Fixed Astra release_os

This reverts commit 9bf4504bfd.

.gitignore

@@ -0,0 +1 @@
+.vscode/

README.md

@@ -1 +1,17 @@
-# klnagent-ansible
+# Playbooks description
+## klnagent.yaml
+Install/Reinstall only agent
+
+## kesl.yaml
+Install/Reinstall only kesl
+
+## delete.yaml 
+Delete Kesl and KLNagent
+
+# hosts.yaml
+List of hosts to work with
+
+# Usage
+```bash
+ansible-play <yaml file> -i hosts.yaml [--ask-pass]
+```

delete_installation.yml

@@ -0,0 +1,7 @@
+- name: Delete installation playbook
+  hosts: all
+  gather_facts: true
+  become:
+    true
+  roles:
+    - delete_installation

delete_klnagent.yml

@@ -1,12 +0,0 @@
-- hosts: servers
-  gather_facts: true
-  become:
-    true
-  become_method:
-    sudo
-  become_user:
-    root
-  remote_user:
-    marker
-  roles:
-   - delete_klnagent

group_vars/all/kaspersky.yml

@@ -0,0 +1,44 @@
+### Distro vars
+klnagent_distrib_local_folder: "/tmp"
+kesl_distrib_local_folder: "/tmp"
+klnagent_distrib_remote_folder: "/tmp"
+kesl_distrib_remote_folder: "/tmp"
+kesl_rpm_package_name: "kesl_red.rpm"
+kesl_deb_package_name: "kesl_deb.deb"
+klnagent_rpm_package_name: "klnagent64-14.0.0-4646.x86_64.rpm"
+klnagent_deb_package_name: "klnagent64_14.0.0-4646_amd64.deb"
+kesl_answer_file_path: "/tmp/kesl.ini"
+klnagent_answer_file_path: "/tmp/klnagent.ini"
+kesl_version: "11.4"
+
+### KLNAGENT vars as defined at https://support.kaspersky.com/KSC/14.2/ru-RU/199693.htm
+KLNAGENT_SERVER: "192.168.103.12" #* Input KSC to connect
+KLNAGENT_AUTOINSTALL: "1" #*
+EULA_ACCEPTED: "1" #*
+KLNAGENT_PROXY_USE: "0"
+KLNAGENT_PROXY_ADDR: ""
+KLNAGENT_PROXY_LOGIN: ""
+KLNAGENT_PROXY_PASSWORD: ""
+KLNAGENT_VM_VDI: ""
+KLNAGENT_VM_OPTIMIZE: ""
+KLNAGENT_TAGS: ""
+KLNAGENT_UDP_PORT: "15000"
+KLNAGENT_PORT: "14000"
+KLNAGENT_SSLPORT: "13000"
+KLNAGENT_USESSL: "1"
+KLNAGENT_GW_MODE: "1"
+KLNAGENT_GW_ADDRESS: ""
+
+### KESL vars as defined at https://support.kaspersky.com/help/KES4Linux/11.4.0/en-US/236945.htm
+EULA_AGREED: "yes" #*
+PRIVACY_POLICY_AGREED: "yes" #*
+USE_KSN: "no" #*
+LOCALE: ""
+INSTALL_LICENSE: "" # IMPORTANT to change this
+UPDATER_SOURCE: "KLServers"
+PROXY_SERVER: ""
+UPDATE_EXECUTE: ""
+KERNEL_SRCS_INSTALL: ""
+ADMIN_USER: ""
+CONFIGURE_SELINUX: ""
+USE_GUI: "no"

group_vars/servers/kaspersky.yml

@@ -1,6 +0,0 @@
-KLNAGENT_SERVER: "192.168.103.20"
-KLNAGENT_PORT: "14000"
-KLNAGENT_SSLPORT: "13000"
-KLNAGENT_USESSL: "1"
-KLNAGENT_GW_MODE: "1"
-default_klnagent_bin_path: "/opt/kaspersky/klnagent64/lib/bin"

hosts

@@ -1,7 +0,0 @@
-  servers:
-    hosts: 
-      10.124.5.[72:78]:
-#      192.168.103.22:
-#      192.168.103.23:
-    vars:
-      ansible_user: srvadmin

hosts.yaml

@@ -0,0 +1,22 @@
+---
+all:
+  vars:
+    ansible_user: marker
+    #ansible_become_password:
+  children:
+    debian:
+      hosts:
+        debian_host1:
+          ansible_host: 192.168.103.100
+#        debian_host2:
+#          ansible_host: 192.168.1.102
+      vars:
+        ansible_become_method: sudo 
+    rhel:
+      hosts:
+        rhel_host1:
+          ansible_host: 192.168.103.101
+#        rhel_host2:
+#          ansible_host: 192.168.1.103
+      vars:
+        ansible_become_method: su 

