ansible-cis/tasks/aide.yaml

---
- name: Install AIDE
  dnf:
    name: aide
    state: installed
- name: Init AIDE if database is missing
  shell: aide --init && mv /var/lib/aide/aide.db.new.gz /var/lib/aide/aide.db.gz
  args:
    creates: /var/lib/aide/aide.db.gz
- name: Install AIDE crontab
  copy:
    dest: /etc/cron.d/aide
    owner: root
    group: root
    mode: "0600"
    content: |
      SHELL=/bin/bash
      PATH=/sbin:/bin:/usr/sbin:/usr/bin
      MAILTO=root
      0 5 * * * root /usr/sbin/aide --check