semaphore/ivre.yml

---
- name: IVRE NETWORK SCAN 
  hosts: scaleway
  become: true
  gather_facts: true
  vars:
    ansible_user: stephane
  #TODO target in list
  # 163.172.0.0/24
  # 163.172.80.0/28 
    target_network: 163.172.16.0/24
    # 163.172.0.0/20
    # 163.172.16.0/20
    # 163.172.31.0/20
    # 163.172.48.0/20
    # 163.172.63.254/20
    username: jingohalert
    password: !vault |
              $ANSIBLE_VAULT;1.2;AES256;prod
              66346630333538386564396632636161316239326530653037666465616165393135666532643264
              3037363865363531636635306535663736353734333733340a363639636638396662616538343335
              65366439343135636634393832636436353764303066653530346232323164376265313039373630
              3863613961373430340a303866363962353262623030373061616134303366336237346631383539
              3130
  tasks:

  - name: Run SCAN
    community.docker.docker_container_exec:
      container: ivreclient
      argv:
        - ivre
        - runscans
        - --network
        - "{{ target_network }}"
        - --output=XMLFork
        - --processes 10

  - name: Run SCAN2DB
    community.docker.docker_container_exec:
      container: ivreclient
      argv:
        - ivre
        - scan2db
        - "-c"
        - "{{ category }}"
        - "-s"
        - "{{ source }}"
        - "-r"
        - "scans/{{ category }}/up"

  - name: Run DB2VIEW
    community.docker.docker_container_exec:
      container: ivreclient
      argv:
        - ivre
        - db2view
        - nmap

  - name: NTFY when docker compose changed
    uri:
      url: "https://alert.jingoh.fr/scaleway"
      method: POST
      user: "{{ username }}"
      password: "{{ password }}"
      headers:
        Title: "SCAN NETWORK {{ target_network }}"
        ta: "globe_with_meridians"
      body: "scan finished !"
      status_code: 200
    delegate_to: localhost