50 lines
1 KiB
YAML
50 lines
1 KiB
YAML
# install clamav
|
|
# we run freshclam (with daemons stopped) and then starting the daemons should work
|
|
# (avoiding 'clamav-daemon not started: "ConditionPathExistsGlob=/var/lib/clamav/daily.{c[vl]d,inc} was not met"')
|
|
|
|
- name: install clamav
|
|
apt:
|
|
name: "{{ packages }}"
|
|
vars:
|
|
packages:
|
|
- clamav
|
|
- clamav-daemon
|
|
- clamav-freshclam
|
|
|
|
- name: stop clamav daemons
|
|
systemd:
|
|
name: "{{ item }}"
|
|
state: stopped
|
|
loop:
|
|
- clamav-freshclam
|
|
- clamav-daemon
|
|
|
|
- name: run freshclam
|
|
shell: freshclam
|
|
|
|
- name: start clamav daemons
|
|
systemd:
|
|
name: "{{ item }}"
|
|
state: started
|
|
loop:
|
|
- clamav-daemon
|
|
- clamav-freshclam
|
|
|
|
- name: install clamav-unofficial-sigs, clamdscan
|
|
apt:
|
|
name: "{{ packages }}"
|
|
vars:
|
|
packages:
|
|
- clamav-unofficial-sigs
|
|
- clamdscan
|
|
|
|
- name: set clamav BytecodeSecurity to Paranoid
|
|
lineinfile:
|
|
path: /etc/clamav/clamd.conf
|
|
regexp: '^BytecodeSecurity'
|
|
line: 'BytecodeSecurity Paranoid'
|
|
|
|
- name: restart clamav-daemon
|
|
systemd:
|
|
name: clamav-daemon
|
|
state: restarted
|