No changes after this point.

2023-03-21 23:00:18 +02:00
parent 0e338f9e3a
commit 97a98e9aa5
11 changed files with 67 additions and 0 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -1,4 +1,5 @@
 .env
+.envOLD
 *.json
 secdep
 secdep.pub
--- a/README.md
+++ b/README.md
@@ -0,0 +1,25 @@
+
+# SecDep (Still under development, hardening and docker deployment missing)
+
+Automated secure docker services deployment and virtual machine management using (mainly) the [libcloud](https://github.com/apache/libcloud) library to connect to AWS, Azure and GCE.
+
+# Description
+
+Have you ever wanted to instantly deploy a simple virtual machine (or multiple) using one or more of the IaaS that the top 3 cloud providers offer? If yes, you might have noticed some things that tip you off like the fact that their web portals are bloated for your use case or confusing. Or that more often than not the same goes for their official cli tools. In the case you want to manage more than one provider's virtual machines, it becomes a hassle having to head over to their web portal, or tool and do the same thing in a different manner.
+
+That's where SecDep comes in. With SecDep, you can manage your virtual machines across all three cloud providers with ease without having to think of where to go and how to get there to do what you want.
+
+# Prerequisites
+
+Even though we want to avoid using the tools or the web portals we actually have to do it just once to have everything set up to go.
+
+## GCE
+
+First and foremost, you need to have a Google account. If you don't have one, you can create one [here](https://accounts.google.com/SignUp?hl=en).
+
+Then follow the instructions [here](assets/pages/gce/GCE_setup.md) to set up your GCE account.
+Instructions based on [libcloud's](https://libcloud.readthedocs.io/en/stable/compute/drivers/gce.html#service-account) documentation.
+
+## Azure
+
+For Azure you need to be a part of an organization that has an Azure subscription.  
--- a/assets/images/gce/gce-1.png
+++ b/assets/images/gce/gce-1.png
--- a/assets/images/gce/gce-2.png
+++ b/assets/images/gce/gce-2.png
--- a/assets/images/gce/gce-3.png
+++ b/assets/images/gce/gce-3.png
--- a/assets/images/gce/gce-4.png
+++ b/assets/images/gce/gce-4.png
--- a/assets/images/gce/gce-5.png
+++ b/assets/images/gce/gce-5.png
--- a/assets/images/gce/gce-6.png
+++ b/assets/images/gce/gce-6.png
--- a/assets/images/gce/gce-7.png
+++ b/assets/images/gce/gce-7.png
--- a/assets/images/gce/gce-8.png
+++ b/assets/images/gce/gce-8.png
--- a/assets/pages/gce/GCE_setup.md
+++ b/assets/pages/gce/GCE_setup.md
@@ -0,0 +1,41 @@
+# GCE Authentication
+
+For the Google Compute Engine we firstly need to create a new project.
+
+1. Head over to [Google Cloud Console](https://console.cloud.google.com/) and [create a new project](https://console.cloud.google.com/projectcreate). You can go with the default randomly generated project name or input your own and you can leave the location field on No organization. Then click create.
+
+![Project Creation](../../images/gce/gce-1.png)
+
+2. Then while being on the new project's dashboard, click the humburger menu and go to the [IAM & Admin](https://console.cloud.google.com/iam-admin/) [service accounts](https://console.cloud.google.com/iam-admin/serviceaccounts) section and create a new service account. Enter a name for the new service account and click create and continue. Give the service account the appropiate permissions such as Owner, Compute Engine Service Agent and Service Account User. Also include your account's email to the add admin roles section.
+
+![Service Account Creation](../../images/gce/gce-2.png)
+![Service Account Permissions](../../images/gce/gce-3.png)
+![Service Account Access 1](../../images/gce/gce-4.png)
+![Service Account Access 2](../../images/gce/gce-5.png)
+
+3. Then while being on the service accounts section click on the service account you just created and then on the [Add Key](https://console.cloud.google.com/apis/credentials/serviceaccountkey) button and choose the JSON option for Key type. Download it to the same location as the project's source files
+
+![Service Account Key 1](../../images/gce/gce-6.png)
+![Service Account Key 2](../../images/gce/gce-7.png)
+
+4. Finally go to the [APIs & Services](https://console.cloud.google.com/apis/dashboard) section and enable the [Compute Engine API](https://console.cloud.google.com/apis/library/compute.googleapis.com)
+
+![Compute Engine API](../../images/gce/gce-8.png)
+
+6. Keep in mind you need to have billing information associated and enabled for your project.
+
+In as few words as possible, here are the steps to follow:
+[Create Project](https://console.cloud.google.com/projectcreate)
+[Create Service Account](https://console.cloud.google.com/iam-admin/serviceaccounts)
+[Create Service Account Key](https://console.cloud.google.com/apis/credentials/serviceaccountkey)
+[Enable Compute Engine API](https://console.cloud.google.com/apis/library/compute.googleapis.com)
+
+There are three values needed for authentication with the Google Compute Engine API. The first is the project ID, which is the name of the project you created in the Google Cloud Console. The second is the service account email address, which is the email address of the service account you created in the Google Cloud Console. The third is the path to the JSON file that contains the private key for the service account. You can find these values in the JSON file you downloaded from the Google Cloud Console.
+
+Those values are also located in the JSON file and are translate to the following environment variables:
+* GCE_PROJECT_ID -> project_id
+* GCE_CLIENT_SECRET -> private_key_id
+* GCE_CLIENT_ID -> client_email
+
+
+