Last active
May 31, 2021 18:12
-
-
Save ncouture/a7a0038b96b7405d6c79da9bd7598416 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # | |
| # Google Cloud Platform functions. | |
| # | |
| # - All functions act on the default project configured for `gcloud'. | |
| # | |
| # Install the gcloud command line interface. | |
| install_gcloud_cli() { | |
| local tmpfile="$(mktemp)" | |
| cat <<EOF> "$tmpfile" | |
| # Operating CA: Symantec (GeoTrust) | |
| # Issuer: CN=GeoTrust Global CA O=GeoTrust Inc. | |
| # Subject: CN=GeoTrust Global CA O=GeoTrust Inc. | |
| # Label: "GeoTrust Global CA" | |
| # Serial: 144470 | |
| # MD5 Fingerprint: f7:75:ab:29:fb:51:4e:b7:77:5e:ff:05:3c:99:8e:f5 | |
| # SHA1 Fingerprint: de:28:f4:a4:ff:e5:b9:2f:a3:c5:03:d1:a3:49:a7:f9:96:2a:82:12 | |
| # SHA256 Fingerprint: ff:85:6a:2d:25:1d:cd:88:d3:66:56:f4:50:12:67:98:cf:ab:aa:de:40:79:9c:72:2d:e4:d2:b5:db:36:a7:3a | |
| -----BEGIN CERTIFICATE----- | |
| MIIDVDCCAjygAwIBAgIDAjRWMA0GCSqGSIb3DQEBBQUAMEIxCzAJBgNVBAYTAlVT | |
| MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9i | |
| YWwgQ0EwHhcNMDIwNTIxMDQwMDAwWhcNMjIwNTIxMDQwMDAwWjBCMQswCQYDVQQG | |
| EwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEbMBkGA1UEAxMSR2VvVHJ1c3Qg | |
| R2xvYmFsIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2swYYzD9 | |
| 9BcjGlZ+W988bDjkcbd4kdS8odhM+KhDtgPpTSEHCIjaWC9mOSm9BXiLnTjoBbdq | |
| fnGk5sRgprDvgOSJKA+eJdbtg/OtppHHmMlCGDUUna2YRpIuT8rxh0PBFpVXLVDv | |
| iS2Aelet8u5fa9IAjbkU+BQVNdnARqN7csiRv8lVK83Qlz6cJmTM386DGXHKTubU | |
| 1XupGc1V3sjs0l44U+VcT4wt/lAjNvxm5suOpDkZALeVAjmRCw7+OC7RHQWa9k0+ | |
| bw8HHa8sHo9gOeL6NlMTOdReJivbPagUvTLrGAMoUgRx5aszPeE4uwc2hGKceeoW | |
| MPRfwCvocWvk+QIDAQABo1MwUTAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTA | |
| ephojYn7qwVkDBF9qn1luMrMTjAfBgNVHSMEGDAWgBTAephojYn7qwVkDBF9qn1l | |
| uMrMTjANBgkqhkiG9w0BAQUFAAOCAQEANeMpauUvXVSOKVCUn5kaFOSPeCpilKIn | |
| Z57QzxpeR+nBsqTP3UEaBU6bS+5Kb1VSsyShNwrrZHYqLizz/Tt1kL/6cdjHPTfS | |
| tQWVYrmm3ok9Nns4d0iXrKYgjy6myQzCsplFAMfOEVEiIuCl6rYVSAlk6l5PdPcF | |
| PseKUgzbFbS9bZvlxrFUaKnjaZC2mqUPuLk/IH2uSrW4nOQdtqvmlKXBx4Ot2/Un | |
| hw4EbNX/3aBd7YdStysVAq45pmp06drE57xNNB6pXE0zX5IJL4hmXXeXxx12E6nV | |
| 5fEWCRE11azbJHFwLJhWC9kXtNHjUStedejV0NxPNO3CBWaAocvmMw== | |
| -----END CERTIFICATE----- | |
| EOF | |
| bash <(curl --cacert "$tmpfile" https://sdk.cloud.google.com | tail -n +2) | |
| ret=$? | |
| rm "$tmpfile" | |
| return $ret | |
| } | |
| install_cloud_proxy() { | |
| local tmpfile="$(mktemp)" | |
| local sys="$(uname -r)" | |
| if [[ "$(uname -a)-${sys##*-}" != "Linux-amd64" ]]; then | |
| echo "\`cloud_sql_proxy' installation is only supported on Linux for amd64 at this time." | |
| return 1 | |
| fi | |
| cat <<EOF> "$tmpfile" | |
| # Operating CA: Symantec (GeoTrust) | |
| # Issuer: CN=GeoTrust Global CA O=GeoTrust Inc. | |
| # Subject: CN=GeoTrust Global CA O=GeoTrust Inc. | |
| # Label: "GeoTrust Global CA" | |
| # Serial: 144470 | |
| # MD5 Fingerprint: f7:75:ab:29:fb:51:4e:b7:77:5e:ff:05:3c:99:8e:f5 | |
| # SHA1 Fingerprint: de:28:f4:a4:ff:e5:b9:2f:a3:c5:03:d1:a3:49:a7:f9:96:2a:82:12 | |
