From 3d9e185ed015f951502b57854b94c8d4033a5db3 Mon Sep 17 00:00:00 2001
From: Joris <jvleminckx@whitestack.com>
Date: Thu, 4 Mar 2021 19:15:20 -0300
Subject: [PATCH] (feature) Task 1.4.2: Add exclude paths to AIDE

---
 files/1.4.1.txt                    | 29 +++++++++++++++++++++++++++++
 tasks/section_1_Initial_Setup.yaml | 14 ++++++++++++--
 2 files changed, 41 insertions(+), 2 deletions(-)
 create mode 100644 files/1.4.1.txt

diff --git a/files/1.4.1.txt b/files/1.4.1.txt
new file mode 100644
index 0000000..0e02576
--- /dev/null
+++ b/files/1.4.1.txt
@@ -0,0 +1,29 @@
+!/backup*
+!/dev/disk/
+!/etc/.etckeeper
+!/etc/.git/
+!/etc/aide/.aide.conf.swp
+!/etc/aide/.aide.conf.swp
+!/etc/aide/aide.conf.d/00_local_excludes
+!/etc/ld.so.cache
+!/etc/lvm/archive
+!/etc/lvm/backup
+!/media/*
+!/root/.*
+!/run
+!/var/backups/
+!/var/cache/
+!/var/lib/apt/daily_lock
+!/var/lib/apt/periodic/unattended-upgrades-stamp
+!/var/lib/apt/periodic/upgrade-stamp
+!/var/lib/clamav/
+!/var/lib/dpkg/triggers/Lock
+!/var/lib/fail2ban/fail2ban.sqlite3
+!/var/lib/logrotate
+!/var/lib/monit/state
+!/var/lib/systemd/timers/stamp-apt-daily-upgrade.timer
+!/var/lib/systemd/timers/stamp-apt-daily.timer
+!/var/lib/vnstat/*
+!/var/log.*
+!/var/spool/.*
+!/var/lib/docker/
\ No newline at end of file
diff --git a/tasks/section_1_Initial_Setup.yaml b/tasks/section_1_Initial_Setup.yaml
index 740112e..52e6261 100644
--- a/tasks/section_1_Initial_Setup.yaml
+++ b/tasks/section_1_Initial_Setup.yaml
@@ -149,8 +149,7 @@
   when: disable_udf
   tags:
     - section1
-    - level_1_server
-    - level_1_workstation
+    - level_1_server    - level_1_workstation
     - 1.1.1.6
     - filesystems
     - udf
@@ -551,6 +550,17 @@
         name: ["nullmailer", "aide-common", "aide"]
         state: present
         install_recommends: false
+    - name: Configure default AIDE excludes file
+      copy:
+        src: "files/1.4.1.txt"
+        dest: "/etc/aide/aide.conf.d/00_local_excludes"
+    - name: Add extra AIDE exclude paths
+      lineinfile:
+        line: "{{ item }}"
+        path: "/etc/aide/aide.conf.d/00_local_excludes"
+        state: present
+      loop: "{{ aide_exclude_paths }}"
+      when: (aide_exclude_paths is defined) and (aide_exclude_paths| length > 0)
     - name: Configure AIDE as appropriate for your environment | aideinit
       command: aideinit
     - name: Configure AIDE as appropriate for your environment | aideinit db