ansible_port=2222 ansible_user=dev2
+10.10.43.213 ansible_port=2222 ansible_user=dev2
+10.10.43.214 ansible_port=2222 ansible_user=dev2
+10.10.43.215 ansible_port=2222 ansible_user=dev2
+10.10.43.216 ansible_port=2222 ansible_user=dev2
+10.10.43.217 ansible_port=2222 ansible_user=dev2
+10.10.43.218 ansible_port=2222 ansible_user=dev2
+10.10.43.224 ansible_port=2222 ansible_user=dev2
+10.10.43.225 ansible_port=2222 ansible_user=dev2
+10.10.43.226 ansible_port=2222 ansible_user=dev2
+10.10.43.227 ansible_port=2222 ansible_user=dev2
+10.10.43.228 ansible_port=2222 ansible_user=dev2
+10.10.43.235 ansible_port=2222 ansible_user=dev2
+10.10.43.236 ansible_port=2222 ansible_user=dev2
+#10.10.43.252 ansible_port=2222 ansible_user=dev2
+
+[nas]
+10.10.43.42 ansible_port=2222 ansible_user=exemdev2

ansible/security_check/roles/security_check/defaults/main.yml

@@ -0,0 +1,2 @@
+---
+# defaults file for security_check

ansible/security_check/roles/security_check/tasks/create_readme.yml

@@ -0,0 +1,53 @@
+---
+- name: check status [1]
+  shell: |
+    grep -H '☆ 취약 개수 = [1-9]' *.txt | cut -d: -f1
+  args:
+    chdir: /volume1/platform/05_Security_check/
+  register: check_status
+  when: "'nas' in group_names"
+
+- name: check status [2]
+  shell: |
+    grep -H '☆ 취약 개수 = [0]' *.txt | cut -d: -f1
+  args:
+    chdir: /volume1/platform/05_Security_check/
+  register: check_ok
+  when: "'nas' in group_names"
+
+- debug:
+    msg: "취약점 {{ check_status.stdout_lines }} 발견"
+  when: "'nas' in group_names"
+
+- debug:
+    msg: "취약점 {{ check_ok.stdout_lines }} 양호"
+  when: "'nas' in group_names"
+
+- name: Create README.md
+  template:
+    src: README.md.j2
+    dest: "{{ playbook_dir }}/README.md"
+  delegate_to: 127.0.0.1
+  when: "'nas' in group_names"
+
+- name: git push
+  shell: |
+    pwd
+    ls -al
+    git config --global user.email "sa_8001@ex-em.com"
+    git config --global user.name "ByeonJungHun"
+    git clone https://{{ git_user }}:{{ git_key }}@github.com/CloudMOA/security_check.git ~/security_check
+    cp ./README.md ~/security_check/README.md
+    cd ~/security_check
+    cat README.md
+    pwd
+    ls -al
+    git add .
+    git commit -m "검사 결과 업데이트"
+    git push
+  delegate_to: 127.0.0.1
+  when: "'nas' in group_names"
+
+- debug:
+    msg: "결과 확인 : https://github.com/CloudMOA/security_check.git"
+  when: "'nas' in group_names"

ansible/security_check/roles/security_check/tasks/main.yml

@@ -0,0 +1,4 @@
+---
+- include: start.yml
+
+- include: create_readme.yml

ansible/security_check/roles/security_check/tasks/start.yml

@@ -0,0 +1,64 @@
+---
+- name: Create Result Directory
+  file:
+    path: ~/checklist/
+    state: directory
+  delegate_to: 127.0.0.1
+  when: "'nas' in group_names"
+
+- name: Old Result File Delete
+  shell: |
+    rm -rf /volume1/platform/05_Security_check/*
+  when: "'nas' in group_names"
+
+- name: Copy Security Check Script
+  copy:
+    src: "{{ role_path }}/files/ubuntu.sh"
+    dest: /tmp/ubuntu.sh
+  when: ansible_distribution == 'Ubuntu'
+
+- name: Start Security Check Script (become -> true)
+  shell: |
+    chdir
+    bash /tmp/ubuntu.sh
+    rm -rf /tmp/ubuntu.sh
+  become: true
+  when: ansible_distribution == 'Ubuntu'
+
+- name: Copy Result File to Local
+  fetch:
+    src: "/tmp/{{ ansible_hostname }}.{{ ansible_host }}.txt"
+    dest: "~/checklist/"
+    flat: yes
+  when: ansible_distribution == 'Ubuntu'
+
+- name: Delete Result File (become -> true)
+  file:
+    path: "/tmp/{{ ansible_hostname }}.txt"
+    state: absent
+  become: true
+  when: ansible_distribution == 'Ubuntu'
+
+- name: Find Copy File Name
+  shell: ls -l ~/checklist/ | awk 'NR>1 {print $9}'
+  register: copy_file
+  delegate_to: 127.0.0.1
+  when: "'nas' in group_names"
+
+- debug:
+    msg: "파일 {{ copy_file.stdout_lines }} 발견"
+  when: "'nas' in group_names"
+
+- name: Copy Result File to NAS
+  copy:
+    src: "~/checklist/{{ item }}"
+    dest: /volume1/platform/05_Security_check
+  with_items: "{{ copy_file.stdout_lines }}"
+  when: "'nas' in group_names"
+
+- name: Delete Result File (become -> true)
+  file:
+    path: "~/checklist/"
+    state: absent
+  delegate_to: 127.0.0.1
+  when: "'nas' in group_names"

ansible/security_check/roles/security_check/templates/README.md.j2

@@ -0,0 +1,8 @@
+| 이름 | 아이피 | 상태 요약 | 상세 보기 |
+| --- | --- | --- | --- |
+{% for vulnerable in check_status.stdout_lines %}
+| {{ vulnerable.split('.')[0] }} | {{ vulnerable.split('.')[1] }}.{{ vulnerable.split('.')[2] }}.{{ vulnerable.split('.')[3] }}.{{ vulnerable.split('.')[4] }} | 취약 | http://10.10.43.42:8080/{{ vulnerable }} |
+{% endfor %}
+{% for good in check_ok.stdout_lines %}
+| {{ good.split('.')[0] }} | {{ good.split('.')[1] }}.{{ good.split('.')[2] }}.{{ good.split('.')[3] }}.{{ good.split('.')[4] }} | 양호 | http://10.10.43.42:8080/{{ good }} |
+{% endfor %}

ansible/security_check/roles/security_check/vars/main.yml

@@ -0,0 +1,2 @@
+---
+# vars file for security_check

ansible/security_check/server_check.yml

@@ -0,0 +1,6 @@
+---
+- hosts: all
+  become: false
+  gather_facts: true
+  roles:
+    - role: security_check