Done roles KESL and delete; tuned hosts.yaml; tuned group_vars

delete_installation.yml

@@ -0,0 +1,6 @@
+- hosts: all
+  gather_facts: true
+  become:
+    true
+  roles:
+   - delete_installation

delete_klnagent.yml

@@ -1,12 +0,0 @@
-- hosts: servers
-  gather_facts: true
-  become:
-    true
-  become_method:
-    sudo
-  become_user:
-    root
-  remote_user:
-    marker
-  roles:
-   - delete_klnagent

group_vars/all/kaspersky.yml

@@ -0,0 +1,31 @@
+### KLNAGENT vars as defined at https://support.kaspersky.com/KSC/14.2/ru-RU/199693.htm
+KLNAGENT_SERVER: "" #* Input KSC to connect
+KLNAGENT_AUTOINSTALL: "1" #*
+EULA_ACCEPTED: "1" #*
+KLNAGENT_PROXY_USE: "0"
+KLNAGENT_PROXY_ADDR: ""
+KLNAGENT_PROXY_LOGIN: ""
+KLNAGENT_PROXY_PASSWORD: ""
+KLNAGENT_VM_VDI: ""
+KLNAGENT_VM_OPTIMIZE: ""
+KLNAGENT_TAGS: ""
+KLNAGENT_UDP_PORT: "15000"
+KLNAGENT_PORT: "14000"
+KLNAGENT_SSLPORT: "13000"
+KLNAGENT_USESSL: "1"
+KLNAGENT_GW_MODE: "1"
+KLNAGENT_GW_ADDRESS: ""
+
+### KESL vars as defined at https://support.kaspersky.com/help/KES4Linux/11.4.0/en-US/236945.htm
+EULA_AGREED: "yes" #*
+PRIVACY_POLICY_AGREED: "yes" #*
+USE_KSN: "no" #*
+LOCALE: ""
+INSTALL_LICENSE: "" # IMPORTANT to change this
+UPDATER_SOURCE: "KLServers"
+PROXY_SERVER: ""
+UPDATE_EXECUTE: ""
+KERNEL_SRCS_INSTALL: ""
+ADMIN_USER: ""
+CONFIGURE_SELINUX: ""
+USE_GUI: "no"

group_vars/servers/kaspersky.yml

@@ -1,6 +0,0 @@
-KLNAGENT_SERVER: "192.168.103.20"
-KLNAGENT_PORT: "14000"
-KLNAGENT_SSLPORT: "13000"
-KLNAGENT_USESSL: "1"
-KLNAGENT_GW_MODE: "1"
-default_klnagent_bin_path: "/opt/kaspersky/klnagent64/lib/bin"

hosts.yaml

@@ -1,7 +1,21 @@
-  servers:
+all:
-    hosts: 
+  vars:
-      10.124.5.[72:78]:
+    ansible_user: marker
-#      192.168.103.22:
+
-#      192.168.103.23:
+  children:
-    vars:
+    debian:
-      ansible_user: srvadmin
+      hosts:
+        debian_host1:
+          ansible_host: 192.168.103.100
+#        debian_host2:
+#          ansible_host: 192.168.1.102
+      vars:
+        ansible_become_method: sudo 
+    rhel:
+      hosts:
+        rhel_host1:
+          ansible_host: 192.168.103.101
+#        rhel_host2:
+#          ansible_host: 192.168.1.103
+      vars:
+        ansible_become_method: su 

kesl.yaml

@@ -1,12 +1,6 @@
-- hosts: servers
+- hosts: all
   gather_facts: true
   become:
     true
-  become_method:
-    sudo
-  become_user:
-    root
-  remote_user:
-    srvadmin
   roles:
    - kesl

klnagent.yml

@@ -2,11 +2,5 @@
   gather_facts: true
   become:
     true
-  become_method:
-    sudo
-  become_user:
-    root
-  remote_user:
-    srvadmin
   roles:
    - klnagent

