58 lines
1.4 KiB
YAML
58 lines
1.4 KiB
YAML
---
|
|
|
|
- name: Install packages
|
|
yum:
|
|
name:
|
|
- clamav
|
|
- clamav-data-empty
|
|
- clamav-server-systemd
|
|
- clamav-update
|
|
|
|
- name: Create clamav user account
|
|
user:
|
|
name: clamav
|
|
system: True
|
|
shell: /sbin/nologin
|
|
comment: "ClamAV antivirus user account"
|
|
|
|
- name: Set SELinux
|
|
seboolean: name={{ item }} state=True persistent=True
|
|
with_items:
|
|
- clamd_use_jit
|
|
- antivirus_can_scan_system
|
|
when: ansible_selinux.status == 'enabled'
|
|
|
|
- name: Deploy freshclam configuration
|
|
template: src=freshclam.conf.j2 dest=/etc/freshclam.conf mode=644
|
|
notify: restart freshclam
|
|
|
|
- name: Deploy clamd configuration
|
|
template: src=clamd.conf.j2 dest=/etc/clamd.conf
|
|
notify: restart clamd
|
|
|
|
- name: Deploy systemd units
|
|
template: src={{ item }}.j2 dest=/etc/systemd/system/{{ item }}
|
|
with_items:
|
|
- freshclam.service
|
|
- clamd.service
|
|
notify:
|
|
- restart freshclam
|
|
- restart clamd
|
|
register: clamav_units
|
|
|
|
- name: Deploy tmpfiles.d fragment
|
|
copy:
|
|
content: 'd /run/clamav 755 {{ clam_user }} {{ clam_group }}'
|
|
dest: /etc/tmpfiles.d/clamav.conf
|
|
notify: systemd-tmpfiles
|
|
|
|
- name: Reload systemd
|
|
command: systemctl daemon-reload
|
|
when: clamav_units.changed
|
|
|
|
- name: Start and enable freshclam
|
|
service: name=freshclam state=started enabled=True
|
|
|
|
- name: Handle clamd service
|
|
service: name=clamd state={{ clam_enable_clamd | ternary('started','stopped') }} enabled={{ clam_enable_clamd }}
|