test

ansible.cfg

@@ -1,8 +1,10 @@
 [defaults]
-inventory	= checklist
-roles_path	= roles
+become = true
+inventory = checklist
+roles_path = roles
 deprecation_warnings = false
 display_skipped_hosts = no
-ansible_home	= .
+ansible_home = .
 stdout_callback = debug
 host_key_checking = false
+

checklist

@@ -3,8 +3,8 @@ server
 nas
 
 [server]
-10.10.43.111 ansible_port=2222 ansible_user=dev2
-10.10.43.112 ansible_port=2222 ansible_user=dev2
+10.10.43.200 ansible_port=2222 ansible_user=dev2
+10.10.43.201 ansible_port=2222 ansible_user=dev2
 
 [nas]
-10.10.43.42 ansible_port=2222 ansible_user=exemdev2
+10.10.43.42 ansible_port=2222 ansible_user=exemdev2

roles/security_check/files/rocky.sh

@@ -1,6 +1,6 @@
 #!/bin/bash
 
-resultfile="/tmp/$(hostname)_$(date '+%F-%H:%M').txt"
+resultfile="/tmp/$(hostname).txt"
 
 U_01() {
 	echo ""  >> $resultfile 2>&1

roles/security_check/files/ubuntu.sh

@@ -1,6 +1,6 @@
 #!/bin/bash
 
-resultfile="/tmp/$(hostname)_$(date '+%F-%H:%M').txt"
+resultfile="/tmp/$(hostname).txt"
 
 U_01() {
 	echo ""  >> $resultfile 2>&1

roles/security_check/tasks/create_readme.yml

@@ -0,0 +1,12 @@
+---
+- name: check status
+  shell: |
+    grep -H '☆ 취약 개수 = [1-9]' *.txt | cut -d: -f1
+  args:
+    chdir: /volume1/platform/05_Security_check/
+  register: check_status
+  when: "'nas' in group_names"
+
+- debug:
+    msg: "{{ check_status.stdout_lines }}"
+  when: "'nas' in group_names"

roles/security_check/tasks/main.yml

@@ -1,2 +1,4 @@
 ---
 - include: start.yml
+
+- include: create_readme.yml

roles/security_check/tasks/start.yml

@@ -24,24 +24,16 @@
     rm -rf /tmp/ubuntu.sh
   when: ansible_distribution == 'Ubuntu'
 
-- name: File Name Search
-  shell: |
-    ls |grep {{ ansible_hostname }}
-  register: result
-  when: ansible_distribution == 'Ubuntu'
-  args:
-    chdir: /tmp/
-
 - name: Copy Result File to Local
   fetch:
-    src: "/tmp/{{ result.stdout }}"
+    src: "/tmp/{{ ansible_hostname }}.txt"
     dest: "/resultdir/"
     flat: yes
   when: ansible_distribution == 'Ubuntu'
 
 - name: Delete Result File
   file:
-    path: "/tmp/{{ result.stdout }}"
+    path: "/tmp/{{ ansible_hostname }}.txt"
     state: absent
   when: ansible_distribution == 'Ubuntu'
 
@@ -57,4 +49,10 @@
     dest: /volume1/platform/05_Security_check
   with_items: "{{ copy_file.stdout_lines }}"
   when: "'nas' in group_names"
-  
+
+- name: Delete Result File
+  file:
+    path: "/resultdir"
+    state: absent
+  delegate_to: 127.0.0.1
+  when: ansible_distribution == 'Ubuntu'