| # SHA256 Fingerprint: ff:85:6a:2d:25:1d:cd:88:d3:66:56:f4:50:12:67:98:cf:ab:aa:de:40:79:9c:72:2d:e4:d2:b5:db:36:a7:3a | |
| -----BEGIN CERTIFICATE----- | |
| MIIDVDCCAjygAwIBAgIDAjRWMA0GCSqGSIb3DQEBBQUAMEIxCzAJBgNVBAYTAlVT | |
| MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9i | |
| YWwgQ0EwHhcNMDIwNTIxMDQwMDAwWhcNMjIwNTIxMDQwMDAwWjBCMQswCQYDVQQG | |
| EwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEbMBkGA1UEAxMSR2VvVHJ1c3Qg | |
| R2xvYmFsIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2swYYzD9 | |
| 9BcjGlZ+W988bDjkcbd4kdS8odhM+KhDtgPpTSEHCIjaWC9mOSm9BXiLnTjoBbdq | |
| fnGk5sRgprDvgOSJKA+eJdbtg/OtppHHmMlCGDUUna2YRpIuT8rxh0PBFpVXLVDv | |
| iS2Aelet8u5fa9IAjbkU+BQVNdnARqN7csiRv8lVK83Qlz6cJmTM386DGXHKTubU | |
| 1XupGc1V3sjs0l44U+VcT4wt/lAjNvxm5suOpDkZALeVAjmRCw7+OC7RHQWa9k0+ | |
| bw8HHa8sHo9gOeL6NlMTOdReJivbPagUvTLrGAMoUgRx5aszPeE4uwc2hGKceeoW | |
| MPRfwCvocWvk+QIDAQABo1MwUTAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTA | |
| ephojYn7qwVkDBF9qn1luMrMTjAfBgNVHSMEGDAWgBTAephojYn7qwVkDBF9qn1l | |
| uMrMTjANBgkqhkiG9w0BAQUFAAOCAQEANeMpauUvXVSOKVCUn5kaFOSPeCpilKIn | |
| Z57QzxpeR+nBsqTP3UEaBU6bS+5Kb1VSsyShNwrrZHYqLizz/Tt1kL/6cdjHPTfS | |
| tQWVYrmm3ok9Nns4d0iXrKYgjy6myQzCsplFAMfOEVEiIuCl6rYVSAlk6l5PdPcF | |
| PseKUgzbFbS9bZvlxrFUaKnjaZC2mqUPuLk/IH2uSrW4nOQdtqvmlKXBx4Ot2/Un | |
| hw4EbNX/3aBd7YdStysVAq45pmp06drE57xNNB6pXE0zX5IJL4hmXXeXxx12E6nV | |
| 5fEWCRE11azbJHFwLJhWC9kXtNHjUStedejV0NxPNO3CBWaAocvmMw== | |
| -----END CERTIFICATE----- | |
| EOF | |
| set -x | |
| dest="$(dirname `which gcloud`)"/cloud_sql_proxy | |
| curl --cacert "$tmpfile" \ | |
| https://dl.google.com/cloudsql/cloud_sql_proxy.linux.amd64 \ | |
| -o "$dest" | |
| chmod +x "$dest" | |
| ret=$? | |
| rm "$tmpfile" | |
| return $ret | |
| } | |
| # Install gcloud if not available in PATH. | |
| if [[ ! -x $(which gcloud) ]]; then | |
| while true; do | |
| read -p "Do you want to install \`gcloud' CLI? (Y/n) " answer | |
| case "${answer:-yes}" in | |
| [Yy]* ) install_gcloud_cli; break;; | |
| [Nn]* ) echo "Please install the \`gcloud' command-line interface before using this library."; return 1;; | |
| * ) echo "Please answer \`yes' or \`no'. ";; | |
| esac | |
| done | |
| PROJECT=$(gcloud config get-value project 2> /dev/null) | |
| if [[ -z "$PROJECT" ]]; then | |
| echo "No default project configured for gcloud" | |
| echo -e "try:\n\t gcloud config set project <project ID>" | |
| fi | |
| fi | |
| # Add a service account to the Google Cloud Identity & Access Management accounts. | |
| # @param $1 account name | |
| # @param $2 display name (default: "SA $1") | |
| gadduser() | |
| { | |
| local account_name=${1} | |
| local display_name=${2:-SA $1} | |
| if [[ $# -ne 1 ]] || [[ $# -ne 2 ]]; then | |
| echo "Usage: ${FUNCNAME[0]} <account name> [display name]" | |
| return 1 | |
| fi | |
| gcloud iam service-accounts create "$account_name" --display-name "$display_name" | |
| } | |
| # Delete a service account to the Google Cloud Identity & Access Management accounts. | |
