export ACCOUNT_NAME=<username>
export PROJECT_NAME=<name>
export PROJECT_ID=<id>
export STATE_BUCKET=<name>
export IAM_ACCOUNT=$PROJECT_NAME@$PROJECT_ID.iam.gserviceaccount.com
export TF_VAR_project_id=$PROJECT_ID
export TF_VAR_state_bucket=$STATE_BUCKET
export TF_VAR_email_address=<email>
export TF_VAR_slack_auth_token=<hash>
source .env
export TF_VAR_project_id=$PROJECT_NAME-$(date +%Y%m%d%H%M%S)
echo $TF_VAR_project_id
export TF_VAR_state_bucket=$PROJECT_NAME-tfstate-$(date +%Y%m%d%H%M%S)
echo $TF_VAR_state_bucket
gcloud auth application-default login
gcloud projects create $PROJECT_ID
gcloud projects list
gcloud iam service-accounts \
create $PROJECT_NAME \
--project $PROJECT_ID \
--display-name $PROJECT_NAME
gcloud iam service-accounts list \
--project $PROJECT_ID
gcloud iam service-accounts \
keys create account.json \
--iam-account $IAM_ACCOUNT \
--project $PROJECT_ID
gcloud projects \
add-iam-policy-binding $PROJECT_ID \
--member serviceAccount:$IAM_ACCOUNT \
--role roles/editor
open https://console.developers.google.com/apis/library/compute.googleapis.com?project=$PROJECT_ID
open https://console.cloud.google.com/monitoring
terraform validate
terraform fmt
terraform plan
terraform apply
terraform ouput
ssh-keygen -b 2048 -t rsa -f creds/id_rsa -q -N ""
ansible prod -i <host> -u ansible -m setup -a 'filter=ansible_hostname'
ansible prod -i <host> -u ansible -m setup -a 'filter=ansible_distribution_release'
ansible-playbook -i <host> playbook.yml
ansible-playbook -i <host> --private-key <private_key> -e 'ansible_python_interpreter=/usr/bin/python3' ../ansible/playbook.yml"
ansible-playbook -i <host> --vault-password-file=vault_pass --private-key <private_key> -e 'ansible_python_interpreter=/usr/bin/python3' ../ansible/playbook.yml"
cp ansible/vars/secret.yml.dist ansible/vars/secret.yml
ansible-vault encrypt ansible/vars/secret.yml
ansible-vault decrypt ansible/vars/secret.yml
...
if ($_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https') $_SERVER['HTTPS']='on';
...
Proceed wordpress installation the first time