{"id":16779651,"url":"https://github.com/ahuffman/ansible-aide","last_synced_at":"2025-04-10T20:53:03.301Z","repository":{"id":69819535,"uuid":"59776626","full_name":"ahuffman/ansible-aide","owner":"ahuffman","description":"An Ansible role to install, configure, and schedule AIDE.","archived":false,"fork":false,"pushed_at":"2021-07-19T21:37:53.000Z","size":36,"stargazers_count":16,"open_issues_count":2,"forks_count":10,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-03-24T18:21:38.423Z","etag":null,"topics":["aide","ansible","ansible-role"],"latest_commit_sha":null,"homepage":null,"language":"Jinja","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ahuffman.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2016-05-26T19:14:54.000Z","updated_at":"2024-05-03T10:33:09.000Z","dependencies_parsed_at":"2023-02-24T02:45:46.614Z","dependency_job_id":null,"html_url":"https://github.com/ahuffman/ansible-aide","commit_stats":null,"previous_names":[],"tags_count":9,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ahuffman%2Fansible-aide","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ahuffman%2Fansible-aide/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ahuffman%2Fansible-aide/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ahuffman%2Fansible-aide/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ahuffman","download_url":"https://codeload.github.com/ahuffman/ansible-aide/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248297033,"owners_count":21080309,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aide","ansible","ansible-role"],"created_at":"2024-10-13T07:31:20.003Z","updated_at":"2025-04-10T20:53:03.293Z","avatar_url":"https://github.com/ahuffman.png","language":"Jinja","funding_links":[],"categories":[],"sub_categories":[],"readme":"![Ansible Role](https://img.shields.io/ansible/role/d/10133)\n\n# ahuffman.aide\n\n## Description\nAn Ansible role to install, configure, and schedule AIDE.\n\n|**Please Note**|\n|---|\n|*The default settings will deploy the configuration options that come with a default aide.conf after installing the tool.*|\n|*This has only been thoroughly tested on Fedora and RHEL7 Operating Systems.  Please open issues if you have a problem on your platform.*|\n\n\n## Role Variables\n| Variable Name | Description | Required | Default Value | Type |\n| --- | --- | :---: | --- | :---:|\n| aide_pkg | Name of the aide package to install.  Override with a specific version if required. | Yes | \"aide\" | string |\n|aide_conf_path| Path to the aide configuration file | Yes | \"/etc/aide.conf\"| string |\n|aide_update_db| Whether or not to force an update of the aide database on this Role invocation | Yes | False| boolean |\n|aide_dbdir| Directory to create the aide database | Yes | \"/var/lib/aide\" | string |\n|aide_logdir | Directory to create aide logs | Yes | \"/var/log/aide\" | string |\n|aide_database_filename| Filename to create the aide database as. | Yes | \"aide.db.gz\" | string |\n|aide_database_out_filename | Filename to create the updated aide database as | Yes | \"aide.db.new.gz\" | string |\n|aide_gzip_dbout | Whether or not to compress the database output file | Yes | True | boolean |\n|aide_verbose| Aide's verbosity level. Valid values are 0-255. | Yes | 5 | integer |\n|aide_report_url| List of report URLs | No | [\"file:@@{LOGDIR}/aide.log\", \"stdout\"] | list |\n|aide_acl_no_symlink_follow | Whether to check ACLs for symlinks or not. | Yes | True | boolean|\n|aide_warn_dead_symlinks| Whether to warn about dead symlinks or not.| Yes | False |boolean|\n|aide_summarize_changes| Whether  to  summarize  changes  in  the  added,  removed  and  changed  files sections of the report or not|Yes|False|boolean|\n|aide_report_attributes|list of default rules to report|No|Undefined|list|\n|aide_grouped|Whether to group the files in the report by added, removed and changed files or not.|Yes|False|boolean|/my/ignore/path/2\n|aide_ignore_list|(DEPRECATED, will be removed in a future release). Special group definition that lists attributes whose change is to be ignored in the final report.