CIS-Ubuntu-20.04-Ansible
ansible-job-report
Our great sponsors
CIS-Ubuntu-20.04-Ansible | ansible-job-report | |
---|---|---|
4 | 13 | |
243 | 102 | |
- | - | |
2.8 | 0.0 | |
13 days ago | 7 months ago | |
HTML | HTML | |
GNU General Public License v3.0 only | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
CIS-Ubuntu-20.04-Ansible
- CIS Roles
- Ansible playbook won't run
-
Why won't this ansible script run?!
This is the github repo >>> https://github.com/alivx/CIS-Ubuntu-20.04-Ansible
-
Sending pretty HTML job reports with Ansible
yes it is :) this is the github repo: CIS-Ubuntu-20.04-Ansible
ansible-job-report
-
Gathering a set_fact on hosts and combining to a single dictionary for an html report
If you want an example of this in action, I made an example that does what you are describing.
-
How would I get a list of IP addresses of failed hosts and details?
If you want custom feedback of job status, I have employed this method before. It's a little cumbersome for everyday use, but for big or important jobs it's one way to get a custom report of task output and host failures. Or if you're feeling extra, you can do the full version.
-
What are you using for patch management?
For RHEL servers, we use reposync to mirror patches locally, and then install them with yum. We drive the process with a series of Ansible playbooks. We have some optional host vars or group vars we can declare to tune the patching behavior per-host, or to handle custom patching scenarios. Our patching process generates a report similar to this one.
-
Linux Patching
I uploaded a stripped-down version of it here, if you need ideas. More details and examples here.
-
Help with getting outputs from Ansible into a file with good output
I made something similar a while back to report on patch activity; try this example for some ideas.
-
Controlled and staggered patching
To generate a patch report, one option is to use a jinja template to compile an HTML-formatted email. For a working example to play with, see this github.
-
using ansible_facts for reporting
You can generate a "pretty" HTML report using a Jinja template. This github example may be a little overkill for your needs, but it shows how you can assemble a report with per-host facts and task status using Jinja templates.
- Sending Email with Pending Updates
-
You did WHAT with Ansible?! Automate the Uncommon (my AnsibleFest 2021 Presentation)
As you mentioned, using Jinja to generate HTML for job reports. When renovating our script-based patching process for Linux, we had to choose between Redhat Satellite and rolling our own. We found that Satellite was overkill for our needs, and not worth the maintenance fuss and licensing costs. The biggest draw of Satellite for management was reporting... so I tortured Jinja into making a pretty CSS-styled report at the end of our patching playbook. Everyone is happy, and we have one less tool to maintain!
-
Generating a List of Pending Updates
For our patch reporting, we run the yum check-update command and put the output in an HTML template that is emailed to groups. The report we assemble is similar to this.
What are some alternatives?
ansible-role-hardening - Ansible role to apply a security baseline. Systemd edition.
mac-dev-playbook - Mac setup and configuration via Ansible.
packer-ubuntu20.04 - Packer vsphere-iso builder for Ubuntu-20.04
raspberry-pi-dramble - DEPRECATED - Raspberry Pi Kubernetes cluster that runs HA/HP Drupal 8
terraform-aws-secure-baseline - Terraform module to set up your AWS account with the secure baseline configuration based on CIS Amazon Web Services Foundations and AWS Foundational Security Best Practices.
ara - ARA Records Ansible and makes it easier to understand and troubleshoot.
prowler - Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more
drupal-pi - Drupal on Docker on a Raspberry Pi. Pi Dramble's little brother.
ansible-requirements-updater - Update your requirements.yml with this grisly Ansible playbook.
ansible-role-docker-rootless - Ansible role to install a rootless Docker server
store-ansible-facts - Stores ansible facts for later analysis or archiving