---
- hosts: all
remote_user: ansible
tasks:
- name: Ensure NTP is installed
yum:
name: ntp
state: present
become: True
- name: Ensure the timezone is set to UTC
file:
src: /usr/share/zoneinfo/GMT
dest: /etc/localtime
state: link
become: True
- name: Ensure the NTP service is running and enabled
service:
name: ntpd
state: started
enabled: True
become: True
The first set of codes deal with the installation and enabling of HTTPd package and services. In addition, both HTTP and HTPS must be able to pass through the firewalld
--
- hosts: all
remote_user: ansible
tasks:
- name: Ensure the HTTPd package is installed
yum:
name: httpd
state: present
become: True
- name: Ensure the HTTPd service is enabled and running
service:
name: httpd
state: started
enabled: True
become: True
- name: Ensure HTTP can pass the firewall
firewalld:
service: http
state: enabled
permanent: True
immediate: True
become: True
- name: Ensure HTTPS can pass the firewall
firewalld:
service: https
state: enabled
permanent: True
immediate: True
become: True
Reviewing and Running the Deployment, we can use the command to fire it.
Assuming the Website is a simple single-page website using a simple template call index.html.j2
---
- hosts: all
remote_user: ansible
tasks:
- name: Ensure the website is present and updated
template:
src: index.html.j2
dest: /var/www/html/index.html
owner: root
group: root
mode: 0644
become: True
Just a note that the “become: True” parameter represents the fact that the tasks should be executed with sudo access. In other words, the sudo user’s file should allow access
There are reports of an ongoing ransomware campaign actively exploiting a vulnerability (CVE-2021-21974) in unpatched VMware ESXi servers.
Successful exploitation of the vulnerability could allow an attacker to perform remote code execution by triggering the heap-overflow issue in OpenSLP service.
The following versions of the products are affected by the aforementioned vulnerability:
• ESXi versions 7.x earlier than ESXi70U1c-17325551
• ESXi versions 6.7.x earlier than ESXi670-202102401-SG
• ESXi versions 6.5.x earlier than ESXi650-202102101-SG
Users and administrators of affected product versions are advised to upgrade to the latest versions immediately. As a precaution, a full system scan should also be performed to detect any signs of compromise. Users and administrators are also advised to assess if the ransomware campaign-targeted port 427 can be disabled without disrupting operations.
Users and administrators may also wish to configure their firewall rules to block any connections to the following IP addresses purportedly carrying out the attacks:
The Linux Cluster 