Fix other suggestions

Signed-off-by: Radovan Sroka <[email protected]>

README.md

@@ -4,9 +4,6 @@
 
 This is an ansible role that installs and configures the [Advanced Intrusion Detection Environment (AIDE)](https://aide.github.io). For Day 2 tasks it can run integrity checks and update the AIDE database.
 
-_Notice:_ This is a very early stage of a work in progress. Please use with
-extreme caution as it might break your system.
-
 ## What does this role do for you?
 
 * It ensures that the `aide` package is installed on the remote nodes
@@ -16,12 +13,6 @@ extreme caution as it might break your system.
 * It runs AIDE integrity checks on the remote nodes
 * It updates the AIDE databases and stores them on the controller node
 
-## How does the role do that?
-
-* The role is controlled by using role variables
-* If you run the playbook without specifying any role variable the role will change nothing on your remote nodes
-* To execute some supported use cases you need to explicitly specify one or more of the following variables
-
 ### Available tags to control and use the role
 
 ## What does this role not do for you?
@@ -35,7 +26,7 @@ only.
 
 ## Role Variables
 
-### aide_custom_template
+### aide_db_template
 
 This variable takes a string to specify a path where the custom template for aide.conf is located.
 

defaults/main.yml

@@ -4,7 +4,7 @@
 # This file also serves as a documentation for such a variables.
 
 # Path to template file
-aide_custom_template: null
+aide_db_template: null
 
 # Examples of role input variables:
 aide_db_fetch_dir: files

examples/custom-template.yml

@@ -5,7 +5,7 @@
   tasks:
     - name: Include role aide
       vars:
-        aide_custom_template: /tmp/aide-custom.conf.j2
+        aide_db_template: /tmp/aide-custom.conf.j2
         aide_db_fetch_dir: files
         aide_install: true
         aide_init: true

tasks/main.yml

@@ -11,7 +11,7 @@
     use: "{{ (__aide_is_ostree | d(false)) |
              ternary('ansible.posix.rhel_rpm_ostree', omit) }}"
   when:
-    - aide_install
+    - aide_install | bool
 
 - name: Ensure required services are enabled and started
   ansible.builtin.service:
@@ -22,19 +22,20 @@
 
 - name: Generate "/etc/{{ __aide_config }}"
   ansible.builtin.template:
-#    remote_src: true
-    src: "{{ aide_custom_template }}"
+    src: "{{ aide_db_template }}"
     dest: "/etc/{{ __aide_config }}"
     mode: "0400"
   when:
-    - aide_custom_template
+    - aide_db_template is defined
+    - aide_db_template is not none
+    - aide_db_template is string
 
 # - name: Print Header
 #   ansible.builtin.shell: head /etc/aide.conf || true
 
 - name: Initialize AIDE database
   when:
-    - aide_init
+    - aide_init | bool
   block:
     - name: Initialize AIDE database
       ansible.builtin.command:
@@ -51,18 +52,18 @@
         mode: "0440"
         force: true
       when:
-        - not aide_fetch_db
+        - not aide_fetch_db | bool
 
     - name: Remove remote AIDE database file
       ansible.builtin.file:
         path: "{{ __aide_db_new_name }}"
         state: absent
       when:
-        - not aide_fetch_db
+        - not aide_fetch_db | bool
 
 - name: Fetch AIDE database
   when:
-    - aide_fetch_db
+    - aide_fetch_db | bool
   block:
     - name: Fetch AIDE database
       ansible.builtin.fetch:
@@ -76,7 +77,7 @@
 
 - name: Check AIDE integrity
   when:
-    - aide_check
+    - aide_check | bool
   block:
     - name: Copy AIDE reference database
       ansible.builtin.copy:
@@ -87,7 +88,7 @@
         group: root
         mode: "0440"
       when:
-        - aide_fetch_db
+        - aide_fetch_db | bool
 
     - name: Check against AIDE reference database
       ansible.builtin.command:
@@ -96,7 +97,7 @@
 
 - name: Update AIDE database and fetch it
   when:
-    - aide_update
+    - aide_update | bool
   block:
     - name: Update AIDE database
       ansible.builtin.command:

tests/tests_custom_template.yml

@@ -6,7 +6,7 @@
   roles:
     - role: linux-system-roles.aide
       vars:
-        aide_custom_template: files/aide-custom.conf.j2
+        aide_db_template: files/aide-custom.conf.j2
         aide_install: true
         aide_init: true
   tasks: