diff --git a/README.md b/README.md index 1b496b3..7fb2732 100644 --- a/README.md +++ b/README.md @@ -1,19 +1,20 @@

+

-### Instant Secure Cloud Docker Deployment +### Instant ⚑ Secure πŸ”’ Cloud ☁️ Docker Deployment πŸ’» -Automated secure docker services deployment and virtual machine management using (mainly) the [libcloud](https://github.com/apache/libcloud) library to connect to AWS, Azure and GCE. +Automated secure docker images deployment and virtual machine management using (mainly) the [libcloud](https://github.com/apache/libcloud) library to connect to , and . -# Description +# Description πŸ“” and motivation 🧐 -Have you ever wanted to instantly deploy a simple virtual machine (or multiple) using one or more of the IaaS that the top 3 cloud providers offer? If yes, you might have noticed some things that tip you off like the fact that their web portals are bloated for your use case or confusing. Or that more often than not the same goes for their official cli tools. In the case you want to manage more than one provider's virtual machines, it becomes a hassle having to head over to their web portal, or tool and do the same thing in a different manner. +Have you ever wanted to instantly deploy a simple virtual machine (or multiple) using one or more of the IaaS that the top πŸ” 3 cloud providers offer? πŸ€” If yes πŸ™ŒπŸ’‘, you might have noticed some things that tip you off like the fact that their web portals are bloated πŸ«ƒ for your use case or confusing πŸ˜•. Or that more often than not the same goes for their official cli tools 🀦. In the case you want to manage more than one provider's virtual machines, it becomes a hassle having to head over to their web portal, or tool and do the same thing in a different manner. -That's where SecDep comes in. With SecDep, you can manage your virtual machines across all three cloud providers with ease without having to think of where to go and how to get there to do what you want. +That's where SecDep comes in πŸ’ͺ. With SecDep, you can manage your virtual machines across all three cloud providers with ease 😎 without having to think of where to go and how to get there to do what you want πŸ₯³. -# Features and roadmap +# Features and roadmap πŸ—ΊοΈ - [x] Virtual machine creation - [x] GCE @@ -33,29 +34,29 @@ That's where SecDep comes in. With SecDep, you can manage your virtual machines - [ ] Hardening during creation - [ ] Docker deployment during hardening -# Prerequisites +# Prerequisites πŸ“‹ -Even though we want to avoid using the tools or the web portals we actually have to do it just once to have everything set up to go. +Even though we want to avoid using the tools or the web portals we actually have to do it just once to have everything set up to go 😐. ## GCE -First and foremost, you need to have a Google account. If you don't have one, you can create one [here](https://accounts.google.com/SignUp?hl=en). +First and foremost, you need to have a Google account. If you don't have one, you can create one πŸ‘‰ [here](https://accounts.google.com/SignUp?hl=en). Then follow the instructions [here](assets/pages/gce/GCE_setup.md) to set up your GCE account. Instructions based on [libcloud's](https://libcloud.readthedocs.io/en/stable/compute/drivers/gce.html#service-account) documentation. ## Azure -For Azure you need to be a part of an organization that has an Azure subscription. +For Azure you need to be a part of an organization that has an Azure subscription 🏒. Then follow the instructions [here](assets/pages/azure/Azure_setup.md) to set up your Azure account. Instructions based on [libcloud's](https://libcloud.readthedocs.io/en/stable/compute/drivers/azure_arm.html#connecting-to-azure) documentation. ## AWS -For AWS you firstly need an account and then to follow the instructions [here](assets/pages/aws/AWS_setup.md) +For AWS you firstly need an account and then to follow the instructions [here](assets/pages/aws/AWS_setup.md) πŸ‘ˆ. -# Dependencies +# Dependencies πŸ“¦ We would have 3 external dependecies but due to missing functionality in libcloud when it comes to Azure management we need 6. @@ -67,32 +68,32 @@ We would have 3 external dependecies but due to missing functionality in libclou 2. [azure-mgmt-resource](https://pypi.org/project/azure-mgmt-resource/) 3. [azure-mgmt-network](https://pypi.org/project/azure-mgmt-network/) -# Installation +# Installation πŸ› οΈ -## Cloning the repository +## Cloning the repository πŸ“ You can clone the repository by running `git clone https://git.konsthol.eu/konsthol/SecDep.git` in the directory you want the files to reside. It goes without saying that you need to have git installed and that you need python to run it since it is a python script afterall. -## Installing the dependencies +## Installing the dependencies πŸ“₯ The simplest way to install them is to run `pip install -r requirements.txt` in the