brandomeniconi · February 19, 2018 16:43
diff --git a/deploy.sh b/deploy.sh
 #!/usr/bin/env bash

 GCLOUD_REGION="europe-west3"
 GCLOUD_ZONE=$GCLOUD_REGION-c

 projectID=$(gcloud config list --format 'value(core.project)')

 echo  "Preparing hosting environment for project: $projectID in zone $GCLOUD_ZONE\n"
 read -p "Press enter to continue.."

 #get the instance IP
 sqlIP=$(gcloud sql instances describe website --format='value(ipAddresses[0].ipAddress)')

 #connenct to SQL and create DATABASE and USER with a random password
 DB_USER_PASSWORD=$(openssl rand -base64 24)
 DB_USER=wordpress_user
 echo "CREATE DATABASE website; GRANT ALL ON website.* TO 'wordpress_user'@'%' IDENTIFIED BY '$DB_USER_PASSWORD';" | gcloud beta sql connect website --user=root

 #connect to GCE instance and install required packages
 gcloud compute ssh website --zone $GCLOUD_ZONE --command " \
  sudo apt-get update; \
  sudo apt-get install apache2 php mysql-client git subversion zip python-certbot-apache \
  php-curl php-mysql php-curl php-gd php-dom php-cli php-json php-common php-mbstring php-opcache php-readline; \
  sudo service apache2 restart; \
  curl -O https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar; \
  chmod +x wp-cli.phar; \
  sudo mv wp-cli.phar /usr/local/bin/wp; \
  php -r \"copy('https://getcomposer.org/installer', 'composer-setup.php');\"; \
  php -r \"if (hash_file('SHA384', 'composer-setup.php') === '544e09ee996cdf60ece3804abc52599c22b1f40f4323403c44d44fdfdd586475ca9813a858088ffbc1f233e9b180f061') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;\"; \
  php composer-setup.php; \
  sudo mv composer.phar /usr/local/bin/composer; \
  php -r \"unlink('composer-setup.php');\"
  sudo chown webmaster:webmaster /var/www; \
  cd /var/www; \
  gcloud source repos clone website &&  mv website/{.,}* ./ && rmdir website; \
  composer install --no-dev --prefer-dist; \
  touch .env; \
  sed -i -e 's/DB_PASSWORD=database_password/DB_PASSWORD=$DB_USER_PASSWORD/g' .env; \
  sed -i -e 's/DB_USER=database_user/DB_USER=$DB_USER/g' .env; \
  sed -i -e 's/DB_NAME=database_name/DB_NAME=website/g' .env; \
  sed -i -e 's/DB_HOST=localhost/DB_HOST=$sqlIP/g' .env; \
  sudo sed -i 's/\/var\/www\/html/\/var\/www\/web/g' '/etc/apache2/sites-available/000-default.conf' \
  sudo service apache2 reload; \
 " || \
 echo "Error setting up environment: edit .env file with this credentials: \n DB User: $DB_USER \n DB Password: $DB_USER_PASSWORD \n DB Host: $sqlIP"

 #create firewall rules
 gcloud compute firewall-rules create default-allow-http --action allow --direction INGRESS --rules tcp:80 --target-tags http-server
 gcloud compute firewall-rules create default-allow-https --action allow --direction INGRESS --rules tcp:443 --target-tags https-server
diff --git a/setup.sh b/setup.sh
 #!/usr/bin/env bash

 GCLOUD_REGION="europe-west3"
 GCLOUD_ZONE=$GCLOUD_REGION-c

 projectID=$(gcloud config list --format 'value(core.project)')

 echo  "Preparing GCP for project: $projectID in zone $GCLOUD_ZONE\n"
 read -p "Press enter to continue.."

 #create a service account for Websites
 gcloud iam service-accounts create website --display-name "Website"

 #create service account for developers (Cloud9)
 gcloud iam service-accounts create cloud9 --display-name "Cloud9"

 #create the repos
 gcloud source repos create website
 gcloud source repos create theme

 #create and start the GCE instance - deploy
 gcloud compute instances create website  \
  --image-family debian-9 \
  --image-project debian-cloud \
  --zone $GCLOUD_ZONE \
  --scopes=https://www.googleapis.com/auth/cloud-platform \
  --tags http-server,https-server \
  --service-account=website@${projectID}.iam.gserviceaccount.com \
  --machine-type=f1-micro

