|
|
|
|
@@ -1,19 +1,20 @@
|
|
|
|
|
<p align="center">
|
|
|
|
|
<a href="https://git.konsthol.eu/konsthol/SecDep">
|
|
|
|
|
<img src="assets/images/logo.png?raw=true" width="800"/>
|
|
|
|
|
</a>
|
|
|
|
|
</p>
|
|
|
|
|
|
|
|
|
|
### Instant Secure Cloud Docker Deployment
|
|
|
|
|
### Instant ⚡ Secure 🔒 Cloud ☁️ Docker Deployment 💻
|
|
|
|
|
|
|
|
|
|
Automated secure docker services deployment and virtual machine management using (mainly) the [libcloud](https://github.com/apache/libcloud) library to connect to AWS, Azure and GCE.
|
|
|
|
|
Automated secure docker images deployment and virtual machine management using (mainly) the [libcloud](https://github.com/apache/libcloud) <a href="https://libcloud.apache.org/"><img src="https://libcloud.apache.org/images/libcloud_logo.png" width="25" /></a> library to connect to <a href="https://aws.amazon.com/"><img src="https://upload.wikimedia.org/wikipedia/commons/thumb/9/93/Amazon_Web_Services_Logo.svg/512px-Amazon_Web_Services_Logo.svg.png?20170912170050" width="25" /></a>, <a href="https://azure.microsoft.com/en-us/"><img src="https://upload.wikimedia.org/wikipedia/commons/thumb/a/a8/Microsoft_Azure_Logo.svg/187px-Microsoft_Azure_Logo.svg.png?20210815110837" width="60" /></a> and <a href="https://cloud.google.com/"><img src="https://upload.wikimedia.org/wikipedia/commons/thumb/5/51/Google_Cloud_logo.svg/220px-Google_Cloud_logo.svg.png" width="100" /></a>.
|
|
|
|
|
|
|
|
|
|
# Description
|
|
|
|
|
# Description 📔 and motivation 🧐
|
|
|
|
|
|
|
|
|
|
Have you ever wanted to instantly deploy a simple virtual machine (or multiple) using one or more of the IaaS that the top 3 cloud providers offer? If yes, you might have noticed some things that tip you off like the fact that their web portals are bloated for your use case or confusing. Or that more often than not the same goes for their official cli tools. In the case you want to manage more than one provider's virtual machines, it becomes a hassle having to head over to their web portal, or tool and do the same thing in a different manner.
|
|
|
|
|
Have you ever wanted to instantly deploy a simple virtual machine (or multiple) using one or more of the IaaS that the top 🔝 3 cloud providers offer? 🤔 If yes 🙌💡, you might have noticed some things that tip you off like the fact that their web portals are bloated 🫃 for your use case or confusing 😕. Or that more often than not the same goes for their official cli tools 🤦. In the case you want to manage more than one provider's virtual machines, it becomes a hassle having to head over to their web portal, or tool and do the same thing in a different manner.
|
|
|
|
|
|
|
|
|
|
That's where SecDep comes in. With SecDep, you can manage your virtual machines across all three cloud providers with ease without having to think of where to go and how to get there to do what you want.
|
|
|
|
|
That's where SecDep comes in 💪. With SecDep, you can manage your virtual machines across all three cloud providers with ease 😎 without having to think of where to go and how to get there to do what you want 🥳.
|
|
|
|
|
|
|
|
|
|
# Features and roadmap
|
|
|
|
|
# Features and roadmap 🗺️
|
|
|
|
|
|
|
|
|
|
- [x] Virtual machine creation
|
|
|
|
|
- [x] GCE
|
|
|
|
|
@@ -33,29 +34,29 @@ That's where SecDep comes in. With SecDep, you can manage your virtual machines
|
|
|
|
|
- [ ] Hardening during creation
|
|
|
|
|
- [ ] Docker deployment during hardening
|
|
|
|
|
|
|
|
|
|
# Prerequisites
|
|
|
|
|
# Prerequisites 📋
|
|
|
|
|
|
|
|
|
|
Even though we want to avoid using the tools or the web portals we actually have to do it just once to have everything set up to go.
|
|
|
|
|
Even though we want to avoid using the tools or the web portals we actually have to do it just once to have everything set up to go 😐.
|
|
|
|
|
|
|
|
|
|
## GCE
|
|
|
|
|
|
|
|
|
|
First and foremost, you need to have a Google account. If you don't have one, you can create one [here](https://accounts.google.com/SignUp?hl=en).
|
|
|
|
|
First and foremost, you need to have a Google account. If you don't have one, you can create one 👉 [here](https://accounts.google.com/SignUp?hl=en).
