Create all services
This commit is contained in:
parent
84ce5f7152
commit
e22a88d60d
|
@ -27,3 +27,7 @@ vuls_arch: amd64
|
|||
|
||||
vuls_dbpath: "/var/lib/vuls/cve.sqlite3"
|
||||
vuls_dbtype: "sqlite3"
|
||||
|
||||
|
||||
vuls_slack_enable: False
|
||||
vuls_email_enable: False
|
||||
|
|
|
@ -56,3 +56,19 @@
|
|||
loop:
|
||||
- /tmp/go-cti
|
||||
- "/tmp/go-cti-{{ vuls_version }}.tar.gz"
|
||||
|
||||
- name: Add systemd service
|
||||
ansible.builtin.template:
|
||||
src: vuls-go-cti.service.j2
|
||||
dest: /etc/systemd/system/vuls-go-cti.service
|
||||
|
||||
- name: Add systemd timer service
|
||||
ansible.builtin.template:
|
||||
src: vuls-go-cti.timer.j2
|
||||
dest: /etc/systemd/system/vuls-go-cti.timer
|
||||
|
||||
- name: Start go-cti service
|
||||
ansible.builtin.systemd:
|
||||
state: restarted
|
||||
daemon_reload: true
|
||||
name: vuls-go-cti
|
||||
|
|
|
@ -59,16 +59,16 @@
|
|||
|
||||
- name: Add systemd service
|
||||
ansible.builtin.template:
|
||||
src: vuls_go-cve-dictionary.service.j2
|
||||
dest: /etc/systemd/system/vuls_go-cve-dictionary.service
|
||||
src: vuls-go-cve-dictionary.service.j2
|
||||
dest: /etc/systemd/system/vuls-go-cve-dictionary.service
|
||||
|
||||
- name: Add systemd timer service
|
||||
ansible.builtin.template:
|
||||
src: vuls_go-cve-dictionary.timer.j2
|
||||
dest: /etc/systemd/system/vuls_go-cve-dictionary.timer
|
||||
src: vuls-go-cve-dictionary.timer.j2
|
||||
dest: /etc/systemd/system/vuls-go-cve-dictionary.timer
|
||||
|
||||
- name: Start go-cve-dictionary service
|
||||
ansible.builtin.systemd:
|
||||
state: restarted
|
||||
daemon_reload: true
|
||||
name: vuls_go-cve-dictionary
|
||||
name: vuls-go-cve-dictionary
|
||||
|
|
|
@ -56,3 +56,40 @@
|
|||
loop:
|
||||
- /tmp/go-exploitdb
|
||||
- "/tmp/go-exploitdb-{{ vuls_version }}.tar.gz"
|
||||
|
||||
- name: Add systemd service
|
||||
ansible.builtin.template:
|
||||
src: vuls-go-exploitdb.service.j2
|
||||
dest: "/etc/systemd/system/vuls-go-exploitdb-{{ item }}.service"
|
||||
loop:
|
||||
- "awesomepoc"
|
||||
- "exploitdb"
|
||||
- "githubrepos"
|
||||
- "inthewild"
|
||||
|
||||
- name: Add systemd timer service
|
||||
ansible.builtin.template:
|
||||
src: vuls-go-exploitdb.timer.j2
|
||||
dest: "/etc/systemd/system/vuls-go-exploitdb-{{ item }}.timer"
|
||||
loop:
|
||||
- "awesomepoc"
|
||||
- "exploitdb"
|
||||
- "githubrepos"
|
||||
- "inthewild"
|
||||
|
||||
- name: Add systemd timer service
|
||||
ansible.builtin.template:
|
||||
src: vuls-go-exploitdb.timer.j2
|
||||
dest: /etc/systemd/system/vuls-go-exploitdb.timer
|
||||
|
||||
- name: Start go-exploitdb service
|
||||
ansible.builtin.systemd:
|
||||
state: restarted
|
||||
daemon_reload: true
|
||||
name: vuls-go-exploitdb
|
||||
|
||||
- name: Start go-exploitdb service
|
||||
ansible.builtin.systemd:
|
||||
state: restarted
|
||||
daemon_reload: true
|
||||
name: vuls-go-exploitdb
|
||||
|
|
|
@ -56,3 +56,19 @@
|
|||
loop:
|
||||
- /tmp/go-kev
|
||||
- "/tmp/go-kev-{{ vuls_version }}.tar.gz"
|
||||
|
||||
- name: Add systemd service
|
||||
ansible.builtin.template:
|
||||
