commited current state (new functions, may not work by now)

roles/deploy-clamd/tasks/compile-clamav.yml

@@ -0,0 +1,75 @@
+- name: "Download latest ClamAV Version to Control Node"
+  get_url:
+    url: https://www.clamav.net/downloads/production/clamav-{{ clamd_version }}.tar.gz
+    dest: "/tmp/clamav-{{ clamd_version }}.tar.gz"
+  delegate_to: localhost
+  
+- name: Copy ClamAV Tar from Control Node to Ansible Host
+  copy:
+    src: "/tmp/clamav-{{ clamd_version }}.tar.gz"
+    dest: "/usr/local/src/clamav-{{ clamd_version }}.tar.gz"
+
+- name: "Extract ClamAV Tar on Ansible Host"
+  unarchive:
+    src: "/usr/local/src/clamav-{{ clamd_version }}.tar.gz"
+    dest: "/usr/local/src/"
+    remote_src: true
+    
+- name: "Create Build Folder in ClamAV Dir"
+  file:
+    path: "/usr/local/src/clamav-{{ clamd_version }}/build"
+    state: directory
+
+- name: "Pin Cargo Regex Syntax Version"
+  args:
+    chdir: "/usr/local/src/clamav-{{ clamd_version }}/build"
+  shell: |
+    cargo update -p regex-syntax --precise 0.8.3
+
+- name: "Cmake ClamAV"
+  args:
+    chdir: "/usr/local/src/clamav-{{ clamd_version }}/build"
+  shell: |
+    cmake .. -D CMAKE_INSTALL_PREFIX=/usr -D CMAKE_INSTALL_LIBDIR=lib -D APP_CONFIG_DIRECTORY=/etc/clamav -D DATABASE_DIRECTORY=/var/lib/clamav -D ENABLE_JSON_SHARED=OFF
+
+- name: "Compile ClamAV"
+  args:
+    chdir: "/usr/local/src/clamav-{{ clamd_version }}/build"
+  shell: |
+      cmake --build .
+
+- name: "Test Compiled ClamAV"
+  args:
+    chdir: "/usr/local/src/clamav-{{ clamd_version }}/build"
+  shell: |
+    ctest .
+
+- name: "Install compiled ClamAV"
+  args:
+    chdir: "/usr/local/src/clamav-{{ clamd_version }}/build"
+  shell: |
+    cmake --build . --target install
+
+- name: "Create Freshclam Log File"
+  file:
+    path: "/var/log/freshclam.log"
+    state: touch
+    owner: clamav
+    group: clamav
+    mode: '600'
+
+- name: "Create ClamAV Log File"
+  file:
+    path: "/var/log/clamav.log"
+    state: touch
+    owner: clamav
+    group: clamav
+    mode: '600'
+
+- name: "Set ClamAV Signature Database Permission"
+  file:
+    path: "/var/lib/clamav"
+    state: directory
+    owner: clamav
+    group: clamav
+    recurse: yes

roles/deploy-clamd/tasks/configure-clamav.yml

@@ -0,0 +1,27 @@
+- name: Deploy ClamAV Systemd Service
+  template:
+    src: templates/systemd-clamav-service.j2
+    dest: /etc/systemd/system/clamd.service
+  notify:
+    - Reload Systemd Daemon
+
+- name: Deploy ClamAV Freshclam Service
+  template:
+    src: templates/systemd-freshclam-service.j2
+    dest: /etc/systemd/system/freshclam.service
+  notify: 
+    - Reload Systemd Daemon
+  
+- name: Deploy Freshclam Config File
+  template:
+    src: templates/freshclam-config.j2
+    dest: /etc/clamav/freshclam.conf
+  notify:
+    - Start Freshclam Service
+
+- name: Deploy ClamAV Config File
+  template:
+    src: templates/clamav-config.j2
+    dest: /etc/clamav/clamd.conf
+  notify: 
+    - Start Clamd Service

roles/deploy-clamd/tasks/install-dependencies.yml

@@ -0,0 +1,41 @@
+- name: "Install ClamAV Compilation Dependencies"
+  ansible.builtin.apt:
+    pkg:
+      - curl
+      - gcc
+      - make
+      - pkg-config
+      - python3
+      - python3-pip
+      - python3-pytest
+      - valgrind
+      - cmake
+      - check
+      - libbz2-dev
+      - libcurl4-openssl-dev
+      - libjson-c-dev
+      - libmilter-dev
+      - libncurses5-dev
+      - libpcre2-dev
+      - libssl-dev
+      - libxml2-dev
+      - zlib1g-dev
+      - sudo
+    state: present
+  
+- name: Check if cargo is installed already
+  shell: command -v cargo
+  register: cargo_exists
+  ignore_errors: true
+
+- name: "Install rusttoolchain for Compilation"
+  become: true
+  shell: |
+      curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | bash -s -- -y
+  when: cargo_exists.rc != 0
+
+- name: Ensure Cargo is set in Path
+  shell: |
+    source $HOME/.cargo/env
+  args:
+    executable: /bin/bash

roles/deploy-clamd/tasks/main.yml

@@ -0,0 +1,12 @@
+- name: Install ClamAV Dependencies
+  import_tasks: install-dependencies.yml
+  when: ansible_facts['os_family']|lower == 'debian'
+
+- name: Setup ClamAV Service User/Group
+  import_tasks: setup-clamav-user-group.yml
+
+- name: Compile ClamAV
+  import_tasks: compile-clamav.yml
+
+- name: Configure ClamAV
+  import_tasks: configure-clamav.yml

roles/deploy-clamd/tasks/setup-clamav-user-group.yml

@@ -0,0 +1,13 @@
+- name: "Setup ClamAV Service Group"
+  group:
+    name: clamav
+    state: present
+
+- name: "Setup ClamAV Service User"
+  user:
+    name: clamav
+    comment: ClamAV Service Account
+    shell: /bin/false
+    group: clamav
+    
+