---
# Lynis hardness check.

- name: General | Tests | Lynis | Install
  git: 
    repo: https://github.com/CISOfy/lynis
    dest: "{{ lynis_install_dir }}"
    clone: yes
    force: yes

- name: General | Tests | Lynis | Ensure Permissions (Looking at you Parrot OS!)
  file: 
    path: "{{ lynis_install_dir }}"
    state: directory
    mode: '0644'
    owner: root
    group: "{{ root_group }}"
    recurse: yes

- name: General | Tests | Lynis | Ensure Permissions 2
  file: 
    path: "{{ lynis_install_dir }}/lynis"
    mode: '0755'

- name: General | Tests | Lynis | Run System Audit
  shell: "{{ lynis_install_dir }}/lynis audit system --no-colors > {{ lynis_report }} 2>&1"
  args:
    executable: "{{ bash_exec.stdout }}"

- name: General | Tests | Lynis | Make Report Readable
  file:
    path: "{{ lynis_report }}"
    mode: '0777'