Forge Home


Puppet Module for managing ClamAV


33,922 latest version

5.0 quality score

We run a couple of automated
scans to help you access a
module's quality. Each module is
given a score based on how well
the author has formatted their
code and documentation and
modules are also checked for
malware using VirusTotal.

Please note, the information below
is for guidance only and neither of
these methods should be considered
an endorsement by Puppet.

Version information

  • 2.0.0 (latest)
  • 1.0.0
  • 0.5.0
  • 0.4.0
  • 0.3.1
  • 0.3.0
  • 0.2.3
  • 0.2.2
  • 0.2.1
  • 0.1.2
  • 0.1.1
  • 0.1.0
released Aug 26th 2020
This version is compatible with:
  • Puppet Enterprise 2018.1.x, 2017.3.x, 2017.2.x, 2017.1.x, 2016.5.x, 2016.4.x
  • Puppet >= 4.7.0 < 6.0.0
  • , , , ,

Start using this module

  • r10k or Code Manager
  • Bolt
  • Manual installation
  • Direct download

Add this module to your Puppetfile:

mod 'edestecd-clamav', '2.0.0'
Learn more about managing modules with a Puppetfile

Add this module to your Bolt project:

bolt module add edestecd-clamav
Learn more about using this module with an existing project

Manually install this module globally with Puppet module tool:

puppet module install edestecd-clamav --version 2.0.0

Direct download is not typically how you would use a Puppet module to manage your infrastructure, but you may want to download the module in order to inspect the code.



edestecd/clamav — version 2.0.0 Aug 26th 2020


Build Status Puppet Forge Puppet Forge Downloads Puppet Forge Score

Table of Contents

  1. Overview
  2. Module Description - What the module does and why it is useful
  3. Setup - The basics of getting started with clamav
  4. Usage - Configuration options and additional functionality
  5. Reference - An under-the-hood peek at what the module is doing and how
  6. Limitations - OS compatibility, etc.
  7. Development - Guide for contributing to the module
  8. Contributors


Puppet Module to install/configure clamd and freshclam on Debian and RedHat

Module Description

The clamav module provides some classes to install and configure most of the components of clamav.
You may also choose to manage only the parts that you need.
This module aims to be minimalistic.
No options produces stock config files as provided by your package installer.

This module has the following components that can be managed (or not):

  • Base clamav package - command line and libs
  • clamav user
  • clam daemon
  • freshclam daemon/cron (dependent on OS)
  • clamav-milter (RHEL7 and derivatives only for now)


What clamav affects

  • clamav/clamd/freshclam package install
  • clamav/clamd/freshclam config files
  • clamd/freshclam services or daily cron on redhat
  • clamav-milter package install, config files, service (optional)
  • clam user/group (optional)

Setup Requirements

only need to install the module

Beginning with clamav

Minimal clamav package install for command line use:

include clamav


Manage the clam and freshclam daemon with stock config

class { 'clamav':
  manage_clamd             => true,
  manage_freshclam         => true,
  clamd_service_ensure     => 'running',
  freshclam_service_ensure => 'stopped',

Also manage the clam user and group

class { 'clamav':
  manage_user      => true,
  uid              => 499,
  gid              => 499,
  shell            => '/sbin/nologin',
  manage_clamd     => true,
  manage_freshclam => true,

Customize the clamd and freshclam config

class { 'clamav':
  manage_clamd      => true,
  manage_freshclam  => true,
  clamd_options     => {
    'MaxScanSize' => '500M',
    'MaxFileSize' => '150M',
  freshclam_options => {
    'LogTime'         => 'yes',
    'HTTPProxyServer' => '',
    'HTTPProxyPort'   => '80',
    'NotifyClamd'     => '/etc/clamd.conf',
    'DatabaseMirror'  => [

Add clamav-milter support and customize its config (RHEL7 and derivatives only)

Please note that as of RHEL 7.2 only the TCP socket has been tested successfully

class { 'clamav':
  manage_repo           => false,
  clamd_options         => {
    'TCPSocket' => '3310',
    'TCPAddr'   => '',

  clamav_milter_options => {
    'AddHeader'  => 'add',
    'OnInfected' => 'Reject',
    'RejectMsg'  => 'Message rejected: Infected by %v',

  manage_clamd          => true,
  manage_freshclam      => true,
  manage_clamav_milter  => true,
  clamd_service_ensure  => 'running',

Configure with hiera yaml

include clamav
clamav::manage_clamd: true
clamav::manage_freshclam: true

  MaxScanSize: 500M
  MaxFileSize: 150M
  LogTime: yes
  HTTPProxyPort: 80
  NotifyClamd: /etc/clamd.conf



  • clamav
  • clamav::user
  • clamav::clamd
  • clamav::freshclam


This module has been built on and tested against Puppet 3.8 and higher.
While I am sure other versions work, I have not tested them.

This module supports modern RedHat and Debian based systems.
No plans to support other versions (unless you add it :)..


Pull Requests welcome