- Overview
- Module Description - What the module does and why it is useful
- Setup - The basics of getting started with openvas
- Usage - Configuration options and additional functionality
- Limitations - OS compatibility, etc.
- Development - Guide for contributing to the module
Puppet module for installing, configuring, and managing OpenVas, "a framework of several services and tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solution."
This module manages the installation of OpenVas.
By default, this module will:
- Set up the package repository
- Install the openvas package
- Configure the /etc/sysconfig/openvas-* files
- Set up and enable the openvas services.
Most of Openvas's setup is handled by the package itself.
Full docs are avaliable here: http://www.openvas.org/
This module includes a single class:
include '::openvas'
You'll more than likely want to provide the appropriate values for your setup.
However, the service won't start until a number of preperation steps have been done. These are covered by the openvas-setup
script.
However, this can take a long time depending on your network speeds, so I've left it out of the module for now.
For the initial setup, you'll probably need to disable managing the service:
class { '::openvas':
manage_service => false,
}
After you've got OpenVas working, you can manage the service with Puppet easily.
Eventually, the steps in the setup script will be run by Puppet.
To opt out of repo management altogether, you'd specify it like so:
class { '::openvas':
manage_repo => false,
}
- Configuration is fairly surface level now
- Only tested on CentOS
- Ubuntu, Debian, Fedora and others aren't supported yet
If you'd like to other features or anything else, check out the contributing guidelines in CONTRIBUTING.md.