History rewrite
This commit is contained in:
AJ Schroeder
93
ansible/roles/clean/tasks/ubuntu.yml
Normal file
93
ansible/roles/clean/tasks/ubuntu.yml
Normal file
@@ -0,0 +1,93 @@
|
||||
---
|
||||
|
||||
- name: Remove audit log files
|
||||
ansible.builtin.file:
|
||||
path: "{{ item }}"
|
||||
state: absent
|
||||
loop:
|
||||
- "/var/log/audit/audit.log"
|
||||
- "/var/log/wtmp"
|
||||
- "/var/log/lastlog"
|
||||
|
||||
- name: Check to see if the /var/log/audit directory exists
|
||||
ansible.builtin.stat:
|
||||
path: "/var/log/audit"
|
||||
register: audit_directory
|
||||
|
||||
- name: Ensure /var/log/audit directory exists
|
||||
ansible.builtin.file:
|
||||
path: /var/log/audit
|
||||
state: directory
|
||||
mode: "0750"
|
||||
owner: root
|
||||
group: adm
|
||||
when: audit_directory.stat.exists
|
||||
|
||||
- name: Ensure /var/log/audit/audit.log exists
|
||||
ansible.builtin.file:
|
||||
path: /var/log/audit/audit.log
|
||||
state: touch
|
||||
mode: "0640"
|
||||
owner: root
|
||||
group: adm
|
||||
when: audit_directory.stat.exists
|
||||
|
||||
- name: Ensure wtmp and lastlog exist with the correct permissions
|
||||
ansible.builtin.copy:
|
||||
dest: "{{ item }}"
|
||||
content: ""
|
||||
mode: "0664"
|
||||
owner: root
|
||||
group: utmp
|
||||
loop:
|
||||
- "/var/log/wtmp"
|
||||
- "/var/log/lastlog"
|
||||
|
||||
- name: Cleaning persistent udev rules
|
||||
ansible.builtin.file:
|
||||
path: /etc/udev/rules.d/70-persistent-net.rules
|
||||
state: absent
|
||||
|
||||
- name: "Cleaning the /tmp directories"
|
||||
ansible.builtin.file:
|
||||
path: "{{ item }}"
|
||||
state: absent
|
||||
loop:
|
||||
- "/tmp/*"
|
||||
- "/var/tmp/*"
|
||||
|
||||
- name: Cleaning the SSH host keys
|
||||
shell: |
|
||||
rm -f /etc/ssh/ssh_host_*
|
||||
|
||||
- name: remove /etc/machine-id
|
||||
file:
|
||||
path: /etc/machine-id
|
||||
state: absent
|
||||
|
||||
- name: remove /var/lib/dbus/machine-id
|
||||
file:
|
||||
path: /var/lib/dbus/machine-id
|
||||
state: absent
|
||||
|
||||
- name: generate new machine-id
|
||||
command: systemd-machine-id-setup
|
||||
|
||||
- name: Clean apt
|
||||
ansible.builtin.apt:
|
||||
autoclean: yes
|
||||
autoremove: yes
|
||||
clean: yes
|
||||
|
||||
- name: Cleaning the shell history
|
||||
shell: |
|
||||
unset HISTFILE
|
||||
history -cw
|
||||
echo > ~/.bash_history
|
||||
rm -fr /root/.bash_history
|
||||
|
||||
- name: Clean cloud-init
|
||||
ansible.builtin.command: cloud-init clean
|
||||
when: cloud_init | bool
|
||||
|
||||
...
|
||||
Reference in New Issue
Block a user