sa_8001/security_check
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

task 추가

Browse Source
This commit is contained in:
ByeonJungHun
2024-01-03 16:06:05 +09:00
parent 1ef5602997
commit a4979371f3
7 changed files with 32 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
README.md Normal file
View File

@@ -0,0 +1,2 @@
|이름|상태 요약|상세 보기|
|---|---|---|

2
checklist
View File

@@ -4,7 +4,7 @@ nas
[server] [server]
10.10.43.200 ansible_port=2222 ansible_user=dev2 10.10.43.200 ansible_port=2222 ansible_user=dev2
10.10.43.201 ansible_port=2222 ansible_user=dev2 #10.10.43.97 ansible_port=2222 ansible_user=dev2
[nas] [nas]
10.10.43.42 ansible_port=2222 ansible_user=exemdev2 10.10.43.42 ansible_port=2222 ansible_user=exemdev2

BIN
roles/security_check/.DS_Store vendored
View File

Binary file not shown.

9
roles/security_check/tasks/create_readme.yml
View File

@@ -8,5 +8,12 @@
when: "'nas' in group_names" when: "'nas' in group_names"
- debug: - debug:
msg: "{{ check_status.stdout_lines }}" msg: "취약점 {{ check_status.stdout_lines }} 발견"
when: "'nas' in group_names"
- name: Create README.md
template:
src: README.md.j2
dest: "{{ playbook_dir }}/README.md"
delegate_to: 127.0.0.1
when: "'nas' in group_names" when: "'nas' in group_names"

17
roles/security_check/tasks/start.yml
View File

@@ -1,8 +1,9 @@
--- ---
- name: Create Result Directory - name: Create Result Directory
file: file:
path: /resultdir path: ~/checklist/
state: directory state: directory
become: false
delegate_to: 127.0.0.1 delegate_to: 127.0.0.1
when: "'nas' in group_names" when: "'nas' in group_names"
@@ -27,7 +28,7 @@
- name: Copy Result File to Local - name: Copy Result File to Local
fetch: fetch:
src: "/tmp/{{ ansible_hostname }}.txt" src: "/tmp/{{ ansible_hostname }}.txt"
dest: "/resultdir/" dest: "~/checklist/"
flat: yes flat: yes
when: ansible_distribution == 'Ubuntu' when: ansible_distribution == 'Ubuntu'
@@ -38,21 +39,27 @@
when: ansible_distribution == 'Ubuntu' when: ansible_distribution == 'Ubuntu'
- name: Find Copy File Name - name: Find Copy File Name
shell: ls -l /resultdir/ | awk 'NR>1 {print $9}' shell: ls -l ~/checklist/ | awk 'NR>1 {print $9}'
register: copy_file register: copy_file
become: false
delegate_to: 127.0.0.1 delegate_to: 127.0.0.1
when: "'nas' in group_names" when: "'nas' in group_names"
- debug:
msg: "파일 {{ copy_file.stdout_lines }} 발견"
when: "'nas' in group_names"
- name: Copy Result File to NAS - name: Copy Result File to NAS
copy: copy:
src: "/resultdir/{{ item }}" src: "~/checklist/{{ item }}"
dest: /volume1/platform/05_Security_check dest: /volume1/platform/05_Security_check
with_items: "{{ copy_file.stdout_lines }}" with_items: "{{ copy_file.stdout_lines }}"
when: "'nas' in group_names" when: "'nas' in group_names"
- name: Delete Result File - name: Delete Result File
file: file:
path: "/resultdir" path: "~/checklist/"
state: absent state: absent
become: false
delegate_to: 127.0.0.1 delegate_to: 127.0.0.1
when: ansible_distribution == 'Ubuntu' when: ansible_distribution == 'Ubuntu'

5
roles/security_check/templates/README.md.j2
View File

@@ -0,0 +1,5 @@
|이름|상태 요약|상세 보기|
|---|---|---|
{% for filename in check_status.stdout_lines %}
|{{ filename|splitext|first }}|취약|http://10.10.43.42:8080/{{ filename }}|
{% endfor %}

5
server_check.yml
View File

@@ -2,5 +2,8 @@
- hosts: all - hosts: all
become: true become: true
gather_facts: true gather_facts: true
vars:
user: byeonjeonghun
group: staff
roles: roles:
- role: security_check - role: security_check