kesl.yaml

@@ -0,0 +1,7 @@
+- name: Installing only kesl
+  hosts: all
+  gather_facts: true
+  become:
+    true
+  roles:
+    - kesl

klnagent.yml

@@ -1,12 +1,7 @@
-- hosts: servers
+- name: Installing klnagent playbook
+  hosts: all
   gather_facts: true
   become:
     true
-  become_method:
-    sudo
-  become_user:
-    root
-  remote_user:
-    srvadmin
   roles:
-   - klnagent
+    - klnagent

roles/delete_installation/tasks/main.yml

@@ -0,0 +1,43 @@
+- name: Debian delete pkgs
+  when: ansible_facts['os_family'] == 'Debian'
+  block:
+    - name: "Remove previous klnagent installations"
+      ansible.builtin.apt:
+        name: klnagent64
+        state: absent
+
+    - name: "Remove previous kesl installations"
+      ansible.builtin.apt:
+        name: kesl
+        state: absent
+
+- name: RHEL delete pkgs
+  when: ansible_facts['os_family'] == 'RED' or ansible_facts['os_family'] == 'RedHat'
+  block:
+    - name: "Remove previous agent installations"
+      ansible.builtin.yum:
+        name: klnagent64
+        state: absent
+
+    - name: "Remove previous kesl installations"
+      ansible.builtin.yum:
+        name: kesl
+        state: absent
+
+- name: Clear /opt/kaspersky/klnagent64
+  ansible.builtin.file:
+    path: "/opt/kaspersky/klnagent64"
+    state: absent
+- name: Clear /var/opt/kasperksy/klnagent64
+  ansible.builtin.file:
+    path: "/var/opt/kasperksy/klnagent64"
+    state: absent
+
+- name: "Deleting previous configs from /opt/kaspersky/kesl"
+  ansible.builtin.file:
+    path: "/opt/kaspersky/kesl"
+    state: absent
+- name: "Deleting previous configs from /var/opt/kaspersky/kesl"
+  ansible.builtin.file:
+    path: "/var/opt/kaspersky/kesl"
+    state: absent

roles/delete_klnagent/tasks/main.yml

@@ -1,18 +0,0 @@
--  block:
-    - name: "Remove previous agent installations"
-      apt:
-        name: klnagent64
-        state: absent
-
-    - name: "Deleting previous distros from tmp"
-      file:
-        path: "/tmp/klnagent"
-        state: absent
-
-    - name: "Deleting previous configs from agent"
-      file:
-        path: "/opt/kaspersky/klnagent64"
-        state: absent
-      file:
-        path: "/var/opt/kasperksy/klnagent64"
-        state: absent

roles/kesl/handlers/main.yml

@@ -0,0 +1,9 @@
+- name: Reload kesl
+  ansible.builtin.service:
+    name: "kesl"
+    state: reloaded
+
+- name: Restart kesl
+  ansible.builtin.service:
+    name: "kesl"
+    state: restarted

roles/kesl/tasks/main.yml

@@ -0,0 +1,46 @@
+- name: Install KESL to RedHat like OS
+  when: ansible_facts['os_family'] == 'RED' or ansible_facts['os_family'] == 'RedHat'
+  block:
+    - name: "Getting kesl install package to temporary folder"
+      ansible.builtin.copy:
+        src: "{{ kesl_distrib_local_folder }}/{{ kesl_rpm_package_name }}"
+        dest: "{{ kesl_distrib_remote_folder }}"
+        mode: "0755"
+
+    - name: Installing perl-File-Copy package
+      ansible.builtin.yum:
+        name: perl-File-Copy
+
+    - name: Installing kesl package
+      ansible.builtin.yum:
+        name: "{{ kesl_distrib_remote_folder }}/{{ kesl_rpm_package_name }}"
+        disable_gpg_check: true
+
+- name: Install KESL to Debian like OS
+  when: ansible_facts['os_family'] == 'Debian' or ansible_facts['os_family'] == 'Astra Linux'
+  block:
+    - name: Getting kesl install package to temporary folder
+      ansible.builtin.copy:
+        src: "{{ kesl_distrib_local_folder }}/{{ kesl_deb_package_name }}"
+        dest: "{{ kesl_distrib_remote_folder }}"
+        mode: "0755"
+    - name: "Installing kesl package"
+      ansible.builtin.apt:
+        deb: "{{ kesl_distrib_remote_folder }}/{{ kesl_deb_package_name }}"
+
+- name: Creating answer file for kesl
+  ansible.builtin.template:
+    src: kesl.j2
+    dest: "{{ kesl_answer_file_path }}"
+    mode: "0644"
+
+- name: Run configuring kesl
+  ansible.builtin.command: "/opt/kaspersky/kesl/bin/kesl-setup.pl --autoinstall={{ kesl_answer_file_path }}"
+  changed_when: false
+  notify: Restart kesl
+
+- name: Ensure kesl service is enabled and restarted
+  ansible.builtin.service:
+    name: kesl
+    enabled: true
+    state: restarted

