- name: Install Lynis
  ansible.builtin.git: 
    repo: https://github.com/CISOfy/lynis
    dest: "{{ lynis_install_dir }}"
    clone: yes
    force: yes

- name: Run Lynis Audit System
  shell: /usr/local/lynis/lynis --no-colors audit system > "{{ lynis_report }}" 2>&1

- name: Make Lynis Report Readable
  shell: chmod 444 "{{ lynis_report }}"