roles/delete_installation/tasks/main.yml

@@ -0,0 +1,41 @@
+- name: Debian delete pkgs 
+  block:
+    - name: "Remove previous agent installations"
+      apt:
+        name: klnagent64
+        state: absent
+
+    - name: "Remove previous kesl installations"
+      apt:
+        name: kesl
+        state: absent
+  when: ansible_facts['os_family'] == 'Debian'
+
+- name: RHEL delete pkgs 
+  block:
+    - name: "Remove previous agent installations"
+      dnf:
+        name: klnagent64
+        state: absent
+
+    - name: "Remove previous kesl installations"
+      dnf:
+        name: kesl
+        state: absent
+  when: ansible_facts['os_family'] == 'RED' or ansible_facts['os_family'] == 'RedHat'
+
+- name: "Deleting previous configs from agent"
+  file:
+    path: "/opt/kaspersky/klnagent64"
+    state: absent
+- file:
+    path: "/var/opt/kasperksy/klnagent64"
+    state: absent
+
+- name: "Deleting previous configs from kesl"
+  file:
+    path: "/opt/kaspersky/kesl"
+    state: absent
+-  file:
+    path: "/var/opt/kaspersky/kesl"
+    state: absent

roles/delete_klnagent/tasks/main.yml

@@ -1,18 +0,0 @@
--  block:
-    - name: "Remove previous agent installations"
-      apt:
-        name: klnagent64
-        state: absent
-
-    - name: "Deleting previous distros from tmp"
-      file:
-        path: "/tmp/klnagent"
-        state: absent
-
-    - name: "Deleting previous configs from agent"
-      file:
-        path: "/opt/kaspersky/klnagent64"
-        state: absent
-      file:
-        path: "/var/opt/kasperksy/klnagent64"
-        state: absent

roles/kesl/handlers/main.yml

@@ -1,19 +1,9 @@
-- name: reload klnagent  #
+- name: reload kesl  #
-  service:
-    name: "klnagent64"
-    state: reloaded
-
-- name: restart klnagent #
-  service:
-    name: "klnagent64"
-    state: restarted
-
-- name: reload klnagent  #
   service:
     name: "kesl"
     state: reloaded
 
-- name: restart klnagent #
+- name: restart kesl #
   service:
     name: "kesl"
     state: restarted

roles/kesl/tasks/main.yml

@@ -1,57 +1,54 @@
--  block:
+- name:  Install KESL to RedHat like OS
-    - name: "Remove previous agent installations"
+  block:
-      apt:
+    - name: "Getting kesl install package to temporary folder"
-        name: klnagent64
-        state: absent
-
-    - name: "Deleting previous distros from tmp"
-      file:
-        path: "/tmp/klnagent"
-        state: absent
-
-    - name: "Deleting previous configs from agent"
-      file:
-        path: "/opt/kaspersky/klnagent64"
-        state: absent
-      file:
-        path: "/var/opt/kasperksy/klnagent64"
-        state: absent
-
-    - name: "Getting klnagent install package to temporary folder"
       copy:
-        src: "/tmp/klnagent"
+        src: "/tmp/kesl_red.rpm"
         dest: "/tmp"
         mode: 0755
-
+    - name: "Installing kesl package"
-    - name: "Installing klnagent package"
+      dnf:
-      apt:
+        name: /tmp/kesl_red.rpm
-        deb: /tmp/klnagent/klnagent64_11.0.0-38_amd64.deb
-
     - name: "Deleting distros"
       file:
-        path: "/tmp/klnagent"
+        path: "/tmp/klnagent_red.rpm"
         state: absent
+  when: ansible_facts['os_family'] == 'RED' or ansible_facts['os_family'] == 'RedHat'
+
+- name:  Install KESL to Debian like OS
+  block:
+    - name: "Getting kesl install package to temporary folder"
+      copy:
+        src: "/tmp/kesl_deb.deb"
+        dest: "/tmp"
+        mode: 0755
+    - name: "Installing kesl package"
+      dnf:
+        name: /tmp/kesl_deb.deb
+    - name: "Deleting distros"
+      file:
+        path: "/tmp/kesl_deb.deb"
+        state: absent
+  when: ansible_facts['os_family'] == 'Debian'
+
 
 - block:
     - name: "Creating answer file for klnagent"
-      become: yes
+      become: true
       template:
-        src: klnagent.j2
+        src: kesl.j2
-        dest: /tmp/klnagent.ini
+        dest: /tmp/kesl.ini
         mode: 0644
 
     - name: "Run configuring klnagent"
-      become: yes
+      become: true
-      shell: "{{ default_klnagent_bin_path }}/setup/postinstall.pl"
+      shell: "/opt/kaspersky/kesl/bin/kesl-setup.pl --autoinstall=/tmp/kesl.ini"
       args:
         executable: /bin/bash
-      environment:
+      notify: restart kesl
-        KLAUTOANSWERS: /tmp/klnagent.ini
-      notify: restart klnagent
 
-    - name: "Ensure klnagent service is enabled"
+    - name: "Ensure kesl service is enabled"
-      become: yes
+      become: true
       service:
-        name: klnagent64
+        name: kesl
         enabled: yes
         state: started

roles/kesl/templates/kesl.j2

@@ -0,0 +1,12 @@
+EULA_AGREED={{ EULA_AGREED }}
+PRIVACY_POLICY_AGREED={{ PRIVACY_POLICY_AGREED }}
+USE_KSN={{ USE_KSN }}
+LOCALE={{ LOCALE }}
+INSTALL_LICENSE={{ INSTALL_LICENSE }}
+UPDATER_SOURCE={{ UPDATER_SOURCE }}
+PROXY_SERVER={{ PROXY_SERVER }}
+UPDATE_EXECUTE={{ UPDATE_EXECUTE }}
+KERNEL_SRCS_INSTALL={{ KERNEL_SRCS_INSTALL }}
+ADMIN_USER={{ ADMIN_USER }}
+CONFIGURE_SELINUX={{ CONFIGURE_SELINUX }}
+USE_GUI={{ USE_GUI }}

roles/kesl/templates/klnagent.j2

@@ -1,5 +0,0 @@
-KLNAGENT_SERVER={{ KLNAGENT_SERVER }}
-KLNAGENT_PORT={{ KLNAGENT_PORT }}
-KLNAGENT_SSLPORT={{ KLNAGENT_SSLPORT }}
-KLNAGENT_USESSL={{ KLNAGENT_USESSL }}
-KLNAGENT_GW_MODE={{ KLNAGENT_GW_MODE }}

roles/klnagent/tasks/main.yml

@@ -13,7 +13,7 @@
       file:
         path: "/opt/kaspersky/klnagent64"
         state: absent
-      file:
+    - file:
         path: "/var/opt/kasperksy/klnagent64"
         state: absent
 
@@ -34,15 +34,15 @@
 
 - block:
     - name: "Creating answer file for klnagent"
-      become: yes
+      become: true
       template:
         src: klnagent.j2
         dest: /tmp/klnagent.ini
         mode: 0644
 
     - name: "Run configuring klnagent"
-      become: yes
+      become: true
-      shell: "{{ default_klnagent_bin_path }}/setup/postinstall.pl"
+      shell: "/opt/kaspersky/klnagent64/lib/bin/setup/postinstall.pl"
       args:
         executable: /bin/bash
       environment:
@@ -50,7 +50,7 @@
       notify: restart klnagent
 
     - name: "Ensure klnagent service is enabled"
-      become: yes
+      become: true
       service:
         name: klnagent64
         enabled: yes

roles/klnagent/templates/klnagent.j2

@@ -1,5 +1,16 @@
 KLNAGENT_SERVER={{ KLNAGENT_SERVER }}
+KLNAGENT_AUTOINSTALL={{ KLNAGENT_AUTOINSTALL }}
+EULA_ACCEPTED={{ EULA_ACCEPTED }}
+KLNAGENT_PROXY_USE={{ KLNAGENT_PROXY_USE }}
+KLNAGENT_PROXY_ADDRESS={{ KLNAGENT_PROXY_ADDRESS }}
+KLNAGENT_PROXY_LOGIN={{ KLNAGENT_PROXY_LOGIN }}
+KLNAGENT_PROXY_PASSWORD={{ KLNAGENT_PROXY_PASSWORD }}
+KLNAGENT_VM_VDI={{ KLNAGENT_VM_VDI }}
+KLNAGENT_VM_OPTIMIZE={{ KLNAGENT_VM_OPTIMIZE }}
+KLNAGENT_TAGS={{ KLNAGENT_TAGS }}
+KLNAGENT_UDP_PORT={{ KLNAGENT_UDP_PORT }}
 KLNAGENT_PORT={{ KLNAGENT_PORT }}
 KLNAGENT_SSLPORT={{ KLNAGENT_SSLPORT }}
 KLNAGENT_USESSL={{ KLNAGENT_USESSL }}
 KLNAGENT_GW_MODE={{ KLNAGENT_GW_MODE }}
+KLNAGENT_GW_ADDRESS={{ KLNAGENT_GW_ADDRESS }}