--- # Copyright 2015, Rackspace US, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. - name: Gather variables for each operating system include_vars: "{{ item }}" with_first_found: - "{{ ansible_distribution | lower }}-{{ ansible_distribution_version | lower }}.yml" - "{{ ansible_distribution | lower }}-{{ ansible_distribution_major_version | lower }}.yml" - "{{ ansible_os_family | lower }}-{{ ansible_distribution_major_version | lower }}.yml" - "{{ ansible_distribution | lower }}.yml" - "{{ ansible_os_family | lower }}.yml" tags: - always - name: Check if we're in check/audit mode command: /bin/true register: noop_result tags: - always - name: Check to see if systemd is in use command: systemctl status register: systemd_check failed_when: False tags: - always - name: Set facts set_fact: check_mode: "{{ noop_result | skipped }}" systemd_running: "{{ systemd_check | success }}" linux_security_module: "{{ (ansible_os_family == 'Debian') | ternary('apparmor','selinux') }}" tags: - always - include: apt.yml when: ansible_pkg_mgr == 'apt' tag: - apt - package - include: rpm.yml when: ansible_pkg_mgr == 'yum' or ansible_pkg_mgr == 'dnf' tag: - package - rpm - include: auditd.yml - include: auth.yml - include: boot.yml - include: console.yml - include: file_perms.yml - include: kernel.yml - include: lsm.yml - include: mail.yml - include: misc.yml - include: nfsd.yml - include: services.yml - include: sshd.yml