roles/kesl/templates/kesl.j2

@@ -0,0 +1,24 @@
+{% if EULA_AGREED %}EULA_AGREED={{ EULA_AGREED }}{% endif %}
+
+{% if PRIVACY_POLICY_AGREED %}PRIVACY_POLICY_AGREED={{ PRIVACY_POLICY_AGREED }}{% endif %}
+
+{% if USE_KSN %}USE_KSN={{ USE_KSN }}{% endif %}
+
+{% if LOCALE %}LOCALE={{ LOCALE }}{% endif %}
+
+{% if INSTALL_LICENSE %}INSTALL_LICENSE={{ INSTALL_LICENSE }}{% endif %}
+
+{% if UPDATER_SOURCE %}UPDATER_SOURCE={{ UPDATER_SOURCE }}{% endif %}
+
+{% if PROXY_SERVER %}PROXY_SERVER={{ PROXY_SERVER }}{% endif %}
+
+{% if UPDATE_EXECUTE %}UPDATE_EXECUTE={{ UPDATE_EXECUTE }}{% endif %}
+
+{% if KERNEL_SRCS_INSTALL %}KERNEL_SRCS_INSTALL={{ KERNEL_SRCS_INSTALL }}{% endif %}
+
+{% if ADMIN_USER %}ADMIN_USER={{ ADMIN_USER }}{% endif %}
+
+{% if CONFIGURE_SELINUX %}CONFIGURE_SELINUX={{ CONFIGURE_SELINUX }}{% endif %}
+
+{% if USE_GUI %}USE_GUI={{ USE_GUI }}{% endif %}
+

roles/klnagent/handlers/main.yml

@@ -1,9 +1,10 @@
-- name: reload klnagent  #
-  service:
-    name: "klnagent64"
+---
+- name: Reload klnagent #
+  ansible.builtin.service:
+    name: klnagent64
     state: reloaded
 
-- name: restart klnagent #
-  service:
-    name: "klnagent64"
+- name: Restart klnagent #
+  ansible.builtin.service:
+    name: klnagent64
     state: restarted

roles/klnagent/tasks/main.yml

@@ -1,57 +1,48 @@
--  block:
-    - name: "Remove previous agent installations"
-      apt:
-        name: klnagent64
-        state: absent
+---
+- name: Installing RPM to RedHat Like
+  when: ansible_facts['os_family'] == 'RED' or ansible_facts['os_family'] == 'RedHat'
+  block:
+    - name: Getting klnagent install package to temporary folder
+      ansible.builtin.copy:
+        src: "{{ klnagent_distrib_local_folder }}/{{ klnagent_rpm_package_name }}"
+        dest: "{{ klnagent_distrib_remote_folder }}"
+        mode: "0755"
+    - name: Installing klnagent package
+      ansible.builtin.yum:
+        name: "{{ klnagent_distrib_remote_folder }}/{{ klnagent_rpm_package_name }}"
+        disable_gpg_check: true
 
-    - name: "Deleting previous distros from tmp"
-      file:
-        path: "/tmp/klnagent"
-        state: absent
 
-    - name: "Deleting previous configs from agent"
-      file:
-        path: "/opt/kaspersky/klnagent64"
-        state: absent
-      file:
-        path: "/var/opt/kasperksy/klnagent64"
-        state: absent
+- name: Installing DEB to Debian Like
+  when: ansible_facts['os_family'] == 'Debian' or ansible_facts['os_family'] == 'Astra Linux'
+  block:
+    - name: Getting klnagent install package to temporary folder
+      ansible.builtin.copy:
+        src: "{{ klnagent_distrib_local_folder }}/{{ klnagent_deb_package_name }}"
+        dest: "{{ klnagent_distrib_remote_folder }}"
+        mode: "0755"
+    - name: Installing klnagent package
+      ansible.builtin.apt:
+        deb: "{{ klnagent_distrib_remote_folder }}/{{ klnagent_deb_package_name }}"
 
-    - name: "Getting klnagent install package to temporary folder"
-      copy:
-        src: "/tmp/klnagent"
-        dest: "/tmp"
-        mode: 0755
+- name: Creating answer file for klnagent
+  become: true
+  ansible.builtin.template:
+    src: klnagent.j2
+    dest: "{{ klnagent_answer_file_path }}"
+    mode: "0644"
 