| # @param $1 account name | |
| gdeluser() | |
| { | |
| local account_name=${1} | |
| if [[ $# -ne 1 ]]; then | |
| echo "Usage: ${FUNCNAME[0]} <account name>" | |
| return 1 | |
| fi | |
| account_email=$(gcloud iam service-accounts list --filter="$account_name" --format='value(email)') | |
| num_results=$(wc -l <<< "$account_email" ) | |
| if [[ $num_results -gt 1 ]]; then | |
| echo "Multiple matches found for account name \`$account_name': " | |
| echo "$account_email" | xargs -I{} echo -e "\t{}" | |
| return 1 | |
| elif [[ -z "$account_email" ]]; then | |
| echo "${FUNCNAME[0]}: The account \`$account_name' does not exist." | |
| return 1 | |
| fi | |
| CLOUDSDK_CORE_DISABLE_PROMPTS=1 gcloud iam service-accounts delete "$account_email" | |
| } | |
| # @param $1 username (optional) | |
| glsuser() { | |
| local filter=${1} | |
| if [[ ! -z "$filter" ]]; then | |
| gcloud iam service-accounts list --filter="displayName=$filter" --format="value(name)" | |
| else | |
| gcloud iam service-accounts list | |
| fi | |
| } | |
| # Print the default REGION, ZONE, and PROJECT configured in `gcloud'. | |
| gcpconfig() | |
| { | |
| REGION=$(gcloud config get-value compute/region 2> /dev/null) | |
| ZONE=$(gcloud config get-value compute/zone 2> /dev/null) | |
| PROJECT=$(gcloud config get-value core/project 2> /dev/null) | |
| echo -e "PROJECT:\t$PROJECT\nREGION:\t\t$REGION\nZONE:\t\t$ZONE" | |
| export REGION ZONES PROJECT | |
| } | |
| gcpconfig > /dev/null | |
| _gcp_list_regions_n_zones() | |
| { | |
| gcloud compute zones list | |
| } | |
| _gen_passwd() | |
| { | |
| tr -dc 'a-zA-Z0-9' < /dev/urandom | fold -w 512 | head -n 1 | \ | |
| mkpasswd --method=sha-512 \ | |
| --salt=$(tr -dc 'a-zA-Z0-9' < /dev/urandom | fold -w 16 | head -n 1) \ | |
| -s | \ | |
| tr -dc 'a-zA-Z0-9' | |
| } | |
| # | |
| # Cloud SQL (MySQL) | |
| # | |
| # 1. Install cloud_sql_proxy if Linux & amd64 | |
| if [[ ! -x `which cloud_sql_proxy` ]]; then | |
| [[ "$(uname -s)-${sys##*-}" == "Linux-amd64" ]] && install_cloud_proxy | |
| fi | |
| # List Cloud SQL instances. | |
| # @param $1 instance name (optional) | |
| gsql_ls() | |
| { | |
| local filter=${1} | |
| if [[ ! -z "$filter" ]]; then | |
| gcloud sql instances list --filter="name=$filter" --format="value(name)" | |
| else | |
| gcloud sql instances list | |
| fi | |
| } | |
| # List instance databases. | |
| # @param $1 instance name | |
| # @param $2 database name (optional) | |
| gsql_lsdb() | |
| { | |
| local instance_name=${1} | |
| local filter=${2} | |
| if [[ $# -lt 1 ]] || [[ $# -gt 2 ]]; then | |
| echo "Usage: ${FUNCNAME[0]} <instance name> [database name]" | |
| return 1 | |
| fi | |
| if [[ ! -z "$filter" ]]; then | |
| gcloud sql databases list --instance="$instance_name" --filter="name=$filter" --format="value(name)" | |
| else | |
| gcloud sql databases list --instance="$instance_name" | |
| fi | |
| } | |
| # List instance databases. | |
| # @param $1 instance name | |
| gsql_adddb() | |
| { | |
| local instance_name=${1} | |
| local database_name=${2} | |
