This HowTo shows how to install ClamAV and schedule scans using Ansible. There are Ansible modules for this but it’s so simple that you might as well just do it yourself.
Create your playbook. Put the following into a file called “ansible-play-install-clamav.yml”.
--- - hosts: all sudo: yes tasks: - name: Install ClamAV basics yum: name=clamav state=latest - name: Install ClamAV scanner yum: name=clamav-scanner state=latest - name: Install ClamAV updater yum: name=clamav-update state=latest - copy: src: files/ansible.cron dest: /etc/cron.d/ansible.cron owner: root group: root mode: 0644 - copy: src: files/ansible.freshclam dest: /etc/freshclam.conf owner: root group: root mode: 0644
Create your “hosts” file and populate it with the list (one host per line) of hosts you want to install ClamAV on. I recommend testing on a single machine first.
Create two files in your “files” directory. Make sure to customise the cron file to email to the appropriate email address.
File: ansible.cron
0 3 * * * root /usr/bin/freshclam ; /usr/bin/clamscan / --recursive=yes -i | mail -s clamav_log_`hostname` [email protected] -
File: ansible.freshclam
LogSyslog yes DatabaseMirror database.clamav.net
Finally run Ansible.
ansible-playbook ansible-play-install-clamav.yml -i hosts
What if i’m getting an error that says “no package matching ‘clamav’ found available, installed or updated” ?
You need to install epel-release first.