Variablize ssh. Make non-sshfs report cron job a loop.

2021-02-07 07:26:54 -06:00 · 2021-02-07 07:26:54 -06:00 · ebe579a205
commit ebe579a205
parent a49ae8f7c5
6 changed files with 31 additions and 11 deletions
--- a/facts/general/service.yml
+++ b/facts/general/service.yml
@ -16,5 +16,5 @@
    cups_pattern: cupsd
    cups_browse: cups-browsed
    cups_browse_pattern: cups-browsed
-    sshfs_leet_cmd: "sshfs ling@leet: /mnt/leet -o allow_other,_netdev"
+    sshfs_leet_cmd: "sshfs {{ leet_ssh }}: /mnt/leet -o allow_other,_netdev"
  when: ansible_system == "FreeBSD"
--- a/facts/general/system.yml
+++ b/facts/general/system.yml
@ -22,11 +22,12 @@
  when: ansible_system == "FreeBSD"


- name: General | Facts | System | 1337
+- name: General | Facts | System | 1337 Drive
  set_fact:
+    leet_ssh: 'ling@leet'
    leet_drive: /mnt/leet

- name: General | Facts | System | 1337 Mounted?
+- name: General | Facts | System | 1337 Drive Mounted?
  stat:
    path: "{{ leet_drive }}/Temp/ansible"
  register: leet_drive_details
@ -46,6 +47,10 @@
 - name: General | Facts | System | Reports
  set_fact:
    heartbeat_report: "{{ report_location }}/{{ ansible_hostname }}.txt"
+    heartbeat_report_scp: "{{ leet_ssh }}:{{ report_scp_location }}/{{ ansible_hostname }}.txt"
    lynis_report: "{{ report_location }}/lynis/{{ ansible_hostname }}_lynis.txt"
+    lynis_report_scp: "{{ leet_ssh }}:{{ report_scp_location }}/lynis/{{ ansible_hostname }}_lynis.txt"
    nmap_report: "{{ report_location }}/nmap/{{ ansible_hostname }}_nmap.txt"
-    ansible_pull_report: "{{ report_location }}/pull/{{ ansible_hostname }}_last_pull_times.txt"
+    nmap_report_scp: "{{ leet_ssh }}:{{ report_scp_location }}/nmap/{{ ansible_hostname }}_nmap.txt"
+    ansible_pull_report: "{{ report_location }}/pull/{{ ansible_hostname }}_last_pull_times.txt"
+    ansible_pull_report_scp: "{{ leet_ssh }}:{{ report_scp_location }}/pull/{{ ansible_hostname }}_last_pull_times.txt"
--- a/tasks/general/acct_mgmt/keys.yml
+++ b/tasks/general/acct_mgmt/keys.yml
@ -13,4 +13,4 @@
  ignore_errors: yes

 - name: General | Account Management | Keys | Root | Copy SSH to 1337
-  shell: ssh-copy-id -i /root/.ssh/id_rsa ling@leet
+  shell: ssh-copy-id -i /root/.ssh/id_rsa {{ leet_ssh }}
--- a/tasks/general/acct_mgmt/mounts.yml
+++ b/tasks/general/acct_mgmt/mounts.yml
@ -15,15 +15,15 @@
    regexp: '^# MANAGED BY ANSIBLE | Leet Share'
    line: '# MANAGED BY ANSIBLE | Leet Share'
    state: absent
-    insertbefore: '^ling@leet'
+    insertbefore: '^{{ leet_ssh }}'
  when: ansible_system == "Linux"

 #TODO Remove this
 - name: General | Account Management | Mounts | Create 1337 fstab Entry
  lineinfile:
    path: /etc/fstab
-    regexp: '^ling@leet'
-    line: "ling@leet: /mnt/leet fuse.sshfs defaults,_netdev,allow_other,delay_connect 0 0"
+    regexp: '^{{ leet_ssh }}'
+    line: "{{ leet_ssh }}: /mnt/leet fuse.sshfs defaults,_netdev,allow_other,delay_connect 0 0"
    state: absent
    backup: yes
  when: ansible_system == "Linux"
@ -33,7 +33,7 @@
  blockinfile:
    path: /etc/fstab
    block: |
-      ling@leet: /mnt/leet fuse.sshfs defaults,_netdev,allow_other,delay_connect 0 0
+      {{ leet_ssh }}: /mnt/leet fuse.sshfs defaults,_netdev,allow_other,delay_connect 0 0
    marker: '# {mark} MANAGED BY ANSIBLE | 1337 Share'
    state: present
    backup: yes
--- a/tasks/general/cron/ansible.yml
+++ b/tasks/general/cron/ansible.yml
@ -24,9 +24,24 @@
    user: ansible
    name: "Copy Reports"
    minute: "05,20,35,50"
-    job: "sudo scp {{ ansible_pull_report }} {{ heartbeat_report }} {{ lynis_report }} {{ nmap_report }} ling@leet:{{ report_scp_location }}"
+    job: "sudo scp {{ ansible_pull_report }} {{ heartbeat_report }} {{ lynis_report }} {{ nmap_report }} {{ leet_ssh }}:{{ report_scp_location }}"
+    state: absent
+    disabled: no
+  when: not leet_drive_details.stat.exists
+
+- name: General | Cron | Ansible | Enable Secure Copy Reports
+  cron: 
+    user: ansible
+    name: "{{ item.name }}""
+    minute: "05,20,35,50"
+    job: "sudo scp {{ item.src }} {{ item.dest }}"
    state: present
    disabled: no
+  loop:
+    - { name: 'Ansible Pull Report', src: '{{ ansible_pull_report_scp }}', dest: '{{ ansible_pull_report }}' }
+    - { name: 'Heartbeat Report', src: '{{ heartbeat_report_scp }}', dest: '{{ heartbeat_report }}' }
+    - { name: 'Lynis Report', src: '{{ lynis_report_scp }}', dest: '{{ lynis_report }}' }
+    - { name: 'NMap Report', src: '{{ nmap_report_scp }}', dest: '{{ nmap_report }}' }
  when: not leet_drive_details.stat.exists

 - name: General | Cron | Ansible | Disable Secure Copy Reports
--- a/tasks/general/cron/root.yml
+++ b/tasks/general/cron/root.yml
@ -16,7 +16,7 @@
    user: root
    name: "Copy Reports"
    minute: "05,20,35,50"
-    job: "scp {{ ansible_pull_report }} {{ heartbeat_report }} {{ lynis_report }} {{ nmap_report }} ling@leet:{{ report_scp_location }}"
+    job: "scp {{ ansible_pull_report }} {{ heartbeat_report }} {{ lynis_report }} {{ nmap_report }} {{ leet_ssh }}:{{ report_scp_location }}"
    state: absent
    disabled: no
  when: not leet_drive_details.stat.exists