| if [[ -z "$instance_name" ]] || [[ -z "$database_name" ]]; then | |
| echo "Usage: ${FUNCNAME[0]} <instance name> <database name>" | |
| return 1 | |
| fi | |
| if [[ "$(gsql_ls $instance_name)" != "$instance_name" ]]; then | |
| echo "${FUNCNAME[0]}: database server instance \`$instance_name' does not exist." | |
| return 1 | |
| fi | |
| gcloud sql databases create --instance="$instance_name" "$database_name" | |
| } | |
| # Create cloud sql instance. | |
| # @param $1 instance name | |
| # @param $2 machine type (default: "db-f1-micro") | |
| gsql_addinstance() | |
| { | |
| local instance_name=${1} | |
| local machine_type=${2:-db-f1-micro} | |
| local passwd="$(_gen_passwd)" | |
| if [[ $# -ne 1 ]] || [[ $# -ne 2 ]]; then | |
| echo "Usage: ${FUNCNAME[0]} <instance name> [machine type (default: db-f1-micro)]" | |
| return 1 | |
| fi | |
| # example: db-n1-standard-8, db-f1-micro | |
| if gcloud sql instances create "$instance_name" \ | |
| --tier=$machine_type \ | |
| --region="$REGION" \ | |
| --gce-zone="$ZONE"; then | |
| if gcloud sql users set-password root % --password="$passwd" --instance="$instance_name"; then | |
| echo "username: root" | |
| echo "password: $passwd" | |
| fi | |
| fi | |
| } | |
| # Create cloud sql user. | |
| # @param $1 instance name | |
| # @param $2 username (optional) | |
| gsql_lsuser() | |
| { | |
| local instance_name=${1} | |
| local filter=${2} | |
| if [[ $# -lt 1 ]] || [[ $# -gt 2 ]]; then | |
| echo "Usage: ${FUNCNAME[0]} <instance name> [username]" | |
| return 1 | |
| fi | |
| if gsql_ls "$instance_name" > /dev/null; then | |
| if [[ ! -z "$filter" ]]; then | |
| gcloud sql users list --instance="$instance_name" --filter="name=$filter" --format="value(name)" | |
| else | |
| gcloud sql users list --instance="$instance_name" | |
| fi | |
| fi | |
| } | |
| ### Private | |
| # Assert Cloud SQL instance exists. | |
| # @param $1 instance name | |
| _assert_gsql_instance_exists() | |
| { | |
| local instance_name=${1} | |
| if [[ $(gsql_ls "$instance_name" > /dev/null) != "$instance_name" ]]; then | |
| echo "${FUNCNAME[0]}: The SQL instance \`$instance_name' does not exist." | |
| return 1 | |
| fi | |
| } | |
| ### Private | |
| # Assert username is in use on Cloud SQL instance. | |
| # @param $1 user name | |
| # @param $2 instance name | |
| _assert_gsql_user_exists_on_instance() | |
| { | |
| local username=${1} | |
| local instance_name=${2} | |
| if _assert_gsql_instance_exists "$instance_name"; then | |
| if [[ $(gsql_lsuser "$instance_name" "$username") != "$username" ]]; then | |
| echo "${FUNCNAME[0]}: The SQL user \`$username' does not exist on instance \`$instance_name'." | |
| return 1 | |
| fi | |
| fi | |
| } | |
| # Create cloud sql user. | |
| # @param $1 user name | |
| # @param $2 instance name | |
| gsql_adduser() | |
| { | |
| local username=$1 | |
| local instance_name=$2 | |
| local passwd="$(_gen_passwd)" | |
| if [[ -z "$username" ]] || [[ -z "$instance_name" ]]; then | |
| echo "Usage: ${FUNCNAME[0]} <username> <instance name>" | |
| return 1 | |
| fi | |
| if ! gsql_ls "$instance_name" > /dev/null; then | |
| echo "error" | |
| fi | |
| if [[ $(gsql_lsuser "$instance_name" "$username") == "$username" ]]; then | |
| echo "${FUNCNAME[0]}: Username \`$username' already exists on SQL instance \`$instance_name'." | |
| return 1 | |
| fi | |
| if gcloud sql users create "$username" % --instance="$instance_name" --password="$passwd"; then | |
| echo "username: $username" | |
| echo "password: $passwd" | |
| fi | |
| } | |
| # Create cloud sql user. | |
| # @param $1 user name | |
| # @param $2 instance name | |
| gsql_deluser() | |
| { | |
| local username=$1 | |
| local instance_name=$2 | |
| if [[ -z "$username" ]] || [[ -z "$instance_name" ]]; then | |
| echo "Usage: ${FUNCNAME[0]} <username> <instance name>" | |
| return 1 | |
| fi | |
| if [[ $(gsql_lsuser "$instance_name" "$username") != "$username" ]]; then | |
| echo "${FUNCNAME[0]}: The SQL user \`$username' does not exist on instance \`$instance_name'." | |
| return 1 | |
| fi | |
| CLOUDSDK_CORE_DISABLE_PROMPTS=1 gcloud sql users delete --instance="$instance_name" "$username" % | |
| } | |
| # Create cloud sql user. | |
| # @param $1 user name | |
| # @param $2 instance name | |
| gsql_passwd() | |
| { | |
| local username=$1 | |
| local instance_name=$2 | |
| local passwd="$(_gen_passwd)" | |
| if [[ -z "$username" ]] || [[ -z "$instance_name" ]]; then | |
| echo "Usage: ${FUNCNAME[0]} <username> <instance name>" | |
| return 1 | |
| fi | |
| if [[ $(gsql_lsuser "$instance_name" "$username") != "$username" ]]; then | |
| echo "${FUNCNAME[0]}: The SQL user \`$username' does not exist on instance \`$instance_name'." | |
| return 1 | |
| fi | |
| set -x | |
| if gcloud sql users set-password "$username" % --instance="$instance_name" --password="$passwd"; then | |
| echo "username: $username" | |
| echo "password: $passwd" | |
| fi | |
| } | |
| #gcreds_get_json | |
| # 3. Start cloud_sql_proxy | |
| #gsql_start_proxy() { | |
| # if ! exec 2> /dev/null 3<>/dev/tcp/localhost/3306; then | |
| # screen -S cloud_sql_proxy cloud_sql_proxy -instances=<cloud_sql_connection_string> -credential_file=<key file> | |
| #} | |
| gdns_new_domain_zone_with_dnssec() { | |
| local domain_name=${1} | |
| local zone_name=${2} | |
| if [[ -z "$domain_name" ]] || [[ -z "$zone_name" ]]; then | |
| echo "Usage: ${FUNCNAME[0]} <domain_name> <zone_name>" | |
| return 1 | |
| fi | |
| gcloud beta dns --project=clients-web \ | |
| managed-zones create phonelabs-monster \ | |
| --description="" \ | |
| --dns-name="${domain_name}." \ | |
| --visibility="public" \ | |
| --dnssec-state="on" | |
| } | |
| # Open the Webmaster tools page. | |
| gdns_adddomain() { | |
| local domain_name=${1} | |
| local verified_domains=$(gcloud beta domains list-user-verified --format='value(id)') | |
| set -x | |
| if [[ "$verified_domains" != "$domain_name" ]]; then | |
| gcloud beta domains verify "$1" | |
| fi | |
| gcloud beta app domain-mappings create '*.example.com' | |
| set +x | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment