diff --git a/ansible/security_check/checklist b/ansible/security_check/checklist index 88e57f7..f62bd40 100644 --- a/ansible/security_check/checklist +++ b/ansible/security_check/checklist @@ -3,109 +3,115 @@ server nas [server] -10.10.43.100 ansible_port=2222 ansible_user=dev2 -10.10.43.101 ansible_port=2222 ansible_user=dev2 -10.10.43.105 ansible_port=2222 ansible_user=dev2 -10.10.43.106 ansible_port=2222 ansible_user=dev2 -10.10.43.111 ansible_port=2222 ansible_user=dev2 -10.10.43.112 ansible_port=2222 ansible_user=dev2 -10.10.43.113 ansible_port=2222 ansible_user=dev2 -10.10.43.114 ansible_port=2222 ansible_user=dev2 -10.10.43.115 ansible_port=2222 ansible_user=dev2 -10.10.43.116 ansible_port=2222 ansible_user=dev2 -10.10.43.117 ansible_port=2222 ansible_user=dev2 -10.10.43.118 ansible_port=2222 ansible_user=dev2 -10.10.43.119 ansible_port=2222 ansible_user=dev2 -10.10.43.120 ansible_port=2222 ansible_user=dev2 -10.10.43.121 ansible_port=2222 ansible_user=dev2 -10.10.43.122 ansible_port=2222 ansible_user=dev2 -10.10.43.123 ansible_port=2222 ansible_user=dev2 -10.10.43.124 ansible_port=2222 ansible_user=dev2 -10.10.43.125 ansible_port=2222 ansible_user=dev2 -10.10.43.126 ansible_port=2222 ansible_user=dev2 -10.10.43.127 ansible_port=2222 ansible_user=dev2 -10.10.43.128 ansible_port=2222 ansible_user=dev2 -10.10.43.129 ansible_port=2222 ansible_user=dev2 -10.10.43.130 ansible_port=2222 ansible_user=dev2 -10.10.43.131 ansible_port=2222 ansible_user=dev2 -10.10.43.132 ansible_port=2222 ansible_user=dev2 -10.10.43.133 ansible_port=2222 ansible_user=dev2 -10.10.43.134 ansible_port=2222 ansible_user=dev2 -10.10.43.135 ansible_port=2222 ansible_user=dev2 -10.10.43.136 ansible_port=2222 ansible_user=dev2 -10.10.43.137 ansible_port=2222 ansible_user=dev2 -10.10.43.138 ansible_port=2222 ansible_user=dev2 -10.10.43.139 ansible_port=2222 ansible_user=dev2 -10.10.43.140 ansible_port=2222 ansible_user=dev2 -10.10.43.141 ansible_port=2222 ansible_user=dev2 -10.10.43.142 ansible_port=2222 ansible_user=dev2 -10.10.43.143 ansible_port=2222 ansible_user=dev2 -10.10.43.144 ansible_port=2222 ansible_user=dev2 -10.10.43.145 ansible_port=2222 ansible_user=dev2 -10.10.43.146 ansible_port=2222 ansible_user=dev2 -10.10.43.147 ansible_port=2222 ansible_user=dev2 -10.10.43.148 ansible_port=2222 ansible_user=dev2 -10.10.43.151 ansible_port=2222 ansible_user=dev2 -10.10.43.152 ansible_port=2222 ansible_user=dev2 -10.10.43.153 ansible_port=2222 ansible_user=dev2 -10.10.43.164 ansible_port=2222 ansible_user=dev2 -10.10.43.165 ansible_port=2222 ansible_user=dev2 -10.10.43.166 ansible_port=2222 ansible_user=dev2 -10.10.43.167 ansible_port=2222 ansible_user=dev2 -10.10.43.168 ansible_port=2222 ansible_user=dev2 -10.10.43.169 ansible_port=2222 ansible_user=dev2 -10.10.43.171 ansible_port=2222 ansible_user=dev2 -10.10.43.172 ansible_port=2222 ansible_user=dev2 -10.10.43.173 ansible_port=2222 ansible_user=dev2 -10.10.43.174 ansible_port=2222 ansible_user=dev2 -10.10.43.175 ansible_port=2222 ansible_user=dev2 -10.10.43.176 ansible_port=2222 ansible_user=dev2 -10.10.43.177 ansible_port=2222 ansible_user=dev2 -10.10.43.178 ansible_port=2222 ansible_user=dev2 -10.10.43.179 ansible_port=2222 ansible_user=dev2 -10.10.43.180 ansible_port=2222 ansible_user=dev2 -10.10.43.181 ansible_port=2222 ansible_user=dev2 -10.10.43.182 ansible_port=2222 ansible_user=dev2 -10.10.43.185 ansible_port=2222 ansible_user=dev2 -10.10.43.186 ansible_port=2222 ansible_user=dev2 -10.10.43.187 ansible_port=2222 ansible_user=dev2 -10.10.43.188 ansible_port=2222 ansible_user=dev2 -10.10.43.189 ansible_port=2222 ansible_user=dev2 -10.10.43.190 ansible_port=2222 ansible_user=dev2 -10.10.43.191 ansible_port=2222 ansible_user=dev2 -10.10.43.192 ansible_port=2222 ansible_user=dev2 -10.10.43.193 ansible_port=2222 ansible_user=dev2 -10.10.43.194 ansible_port=2222 ansible_user=dev2 -10.10.43.199 ansible_port=2222 ansible_user=dev2 -10.10.43.195 ansible_port=2222 ansible_user=dev2 -10.10.43.196 ansible_port=2222 ansible_user=dev2 -10.10.43.197 ansible_port=2222 ansible_user=dev2 -10.10.43.200 ansible_port=2222 ansible_user=dev2 -10.10.43.201 ansible_port=2222 ansible_user=dev2 -10.10.43.202 ansible_port=2222 ansible_user=dev2 -10.10.43.203 ansible_port=2222 ansible_user=dev2 -10.10.43.204 ansible_port=2222 ansible_user=dev2 -10.10.43.205 ansible_port=2222 ansible_user=dev2 -10.10.43.206 ansible_port=2222 ansible_user=dev2 -10.10.43.207 ansible_port=2222 ansible_user=dev2 -10.10.43.208 ansible_port=2222 ansible_user=dev2 -10.10.43.210 ansible_port=2222 ansible_user=dev2 -10.10.43.211 ansible_port=2222 ansible_user=dev2 -10.10.43.212 ansible_port=2222 ansible_user=dev2 -10.10.43.213 ansible_port=2222 ansible_user=dev2 -10.10.43.214 ansible_port=2222 ansible_user=dev2 -10.10.43.215 ansible_port=2222 ansible_user=dev2 -10.10.43.216 ansible_port=2222 ansible_user=dev2 -10.10.43.217 ansible_port=2222 ansible_user=dev2 -10.10.43.218 ansible_port=2222 ansible_user=dev2 -10.10.43.224 ansible_port=2222 ansible_user=dev2 -10.10.43.225 ansible_port=2222 ansible_user=dev2 -10.10.43.226 ansible_port=2222 ansible_user=dev2 -10.10.43.227 ansible_port=2222 ansible_user=dev2 -10.10.43.228 ansible_port=2222 ansible_user=dev2 -10.10.43.235 ansible_port=2222 ansible_user=dev2 -10.10.43.236 ansible_port=2222 ansible_user=dev2 -10.10.43.252 ansible_port=2222 ansible_user=dev2 +10.10.43.97 ansible_port=2222 ansible_user=dev2 +10.10.43.240 ansible_port=2222 ansible_user=dev2-iac +10.10.43.241 ansible_port=2222 ansible_user=dev2-iac +10.10.43.242 ansible_port=2222 ansible_user=dev2-iac +10.10.43.243 ansible_port=2222 ansible_user=dev2-iac + +; 10.10.43.100 ansible_port=2222 ansible_user=dev2 +; 10.10.43.101 ansible_port=2222 ansible_user=dev2 +; 10.10.43.105 ansible_port=2222 ansible_user=dev2 +; 10.10.43.106 ansible_port=2222 ansible_user=dev2 +; 10.10.43.111 ansible_port=2222 ansible_user=dev2 +; 10.10.43.112 ansible_port=2222 ansible_user=dev2 +; 10.10.43.113 ansible_port=2222 ansible_user=dev2 +; 10.10.43.114 ansible_port=2222 ansible_user=dev2 +; 10.10.43.115 ansible_port=2222 ansible_user=dev2 +; 10.10.43.116 ansible_port=2222 ansible_user=dev2 +; 10.10.43.117 ansible_port=2222 ansible_user=dev2 +; 10.10.43.118 ansible_port=2222 ansible_user=dev2 +; 10.10.43.119 ansible_port=2222 ansible_user=dev2 +; 10.10.43.120 ansible_port=2222 ansible_user=dev2 +; 10.10.43.121 ansible_port=2222 ansible_user=dev2 +; 10.10.43.122 ansible_port=2222 ansible_user=dev2 +; 10.10.43.123 ansible_port=2222 ansible_user=dev2 +; 10.10.43.124 ansible_port=2222 ansible_user=dev2 +; 10.10.43.125 ansible_port=2222 ansible_user=dev2 +; 10.10.43.126 ansible_port=2222 ansible_user=dev2 +; 10.10.43.127 ansible_port=2222 ansible_user=dev2 +; 10.10.43.128 ansible_port=2222 ansible_user=dev2 +; 10.10.43.129 ansible_port=2222 ansible_user=dev2 +; 10.10.43.130 ansible_port=2222 ansible_user=dev2 +; 10.10.43.131 ansible_port=2222 ansible_user=dev2 +; 10.10.43.132 ansible_port=2222 ansible_user=dev2 +; 10.10.43.133 ansible_port=2222 ansible_user=dev2 +; 10.10.43.134 ansible_port=2222 ansible_user=dev2 +; 10.10.43.135 ansible_port=2222 ansible_user=dev2 +; 10.10.43.136 ansible_port=2222 ansible_user=dev2 +; 10.10.43.137 ansible_port=2222 ansible_user=dev2 +; 10.10.43.138 ansible_port=2222 ansible_user=dev2 +; 10.10.43.139 ansible_port=2222 ansible_user=dev2 +; 10.10.43.140 ansible_port=2222 ansible_user=dev2 +; 10.10.43.141 ansible_port=2222 ansible_user=dev2 +; 10.10.43.142 ansible_port=2222 ansible_user=dev2 +; 10.10.43.143 ansible_port=2222 ansible_user=dev2 +; 10.10.43.144 ansible_port=2222 ansible_user=dev2 +; 10.10.43.145 ansible_port=2222 ansible_user=dev2 +; 10.10.43.146 ansible_port=2222 ansible_user=dev2 +; 10.10.43.147 ansible_port=2222 ansible_user=dev2 +; 10.10.43.148 ansible_port=2222 ansible_user=dev2 +; 10.10.43.151 ansible_port=2222 ansible_user=dev2 +; 10.10.43.152 ansible_port=2222 ansible_user=dev2 +; 10.10.43.153 ansible_port=2222 ansible_user=dev2 +; 10.10.43.164 ansible_port=2222 ansible_user=dev2 +; 10.10.43.165 ansible_port=2222 ansible_user=dev2 +; 10.10.43.166 ansible_port=2222 ansible_user=dev2 +; 10.10.43.167 ansible_port=2222 ansible_user=dev2 +; 10.10.43.168 ansible_port=2222 ansible_user=dev2 +; 10.10.43.169 ansible_port=2222 ansible_user=dev2 +; 10.10.43.171 ansible_port=2222 ansible_user=dev2 +; 10.10.43.172 ansible_port=2222 ansible_user=dev2 +; 10.10.43.173 ansible_port=2222 ansible_user=dev2 +; 10.10.43.174 ansible_port=2222 ansible_user=dev2 +; 10.10.43.175 ansible_port=2222 ansible_user=dev2 +; 10.10.43.176 ansible_port=2222 ansible_user=dev2 +; 10.10.43.177 ansible_port=2222 ansible_user=dev2 +; 10.10.43.178 ansible_port=2222 ansible_user=dev2 +; 10.10.43.179 ansible_port=2222 ansible_user=dev2 +; 10.10.43.180 ansible_port=2222 ansible_user=dev2 +; 10.10.43.181 ansible_port=2222 ansible_user=dev2 +; 10.10.43.182 ansible_port=2222 ansible_user=dev2 +; 10.10.43.185 ansible_port=2222 ansible_user=dev2 +; 10.10.43.186 ansible_port=2222 ansible_user=dev2 +; 10.10.43.187 ansible_port=2222 ansible_user=dev2 +; 10.10.43.188 ansible_port=2222 ansible_user=dev2 +; 10.10.43.189 ansible_port=2222 ansible_user=dev2 +; 10.10.43.190 ansible_port=2222 ansible_user=dev2 +; 10.10.43.191 ansible_port=2222 ansible_user=dev2 +; 10.10.43.192 ansible_port=2222 ansible_user=dev2 +; 10.10.43.193 ansible_port=2222 ansible_user=dev2 +; 10.10.43.194 ansible_port=2222 ansible_user=dev2 +; 10.10.43.199 ansible_port=2222 ansible_user=dev2 +; 10.10.43.195 ansible_port=2222 ansible_user=dev2 +; 10.10.43.196 ansible_port=2222 ansible_user=dev2 +; 10.10.43.197 ansible_port=2222 ansible_user=dev2 +; 10.10.43.200 ansible_port=2222 ansible_user=dev2 +; 10.10.43.201 ansible_port=2222 ansible_user=dev2 +; 10.10.43.202 ansible_port=2222 ansible_user=dev2 +; 10.10.43.203 ansible_port=2222 ansible_user=dev2 +; 10.10.43.204 ansible_port=2222 ansible_user=dev2 +; 10.10.43.205 ansible_port=2222 ansible_user=dev2 +; 10.10.43.206 ansible_port=2222 ansible_user=dev2 +; 10.10.43.207 ansible_port=2222 ansible_user=dev2 +; 10.10.43.208 ansible_port=2222 ansible_user=dev2 +; 10.10.43.210 ansible_port=2222 ansible_user=dev2 +; 10.10.43.211 ansible_port=2222 ansible_user=dev2 +; 10.10.43.212 ansible_port=2222 ansible_user=dev2 +; 10.10.43.213 ansible_port=2222 ansible_user=dev2 +; 10.10.43.214 ansible_port=2222 ansible_user=dev2 +; 10.10.43.215 ansible_port=2222 ansible_user=dev2 +; 10.10.43.216 ansible_port=2222 ansible_user=dev2 +; 10.10.43.217 ansible_port=2222 ansible_user=dev2 +; 10.10.43.218 ansible_port=2222 ansible_user=dev2 +; 10.10.43.224 ansible_port=2222 ansible_user=dev2 +; 10.10.43.225 ansible_port=2222 ansible_user=dev2 +; 10.10.43.226 ansible_port=2222 ansible_user=dev2 +; 10.10.43.227 ansible_port=2222 ansible_user=dev2 +; 10.10.43.228 ansible_port=2222 ansible_user=dev2 +; 10.10.43.235 ansible_port=2222 ansible_user=dev2 +; 10.10.43.236 ansible_port=2222 ansible_user=dev2 +; 10.10.43.252 ansible_port=2222 ansible_user=dev2 [nas] 10.10.43.42 ansible_port=2222 ansible_user=exemdev2 diff --git a/ansible/security_check/roles/security_check/tasks/main.yml b/ansible/security_check/roles/security_check/tasks/main.yml index f313a2b..efe8e22 100644 --- a/ansible/security_check/roles/security_check/tasks/main.yml +++ b/ansible/security_check/roles/security_check/tasks/main.yml @@ -1,5 +1,5 @@ --- - include: start.yml -- include: create_readme.yml - when: "'nas' in group_names" +# - include: create_readme.yml +# when: "'nas' in group_names" diff --git a/ansible/security_check/roles/security_check/tasks/start.yml b/ansible/security_check/roles/security_check/tasks/start.yml index 2d0b74b..d330a34 100644 --- a/ansible/security_check/roles/security_check/tasks/start.yml +++ b/ansible/security_check/roles/security_check/tasks/start.yml @@ -6,73 +6,73 @@ delegate_to: 127.0.0.1 when: "'nas' in group_names" -- name: Old Result File Delete - shell: | - rm -rf /volume1/platform/05_Security_check/* - when: "'nas' in group_names" +# - name: Old Result File Delete +# shell: | +# rm -rf /volume1/platform/05_Security_check/* +# when: "'nas' in group_names" -- name: Copy Security Check Script - copy: - src: "{{ role_path }}/files/ubuntu.sh" - dest: /tmp/ubuntu.sh - when: ansible_facts['os_family'] == 'Debian' +# - name: Copy Security Check Script +# copy: +# src: "{{ role_path }}/files/ubuntu.sh" +# dest: /tmp/ubuntu.sh +# when: ansible_facts['os_family'] == 'Debian' -- name: Copy Security Check Script - copy: - src: "{{ role_path }}/files/rocky.sh" - dest: /tmp/rocky.sh - when: ansible_facts['os_family'] == 'RedHat' +# - name: Copy Security Check Script +# copy: +# src: "{{ role_path }}/files/rocky.sh" +# dest: /tmp/rocky.sh +# when: ansible_facts['os_family'] == 'RedHat' -- name: Start Security Check Script (become -> true) - shell: | - chdir - bash /tmp/ubuntu.sh - rm -rf /tmp/ubuntu.sh - become: true - when: ansible_facts['os_family'] == 'Debian' +# - name: Start Security Check Script (become -> true) +# shell: | +# chdir +# bash /tmp/ubuntu.sh +# rm -rf /tmp/ubuntu.sh +# become: true +# when: ansible_facts['os_family'] == 'Debian' -- name: Start Security Check Script (become -> true) - shell: | - chdir - bash /tmp/rocky.sh - rm -rf /tmp/rocky.sh - become: true - when: ansible_facts['os_family'] == 'RedHat' +# - name: Start Security Check Script (become -> true) +# shell: | +# chdir +# bash /tmp/rocky.sh +# rm -rf /tmp/rocky.sh +# become: true +# when: ansible_facts['os_family'] == 'RedHat' -- name: Copy Result File to Local - fetch: - src: "/tmp/{{ ansible_hostname }}.{{ ansible_host }}.txt" - dest: "~/checklist/" - flat: yes - when: ansible_facts['os_family'] == 'Debian' or ansible_facts['os_family'] == 'RedHat' +# - name: Copy Result File to Local +# fetch: +# src: "/tmp/{{ ansible_hostname }}.{{ ansible_host }}.txt" +# dest: "~/checklist/" +# flat: yes +# when: ansible_facts['os_family'] == 'Debian' or ansible_facts['os_family'] == 'RedHat' -- name: Delete Result File (become -> true) - file: - path: "/tmp/{{ ansible_hostname }}.txt" - state: absent - become: true - when: ansible_facts['os_family'] == 'Debian' or ansible_facts['os_family'] == 'RedHat' +# - name: Delete Result File (become -> true) +# file: +# path: "/tmp/{{ ansible_hostname }}.txt" +# state: absent +# become: true +# when: ansible_facts['os_family'] == 'Debian' or ansible_facts['os_family'] == 'RedHat' -- name: Find Copy File Name - shell: ls -l ~/checklist/ | awk 'NR>1 {print $9}' - register: copy_file - delegate_to: 127.0.0.1 - when: "'nas' in group_names" +# - name: Find Copy File Name +# shell: ls -l ~/checklist/ | awk 'NR>1 {print $9}' +# register: copy_file +# delegate_to: 127.0.0.1 +# when: "'nas' in group_names" -- debug: - msg: "파일 {{ copy_file.stdout_lines }} 발견" - when: "'nas' in group_names" +# - debug: +# msg: "파일 {{ copy_file.stdout_lines }} 발견" +# when: "'nas' in group_names" -- name: Copy Result File to NAS - copy: - src: "~/checklist/{{ item }}" - dest: /volume1/platform/05_Security_check - with_items: "{{ copy_file.stdout_lines }}" - when: "'nas' in group_names" +# - name: Copy Result File to NAS +# copy: +# src: "~/checklist/{{ item }}" +# dest: /volume1/platform/05_Security_check +# with_items: "{{ copy_file.stdout_lines }}" +# when: "'nas' in group_names" -- name: Delete Result File (become -> true) - file: - path: "~/checklist/" - state: absent - delegate_to: 127.0.0.1 - when: "'nas' in group_names" \ No newline at end of file +# - name: Delete Result File (become -> true) +# file: +# path: "~/checklist/" +# state: absent +# delegate_to: 127.0.0.1 +# when: "'nas' in group_names" \ No newline at end of file