From 15a9bd392f3b9d3e5cc374c5080af58d4e254589 Mon Sep 17 00:00:00 2001
From: Hyperling <cgreenwood@hyperling.com>
Date: Mon, 28 Dec 2020 20:57:05 -0600
Subject: [PATCH] End script with a Lynis hardness check.

---
 local.yml                      |  9 ++++++++-
 tasks/hardness_check_lynis.yml | 11 +++++++++++
 2 files changed, 19 insertions(+), 1 deletion(-)
 create mode 100644 tasks/hardness_check_lynis.yml

diff --git a/local.yml b/local.yml
index 48fec43..a768f86 100644
--- a/local.yml
+++ b/local.yml
@@ -3,7 +3,6 @@
 
 # Everything
 - hosts: all
-  connection: local
   become: true  
 
   pre_tasks:
@@ -23,3 +22,11 @@
 
   tasks:
     - include: tasks/flatpaks.yml
+
+
+# Display hardness checks
+- hosts: all
+  become: true
+
+  tasks:
+    - include: tasks/hardness_check_lynis.yml
\ No newline at end of file
diff --git a/tasks/hardness_check_lynis.yml b/tasks/hardness_check_lynis.yml
new file mode 100644
index 0000000..8f920c0
--- /dev/null
+++ b/tasks/hardness_check_lynis.yml
@@ -0,0 +1,11 @@
+- name: Install Lynis
+  ansible.builtin.git: 
+    repo: https://github.com/CISOfy/lynis
+    dest: /usr/local/
+    clone: yes
+    force: yes
+
+- name: Run Lynis
+  ansible.builtin.shell:
+    chdir: /usr/local/lynis/
+    cmd: lynis audit system