env-ansible/tasks/hardness_check_lynis.yml

- name: Install Lynis
  ansible.builtin.git: 
    repo: https://github.com/CISOfy/lynis
    dest: "{{ lynis_install_dir }}"
    clone: yes
    force: yes

- name: Run Lynis Audit System
  shell: /usr/local/lynis/lynis audit system > "{{ lynis_report }}" 2>&1

- name: Make Lynis Report Readable
  shell: chmod 444 "{{ lynis_report }}"
End script with a Lynis hardness check. 2020-12-28 20:57:05 -06:00			`- name: Install Lynis`
			`ansible.builtin.git:`
			`repo: https://github.com/CISOfy/lynis`
Debug looks terrible. Put it in a file and hope that the color codes are ignored. 2020-12-28 21:32:28 -06:00			`dest: "{{ lynis_install_dir }}"`
End script with a Lynis hardness check. 2020-12-28 20:57:05 -06:00			`clone: yes`
			`force: yes`

Debug looks terrible. Put it in a file and hope that the color codes are ignored. 2020-12-28 21:32:28 -06:00			`- name: Run Lynis Audit System`
Use shell so that redirect can occur. 2020-12-28 21:35:45 -06:00			`shell: /usr/local/lynis/lynis audit system > "{{ lynis_report }}" 2>&1`
I guess command and shell hate having an FQCN. Now need to output the results. 2020-12-28 21:19:01 -06:00
Debug looks terrible. Put it in a file and hope that the color codes are ignored. 2020-12-28 21:32:28 -06:00			`- name: Make Lynis Report Readable`
Use shell so that redirect can occur. 2020-12-28 21:35:45 -06:00			`shell: chmod 444 "{{ lynis_report }}"`