forked from ISTI-ansible-roles/ansible-roles
90 lines
2.9 KiB
YAML
90 lines
2.9 KiB
YAML
---
|
|
#
|
|
# clamd wants a lot of RAM at startup time. Ensure to have at least 4GB of available memory
|
|
#
|
|
clamav_install: True
|
|
clamav_milter_install: False
|
|
clamav_unofficial_sigs_install: '{{ clamav_install }}'
|
|
|
|
clamav_rh_pkgs:
|
|
- clamd
|
|
- clamav-filesystem
|
|
- clamav
|
|
- clamav-data
|
|
- clamav-lib
|
|
- clamav-update
|
|
|
|
clamav_milter_rh_pkgs:
|
|
- clamav-milter
|
|
|
|
clamav_unofficial_sigs_rh_pkgs:
|
|
- clamav-unofficial-sigs
|
|
|
|
clamav_clamd_user: clamscan
|
|
clamav_clamd_conf_file: '/etc/clamd.d/scan.conf'
|
|
clamav_clamd_verbose_logging: 'yes'
|
|
clamav_clamd_extended_info: 'yes'
|
|
clamav_clamd_pidfile: '/run/clamd.scan/clamd.pid'
|
|
clamav_clamd_tmp: '/var/tmp'
|
|
clamav_clamd_official_db_only: 'no'
|
|
clamav_clamd_use_local_socket: True
|
|
clamav_clamd_local_socket: '/run/clamd.scan/clamd.sock'
|
|
clamav_clamd_use_net_socket: False
|
|
clamav_clamd_net_socket_port: 3310
|
|
clamav_clamd_net_main_socket_addr: '127.0.0.1'
|
|
clamav_clamd_net_socket_addrs:
|
|
- '{{ clamav_clamd_net_main_socket_addr }}'
|
|
# Set this to your MTA max message size. Expressed in MB (M)
|
|
clamav_clamd_stream_max_lenght: 25
|
|
clamav_clamd_detect_pua: True
|
|
clamav_clamd_heuristic_alert: 'yes'
|
|
clamav_clamd_heuristic_has_precedence: 'no'
|
|
clamav_clamd_additional_doc_scanning: True
|
|
clamav_clamd_email_scan: 'yes'
|
|
clamav_clamd_html_scan: 'yes'
|
|
clamav_clamd_archives_scan: 'yes'
|
|
clamav_clamd_max_scan_time: 120000
|
|
# Options: None, TrustSigned, Paranoid. Stick to the default
|
|
clamav_clamd_bytecode_security: 'TrustSigned'
|
|
|
|
clamav_additional_signatures_use_proxy: False
|
|
clamav_additional_signatures_use_proxy_auth: False
|
|
clamav_additional_signatures_proxy_host: ''
|
|
clamav_additional_signatures_proxy_port: 3128
|
|
clamav_additional_signatures_proxy_user: ''
|
|
clamav_additional_signatures_proxy_pwd: ''
|
|
|
|
# Freshclam
|
|
clamav_freshclam_check_frequency: 12
|
|
clamav_freshclam_use_proxy: False
|
|
clamav_freshclam_use_proxy_auth: False
|
|
clamav_freshclam_proxy_host: ''
|
|
clamav_freshclam_proxy_port: 3128
|
|
clamav_freshclam_proxy_user: ''
|
|
clamav_freshclam_proxy_pwd: ''
|
|
clamav_freshclam_reload_clamd: True
|
|
clamav_freshclam_enable_safebrowsing: 'no'
|
|
clamav_freshclam_enable_bytecode: 'yes'
|
|
#clamav_freshclam_additional_databases:
|
|
# - ''
|
|
# - ''
|
|
|
|
# tcp example: inet:7357@127.0.0.1
|
|
clamav_milter_socket: 'local:/run/clamav-milter/clamav-milter.socket'
|
|
clamav_milter_use_whitelist_file: False
|
|
clamav_milter_whitelist_file: '/etc/mail/clamav-whitelist'
|
|
clamav_milter_use_skip_authenticated_file: False
|
|
clamav_milter_skip_authenticated_file: '/etc/mail/clamav-skip-authenticated'
|
|
clamav_milter_onclean_action: 'Accept'
|
|
clamav_milter_oninfected_action: 'Reject'
|
|
clamav_milter_onfail_action: 'Defer'
|
|
clamav_milter_send_reject_msg: True
|
|
clamav_milter_reject_msg: 'Virus %v present, email rejected!'
|
|
clamav_milter_add_header: True
|
|
clamav_milter_add_header_action: 'Add'
|
|
clamav_milter_report_hostname: '{{ ansible_fqdn }}'
|
|
clamav_milter_clamd_net_socket_addrs:
|
|
- { addr: '{{ clamav_clamd_net_main_socket_addr }}', port: '{{ clamav_clamd_net_socket_port }}' }
|
|
|
|
|