KellEngineering
/
open-cmmc-stack
0
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
open-cmmc-stack/ansible/roles/podman_services/handlers/main.yml

52 lines
1.6 KiB
YAML
Raw Blame History

---
- name: Document Podman Services Deployment
copy:
content: |
# ✅ Podman Services Deployed
This summary confirms successful deployment of core containerized services using Podman:
- Keycloak, Mailcow, Wazuh, and Step-CA launched via systemd-managed Podman containers
- All services use rootless accounts and secured volumes
- podman-compose and systemd integration verified
- Service logs and container health validated
These services satisfy a wide set of CMMC controls including AC, SC, IA, AU, and CM families.
dest: "{{ evidence_base_dir | default('evidence') }}/04_platform_services/podman_services_summary.md"
mode: '0644'
- name: Archive podman_services logs
copy:
src: /tmp/podman_services_run.log
dest: "{{ evidence_base_dir | default('evidence') }}/04_platform_services/podman_services_run.log"
remote_src: yes
mode: '0644'
- name: Document Step-CA Deployment
copy:
content: |
# Step-CA Deployment Log
Step-CA was successfully deployed and enabled as a system service.
- Timestamp: {{ ansible_date_time.iso8601 }}
- User: {{ ansible_user }}
- Container Image: smallstep/step-ca:latest
- Port: {{ stepca_port }}
dest: "{{ evidence_dir }}/01_identity_access/step-ca_summary.md"
mode: "0644"
- name: Archive Step-CA Logs
shell: |
journalctl -u step-ca > {{ evidence_dir }}/01_identity_access/step-ca_run.log
args:
executable: /bin/bash
- name: Log Mailcow provisioning
copy:
content: "Mailcow deployed successfully at {{ ansible_date_time.iso8601 }}"
dest: "evidence/04_email/mailcow_deploy.log"
mode: '0644'
Reference in New Issue View Git Blame Copy Permalink