ansible-collections/phpipam_scan_agent
2
0
Fork 0
Code Issues 10 Pull Requests Actions Projects Releases 7 Wiki Activity

chore: work from issues #31

Merged
jon_nfc merged 8 commits from feat-work into development 2024-02-24 12:56:46 +00:00
Conversation 25 Commits 8 Files Changed 11 +78 -9
10 changed files with 78 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit 4d19ead2f1 - Show all commits

2
docs/projects/ansible/collection/phpipam_scan_agent/scanner.md
View File

@ -100,6 +100,8 @@ The scanner component has the following workflow:
Once the [server component](server.md#remote-network-scannning) has been setup, the client can be installed/used from any network. Even a network that is isolated from the server. Only caveat is that the client can communicate with the server. To ensure that the client can connect to the server set the `auth_token` to match that of the server.
There is no true confirmation of the servers identity outside of confirming the TLS Certificate is trusted. Due to this fact, you're advised to use your own CA to sign the server components TLS Certificate. By doing this only you can issue a certificate to the server component. All that is required is to ensure that your CA certificate is within the trusted certificates of the machine that is running the agent.
!!! danger "Security"
Failing to secure the server component communication with TLS will allow anyone with direct access to the line of communication to view the `auth_token`. Anyone who has the `auth_token` will be able to upload data to the server.

1
playbooks/tasks/scan_subnet.yaml
View File

@ -103,3 +103,4 @@
"results": "{{ subnet_scan_results }}"
}
}
validate_certs: true # Ensure always true