Merge pull request #1 from jahangir842/main

Two more directories added: Azure and Github Actions

Author: techarkit

.github/workflows/use-keyvault-secret.yml

@@ -0,0 +1,67 @@
+name: Retrieve Azure Key Vault Secret
+
+on:
+  push:
+    branches:
+      - main
+  workflow_dispatch:
+
+jobs:
+  get-secret:
+    runs-on: ubuntu-latest
+
+    steps:
+      # Check out the repository
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      # Log in to Azure using service principal (for Azure CLI)
+      - name: Log in to Azure CLI
+        uses: azure/login@v2
+        with:
+          creds: |
+            {
+              "clientId": "${{ secrets.AZURE_CLIENT_ID }}",
+              "clientSecret": "${{ secrets.AZURE_CLIENT_SECRET }}",
+              "tenantId": "${{ secrets.AZURE_TENANT_ID }}",
+              "subscriptionId": "${{ secrets.AZURE_SUBSCRIPTION_ID }}"
+            }
+
+      # Log in to Azure PowerShell
+      - name: Log in to Azure PowerShell
+        shell: pwsh
+        run: |
+          # Install Azure PowerShell module
+          Install-Module -Name Az -Force -AllowClobber -Scope CurrentUser
+
+          # Authenticate with service principal
+          $secureClientSecret = ConvertTo-SecureString "${{ secrets.AZURE_CLIENT_SECRET }}" -AsPlainText -Force
+          $credential = New-Object System.Management.Automation.PSCredential ("${{ secrets.AZURE_CLIENT_ID }}", $secureClientSecret)
+          Connect-AzAccount -ServicePrincipal -Credential $credential -TenantId "${{ secrets.AZURE_TENANT_ID }}" -SubscriptionId "${{ secrets.AZURE_SUBSCRIPTION_ID }}"
+
+          # Verify login
+          $context = Get-AzContext
+          if ($context) {
+            Write-Output "Logged in as: $($context.Account.Id)"
+            Write-Output "Subscription: $($context.Subscription.Id)"
+          } else {
+            Write-Error "Failed to log in to Azure PowerShell"
+            exit 1
+          }
+
+      # Retrieve Key Vault Secret
+      - name: Retrieve Key Vault Secret
+        shell: pwsh
+        run: |
+          # Retrieve the secret
+          $secret = Get-AzKeyVaultSecret -VaultName "akvjagz" -Name "mytestsecret" -AsPlainText
+
+          # Set as environment variable for subsequent steps
+          echo "MY_SECRET=$secret" >> $GITHUB_ENV
+
+      # Example: Use the secret
+      - name: Use the Secret
+        shell: bash
+        run: |
+          echo "Using secret: [REDACTED]"
+          # Use ${{ env.MY_SECRET }} in your deployment logic

