diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md new file mode 100644 index 00000000..3a19c72b --- /dev/null +++ b/.github/ISSUE_TEMPLATE/bug_report.md @@ -0,0 +1,32 @@ +--- +name: Report Issue +about: Create a bug issue ticket to help us improve +title: '' +labels: bug +assignees: '' + +--- + +**Describe the Issue** +A clear and concise description of what the bug is. + +**Expected Behavior** +A clear and concise description of what you expected to happen. + +**Actual Behavior** +A clear and concise description of what's happening. + +**Control(s) Affected** +What controls are being affected by the issue + +**Environment (please complete the following information):** + - Ansible Version: [e.g. 2.10] + - Host Python Version: [e.g. Python 3.7.6] + - Ansible Server Python Version: [e.g. Python 3.7.6] + - Additional Details: + +**Additional Notes** +Anything additional goes here + +**Possible Solution** +Enter a suggested fix here diff --git a/.github/ISSUE_TEMPLATE/feature-request-or-enhancement.md b/.github/ISSUE_TEMPLATE/feature-request-or-enhancement.md new file mode 100644 index 00000000..bf457005 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/feature-request-or-enhancement.md @@ -0,0 +1,21 @@ +--- +name: Feature Request or Enhancement +about: Suggest an idea for this project +title: '' +labels: enhancement +assignees: '' + +--- + +**Feature Request or Enhancement** + - Feature [] + - Enhancement [] + +**Summary of Request** +A clear and concise description of what you want to happen. + +**Describe alternatives you've considered** +A clear and concise description of any alternative solutions or features you've considered. + +**Suggested Code** +Please provide any code you have in mind to fulfill the request diff --git a/.github/ISSUE_TEMPLATE/question.md b/.github/ISSUE_TEMPLATE/question.md new file mode 100644 index 00000000..cbab6e73 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/question.md @@ -0,0 +1,17 @@ +--- +name: Question +about: Ask away....... +title: '' +labels: question +assignees: '' + +--- + +**Question** +Pose question here. + +**Environment (please complete the following information):** + - Ansible Version: [e.g. 2.10] + - Host Python Version: [e.g. Python 3.7.6] + - Ansible Server Python Version: [e.g. Python 3.7.6] + - Additional Details: diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md new file mode 100644 index 00000000..1919fb40 --- /dev/null +++ b/.github/pull_request_template.md @@ -0,0 +1,9 @@ +**Overall Review of Changes:** +A general description of the changes made that are being requested for merge + +**Any Related Open Issues:** +Please list any open issues this PR addresses + +**How has this been tested?:** +Please give an overview of how these changes were tested. If they were not please use N/A + diff --git a/defaults/main.yml b/defaults/main.yml index b898e8a6..ce70b146 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -322,7 +322,7 @@ ubtu20cis_vsftpd_server: false ubtu20cis_httpd_server: false ubtu20cis_dovecot_server: false ubtu20cis_smb_server: false -ubtu20cis_squid_server: fase +ubtu20cis_squid_server: false ubtu20cis_snmp_server: false ubtu20cis_rsync_server: false ubtu20cis_nis_server: false @@ -428,7 +428,7 @@ ubtu20cis_ntp_server_options: "iburst" # Control 2.1.15 # ubtu20_cis_mail_transfer_agent is the mail transfer agent in use # The options are exim4, postfix or other -ubtu20_cis_mail_transfer_agent: "other" +# ubtu20_cis_mail_transfer_agent: "other" # Section 3 Control Variables # Control 3.1.2 diff --git a/tasks/main.yml b/tasks/main.yml index 2fd5cebf..6f87a6f3 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -37,6 +37,12 @@ - ubtu20cis_section5_patch or ubtu20cis_section6_patch +- name: Gather the package facts + package_facts: + manager: auto + tags: + - always + - name: Include section 1 patches import_tasks: section_1/main.yml when: ubtu20cis_section1_patch diff --git a/tasks/parse_etc_password.yml b/tasks/parse_etc_password.yml index a7d18a35..769918e8 100644 --- a/tasks/parse_etc_password.yml +++ b/tasks/parse_etc_password.yml @@ -30,11 +30,3 @@ \g tags: - always - -- name: test1 - debug: - msg: "{{ ubtu20cis_passwd | json_query('uid') }}" - -- name: test2 - debug: - msg: "{{ ubtu20cis_passwd | selectattr('uid', '>=', 1000) | map(attribute='dir') | flatten }}" diff --git a/tasks/section_2/cis_2.1.x.yml b/tasks/section_2/cis_2.1.x.yml index 95c17fff..861c1d0e 100644 --- a/tasks/section_2/cis_2.1.x.yml +++ b/tasks/section_2/cis_2.1.x.yml @@ -397,7 +397,7 @@ - { regexp: '^dc_mailname_in_oh', line: "dc_mailname_in_oh='true'" } - { regexp: '^dc_localdelivery', line: "dc_localdelivery='mail_spool'" } notify: restart exim4 - when: ubtu20_cis_mail_transfer_agent == "exim4" + when: "'exim4' in ansible_facts.packages" - name: "AUTOMATED | 2.1.15 | PATCH | Ensure mail transfer agent is configured for local-only mode | Make changes if postfix is installed" lineinfile: @@ -405,14 +405,16 @@ regexp: '^(#)?inet_interfaces' line: 'inet_interfaces = loopback-only' notify: restart postfix - when: ubtu20_cis_mail_transfer_agent == "postfix" + when: "'postfix' in ansible_facts.packages" - name: "AUTOMATED | 2.1.15 | PATCH | Ensure mail transfer agent is configured for local-only mode | Message out other main agents" debug: msg: - "Warning!! You are not using either exim4 or postfix" - "Please review your vendors documentation to configure local-only mode" - when: ubtu20_cis_mail_transfer_agent == "other" + when: + - "'exim4' not in ansible_facts.packages" + - "'postfix' not in ansible_facts.packages" when: - ubtu20cis_rule_2_1_15 tags: