Fixed conditionals, made explicit superuser, added new app configurations

2025-07-21 16:54:18 -04:00
parent 85b1f6cd25
commit a904b6ddf4
5 changed files with 144 additions and 34 deletions
--- a/roles/bootstrap/handlers/clamav.yml
+++ b/roles/bootstrap/handlers/clamav.yml
@@ -1,23 +1,6 @@
 ---
 #@TODO write handlers for configuring clamav
 #@NOTE https://wiki.archlinux.org/title/ClamAV
- name: Check if freshclam file exists
-  stat:
-    path: /etc/clamav/freshclam.conf
-  register: freshclampath
- name: Check if clamd file exists
-  stat:
-    path: /etc/clamav/clamd.conf
-  register: clamdpath
- name: Check if milter file exists
-  stat:
-    path: /etc/clamav/clamav-milter.conf
-  register: milterpath
- name: Create freshclam file if not exists
-  file:
-    path: /etc/clamav/freshclam.conf
-    stat: touch
-  register: freshclam_created
 - name: Create freshclam file
  become: yes
  become_method: sudo
@@ -26,7 +9,6 @@
    dest: /etc/clamav/freshclam.conf
    force: yes
    backup: yes
-  when: not freshclampath.stat.exists
 - name: Create clamd file
  become: yes
  become_method: sudo
@@ -35,7 +17,6 @@
    dest: /etc/clamav/clamd.conf
    force: yes
    backup: yes
-  when: not freshclampath.stat.exists
 - name: Create clamd file
  become: yes
  become_method: sudo
@@ -44,4 +25,70 @@
    dest: /etc/clamav/clamav-milter.conf
    force: yes
    backup: yes
-  when: not freshclampath.stat.exists
+- name: Update clamav virus definitions
+  become: yes
+  become_method: sudo
+  command: freshclam
+- name: Start and enable clamav service
+  service:
+    name: clamav-daemon
+    state: started
+    enabled: yes
+- name: Start and enable clamav onaccess service
+  become: yes
+  become_method: sudo
+  service:
+    name: clamav-clamonacc
+    state: started
+    enabled: yes
+- name: Restart clamav service
+  become: yes
+  become_method: sudo
+  service:
+    name: clamav-daemon
+    state: restarted
+- name: Restart clamav onaccess service
+  become: yes
+  become_method: sudo
+  service:
+    name: clamav-clamonacc
+    state: restarted
+- name: Create freshclam log file
+  become: yes
+  become_method: sudo
+  file:
+    path: /var/log/clamav/freshclam.log
+    state: touch
+    mode: 600
+    owner: clamav
+- name: Start and enable freshclam virus definition update service
+  become: yes
+  become_method: sudo
+  service:
+    name: clamav-freshclam
+    state: started
+    enabled: yes
+- name: Restart freshclam virus definition update service
+  become: yes
+  become_method: sudo
+  service:
+    name: clamav-freshclam
+    state: restarted
+- name: Install Fangfrisch
+  become: yes
+  become_method: sudo
+  package:
+    name: fangfrisch
+    state: present
+- name: Create database structure for fangfrisch
+  become_user: clamav
+  become_method: sudo
+  command:
+    argv: [/usr/bin/fangfrisch, --conf, /etc/fangfrisch/fangfrisch.conf, initdb]
+- name: Start and enable fangfrisch virus definition updates
+  become: yes
+  become_method: sudo
+  service:
+    name: fangfrisch.timer
+    state: started
+    enabled: yes