# Linux Operations Automation

## Problem

Linux infrastructure work often starts as ticket-driven operations: deploy a server, patch it, harden SSH, check a failed service, expand a filesystem, and leave evidence that the change was safe. These tasks need automation that is readable, repeatable, and cautious enough for production-style environments.

## CV Relevance

This project maps directly to Linux/Unix operations, server deployment, patching, troubleshooting, and storage/LVM work from enterprise infrastructure environments. The LVM resize workflow is written in an AAP-style shape: explicit survey variables, dry-run defaults, pre-checks, resize actions, and before/after evidence.

## What This Project Demonstrates

- Ansible playbooks for common Linux node lifecycle operations.
- Role-based task organization with clear defaults and handlers.
- LVM filesystem expansion workflow suitable for Ansible Automation Platform job templates.
- Safe simulation scripts for failure, service, and scaling exercises.
- Reviewer-friendly evidence in `examples/` without relying on a live enterprise lab.

## Architecture

```text
Operator -> Make targets -> Ansible inventory -> Playbooks/Roles -> Linux nodes
                         -> Simulation scripts -> Example evidence
                         -> AAP-style LVM workflow -> Before/after report
```

Core components:

- `inventory/hosts.ini` defines realistic host groups.
- `playbooks/` contains provision, patch, harden, and decommission workflows.
- `playbooks/lvm_resize.yml` contains the storage expansion workflow.
- `roles/` contains the implemented Ansible roles.
- `scripts/` provides safe simulation helpers.
- `docker-compose.yml` is a lightweight local scaffold, not a production lab.

## Quickstart

```bash
cd professional-infra/linux-operations-automation
make test
make demo
```

`make test` runs offline syntax and lint checks. `make demo` runs a safe simulation with `SIMULATION_MODE=true` and does not require reachable SSH hosts.

To run playbooks against real or lab hosts, update `inventory/hosts.ini` and run:

```bash
make run
make patch
make harden
make decommission
```

Review the LVM workflow:

```bash
ansible-playbook -i inventory/hosts.ini playbooks/lvm_resize.yml --syntax-check
cat docs/aap_lvm_resize_workflow.md
```

## Validation

```bash
make test
docker compose config --quiet
```

The optional compose scaffold can be started with:

```bash
make up
make down
```

## Example Output

Sample evidence is available in [examples/patch-output.txt](examples/patch-output.txt), [examples/failure-simulation.txt](examples/failure-simulation.txt), and [examples/lvm-resize-output.txt](examples/lvm-resize-output.txt).

## Interview Talking Points

- How to make LVM resize automation safe with dry-run defaults and explicit approval.
- Why before/after evidence matters for storage and filesystem changes.
- How Ansible roles keep Linux baseline operations repeatable.
- Where AAP surveys and job templates reduce ticket handling errors.

## Roadmap

- Add complete service roles for application deployment examples.
- Add backup, security scan, and disaster recovery playbooks.
- Add a richer local lab with SSH-ready containers.
- Add cloud or Kubernetes deployment variants.