|
|
|
|
|
|
|
|
|
|
Then follow the instructions [here](assets/pages/gce/GCE_setup.md) to set up your GCE account.
|
|
|
|
|
Instructions based on [libcloud's](https://libcloud.readthedocs.io/en/stable/compute/drivers/gce.html#service-account) documentation.
|
|
|
|
|
|
|
|
|
|
## Azure
|
|
|
|
|
|
|
|
|
|
For Azure you need to be a part of an organization that has an Azure subscription.
|
|
|
|
|
For Azure you need to be a part of an organization that has an Azure subscription 🏢.
|
|
|
|
|
|
|
|
|
|
Then follow the instructions [here](assets/pages/azure/Azure_setup.md) to set up your Azure account.
|
|
|
|
|
Instructions based on [libcloud's](https://libcloud.readthedocs.io/en/stable/compute/drivers/azure_arm.html#connecting-to-azure) documentation.
|
|
|
|
|
|
|
|
|
|
## AWS
|
|
|
|
|
|
|
|
|
|
For AWS you firstly need an account and then to follow the instructions [here](assets/pages/aws/AWS_setup.md)
|
|
|
|
|
For AWS you firstly need an account and then to follow the instructions [here](assets/pages/aws/AWS_setup.md) 👈.
|
|
|
|
|
|
|
|
|
|
# Dependencies
|
|
|
|
|
# Dependencies 📦
|
|
|
|
|
|
|
|
|
|
We would have 3 external dependecies but due to missing functionality in libcloud when it comes to Azure management we need 6.
|
|
|
|
|
|
|
|
|
|
@@ -67,32 +68,32 @@ We would have 3 external dependecies but due to missing functionality in libclou
|
|
|
|
|
2. [azure-mgmt-resource](https://pypi.org/project/azure-mgmt-resource/)
|
|
|
|
|
3. [azure-mgmt-network](https://pypi.org/project/azure-mgmt-network/)
|
|
|
|
|
|
|
|
|
|
# Installation
|
|
|
|
|
# Installation 🛠️
|
|
|
|
|
|
|
|
|
|
## Cloning the repository
|
|
|
|
|
## Cloning the repository 📁
|
|
|
|
|
|
|
|
|
|
You can clone the repository by running `git clone https://git.konsthol.eu/konsthol/SecDep.git` in the directory you want the files to reside.
|
|
|
|
|
|
|
|
|
|
It goes without saying that you need to have git installed and that you need python to run it since it is a python script afterall.
|
|
|
|
|
|
|
|
|
|
## Installing the dependencies
|
|
|
|
|
## Installing the dependencies 📥
|
|
|
|
|
|
|
|
|
|
The simplest way to install them is to run `pip install -r requirements.txt` in the root directory of the project.
|
|
|
|
|
|
|
|
|
|
If you don't have pip installed you can install it by running `sudo apt install python3-pip` on Debian based systems or `sudo dnf install python3-pip` on Fedora based systems.
|
|
|
|
|
|
|
|
|
|
For other systems you can check [here](https://pip.pypa.io/en/stable/installation/) for more information.
|
|
|
|
|
For other systems you can check [here](https://pip.pypa.io/en/stable/installation/) 👈 for more information.
|
|
|
|
|
|
|
|
|
|
# Walkthrough
|
|
|
|
|
# Walkthrough 🚶
|
|
|
|
|
|
|
|
|
|
Assuming you have set up your accounts and have the dependencies installed, you can now start using SecDep.
|
|
|
|
|
|
|
|
|
|
Further instructions [here](assets/pages/usage/usage.md)
|
|
|
|
|
# Sample outputs
|
|
|
|
|
# Sample outputs 📊
|
|
|
|
|
|
|
|
|
|
Images and videos of common tasks will reside [here](assets/pages/demo/demo.md)
|
|
|
|
|
|
|
|
|
|
# Connecting to the virtual machines
|
|
|
|
|
# Connecting to the virtual machines 🛰️ 🖥️
|
|
|
|
|
|
|
|
|
|
If you want to connect using your ssh client you will be able to run `ssh -i ~/Path/To/SecDep/secdep secdep@<ip>`.
|
|
|
|
|
|
|
|
|
|
@@ -102,6 +103,6 @@ The ip will be outputted after the creation of the virtual machine.
|
|
|
|
|
|
|
|
|
|
If for any reason you delete either the public or the provate key they will both be regenerated and you should probably delete the virtual machines that use it or find another way to log in and manually put the secdep.pub key to the authorized_keys file of the secdep user.
|
|
|
|
|
|
|
|
|
|
# License
|
|
|
|
|
# License 📜
|
|
|
|
|
|
|
|
|
|
[GPLv3](https://www.gnu.org/licenses/gpl-3.0.html)
|
|
|
|
|
|
