sa_8001/security_check
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

test

Browse Source
This commit is contained in:
ByeonJungHun
2024-01-02 17:39:26 +09:00
parent 2bb28c35b7
commit b856e871a2
9 changed files with 33 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
ansible.cfg
View File

@@ -1,4 +1,5 @@
[defaults] [defaults]
become = true
inventory = checklist inventory = checklist
roles_path = roles roles_path = roles
deprecation_warnings = false deprecation_warnings = false
@@ -6,3 +7,4 @@ display_skipped_hosts = no
ansible_home = . ansible_home = .
stdout_callback = debug stdout_callback = debug
host_key_checking = false host_key_checking = false

4
checklist
View File

@@ -3,8 +3,8 @@ server
nas nas
[server] [server]
10.10.43.111 ansible_port=2222 ansible_user=dev2 10.10.43.200 ansible_port=2222 ansible_user=dev2
10.10.43.112 ansible_port=2222 ansible_user=dev2 10.10.43.201 ansible_port=2222 ansible_user=dev2
[nas] [nas]
10.10.43.42 ansible_port=2222 ansible_user=exemdev2 10.10.43.42 ansible_port=2222 ansible_user=exemdev2

BIN
roles/security_check/.DS_Store vendored Normal file
View File

Binary file not shown.

2
roles/security_check/files/rocky.sh
View File

@@ -1,6 +1,6 @@
#!/bin/bash #!/bin/bash
resultfile="/tmp/$(hostname)_$(date '+%F-%H:%M').txt" resultfile="/tmp/$(hostname).txt"
U_01() { U_01() {
echo "" >> $resultfile 2>&1 echo "" >> $resultfile 2>&1

2
roles/security_check/files/ubuntu.sh
View File

@@ -1,6 +1,6 @@
#!/bin/bash #!/bin/bash
resultfile="/tmp/$(hostname)_$(date '+%F-%H:%M').txt" resultfile="/tmp/$(hostname).txt"
U_01() { U_01() {
echo "" >> $resultfile 2>&1 echo "" >> $resultfile 2>&1

12
roles/security_check/tasks/create_readme.yml Normal file
View File

@@ -0,0 +1,12 @@
---
- name: check status
shell: |
grep -H '☆ 취약 개수 = [1-9]' *.txt | cut -d: -f1
args:
chdir: /volume1/platform/05_Security_check/
register: check_status
when: "'nas' in group_names"
- debug:
msg: "{{ check_status.stdout_lines }}"
when: "'nas' in group_names"

2
roles/security_check/tasks/main.yml
View File

@@ -1,2 +1,4 @@
--- ---
- include: start.yml - include: start.yml
- include: create_readme.yml

18
roles/security_check/tasks/start.yml
View File

@@ -24,24 +24,16 @@
rm -rf /tmp/ubuntu.sh rm -rf /tmp/ubuntu.sh
when: ansible_distribution == 'Ubuntu' when: ansible_distribution == 'Ubuntu'
- name: File Name Search
shell: |
ls |grep {{ ansible_hostname }}
register: result
when: ansible_distribution == 'Ubuntu'
args:
chdir: /tmp/
- name: Copy Result File to Local - name: Copy Result File to Local
fetch: fetch:
src: "/tmp/{{ result.stdout }}" src: "/tmp/{{ ansible_hostname }}.txt"
dest: "/resultdir/" dest: "/resultdir/"
flat: yes flat: yes
when: ansible_distribution == 'Ubuntu' when: ansible_distribution == 'Ubuntu'
- name: Delete Result File - name: Delete Result File
file: file:
path: "/tmp/{{ result.stdout }}" path: "/tmp/{{ ansible_hostname }}.txt"
state: absent state: absent
when: ansible_distribution == 'Ubuntu' when: ansible_distribution == 'Ubuntu'
@@ -58,3 +50,9 @@
with_items: "{{ copy_file.stdout_lines }}" with_items: "{{ copy_file.stdout_lines }}"
when: "'nas' in group_names" when: "'nas' in group_names"
- name: Delete Result File
file:
path: "/resultdir"
state: absent
delegate_to: 127.0.0.1
when: ansible_distribution == 'Ubuntu'

0
roles/security_check/templates/README.md.j2 Normal file
View File