Ansible/README.md

@@ -1,5 +1,158 @@
-## Ansible Tasks ##
-- Use the sample website present in the GitHub repository, the link for which is mentioned below.
-- https://github.com/Sameer-8080/Website-PRT-ORG.git
-- Clone this repository in the Ansible master machine to use for the next task.
-- Create the Ansible script to install nginx in one of the Slaves and apache2 in the other, and replace the original index.html files for both the machines with the website in the GitHub link that will have been cloned in the previous step.
+# 📘 Ansible Automation Repository
+
+## Readword Demo:
+
+- https://github.com/NASTP-ce/llm-arena/tree/main/ansible
+
+
+
+This repository contains **infrastructure automation playbooks** and **roles** managed with Ansible.
+It follows a best-practice layout where all automation tasks (NFS, Docker, monitoring tools, etc.) live in one place.
+
+---
+
+## Install Ansible and Shell Autocompletion
+
+https://docs.ansible.com/ansible/latest/installation_guide/intro_installation.html
+
+
+# Autocomplete:
+
+```bash
+#  Install argcomplete globally (easier)
+bashsudo apt install python3-argcomplete
+
+# Then use:
+
+basheval "$(register-python-argcomplete3 ansible)"
+eval "$(register-python-argcomplete3 ansible-playbook)"
+eval "$(register-python-argcomplete3 ansible-vault)"
+eval "$(register-python-argcomplete3 ansible-galaxy)"
+eval "$(register-python-argcomplete3 ansible-config)"
+```
+
+
+## 📂 Directory Structure
+
+```
+ansible-project/
+├── inventories/
+│   ├── production/
+│   │   └── hosts.ini        # Host inventory (server/client groups)
+├── roles/
+│   ├── nfs_server/          # Role to configure NFS server
+│   │   └── tasks/main.yml
+│   ├── nfs_client/          # Role to configure NFS clients
+│   │   └── tasks/main.yml
+│   ├── <future_roles>/      # Add new roles here (e.g., docker, prometheus)
+├── playbooks/
+│   └── site.yml             # Main entry playbook (calls roles)
+└── ansible.cfg              # Global Ansible configuration
+```
+
+### 🔹 Key Components
+
+* **inventories/** → Defines hosts and groups (production, staging, etc.)
+* **roles/** → Modular automation units (server/client/software configs)
+* **playbooks/** → Playbooks that orchestrate roles on host groups
+* **ansible.cfg** → Defaults (inventory, SSH options, etc.)
+
+---
+
+## ▶️ Usage
+
+### 1. Check connectivity
+
+```bash
+ansible all -m ping
+```
+
+### 2. Run main site playbook
+
+```bash
+ansible-playbook playbooks/site.yml
+```
+
+### 3. Run playbook for a specific host group
+
+```bash
+ansible-playbook playbooks/site.yml --limit nfs_clients
+```
+
+### 4. Run a single ad-hoc command
+
+```bash
+ansible all -a "uptime"
+ansible nfs_server -a "df -h"
+```
+
+### 5. Run a role/playbook with tags
+
+```bash
+ansible-playbook playbooks/site.yml --tags "nfs"
+```
+
+---
+
+## 🔧 Adding New Software (Best Practice)
+
+1. Create a new role:
+
+   ```bash
+   ansible-galaxy init roles/<new_role_name>
+   ```
+
+   Example: `roles/docker/`
+
+2. Add tasks in `roles/<new_role_name>/tasks/main.yml`
+
+3. Include the role in `playbooks/site.yml`:
+
+   ```yaml
+   - name: Install Docker
+     hosts: all
+     become: yes
+     roles:
+       - docker
+   ```
+
+4. Run:
+
+   ```bash
+   ansible-playbook playbooks/site.yml
+   ```
+
+---
+
+## 📝 Frequently Used Commands Cheat Sheet
+
+* **Check syntax before running**
+
+  ```bash
+  ansible-playbook playbooks/site.yml --syntax-check
+  ```
+
+* **Dry run (see changes without applying)**
+
+  ```bash
+  ansible-playbook playbooks/site.yml --check
+  ```
+
+* **Limit to one host**
+
+  ```bash
+  ansible-playbook playbooks/site.yml --limit 192.168.1.12
+  ```
+
+* **Run with more output**
+
+  ```bash
+  ansible-playbook playbooks/site.yml -vvv
+  ```
+
+---
+
+✅ With this structure, all your **future software installations** can be added as new roles.
+This makes it easy to scale your automation across multiple environments.
+
+---

Ansible/inventories/production/hosts

@@ -0,0 +1,4 @@
+[webservers]
+
+server3 ansible_host=192.168.1.4 ansible_user=user3
+server5 ansible_host=192.168.1.6 ansible_user=hassan

Ansible/inventories/staging/hosts

@@ -0,0 +1,2 @@
+[staging]
+# Add staging hosts here

Ansible/playbooks/site.yml

@@ -0,0 +1,14 @@
+---
+
+
+- hosts: all
+  become: yes
+  tasks:
+    - name: Install VLC media player
+      apt:
+        name: vlc
+        state: present
+      when: ansible_os_family == 'Debian'
+
+
+

Ansible/playbooks/webservers.yml

@@ -0,0 +1,9 @@
+---
+- hosts: webservers
+  become: yes
+  tasks:
+    - name: Ensure nginx is installed
+      apt:
+        name: nginx
+        state: present
+      when: ansible_os_family == 'Debian'

Ansible/roles/example_role/files/example.txt

@@ -0,0 +1 @@
+This is an example file for the example_role.

Ansible/roles/example_role/handlers/main.yml

@@ -0,0 +1,2 @@
+---
+# handlers file for example_role

Ansible/roles/example_role/tasks/main.yml

@@ -0,0 +1,5 @@
+---
+# tasks file for example_role
+- name: Example task
+  debug:
+    msg: "This is an example role task."

Ansible/roles/example_role/templates/example.j2

@@ -0,0 +1,2 @@
+# Example Jinja2 template
+Hello from {{ inventory_hostname }}!