sa_8001/security_check
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

task 추가

Browse Source
This commit is contained in:
ByeonJungHun
2024-01-03 16:06:05 +09:00
parent 1ef5602997
commit a4979371f3
7 changed files with 32 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
README.md Normal file
View File

@@ -0,0 +1,2 @@
|이름|상태 요약|상세 보기|
|---|---|---|

2
checklist
View File

@@ -4,7 +4,7 @@ nas
[server]
10.10.43.200 ansible_port=2222 ansible_user=dev2
10.10.43.201 ansible_port=2222 ansible_user=dev2
#10.10.43.97 ansible_port=2222 ansible_user=dev2
[nas]
10.10.43.42 ansible_port=2222 ansible_user=exemdev2

BIN
roles/security_check/.DS_Store vendored
View File

Binary file not shown.

9
roles/security_check/tasks/create_readme.yml
View File

@@ -8,5 +8,12 @@
when: "'nas' in group_names"
- debug:
msg: "{{ check_status.stdout_lines }}"
msg: "취약점 {{ check_status.stdout_lines }} 발견"
when: "'nas' in group_names"
- name: Create README.md
template:
src: README.md.j2
dest: "{{ playbook_dir }}/README.md"
delegate_to: 127.0.0.1
when: "'nas' in group_names"

17
roles/security_check/tasks/start.yml
View File

@@ -1,8 +1,9 @@
---
- name: Create Result Directory
file:
path: /resultdir
path: ~/checklist/
state: directory
become: false
delegate_to: 127.0.0.1
when: "'nas' in group_names"
@@ -27,7 +28,7 @@
- name: Copy Result File to Local
fetch:
src: "/tmp/{{ ansible_hostname }}.txt"
dest: "/resultdir/"
dest: "~/checklist/"
flat: yes
when: ansible_distribution == 'Ubuntu'
@@ -38,21 +39,27 @@
when: ansible_distribution == 'Ubuntu'
- name: Find Copy File Name
shell: ls -l /resultdir/ | awk 'NR>1 {print $9}'
shell: ls -l ~/checklist/ | awk 'NR>1 {print $9}'
register: copy_file
become: false
delegate_to: 127.0.0.1
when: "'nas' in group_names"
- debug:
msg: "파일 {{ copy_file.stdout_lines }} 발견"
when: "'nas' in group_names"
- name: Copy Result File to NAS
copy:
src: "/resultdir/{{ item }}"
src: "~/checklist/{{ item }}"
dest: /volume1/platform/05_Security_check
with_items: "{{ copy_file.stdout_lines }}"
when: "'nas' in group_names"
- name: Delete Result File
file:
path: "/resultdir"
path: "~/checklist/"
state: absent
become: false
delegate_to: 127.0.0.1
when: ansible_distribution == 'Ubuntu'

5
roles/security_check/templates/README.md.j2
View File

@@ -0,0 +1,5 @@
|이름|상태 요약|상세 보기|
|---|---|---|
{% for filename in check_status.stdout_lines %}
|{{ filename|splitext|first }}|취약|http://10.10.43.42:8080/{{ filename }}|
{% endfor %}

3
server_check.yml
View File

@@ -2,5 +2,8 @@
- hosts: all
become: true
gather_facts: true
vars:
user: byeonjeonghun
group: staff
roles:
- role: security_check