src: vuls-go-kev.service.j2
|
||||
dest: /etc/systemd/system/vuls-go-kev.service
|
||||
|
||||
- name: Add systemd timer service
|
||||
ansible.builtin.template:
|
||||
src: vuls-go-kev.timer.j2
|
||||
dest: /etc/systemd/system/vuls-go-kev.timer
|
||||
|
||||
- name: Start go-kev service
|
||||
ansible.builtin.systemd:
|
||||
state: restarted
|
||||
daemon_reload: true
|
||||
name: vuls-go-kev
|
||||
|
|
|
@ -56,3 +56,19 @@
|
|||
loop:
|
||||
- /tmp/go-msfdb
|
||||
- "/tmp/go-msfdb-{{ vuls_version }}.tar.gz"
|
||||
|
||||
- name: Add systemd service
|
||||
ansible.builtin.template:
|
||||
src: vuls-go-msfdb.service.j2
|
||||
dest: /etc/systemd/system/vuls-go-msfdb.service
|
||||
|
||||
- name: Add systemd timer service
|
||||
ansible.builtin.template:
|
||||
src: vuls-go-msfdb.timer.j2
|
||||
dest: /etc/systemd/system/vuls-go-msfdb.timer
|
||||
|
||||
- name: Start go-msfdb service
|
||||
ansible.builtin.systemd:
|
||||
state: restarted
|
||||
daemon_reload: true
|
||||
name: vuls-go-msfdb
|
||||
|
|
|
@ -56,3 +56,19 @@
|
|||
loop:
|
||||
- /tmp/gost
|
||||
- "/tmp/gost-{{ vuls_version }}.tar.gz"
|
||||
|
||||
- name: Add systemd service
|
||||
ansible.builtin.template:
|
||||
src: vuls-gost.service.j2
|
||||
dest: /etc/systemd/system/vuls-gost.service
|
||||
|
||||
- name: Add systemd timer service
|
||||
ansible.builtin.template:
|
||||
src: vuls-gost.timer.j2
|
||||
dest: /etc/systemd/system/vuls-gost.timer
|
||||
|
||||
- name: Start gost service
|
||||
ansible.builtin.systemd:
|
||||
state: restarted
|
||||
daemon_reload: true
|
||||
name: vuls-gost
|
||||
|
|
|
@ -56,3 +56,19 @@
|
|||
loop:
|
||||
- /tmp/goval-dictionary
|
||||
- "/tmp/goval-dictionary-{{ vuls_version }}.tar.gz"
|
||||
|
||||
- name: Add systemd service
|
||||
ansible.builtin.template:
|
||||
src: vuls-goval-dictionary.service.j2
|
||||
dest: /etc/systemd/system/vuls-goval-dictionary.service
|
||||
|
||||
- name: Add systemd timer service
|
||||
ansible.builtin.template:
|
||||
src: vuls-goval-dictionary.timer.j2
|
||||
dest: /etc/systemd/system/vuls-goval-dictionary.timer
|
||||
|
||||
- name: Start goval-dictionary service
|
||||
ansible.builtin.systemd:
|
||||
state: restarted
|
||||
daemon_reload: true
|
||||
name: vuls-goval-dictionary
|
||||
|
|
116
tasks/vuls.yml
116
tasks/vuls.yml
|
@ -1,58 +1,74 @@
|
|||
- name: "Get vuls github's release json"
|
||||
uri:
|
||||
url: https://api.github.com/repos/future-architect/vuls/releases/latest
|
||||
method: GET
|
||||
return_content: yes
|
||||
status_code: 200
|
||||
body_format: json
|
||||
register: vuls_github_repo
|
||||
#- name: "Get vuls github's release json"
|
||||
# uri:
|
||||
# url: https://api.github.com/repos/future-architect/vuls/releases/latest
|
||||
# method: GET
|
||||
# return_content: yes
|
||||
# status_code: 200
|
||||
# body_format: json
|
||||
# register: vuls_github_repo
|
||||
|
||||
- name: "Remove v on release name"
|
||||
shell: "echo {{ vuls_github_repo.json.tag_name }} | sed 's/v//g'"
|
||||
register: vuls_version_without_v
|
||||
#- name: "Remove v on release name"
|
||||
# shell: "echo {{ vuls_github_repo.json.tag_name }} | sed 's/v//g'"
|
||||
# register: vuls_version_without_v
|
||||
|
||||
- name: "Get vuls version"
|
||||
set_fact: vuls_version={{ vuls_version_without_v.stdout }}
|
||||
#- name: "Get vuls version"
|
||||
# set_fact: vuls_version={{ vuls_version_without_v.stdout }}
|
||||
|
||||
- name: testing
|
||||
debug:
|
||||
msg: "Using version {{ vuls_version }}"
|
||||
#- name: testing
|
||||
# debug:
|
||||
# msg: "Using version {{ vuls_version }}"
|
||||
|
||||
- name: Download vuls archive
|
||||
get_url:
|
||||
url: "{{ vuls_dl_url }}"
|
||||
dest: "/tmp/vuls-{{ vuls_version }}.tar.gz"
|
||||
checksum: "sha256:{{ vuls_checksum_dl_url }}"
|
||||
register: _download_archive
|
||||
until: _download_archive is succeeded
|
||||
retries: 5
|
||||
delay: 2
|
||||
#- name: Download vuls archive
|
||||
# get_url:
|
||||
# url: "{{ vuls_dl_url }}"
|
||||
# dest: "/tmp/vuls-{{ vuls_version }}.tar.gz"
|
||||
# checksum: "sha256:{{ vuls_checksum_dl_url }}"
|
||||
# register: _download_archive
|
||||
# until: _download_archive is succeeded
|
||||
# retries: 5
|
||||
# delay: 2
|
||||
|
||||
- name: Create tmp directory if it does not exist
|
||||
ansible.builtin.file:
|
||||
path: "/tmp/vuls"
|
||||
state: directory
|
||||
mode: '0750'
|
||||
owner: "root"
|
||||
group: "root"
|
||||
#- name: Create tmp directory if it does not exist
|
||||
# ansible.builtin.file:
|
||||
# path: "/tmp/vuls"
|
||||
# state: directory
|
||||
# mode: '0750'
|
||||
# owner: "root"
|
||||
# group: "root"
|
||||
|
||||
- name: Unarchive vuls
|
||||
ansible.builtin.unarchive:
|
||||
src: /tmp/vuls-{{ vuls_version }}.tar.gz
|
||||
dest: /tmp/vuls
|
||||
remote_src: yes
|
||||
#- name: Unarchive vuls
|
||||
# ansible.builtin.unarchive:
|
||||
# src: /tmp/vuls-{{ vuls_version }}.tar.gz
|
||||
# dest: /tmp/vuls
|
||||
# remote_src: yes
|
||||
|
||||
- name: Copy files from foo to bar
|
||||
ansible.builtin.copy:
|
||||
remote_src: True
|
||||
src: /tmp/vuls/vuls
|
||||
dest: /usr/local/bin/vuls/vuls
|
||||
mode: '0755'
|
||||
#- name: Copy files from foo to bar
|
||||
# ansible.builtin.copy:
|
||||
# remote_src: True
|
||||
# src: /tmp/vuls/vuls
|
||||
# dest: /usr/local/bin/vuls/vuls
|
||||
# mode: '0755'
|
||||
|
||||
- name: Clean temporary folders
|
||||
ansible.builtin.file:
|
||||
path: "{{ item }}"
|
||||
state: absent
|
||||
loop:
|
||||
- /tmp/vuls
|
||||
- "/tmp/vuls-{{ vuls_version }}.tar.gz"
|
||||
#- name: Clean temporary folders
|
||||
# ansible.builtin.file:
|
||||
# path: "{{ item }}"
|
||||
# state: absent
|
||||
# loop:
|
||||
# - /tmp/vuls
|
||||
# - "/tmp/vuls-{{ vuls_version }}.tar.gz"
|
||||
|
||||
- name: Add systemd service
|
||||
ansible.builtin.template:
|
||||
src: vuls.service.j2
|
||||
dest: /etc/systemd/system/vuls.service
|
||||
|
||||
- name: Add systemd timer service
|
||||
ansible.builtin.template:
|
||||
src: vuls.timer.j2
|
||||
dest: /etc/systemd/system/vuls.timer
|
||||
|
||||
- name: Start vuls service
|
||||
ansible.builtin.systemd:
|
||||
state: restarted
|
||||
daemon_reload: true
|
||||
name: vuls
|
||||
|
|
Binary file not shown.
|
@ -0,0 +1,162 @@
|
|||
[cveDict]
|
||||
type = {{ vuls_dbtype }}
|
||||
sqlite3Path = "{{ vuls_dbpath }}"
|
||||
|
||||
[ovalDict]
|
||||
type = {{ vuls_dbtype }}
|
||||
sqlite3Path = "{{ vuls_dbpath }}"
|
||||
|
||||
[gost]
|
||||
type = {{ vuls_dbtype }}
|
||||
sqlite3Path = "{{ vuls_dbpath }}"
|
||||
|
||||
[exploit]
|
||||
type = {{ vuls_dbtype }}
|
||||
sqlite3Path = "{{ vuls_dbpath }}"
|
||||
|
||||
[metasploit]
|
||||
type = {{ vuls_dbtype }}
|
||||
sqlite3Path = "{{ vuls_dbpath }}"
|
||||
|
||||
[kevuln]
|
||||
type = {{ vuls_dbtype }}
|
||||
sqlite3Path = "{{ vuls_dbpath }}"
|
||||
|
||||
[cti]
|
||||
type = {{ vuls_dbtype }}
|
||||
sqlite3Path = "{{ vuls_dbpath }}"
|
||||
|
||||
|
||||
# https://vuls.io/docs/en/config.toml.html#slack-section
|
||||
#[slack]
|
||||
#hookURL = "https://hooks.slack.com/services/abc123/defghijklmnopqrstuvwxyz"
|
||||
##legacyToken = "xoxp-11111111111-222222222222-3333333333"
|
||||
#channel = "#channel-name"
|
||||
##channel = "${servername}"
|
||||
#iconEmoji = ":ghost:"
|
||||
#authUser = "username"
|
||||
#notifyUsers = ["@username"]
|
||||
|
||||
# https://vuls.io/docs/en/config.toml.html#email-section
|
||||
{% if vuls_email_enable == True %}
|
||||
[email]
|
||||
smtpAddr = "{{ vuls_email_host }}"
|
||||
smtpPort = "{{ vuls_email_port }}"
|
||||
user = "{{ vuls_email_user }}"
|
||||
password = "{{ vuls_email_port}}"
|
||||
from = "{{ vuls_email_from }}"
|
||||
to = ["{{ vuls_email_to }}"]
|
||||
subjectPrefix = "[vuls]"
|
||||
{% endif %}
|
||||
|
||||
# https://vuls.io/docs/en/config.toml.html#http-section
|
||||
#[http]
|
||||
#url = "http://localhost:11234"
|
||||
|
||||
# https://vuls.io/docs/en/config.toml.html#syslog-section
|
||||
#[syslog]
|
||||
#protocol = "tcp"
|
||||
#host = "localhost"
|
||||
#port = "514"
|
||||
#tag = "vuls"
|
||||
#facility = "local0"
|
||||
#severity = "alert"
|
||||
#verbose = false
|
||||
|
||||
# https://vuls.io/docs/en/usage-report.html#example-put-results-in-s3-bucket
|
||||
#[aws]
|
||||
#profile = "default"
|
||||
#region = "ap-northeast-1"
|
||||
#s3Bucket = "vuls"
|
||||
#s3ResultsDir = "/path/to/result"
|
||||
#s3ServerSideEncryption = "AES256"
|
||||
|
||||
# https://vuls.io/docs/en/usage-report.html#example-put-results-in-azure-blob-storage<Paste>
|
||||
#[azure]
|
||||
#accountName = "default"
|
||||
#accountKey = "xxxxxxxxxxxxxx"
|
||||
#containerName = "vuls"
|
||||
|
||||
# https://vuls.io/docs/en/config.toml.html#chatwork-section
|
||||
#[chatwork]
|
||||
#room = "xxxxxxxxxxx"
|
||||
#apiToken = "xxxxxxxxxxxxxxxxxx"
|
||||
|
||||
# https://vuls.io/docs/en/config.toml.html#telegram-section
|
||||
#[telegram]
|
||||
#chatID = "xxxxxxxxxxx"
|
||||
#token = "xxxxxxxxxxxxxxxxxx"
|
||||
|
||||
#[wpscan]
|
||||
#token = "xxxxxxxxxxx"
|
||||
#detectInactive = false
|
||||
|
||||
# https://vuls.io/docs/en/config.toml.html#default-section
|
||||
[default]
|
||||
#port = "22"
|
||||
#user = "username"
|
||||
#keyPath = "/home/username/.ssh/id_rsa"
|
||||
#scanMode = ["fast", "fast-root", "deep", "offline"]
|
||||
#scanModules = ["ospkg", "wordpress", "lockfile", "port"]
|
||||
#lockfiles = ["/path/to/package-lock.json"]
|
||||
#cpeNames = [
|
||||
# "cpe:/a:rubyonrails:ruby_on_rails:4.2.1",
|
||||
#]
|
||||
#owaspDCXMLPath = "/tmp/dependency-check-report.xml"
|
||||
#ignoreCves = ["CVE-2014-6271"]
|
||||
#ignorePkgsRegexp = ["^kernel", "^python"]
|
||||
#containersOnly = false
|
||||
#containerType = "docker" #or "lxd" or "lxc" default: docker
|
||||
#containersIncluded = ["${running}"]
|
||||
#containersExcluded = ["container_name_a"]
|
||||
|
||||
# https://vuls.io/docs/en/config.toml.html#servers-section
|
||||
[servers]
|
||||
|
||||
[servers.127-0-0-1]
|
||||
host = "127.0.0.1"
|
||||
#port = "22"
|
||||
#user = "root"
|
||||
#sshConfigPath = "/home/username/.ssh/config"
|
||||
#keyPath = "/home/username/.ssh/id_rsa"
|
||||
#scanMode = ["fast", "fast-root", "deep", "offline"]
|
||||
#scanModules = ["ospkg", "wordpress", "lockfile", "port"]
|
||||
#type = "pseudo"
|
||||
#memo = "DB Server"
|
||||
#findLock = true
|
||||
#findLockDirs = ["/path/to/dir"]
|
||||
#lockfiles = ["/path/to/package-lock.json"]
|
||||
#cpeNames = [ "cpe:/a:rubyonrails:ruby_on_rails:4.2.1" ]
|
||||
#owaspDCXMLPath = "/path/to/dependency-check-report.xml"
|
||||
#ignoreCves = ["CVE-2014-0160"]
|
||||
#ignorePkgsRegexp = ["^kernel", "^python"]
|
||||
#containersOnly = false
|
||||
#containerType = "docker" #or "lxd" or "lxc" default: docker
|
||||
#containersIncluded = ["${running}"]
|
||||
#containersExcluded = ["container_name_a"]
|
||||
|
||||
#[servers.127-0-0-1.containers.container_name_a]
|
||||
#cpeNames = [ "cpe:/a:rubyonrails:ruby_on_rails:4.2.1" ]
|
||||
#owaspDCXMLPath = "/path/to/dependency-check-report.xml"
|
||||
#ignoreCves = ["CVE-2014-0160"]
|
||||
#ignorePkgsRegexp = ["^kernel", "^python"]
|
||||
|
||||
#[servers.127-0-0-1.githubs."owner/repo"]
|
||||
#token = "yourToken"
|
||||
#IgnoreGithubDismissed = true
|
||||
|
||||
|
||||
#[servers.127-0-0-1.wordpress]
|
||||
#cmdPath = "/usr/local/bin/wp"
|
||||
#osUser = "wordpress"
|
||||
#docRoot = "/path/to/DocumentRoot/"
|
||||
|
||||
#[servers.192-168-11-6.portscan]
|
||||
#scannerBinPath = "/usr/bin/nmap"
|
||||
#hasPrivileged = true
|
||||
#scanTechniques = ["sS"]
|
||||
#sourcePort = "65535"
|
||||
|
||||
#[servers.127-0-0-1.optional]
|
||||
#key = "value1"
|
||||
|
|
@ -0,0 +1,13 @@
|
|||
[Unit]
|
||||
Description=This is tool to build a local copy of the NVD (National Vulnerabilities Database)
|
||||
Documentation=https://github.com/vulsio/go-cti
|
||||
|
||||
[Service]
|
||||
Type=oneshot
|
||||
RemainAfterExit=yes
|
||||
User={{ vuls_user }}
|
||||
ExecStart=/usr/local/bin/vuls/go-cti --dbtype="{{ vuls_dbtype }}" --dbpath="{{ vuls_dbpath }}" --log-dir="/var/log/vuls/go-cti-log" --log-to-file fetch threat
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
|
|
@ -1,14 +1,12 @@
|
|||
[Unit]
|
||||
Description=This is tool to build a local copy of the NVD (National Vulnerabilities Database)
|
||||
After=network-online.target nss-lookup.target
|
||||
Wants=network-online.target nss-lookup.target
|
||||
Documentation=https://github.com/vulsio/go-cve-dictionary
|
||||
|
||||
[Service]
|
||||
Type=oneshot
|
||||
RemainAfterExit=yes
|
||||
User={{ vuls_user }}
|
||||
ExecStart=/usr/local/bin/vuls/go-cve-dictionary --dbtype="{{ vuls_dbtype }}" --dbpath="{{ vuls_dbpath }}" --log-dir="/var/log/vuls/go-cve-dictionary-log" fetch nvd
|
||||
ExecStart=/usr/local/bin/vuls/go-cve-dictionary --dbtype="{{ vuls_dbtype }}" --dbpath="{{ vuls_dbpath }}" --log-dir="/var/log/vuls/go-cve-dictionary-log" --log-to-file fetch nvd
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
|
@ -0,0 +1,13 @@
|
|||
[Unit]
|
||||
Description=This is tool to build a local copy of the NVD (National Vulnerabilities Database)
|
||||
Documentation=https://github.com/vulsio/go-exploitdb
|
||||
|
||||
[Service]
|
||||
Type=oneshot
|
||||
RemainAfterExit=yes
|
||||
User={{ vuls_user }}
|
||||
ExecStart=/usr/local/bin/vuls/go-exploitdb --dbtype="{{ vuls_dbtype }}" --dbpath="{{ vuls_dbpath }}" --log-dir="/var/log/vuls/go-exploitdb-log" --log-to-file fetch {{ item }}
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
|
|
@ -0,0 +1,9 @@
|
|||
[Unit]
|
||||
Description=Run nvd update each 3h and on boot
|
||||
|
||||
[Timer]
|
||||
OnBootSec=15min
|
||||
OnUnitActiveSec=3h
|
||||
|
||||
[Install]
|
||||
WantedBy=timers.target
|
|
@ -0,0 +1,13 @@
|
|||
[Unit]
|
||||
Description=This is tool to build a local copy of the NVD (National Vulnerabilities Database)
|
||||
Documentation=https://github.com/vulsio/go-kev
|
||||
|
||||
[Service]
|
||||
Type=oneshot
|
||||
RemainAfterExit=yes
|
||||
User={{ vuls_user }}
|
||||
ExecStart=/usr/local/bin/vuls/go-kev --dbtype="{{ vuls_dbtype }}" --dbpath="{{ vuls_dbpath }}" --log-dir="/var/log/vuls/go-kev" --log-to-file fetch kevuln
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
|
|
@ -0,0 +1,9 @@
|
|||
[Unit]
|
||||
Description=Run nvd update each 3h and on boot
|
||||
|
||||
[Timer]
|
||||
OnBootSec=15min
|
||||
OnUnitActiveSec=3h
|
||||
|
||||
[Install]
|
||||
WantedBy=timers.target
|
|
@ -0,0 +1,13 @@
|
|||
[Unit]
|
||||
Description=This is tool to build a local copy of the NVD (National Vulnerabilities Database)
|
||||
Documentation=https://github.com/vulsio/go-mfsdb
|
||||
|
||||
[Service]
|
||||
Type=oneshot
|
||||
RemainAfterExit=yes
|
||||
User={{ vuls_user }}
|
||||
ExecStart=/usr/local/bin/vuls/go-mfsdb --dbtype="{{ vuls_dbtype }}" --dbpath="{{ vuls_dbpath }}" --log-dir="/var/log/vuls/go-mfsdb-log" --log-to-file fetch msfdb
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
|
|
@ -0,0 +1,9 @@
|
|||
[Unit]
|
||||
Description=Run nvd update each 3h and on boot
|
||||
|
||||
[Timer]
|
||||
OnBootSec=15min
|
||||
OnUnitActiveSec=3h
|
||||
|
||||
[Install]
|
||||
WantedBy=timers.target
|
|
@ -0,0 +1,13 @@
|
|||
[Unit]
|
||||
Description=This is tool to build a local copy of the NVD (National Vulnerabilities Database)
|
||||
Documentation=https://github.com/vulsio/gost
|
||||
|
||||
[Service]
|
||||
Type=oneshot
|
||||
RemainAfterExit=yes
|
||||
User={{ vuls_user }}
|
||||
ExecStart=/usr/local/bin/vuls/gost --dbtype="{{ vuls_dbtype }}" --dbpath="{{ vuls_dbpath }}" --log-dir="/var/log/vuls/gost-log" --log-to-file fetch debian
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
|
|
@ -0,0 +1,9 @@
|
|||
[Unit]
|
||||
Description=Run nvd update each 3h and on boot
|
||||
|
||||
[Timer]
|
||||
OnBootSec=15min
|
||||
OnUnitActiveSec=3h
|
||||
|
||||
[Install]
|
||||
WantedBy=timers.target
|
|
@ -0,0 +1,13 @@
|
|||
[Unit]
|
||||
Description=This is tool to build a local copy of the NVD (National Vulnerabilities Database)
|
||||
Documentation=https://github.com/vulsio/goval-dictionary
|
||||
|
||||
[Service]
|
||||
Type=oneshot
|
||||
RemainAfterExit=yes
|
||||
User={{ vuls_user }}
|
||||
ExecStart=/usr/local/bin/vuls/goval-dictionary --dbtype="{{ vuls_dbtype }}" --dbpath="{{ vuls_dbpath }}" --log-dir="/var/log/vuls/goval-dictionary-log" --log-to-file fetch debian 10 11
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
|
|
@ -0,0 +1,9 @@
|
|||
[Unit]
|
||||
Description=Run nvd update each 3h and on boot
|
||||
|
||||
[Timer]
|
||||
OnBootSec=15min
|
||||
OnUnitActiveSec=3h
|
||||
|
||||
[Install]
|
||||
WantedBy=timers.target
|
Loading…
Reference in New Issue