Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/mediafellows/ansible-role-clamav-filescan

Ansible role to setup clamav and 3rd party signatures for effective file scanning (no deamon setup)
https://github.com/mediafellows/ansible-role-clamav-filescan

ansible-role clamav

Last synced: 1 day ago
JSON representation

Ansible role to setup clamav and 3rd party signatures for effective file scanning (no deamon setup)

Host: GitHub
URL: https://github.com/mediafellows/ansible-role-clamav-filescan
Owner: mediafellows
Created: 2020-04-03T10:23:29.000Z (almost 5 years ago)
Default Branch: master
Last Pushed: 2021-09-16T13:40:46.000Z (over 3 years ago)
Last Synced: 2023-03-05T23:19:19.392Z (almost 2 years ago)
Topics: ansible-role, clamav
Language: Jinja
Size: 29.3 KB
Stars: 0
Watchers: 6
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

README

[![Ansible-Test](https://github.com/mediafellows/ansible-role-clamav-filescan/workflows/Ansible-Test/badge.svg)](https://github.com/mediafellows/ansible-role-clamav-filescan/actions?query=workflow%3AAnsible-Test)

# Clamav filescan Ansible role

Sets up clamav for scanning files from the command line using clamscan on an Ubuntu server.
To do this effectively 3rd party signatures get installed, using the [clamav-unofficial-sigs](https://github.com/extremeshok/clamav-unofficial-sigs) tool.

## Requirements

Tested to run on Ubuntu Server.

## Role Variables

Variables in this role are mostly for configuring the clamav-unofficial-sigs tool.
For all variables checkout `defaults/main.yml`.

Those are the most important you probably want to set:

- `clamav_sigs_false_positive_risk_level: MEDIUM` - The false positive rating of sources. Set either LOW, MEDIUM or HIGH
- `clamav_sigs_sanesecurity_enabled: 'yes'` - Set to `'no'` to disable the Sanesecurity.com signature DB
- `clamav_sigs_securiteinfo_enabled: 'no'` - Set to `'yes'` to enable the SecuriteInfo.com signature DB, also set `securiteinfo_authorisation_signature` then
- `clamav_sigs_yararulesproject_enabled: 'yes'` - Set to `'yes'` to enable [Yara-Rules Project](https://github.com/Yara-Rules/rules) signatures.
- `clamav_sigs_linuxmalwaredetect_enabled: 'yes'` - Set to `'no'` to disable [Linuxmalwaredetect](https://www.rfxn.com/projects/linux-malware-detect/) DB.
- `clamav_sigs_malwarepatrol_enabled: 'yes'` - Set to `'no'` to disable MalwarePatrol.net rules
- `securiteinfo_authorisation_signature: ABC123ABC123` - Set to your Securiteinfo download token (otherwise this DB won't be used)
- `malwarepatrol_receipt_code: ABC123ABC123` - Set to your MalwarePatrol receipt code to enable their commercial signatures, also set the `malwarepatrol_product_code` to your product code

**NOTE:** to not turn `yes` and `no` into booleans and thus resolve to True and False in templates, use quotes to keep them as strings. Like `'yes'` or `"no"`.

## Dependencies

No dependencies on other roles

## Example Playbook

Include this role into your playbook like this:

- hosts: servers
become: true
vars:
clamav_sigs_sanesecurity_enabled: 'no'
roles:
- mediafellows.clamav_filescan
tasks:
# my other tasks

## License

BSD

## Author Information

Stefan Horning