root directory of the project. If you don't have pip installed you can install it by running `sudo apt install python3-pip` on Debian based systems or `sudo dnf install python3-pip` on Fedora based systems. -For other systems you can check [here](https://pip.pypa.io/en/stable/installation/) for more information. +For other systems you can check [here](https://pip.pypa.io/en/stable/installation/) πŸ‘ˆ for more information. -# Walkthrough +# Walkthrough 🚢 Assuming you have set up your accounts and have the dependencies installed, you can now start using SecDep. Further instructions [here](assets/pages/usage/usage.md) -# Sample outputs +# Sample outputs πŸ“Š Images and videos of common tasks will reside [here](assets/pages/demo/demo.md) -# Connecting to the virtual machines +# Connecting to the virtual machines πŸ›°οΈ πŸ–₯️ If you want to connect using your ssh client you will be able to run `ssh -i ~/Path/To/SecDep/secdep secdep@`. @@ -102,6 +103,6 @@ The ip will be outputted after the creation of the virtual machine. If for any reason you delete either the public or the provate key they will both be regenerated and you should probably delete the virtual machines that use it or find another way to log in and manually put the secdep.pub key to the authorized_keys file of the secdep user. -# License +# License πŸ“œ [GPLv3](https://www.gnu.org/licenses/gpl-3.0.html) diff --git a/assets/pages/aws/AWS_setup.md b/assets/pages/aws/AWS_setup.md index e421ecc..87b5d97 100644 --- a/assets/pages/aws/AWS_setup.md +++ b/assets/pages/aws/AWS_setup.md @@ -1,4 +1,4 @@ -# AWS Authentication +# AWS Authentication 🀝 To authenticate with AWS, the simplest thing you need is an access key. diff --git a/assets/pages/azure/Azure_setup.md b/assets/pages/azure/Azure_setup.md index 83f362c..f765ce8 100644 --- a/assets/pages/azure/Azure_setup.md +++ b/assets/pages/azure/Azure_setup.md @@ -1,4 +1,4 @@ -# Azure Authentication +# Azure Authentication βœ”οΈ For the Azure Resource Manager the fastest way to get started is by having access to the azure-cli tool. We only need this once. diff --git a/assets/pages/gce/GCE_setup.md b/assets/pages/gce/GCE_setup.md index 4570fa7..ac7dc39 100644 --- a/assets/pages/gce/GCE_setup.md +++ b/assets/pages/gce/GCE_setup.md @@ -1,4 +1,4 @@ -# GCE Authentication +# GCE Authentication πŸ”‘ For the Google Compute Engine we firstly need to create a new project. diff --git a/assets/pages/usage/usage.md b/assets/pages/usage/usage.md index 3898c50..a1f0ffe 100644 --- a/assets/pages/usage/usage.md +++ b/assets/pages/usage/usage.md @@ -1,12 +1,16 @@ -# First run +# First run πŸƒ What will happen on your system on first run? well, SecDep will create a `.env` file in the root directory of the project. This file is needed to store the authentication values needed to access the cloud providers. You will be asked for every needed value for every supported provider and if you don't need one you should just press enter to leave it's respecting values empty. +### Configuration βš™οΈ + Should you ever change your mind you can always edit the `.env` file manually or run `python3 secdep.py -v` or `python3 secdep.py --values` to change the values you want. +### Key Creation πŸ” + Then a public and a private ssh key will be generated and stored in the root of the directory. The public key will be added to the `~/.ssh/authorized_keys` file of a secdep user that will be created on the virtual machines. The private key will be used to connect to the virtual machines. -# Creating a virtual machine +# Creating a virtual machine πŸ–₯️ To create a virtual machine you can run `python3 secdep.py -P -c` or `python3 secdep.py --provider --create` where `` is either `gce`, `azure` or `aws`. @@ -19,7 +23,7 @@ You will be asked to enter some information regarding the virtual machine you wa and then you will be shown the chosen values and asked to confirm the creation of the virtual machine. -# Skipping the confirmation and some options +# Skipping the confirmation and some options πŸ™… If you want to skip the confirmation or some of the asked values you can specify them using command line flags as so @@ -51,7 +55,7 @@ or with specific values `python3 secdep.py -P aws -c -n test-node -s t3.micro -i ami-0246e87085c5c98e3 -y` -# Finding valid values +# Finding valid values for the flags πŸ•΅οΈ If you want to find valid values for the image you can run `python3 secdep.py -P -I -p` or `python3 secdep.py --provider --listimages --print` where `` is either `gce`, `azure` or `aws`. @@ -155,6 +159,6 @@ If you want to delete them all in either case you can use the deleteall action i Same goes for stop, start and reboot. -# SSHing into a virtual machine +# SSHing into a virtual machine πŸš€ To SSH into a virtual machine you get the choice from `python3 secdep.py -ssh` or `python3 secdep.py -P gce -ssh` to only choose from the gce instances.