|No|[]|list|\n|aide_config_version|The value of config_version is printed in the report and also printed to the database.  This  is  for  informational  purposes only. It has no other functionality.| No | \"1\" | string |\n|aide_cron_schedule_check|Whether or not to setup a cron job for running an aide check|Yes|True|boolean|\n|aide_cron_email_notify_recipients|List of email recipients to get an email notification after a cronjob.  Leave list empty if you do not want this functionality.|Yes|[]|list|\n|aide_cronjob_name | Comment to insert prior to the cronjob in the crontab|Yes|\"aide scheduled database checkup\"|string|\n|aide_cron_sched_min|Minute to schedule the start of the cronjob at|No|\"0\"|string|\n|aide_cron_sched_hr|Hour to schedule the start of the cronjob at|No|\"1\"|string|\n|aide_cron_sched_day|Day to schedule the start of the cronjob at|No|\"*\"|string|\n|aide_cron_sched_mon|Month to schedule the start of the cronjob at|No|\"*\"|string|\n|aide_cron_sched_wkd|Weekday to schedule the start of the cronjob at|No|\"*\"|string|\n\n## Defining and Undefining aide.conf Variables\n```yaml\naide_macros:   \n  define:   \n     - name: \"Give it a name\"\n       variable: \"Name_of_Variable\"\n       value: \"Value of the variable\"\n     - name: \"DBDIR var\"\n       variable: \"DBDIR\"\n       value: \"/var/lib/aide\"\n  undefine:   \n     - name: \"Some var to undefine\"\n       variable: \"Name_of_Variable\"  #This would effectively undefine the variable we defined above\n     - name: \"Undefining DBDIR var\"\n       variable: \"DBDIR\"\n```\n\n## Defining Rules/Groups, Selection paths, and Ignore/Negative Selection Paths\nA YAML spec was built to handle all of these items in a relatively organized way.  \n\n### Attributes available to a rule\n```yaml\naide_rules:   \n  - name: \"My first rule\"                                                #Required   \n    rule: \"FIPSR\"                                                        #Required   \n    comment: \"Comment to put above this rule declaration\"                #Optional   \n    attributes: []  #List made up of default rules or defined rules      #Required except on special negative rule   \n    paths:                                                               #Optional   \n       - \"/my/include/path/1\"  #Cannot start with '!' see Ignore/Negative Selection Paths   \n       - \"/my/include/path/2\"\n```\n\n### A Special Rule to handle Ignore/Negative Selection Paths is available\n\nAdd a rule to your `aide_rules`: definition with `rule`: negative   \nHere's an example, and you can also find an example in this Role's defaults/main.yml:   \n```yaml\naide_rules:   \n  - name: \"My negative/ignore selections\"                                #Required   \n    rule: \"negative\"                                                     #Required   \n    paths:                                                             #Required   \n       - \"/my/ignore/path/1\"\n       - \"/my/ignore/path/2\"\n```\nDo not include an '!' in front of the paths, the template logic will automatically do this for you.  \n\n### Scheduled Cron Aide Checks\nThe default is to setup an 'aide --check' in crontab.  Should you wish to change this after already allowing this role to create the cron job, simply switch the variable `aide_cron_schedule_check` to False.  This will remove the cron job from your system's crontab on the next playbook run.  One caveat to be aware of is that the `aide_cronjob_name` variable must match what's currently in the crontab to be removed properly.\n\n\n## Example Playbook\n```yaml\n- name: \"Install and configure aide\"\n  hosts: \"servers\"\n  roles:\n     - \"ahuffman.aide\"\n```\n\n## License\n[MIT](LICENSE)\n\n## Author Information\n[Andrew J. Huffman](https://github.com/ahuffman)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fahuffman%2Fansible-aide","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fahuffman%2Fansible-aide","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fahuffman%2Fansible-aide/lists"}