From 86685b0f5b4fc0457e5a3b69cfff122b8ef88869 Mon Sep 17 00:00:00 2001 From: Rich Megginson Date: Tue, 12 Nov 2024 13:49:54 -0700 Subject: [PATCH] docs(changelog): version 0.0.1 [citest skip] Update changelog and .README.html for version 0.0.1 Signed-off-by: Rich Megginson --- .README.html | 260 +++++++++++++++++++++++++++++++++++++++++++++++++++ CHANGELOG.md | 14 +++ 2 files changed, 274 insertions(+) create mode 100644 .README.html create mode 100644 CHANGELOG.md diff --git a/.README.html b/.README.html new file mode 100644 index 0000000..6355c40 --- /dev/null +++ b/.README.html @@ -0,0 +1,260 @@ + + + + + + + + AIDE + + + + + + +
+
+

AIDE

+
+
+ +
+

This is an ansible role that installs and configures the Advanced Intrusion Detection Environment +(AIDE). For Day 2 tasks it can run integrity checks and update the +AIDE database.

+

What does this role do for +you?

+
    +
  • It ensures that the aide package is installed on the +remote nodes
    • +
  • As an optional task it can generate the /etc/aide.conf +file and template it out to the remote nodes
    • +
  • It initializes the AIDE database
    • +
  • The AIDE databases from the remote nodes are stored in a central +directory on the controller node
    • +
  • It runs AIDE integrity checks on the remote nodes
    • +
  • It updates the AIDE databases and stores them on the controller +node
    • +
+

What does this role not do +for you?

+
    +
  • It does not explain how to create a good AIDE configuration that +suits your requirements; that task remains for you to accomplish
    • +
+

Requirements

+

This role has no special requirements as it uses +ansible.builtin modules only.

+

Role Variables

+

aide_db_template

+

This variable takes a string to specify a path where the custom +template for aide.conf is located.

+

To be sure that everething is correct, template needs to start with +following snippet:

+
{{ ansible_managed | comment }}
+{{ "system_role:aide" | comment(prefix="", postfix="") }}
+

Default: null

+

Type: string

+

aide_db_fetch_dir

+

This variable takes a string to specify the directory on the Ansible +Control Node (ACN) where the role will store the AIDE database fetched +from the remote nodes. The default value is files which is +expected to be a directory in the same directory as the playbook.

+

In case you like to store the fetched AIDE database files somewhere +else you need to specify a different path here.

+

Default: files

+

Type: `string

+

aide_init

+

Initializes the AIDE database.

+

Default: false

+

Type: bool

+

aide_fetch_db

+

Fetches database from the remote nodes to store it on the controller +node

+

Default: false

+

Type: bool

+

aide_check

+

Runs an integrity check on the remote nodes

+

Default: false

+

Type: bool

+

aide_update

+

Updates the AIDE database and stores it on the controller node

+

Default: false

+

Type: bool

+

Example Playbook

+

Including an example of how to use your role (for instance, with +variables passed in as parameters) is always nice for users too:

+
# SPDX-License-Identifier: MIT
+---
+- name: Example aide role invocation
+  hosts: targets
+  tasks:
+    - name: Include role aide
+      vars:
+        aide_db_fetch_dir: files
+        aide_install: true
+        aide_generate_config: true
+        aide_init: true
+        aide_check: false
+        aide_update: false
+      ansible.builtin.include_role:
+        name: linux-system-roles.aide
+

More examples can be found in the examples/ directory.

+

License

+

MIT.

+

Author Information

+
    +
  • Radovan Sroka
    • +
  • Joerg Kastning
    • +
  • Based on Tronde/aide +ansible role
    • +
+
+ + diff --git a/CHANGELOG.md b/CHANGELOG.md new file mode 100644 index 0000000..08c746b --- /dev/null +++ b/CHANGELOG.md @@ -0,0 +1,14 @@ +Changelog +========= + +[0.0.1] - 2024-11-12 +-------------------- + +### New Features + +- feat: Import code for role (#3) + +### Other Changes + +- refactor: Use vars/RedHat_N.yml symlink for CentOS, Rocky, Alma wherever possible (#1) +