Skip to content

Instantly share code, notes, and snippets.

View viggin543's full-sized avatar
🥕

Domrev Igor viggin543

🥕
12 followers · 25 following
View GitHub Profile
@viggin543
viggin543 / service.yaml
Created September 24, 2022 13:08
resource "google_compute_target_https_proxy" "foo-proxy" {
name = "foo-https-proxy"
url_map = google_compute_url_map.foo.self_link
ssl_certificates = [google_compute_managed_ssl_certificate.foo-certificate.id]
}
resource "google_compute_global_forwarding_rule" "foo-https" {
provider = google-beta
name = "foo-https-rule"
@viggin543
viggin543 / service.yaml
Created September 24, 2022 13:01
resource "google_compute_managed_ssl_certificate" "foo-certificate" {
name = "foo-cert"
managed {
domains = var.project == "foo-staging" ? ["foo.bar-stg.com.", "foo.bar.ua."] : [
"foo.bar-prod.com.", "app.foo.ua."
]
}
}
@viggin543
viggin543 / service.yaml
Created September 24, 2022 12:50
data "google_compute_backend_service" "api-gateway-backend" {
...
}
@viggin543
viggin543 / service.yaml
Created September 24, 2022 12:45
apiVersion: cloud.google.com/v1
kind: BackendConfig
metadata:
name: api-gateway-backend
spec:
securityPolicy:
name: waf-policy
customRequestHeaders:
{{/*https://cloud.google.com/kubernetes-engine/docs/how-to/ingress-features#request_headers*/}}
{{/*https://cloud.google.com/load-balancing/docs/https/custom-headers*/}}
@viggin543
viggin543 / service.yaml
Created September 24, 2022 12:42
apiVersion: v1
kind: Service
metadata:
name: api-gateway
labels:
app.kubernetes.io/instance: prod-api-gateway
.
.
.
@viggin543
viggin543 / service.yaml
Created September 24, 2022 12:41
apiVersion: v1
kind: Service
metadata:
labels:
app.kubernetes.io/instance: prod-api-gateway
.
.
.
@viggin543
viggin543 / bucket.toml
Created September 24, 2022 11:53
[[redirects]]
from = "/api/*"
to = "https://api.foo-prod.bar/api/:splat"
status = 200
force = true
[[redirects]]
from = "/stage/api/*"
to = "https://api.foo-stage.bar/api/:splat"
status = 200
@viggin543
viggin543 / bucket.toml
Created September 24, 2022 11:52
[[redirects]]
from = "/api/*"
to = "https://api.foo-baz.bar/api/:splat"
status = 200
force = true
@viggin543
viggin543 / bucket.tf
Created September 24, 2022 10:15
data "google_compute_backend_service" "api-gateway-backend" {
name = var.project == "foo-staging" ? "k8s-be-00000--0000000000000000" : "k8s-be-11111--1111111111111111"
}
resource "google_compute_url_map" "foo" {
name = "foo-foo"
description = "foo-routes"
default_service = google_compute_backend_bucket.foo.id
@viggin543
viggin543 / bucket.tf
Created September 24, 2022 10:05
resource "google_compute_backend_bucket" "foo_backend" {
name = "foo-backend-bucket"
description = "FOO frontend"
custom_response_headers = ["X-foo: bar"]
bucket_name = google_storage_bucket.foo.name
enable_cdn = true
edge_security_policy = google_compute_security_policy.waf-security-policy.id
cdn_policy {
serve_while_stale = 86400
client_ttl = 60