diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..dbe9c82 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +.vscode/ \ No newline at end of file diff --git a/delete_installation.yml b/delete_installation.yml index 52e3309..4e78b3c 100644 --- a/delete_installation.yml +++ b/delete_installation.yml @@ -1,6 +1,7 @@ -- hosts: all +- name: Delete installation playbook + hosts: all gather_facts: true become: true roles: - - delete_installation + - delete_installation diff --git a/group_vars/all/kaspersky.yml b/group_vars/all/kaspersky.yml index 556d2c7..89d9c02 100644 --- a/group_vars/all/kaspersky.yml +++ b/group_vars/all/kaspersky.yml @@ -1,12 +1,18 @@ ### Distro vars -klnagent_distro_local: -kesl_distro_local: -klnagent_distro_remote: -kesl_distro_remote: +klnagent_distrib_local_folder: "/tmp" +kesl_distrib_local_folder: "/tmp" +klnagent_distrib_remote_folder: "/tmp" +kesl_distrib_remote_folder: "/tmp" +kesl_rpm_package_name: "kesl_red.rpm" +kesl_deb_package_name: "kesl_deb.deb" +klnagent_rpm_package_name: "klnagent64-14.0.0-4646.x86_64.rpm" +klnagent_deb_package_name: "klnagent64_14.0.0-4646_amd64.deb" +kesl_answer_file_path: "/tmp/kesl.ini" +klnagent_answer_file_path: "/tmp/klnagent.ini" kesl_version: "11.4" ### KLNAGENT vars as defined at https://support.kaspersky.com/KSC/14.2/ru-RU/199693.htm -KLNAGENT_SERVER: "" #* Input KSC to connect +KLNAGENT_SERVER: "192.168.103.12" #* Input KSC to connect KLNAGENT_AUTOINSTALL: "1" #* EULA_ACCEPTED: "1" #* KLNAGENT_PROXY_USE: "0" diff --git a/hosts.yaml b/hosts.yaml index a129b64..c10fbea 100644 --- a/hosts.yaml +++ b/hosts.yaml @@ -1,3 +1,4 @@ +--- all: vars: ansible_user: marker diff --git a/kesl.yaml b/kesl.yaml index 551be3c..9a8a0ad 100644 --- a/kesl.yaml +++ b/kesl.yaml @@ -1,6 +1,7 @@ -- hosts: all +- name: Installing only kesl + hosts: all gather_facts: true become: true roles: - - kesl + - kesl diff --git a/klnagent.yml b/klnagent.yml index 90589c8..af61b25 100644 --- a/klnagent.yml +++ b/klnagent.yml @@ -1,6 +1,7 @@ -- hosts: servers +- name: Installing klnagent playbook + hosts: all gather_facts: true become: true roles: - - klnagent + - klnagent diff --git a/roles/delete_installation/tasks/main.yml b/roles/delete_installation/tasks/main.yml index e772019..6346a66 100644 --- a/roles/delete_installation/tasks/main.yml +++ b/roles/delete_installation/tasks/main.yml @@ -1,41 +1,43 @@ -- name: Debian delete pkgs +- name: Debian delete pkgs + when: ansible_facts['os_family'] == 'Debian' block: - name: "Remove previous klnagent installations" - apt: + ansible.builtin.apt: name: klnagent64 state: absent - name: "Remove previous kesl installations" - apt: + ansible.builtin.apt: name: kesl state: absent - when: ansible_facts['os_family'] == 'Debian' -- name: RHEL delete pkgs +- name: RHEL delete pkgs + when: ansible_facts['os_family'] == 'RED' or ansible_facts['os_family'] == 'RedHat' block: - name: "Remove previous agent installations" - yum: + ansible.builtin.yum: name: klnagent64 state: absent - name: "Remove previous kesl installations" - yum: + ansible.builtin.yum: name: kesl state: absent - when: ansible_facts['os_family'] == 'RED' or ansible_facts['os_family'] == 'RedHat' -- name: "Deleting previous configs from agent" - file: +- name: Clear /opt/kaspersky/klnagent64 + ansible.builtin.file: path: "/opt/kaspersky/klnagent64" state: absent -- file: +- name: Clear /var/opt/kasperksy/klnagent64 + ansible.builtin.file: path: "/var/opt/kasperksy/klnagent64" state: absent -- name: "Deleting previous configs from kesl" - file: +- name: "Deleting previous configs from /opt/kaspersky/kesl" + ansible.builtin.file: path: "/opt/kaspersky/kesl" state: absent -- file: +- name: "Deleting previous configs from /var/opt/kaspersky/kesl" + ansible.builtin.file: path: "/var/opt/kaspersky/kesl" - state: absent \ No newline at end of file + state: absent diff --git a/roles/kesl/handlers/main.yml b/roles/kesl/handlers/main.yml index 59cfeaa..dcb0063 100644 --- a/roles/kesl/handlers/main.yml +++ b/roles/kesl/handlers/main.yml @@ -1,9 +1,9 @@ -- name: reload kesl # - service: +- name: Reload kesl + ansible.builtin.service: name: "kesl" state: reloaded -- name: restart kesl # - service: +- name: Restart kesl + ansible.builtin.service: name: "kesl" - state: restarted \ No newline at end of file + state: restarted diff --git a/roles/kesl/tasks/main.yml b/roles/kesl/tasks/main.yml index 3136545..8cd18bb 100644 --- a/roles/kesl/tasks/main.yml +++ b/roles/kesl/tasks/main.yml @@ -1,56 +1,46 @@ -- name: Install KESL to RedHat like OS - block: - - name: "Getting kesl install package to temporary folder" - copy: - src: "/tmp/kesl_red.rpm" - dest: "/tmp" - mode: 0755 - - name: "Installing perl-File-Copy package" - yum: - name: perl-File-Copy - - name: "Installing kesl package" - yum: - name: /tmp/kesl_red.rpm - disable_gpg_check: true - - name: "Deleting distros" - file: - path: "/tmp/klnagent_red.rpm" - state: absent +- name: Install KESL to RedHat like OS when: ansible_facts['os_family'] == 'RED' or ansible_facts['os_family'] == 'RedHat' - -- name: Install KESL to Debian like OS block: - name: "Getting kesl install package to temporary folder" - copy: - src: "/tmp/kesl_deb.deb" - dest: "/tmp" - mode: 0755 - - name: "Installing kesl package" - apt: - deb: /tmp/kesl_deb.deb - - name: "Deleting distros" - file: - path: "/tmp/kesl_deb.deb" - state: absent + ansible.builtin.copy: + src: "{{ kesl_distrib_local_folder }}/{{ kesl_rpm_package_name }}" + dest: "{{ kesl_distrib_remote_folder }}" + mode: "0755" + + - name: Installing perl-File-Copy package + ansible.builtin.yum: + name: perl-File-Copy + + - name: Installing kesl package + ansible.builtin.yum: + name: "{{ kesl_distrib_remote_folder }}/{{ kesl_rpm_package_name }}" + disable_gpg_check: true + +- name: Install KESL to Debian like OS when: ansible_facts['os_family'] == 'Debian' + block: + - name: Getting kesl install package to temporary folder + ansible.builtin.copy: + src: "{{ kesl_distrib_local_folder }}/{{ kesl_deb_package_name }}" + dest: "{{ kesl_distrib_remote_folder }}" + mode: "0755" + - name: "Installing kesl package" + ansible.builtin.apt: + deb: "{{ kesl_distrib_remote_folder }}/{{ kesl_deb_package_name }}" +- name: Creating answer file for kesl + ansible.builtin.template: + src: kesl.j2 + dest: "{{ kesl_answer_file_path }}" + mode: "0644" -- block: - - name: "Creating answer file for kesl" - become: true - template: - src: kesl.11.4.j2 - dest: /tmp/kesl.ini - mode: 0644 +- name: Run configuring kesl + ansible.builtin.command: "/opt/kaspersky/kesl/bin/kesl-setup.pl --autoinstall={{ kesl_answer_file_path }}" + changed_when: false + notify: Restart kesl - - name: "Run configuring kesl" - become: true - shell: "/opt/kaspersky/kesl/bin/kesl-setup.pl --autoinstall=/tmp/kesl.ini" - notify: restart kesl - - - name: "Ensure kesl service is enabled" - become: true - service: - name: kesl - enabled: yes - state: started \ No newline at end of file +- name: Ensure kesl service is enabled and restarted + ansible.builtin.service: + name: kesl + enabled: true + state: restarted diff --git a/roles/kesl/templates/kesl.11.4.j2 b/roles/kesl/templates/kesl.j2 similarity index 100% rename from roles/kesl/templates/kesl.11.4.j2 rename to roles/kesl/templates/kesl.j2 diff --git a/roles/klnagent/handlers/main.yml b/roles/klnagent/handlers/main.yml index f0f7b20..b85d9c0 100644 --- a/roles/klnagent/handlers/main.yml +++ b/roles/klnagent/handlers/main.yml @@ -1,9 +1,10 @@ -- name: reload klnagent # - service: - name: "klnagent64" +--- +- name: Reload klnagent # + ansible.builtin.service: + name: klnagent64 state: reloaded -- name: restart klnagent # - service: - name: "klnagent64" +- name: Restart klnagent # + ansible.builtin.service: + name: klnagent64 state: restarted diff --git a/roles/klnagent/tasks/main.yml b/roles/klnagent/tasks/main.yml index 6c1ce99..1e201d6 100644 --- a/roles/klnagent/tasks/main.yml +++ b/roles/klnagent/tasks/main.yml @@ -1,57 +1,48 @@ -- block: - - name: "Remove previous agent installations" - apt: - name: klnagent64 - state: absent +--- +- name: Installing RPM to RedHat Like + when: ansible_facts['os_family'] == 'RED' or ansible_facts['os_family'] == 'RedHat' + block: + - name: Getting klnagent install package to temporary folder + ansible.builtin.copy: + src: "{{ klnagent_distrib_local_folder }}/{{ klnagent_rpm_package_name }}" + dest: "{{ klnagent_distrib_remote_folder }}" + mode: "0755" + - name: Installing klnagent package + ansible.builtin.yum: + name: "{{ klnagent_distrib_remote_folder }}/{{ klnagent_rpm_package_name }}" + disable_gpg_check: true - - name: "Deleting previous distros from tmp" - file: - path: "/tmp/klnagent" - state: absent - - name: "Deleting previous configs from agent" - file: - path: "/opt/kaspersky/klnagent64" - state: absent - - file: - path: "/var/opt/kasperksy/klnagent64" - state: absent +- name: Installing DEB to Debian Like + when: ansible_facts['os_family'] == 'Debian' + block: + - name: Getting klnagent install package to temporary folder + ansible.builtin.copy: + src: "{{ klnagent_distrib_local_folder }}/{{ klnagent_deb_package_name }}" + dest: "{{ klnagent_distrib_remote_folder }}" + mode: "0755" + - name: Installing klnagent package + ansible.builtin.apt: + deb: "{{ klnagent_distrib_remote_folder }}/{{ klnagent_deb_package_name }}" - - name: "Getting klnagent install package to temporary folder" - copy: - src: "/tmp/klnagent" - dest: "/tmp" - mode: 0755 +- name: Creating answer file for klnagent + become: true + ansible.builtin.template: + src: klnagent.j2 + dest: "{{ klnagent_answer_file_path }}" + mode: "0644" - - name: "Installing klnagent package" - apt: - deb: /tmp/klnagent/klnagent64_11.0.0-38_amd64.deb +- name: Run configuring klnagent + become: true + ansible.builtin.command: /opt/kaspersky/klnagent64/lib/bin/setup/postinstall.pl + environment: + KLAUTOANSWERS: "{{ klnagent_answer_file_path }}" + notify: restart klnagent + changed_when: false - - name: "Deleting distros" - file: - path: "/tmp/klnagent" - state: absent - -- block: - - name: "Creating answer file for klnagent" - become: true - template: - src: klnagent.j2 - dest: /tmp/klnagent.ini - mode: 0644 - - - name: "Run configuring klnagent" - become: true - shell: "/opt/kaspersky/klnagent64/lib/bin/setup/postinstall.pl" - args: - executable: /bin/bash - environment: - KLAUTOANSWERS: /tmp/klnagent.ini - notify: restart klnagent - - - name: "Ensure klnagent service is enabled" - become: true - service: - name: klnagent64 - enabled: yes - state: started +- name: Ensure klnagent service is enabled and restarted + become: true + ansible.builtin.service: + name: klnagent64 + enabled: true + state: restarted diff --git a/roles/klnagent/templates/klnagent.j2 b/roles/klnagent/templates/klnagent.j2 index 9707098..1efefd3 100644 --- a/roles/klnagent/templates/klnagent.j2 +++ b/roles/klnagent/templates/klnagent.j2 @@ -6,7 +6,7 @@ {% if KLNAGENT_PROXY_USE %}KLNAGENT_PROXY_USE={{ KLNAGENT_PROXY_USE }}{% endif %} -{% if KLNAGENT_PROXY_ADDRESS %}KLNAGENT_PROXY_ADDRESS={{ KLNAGENT_PROXY_ADDRESS }}{% endif %} +{% if KLNAGENT_PROXY_ADDR %}KLNAGENT_PROXY_ADDR={{ KLNAGENT_PROXY_ADDR }}{% endif %} {% if KLNAGENT_PROXY_LOGIN %}KLNAGENT_PROXY_LOGIN={{ KLNAGENT_PROXY_LOGIN }}{% endif %}