de-it-krachten/ansible-role-lynis
1
0
Fork 0
mirror of https://github.com/de-it-krachten/ansible-role-lynis synced 2026-05-14 11:51:46 +00:00
Code Issues Projects Releases Packages Wiki Activity
No description
48 commits 2 branches 7 tags 121 KiB
  • Jinja 100%
Find a file
Exact
semantic-release-bot ffa707cf24 chore(release): 1.6.0 [skip ci] 
# [1.6.0](https://github.com/de-it-krachten/ansible-role-lynis/compare/v1.5.0...v1.6.0) (2026-03-15)

### Features

* Added support for Fedora 43 ([19d61d6](19d61d6a07))
* Drop support for Fedora 41 ([0e5f9b5](0e5f9b545c))
* Drop support for openSUSE Leap 15 ([cf578f9](cf578f9fed))
* Drop support for SUSE Linux Enterprise 15 ([1db5abc](1db5abc0c5))
2026-03-15 11:38:54 +00:00
.github/workflows Update CI 2026-03-14 19:42:35 +01:00
defaults feat: Add scheduling 2023-05-28 17:01:40 +02:00
meta Update CI 2026-03-14 19:42:35 +01:00
molecule/default Update CI 2026-03-14 19:42:35 +01:00
tasks Fix CI 2025-08-09 19:31:00 +02:00
templates Fix CI 2025-08-09 19:31:00 +02:00
.ansible-lint Initial commit 2023-01-10 16:06:17 +01:00
.cicd Update CI 2026-03-06 22:48:31 +01:00
.cicd.overwrite Update CI 2026-03-14 19:42:35 +01:00
.collections Implement FQCN 2023-01-11 00:10:15 +01:00
.gitignore feat: Update supported platforms & CI 2024-12-29 02:19:06 +01:00
.releaserc.yml Update CI 2026-03-06 22:48:31 +01:00
.roles Initial commit 2023-01-10 16:06:17 +01:00
.yamllint feat: Update supported platforms & CI 2024-12-29 02:19:06 +01:00
CHANGELOG.md chore(release): 1.6.0 [skip ci] 2026-03-15 11:38:54 +00:00
README.md Update CI 2026-03-14 19:42:35 +01:00

README.md

CI

ansible-role-lynis

Installs lynis om a variety of platforms https://cisofy.com

Dependencies

Roles

  • deitkrachten.cron

Collections

None

Platforms

Supported platforms

  • Red Hat Enterprise Linux 81
  • Red Hat Enterprise Linux 91
  • Red Hat Enterprise Linux 101
  • RockyLinux 8
  • RockyLinux 9
  • RockyLinux 10
  • OracleLinux 8
  • OracleLinux 9
  • OracleLinux 10
  • AlmaLinux 8
  • AlmaLinux 9
  • AlmaLinux 10
  • Debian 11 (Bullseye)
  • Debian 12 (Bookworm)
  • Debian 13 (Trixie)
  • Ubuntu 20.04 LTS
  • Ubuntu 22.04 LTS
  • Ubuntu 24.04 LTS
  • Fedora 42
  • Fedora 43

Note: 1 : no automated testing is performed on these platforms

Role Variables

defaults/main.yml


# Lynis version to be installed
lynis_version: 'latest'

# Should lynis be executed
lynis_execute: false

# root directory where to install the software
lynis_root: /usr/local

# Github API & download urls
lynis_api: https://api.github.com/repos/CISOfy/lynis
lynis_repo: https://github.com/CISOfy/lynis
lynis_url: "{{ lynis_repo }}/archive/refs/tags/{{ lynis_version }}.tar.gz"

# Wrapper script
lynis_wrapper_script: /usr/local/bin/lynis.sh

# Execute lynis immediately
lynis_immediate: false

# Lynis schedule defaults
lynis_execution_user: root
lynis_execution_group: root
lynis_schedule: false
lynis_schedule_command: "{{ lynis_wrapper_script }}"
lynis_schedule_times:
  weekday: '*'
  hour: '02'
  minute: '00'

# Location for centralized output
lynis_central_path: /var/log/lynis_central

# Lynix log file
lynis_log: "/var/log/lynis.log"

# Lynis html report
lynis_html: "/var/log/lynis.html"

Example Playbook

molecule/default/converge.yml


- name: sample playbook for role 'lynis'
  hosts: all
  become: 'yes'
  vars:
    molecule_driver: '{{ lookup(''env'', ''MOLECULE_DRIVER_NAME'') }}'
    lynis_execute: true
  tasks:
    - name: Include role 'lynis'
      ansible.builtin.include_role:
        name: lynis