--- - name: IVRE NETWORK SCAN hosts: scaleway become: true gather_facts: false vars: processes_nmap: 5 # source: tower ansible_sudo_pass: stephane target_networks: # - 163.172.16.0/20 - 5.135.80.0/20 # - 5.135.181.0/24 # - 163.172.48.0/20 # 163.172.0.0/20 # 163.172.16.0/20 # 163.172.31.0/20 # 163.172.48.0/20 # 163.172.63.254/20 username: jingohalert password: !vault | $ANSIBLE_VAULT;1.2;AES256;prod 66346630333538386564396632636161316239326530653037666465616165393135666532643264 3037363865363531636635306535663736353734333733340a363639636638396662616538343335 65366439343135636634393832636436353764303066653530346232323164376265313039373630 3863613961373430340a303866363962353262623030373061616134303366336237346631383539 3130 tasks: - name: Run SCAN community.docker.docker_container_exec: container: ivreclient argv: - ivre - runscans - --processes - "{{ processes_nmap }}" - --network - "{{ item }}" - --output=XMLFork ignore_errors: true loop: "{{ target_networks }}" loop_control: #* seconds pause: 300 # - ansible.builtin.pause: # minutes: 10 - name: Run SCAN2DB community.docker.docker_container_exec: container: ivreclient argv: - ivre - scan2db - "-c" - "{{ item.split('/')[0].split('.') | join('_') }}" - "-s" - "{{ ansible_host }}" - "-r" - "scans/NET-{{ item.split('/')[0] }}-{{ item.split('/')[-1] }}/up" register: scan2db ignore_errors: true loop: "{{ target_networks }}" # nmap -sVT -A -T4 --script vuln -oX /opt/xml/scale_83 163.172.83.0/24 # - debug: # msg: "{{ scan2db }}" - name: Run DB2VIEW community.docker.docker_container_exec: container: ivreclient argv: - ivre - db2view - nmap when: scan2db.failed is false - name: NTFY when scan finished uri: url: "https://alert.jingoh.fr/scaleway" method: POST user: "{{ username }}" password: "{{ password }}" headers: Title: "SCAN NETWORK {{ target_networks | join(',') }}" ta: "globe_with_meridians" body: "scan finished !" status_code: 200 delegate_to: localhost tags: toto when: scan2db.failed is false