 #create and start the Cloud SQL instance
 gcloud sql instances create website \
  --gce-zone=$GCLOUD_ZONE  \
  --region=$GCLOUD_REGION \
  --tier=db-f1-micro \
  --backup-start-time=23:00 \
  --database-version="MYSQL_5_7"

 # todo
 #existingSQLIPs=$(gcloud sql instances describe website --format='value[delimiter=","](settings.ipConfiguration.authorizedNetworks[].value)')

 #get the instance IP
 instanceIP=$(gcloud compute instances describe website --zone=$GCLOUD_ZONE --format='value(networkInterfaces[0].accessConfigs[0].natIP)')
 sqlIP=$(gcloud sql instances describe website --format='value(ipAddresses[0].ipAddress)')

 #make the instance IP static
 gcloud compute addresses create website \
  --addresses $instanceIP \
  --region $GCLOUD_REGION

 #authorize GCE instance IP in Cloud SQL instance
 gcloud sql instances patch website --authorized-networks=$instanceIP

 gsutil mb -c regional -l $GCLOUD_REGION gs://${projectID}
 gsutil iam ch serviceAccount:website@${projectID}.iam.gserviceaccount.com:objectCreator gs://${projectID}
 gsutil defacl ch -u AllUsers:R gs://${projectID}
	#!/usr/bin/env bash

	GCLOUD_REGION="europe-west3"
	GCLOUD_ZONE=$GCLOUD_REGION-c

	projectID=$(gcloud config list --format 'value(core.project)')

	echo "Preparing hosting environment for project: $projectID in zone $GCLOUD_ZONE\n"
	read -p "Press enter to continue.."

	#get the instance IP
	sqlIP=$(gcloud sql instances describe website --format='value(ipAddresses[0].ipAddress)')

	#connenct to SQL and create DATABASE and USER with a random password
	DB_USER_PASSWORD=$(openssl rand -base64 24)
	DB_USER=wordpress_user
	echo "CREATE DATABASE website; GRANT ALL ON website.* TO 'wordpress_user'@'%' IDENTIFIED BY '$DB_USER_PASSWORD';" \| gcloud beta sql connect website --user=root

	#connect to GCE instance and install required packages
	gcloud compute ssh website --zone $GCLOUD_ZONE --command " \
	sudo apt-get update; \
	sudo apt-get install apache2 php mysql-client git subversion zip python-certbot-apache \
	php-curl php-mysql php-curl php-gd php-dom php-cli php-json php-common php-mbstring php-opcache php-readline; \
	sudo service apache2 restart; \
	curl -O https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar; \
	chmod +x wp-cli.phar; \
	sudo mv wp-cli.phar /usr/local/bin/wp; \
	php -r \"copy('https://getcomposer.org/installer', 'composer-setup.php');\"; \
	php -r \"if (hash_file('SHA384', 'composer-setup.php') === '544e09ee996cdf60ece3804abc52599c22b1f40f4323403c44d44fdfdd586475ca9813a858088ffbc1f233e9b180f061') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;\"; \
	php composer-setup.php; \
	sudo mv composer.phar /usr/local/bin/composer; \
	php -r \"unlink('composer-setup.php');\"
	sudo chown webmaster:webmaster /var/www; \
	cd /var/www; \
	gcloud source repos clone website && mv website/{.,}* ./ && rmdir website; \
	composer install --no-dev --prefer-dist; \
	touch .env; \
	sed -i -e 's/DB_PASSWORD=database_password/DB_PASSWORD=$DB_USER_PASSWORD/g' .env; \
	sed -i -e 's/DB_USER=database_user/DB_USER=$DB_USER/g' .env; \
	sed -i -e 's/DB_NAME=database_name/DB_NAME=website/g' .env; \
	sed -i -e 's/DB_HOST=localhost/DB_HOST=$sqlIP/g' .env; \
	sudo sed -i 's/\/var\/www\/html/\/var\/www\/web/g' '/etc/apache2/sites-available/000-default.conf' \
	sudo service apache2 reload; \
	" \|\| \
	echo "Error setting up environment: edit .env file with this credentials: \n DB User: $DB_USER \n DB Password: $DB_USER_PASSWORD \n DB Host: $sqlIP"

	#create firewall rules
	gcloud compute firewall-rules create default-allow-http --action allow --direction INGRESS --rules tcp:80 --target-tags http-server
	gcloud compute firewall-rules create default-allow-https --action allow --direction INGRESS --rules tcp:443 --target-tags https-server