-    - name: "Installing klnagent package"
-      apt:
-        deb: /tmp/klnagent/klnagent64_11.0.0-38_amd64.deb
+- name: Run configuring klnagent
+  become: true
+  ansible.builtin.command: /opt/kaspersky/klnagent64/lib/bin/setup/postinstall.pl
+  environment:
+    KLAUTOANSWERS: "{{ klnagent_answer_file_path }}"
+  notify: restart klnagent
+  changed_when: false
 
-    - name: "Deleting distros"
-      file:
-        path: "/tmp/klnagent"
-        state: absent
-
-- block:
-    - name: "Creating answer file for klnagent"
-      become: yes
-      template:
-        src: klnagent.j2
-        dest: /tmp/klnagent.ini
-        mode: 0644
-
-    - name: "Run configuring klnagent"
-      become: yes
-      shell: "{{ default_klnagent_bin_path }}/setup/postinstall.pl"
-      args:
-        executable: /bin/bash
-      environment:
-        KLAUTOANSWERS: /tmp/klnagent.ini
-      notify: restart klnagent
-
-    - name: "Ensure klnagent service is enabled"
-      become: yes
-      service:
-        name: klnagent64
-        enabled: yes
-        state: started
+- name: Ensure klnagent service is enabled and restarted
+  become: true
+  ansible.builtin.service:
+    name: klnagent64
+    enabled: true
+    state: restarted

roles/klnagent/templates/klnagent.j2

@@ -1,5 +1,31 @@
-KLNAGENT_SERVER={{ KLNAGENT_SERVER }}
-KLNAGENT_PORT={{ KLNAGENT_PORT }}
-KLNAGENT_SSLPORT={{ KLNAGENT_SSLPORT }}
-KLNAGENT_USESSL={{ KLNAGENT_USESSL }}
-KLNAGENT_GW_MODE={{ KLNAGENT_GW_MODE }}
+{% if KLNAGENT_SERVER %}KLNAGENT_SERVER={{ KLNAGENT_SERVER }}{% endif %}
+
+{% if KLNAGENT_AUTOINSTALL %}KLNAGENT_AUTOINSTALL={{ KLNAGENT_AUTOINSTALL }}{% endif %}
+
+{% if EULA_ACCEPTED %}EULA_ACCEPTED={{ EULA_ACCEPTED }}{% endif %}
+
+{% if KLNAGENT_PROXY_USE %}KLNAGENT_PROXY_USE={{ KLNAGENT_PROXY_USE }}{% endif %}
+
+{% if KLNAGENT_PROXY_ADDR %}KLNAGENT_PROXY_ADDR={{ KLNAGENT_PROXY_ADDR }}{% endif %}
+
+{% if KLNAGENT_PROXY_LOGIN %}KLNAGENT_PROXY_LOGIN={{ KLNAGENT_PROXY_LOGIN }}{% endif %}
+
+{% if KLNAGENT_PROXY_PASSWORD %}KLNAGENT_PROXY_PASSWORD={{ KLNAGENT_PROXY_PASSWORD }}{% endif %}
+
+{% if KLNAGENT_VM_VDI %}KLNAGENT_VM_VDI={{ KLNAGENT_VM_VDI }}{% endif %}
+
+{% if KLNAGENT_VM_OPTIMIZE %}KLNAGENT_VM_OPTIMIZE={{ KLNAGENT_VM_OPTIMIZE }}{% endif %}
+
+{% if KLNAGENT_TAGS %}KLNAGENT_TAGS={{ KLNAGENT_TAGS }}{% endif %}
+
+{% if KLNAGENT_UDP_PORT %}KLNAGENT_UDP_PORT={{ KLNAGENT_UDP_PORT }}{% endif %}
+
+{% if KLNAGENT_PORT %}KLNAGENT_PORT={{ KLNAGENT_PORT }}{% endif %}
+
+{% if KLNAGENT_SSLPORT %}KLNAGENT_SSLPORT={{ KLNAGENT_SSLPORT }}{% endif %}
+
+{% if KLNAGENT_USESSL %}KLNAGENT_USESSL={{ KLNAGENT_USESSL }}{% endif %}
+
+{% if KLNAGENT_GW_MODE %}KLNAGENT_GW_MODE={{ KLNAGENT_GW_MODE }}{% endif %}
+
+{% if KLNAGENT_GW_ADDRESS %}KLNAGENT_GW_ADDRESS={{ KLNAGENT_GW_ADDRESS }}{% endif %}

test.yml

@@ -1,4 +0,0 @@
----
-- hosts: servers
-  gather_facts: true
-  task: