62 lines
1.9 KiB
YAML
62 lines
1.9 KiB
YAML
---
|
|
- name: Verify
|
|
hosts: all
|
|
become: true
|
|
gather_facts: true
|
|
tasks:
|
|
- name: Verify timezone is set correctly
|
|
ansible.builtin.command: timedatectl show --property=Timezone --value
|
|
register: timezone_result
|
|
changed_when: false
|
|
failed_when: "'Europe/Rome' not in timezone_result.stdout"
|
|
|
|
- name: Verify SSH config exists
|
|
ansible.builtin.stat:
|
|
path: /etc/ssh/sshd_config
|
|
register: sshd_config
|
|
failed_when: not sshd_config.stat.exists
|
|
|
|
- name: Verify SSH config contains expected settings
|
|
ansible.builtin.command: grep -E "^PermitRootLogin\s+without-password" /etc/ssh/sshd_config
|
|
register: sshd_root_login
|
|
changed_when: false
|
|
failed_when: sshd_root_login.rc != 0
|
|
|
|
- name: Verify MOTD file exists on Debian
|
|
ansible.builtin.stat:
|
|
path: /etc/static-motd
|
|
register: motd_file
|
|
when: ansible_os_family == 'Debian'
|
|
failed_when: not motd_file.stat.exists
|
|
|
|
- name: Verify MOTD file exists on EL
|
|
ansible.builtin.stat:
|
|
path: /etc/motd
|
|
register: motd_file_el
|
|
when: ansible_os_family == 'RedHat'
|
|
failed_when: not motd_file_el.stat.exists
|
|
|
|
- name: Verify common packages are installed on Debian
|
|
ansible.builtin.command: dpkg -l htop
|
|
register: htop_deb
|
|
changed_when: false
|
|
failed_when: htop_deb.rc != 0
|
|
when: ansible_os_family == 'Debian'
|
|
|
|
- name: Verify common packages are installed on EL
|
|
ansible.builtin.command: rpm -q htop
|
|
register: htop_el
|
|
changed_when: false
|
|
failed_when: htop_el.rc != 0
|
|
when: ansible_os_family == 'RedHat'
|
|
|
|
- name: Verify PKI directory exists
|
|
ansible.builtin.stat:
|
|
path: /etc/pki
|
|
register: pki_dir
|
|
failed_when: not pki_dir.stat.exists
|
|
|
|
- name: Print verification summary
|
|
ansible.builtin.debug:
|
|
msg: All verification tests passed successfully!
|