This message was deleted.
# google-clouds
sparse-intern-71089
10/04/2022, 3:00 PMThis message was deleted.
👀 2
m
miniature-musician-31262
10/06/2022, 8:31 PMHi there 👋 I’m not sure about this particular example, but if you’re looking for a potential reference, you might want to check out the Google Cloud Static Website component. It uses a
ManagedSSLCertificateminiature-musician-31262
10/06/2022, 8:31 PMThe relevent code is in this file: https://github.com/pulumi/pulumi-google-cloud-static-website/blob/main/provider/cmd/pulumi-resource-google-cloud-static-website/website.ts
miniature-musician-31262
10/06/2022, 8:34 PMIf you have a Google-managed domain, you might be able to copy a bunch of this code verbatim — here’s the line that uses that domain if you provide one, and then uses it to create a managed SSL cert: https://github.com/pulumi/pulumi-google-cloud-static-website/blob/main/provider/cmd/pulumi-resource-google-cloud-static-website/website.ts#L118
miniature-musician-31262
10/06/2022, 8:35 PMHope it helps, and thanks for asking!
r
refined-pilot-45584
10/07/2022, 8:36 PMHey @incalculable-flag-48574
Slightly late to the party here. I saw your question and it peaked my interest around the use case with GCP Classic Provider.
I have since created a working example that uses the GCP Static Hosting option, with a Google Managed SSL Certificate and Target Https Proxies.
Now while It doesn’t use “Custom, User Provided SSL Certs (in my example) I am hoping ti might help a little bit if you are just trying to get HTTPS working on a Static Site.
You will of course need a domain that you can manage the DNS for.
This Example leverages heavily the already existing static site Template and the Work listed above by @miniature-musician-31262.
I have raised a PR here to add the Example to the Repo should the Pulumi team see it as valuable.
https://github.com/pulumi/examples/pull/1291
If you need a specific example with your own SSL Certs. Maybe I can work that out for you also?
In addition I have made note to try and make a PR to update the docs where it says Coming Soon and provide some examples when I have time.
Let me know if this is helpful.
For FYI: @brash-alligator-49865
🙌 2
i
incalculable-flag-48574
10/12/2022, 1:19 PMHi, @refined-pilot-45584 @miniature-musician-31262 thanks for your help,
Here is a tested code for creating a SSL certificat ressource for an HttpsProxy when you have a SSL certificate by your side. Don't forget that GCP only support 2048 RSA cert.
Copy code
// Create SSL certificat ressource
const myCertificate = new gcp.compute.SSLCertificate("defaultSSLCertificat", {
namePrefix: "my-domain-",
description: "certificates ressource for my-domain",
privateKey: fs.readFileSync("/PATH/TO/privkey.pem", "utf8"),
certificate: fs.readFileSync("/PATH/TO/fullchaincert.pem", "utf8")
});
// Create an HTTPS proxy to route requests to the URLMap.
const httpsProxy = new gcp.compute.TargetHttpsProxy("https-proxy", {
urlMap: urlMap.selfLink,
sslCertificates: [myCertificate.id]
});
// Create a GlobalForwardingRule rule to route requests to the HTTPS proxy.
const httpsForwardingRule = new gcp.compute.GlobalForwardingRule("https-forwarding-rule", {
ipAddress: ip.address,
ipProtocol: "TCP",
portRange: "443",
target: httpsProxy.selfLink,
}); Copy code
// Get certificate from Managed Certificate ressource
const myCertificate = new gcp.compute.ManagedSslCertificate("dns-auth-cert", {
managed: {
domains: ['www.my.domain', 'my.domain']
}
}); Copy code
// Create HTTP to HTTPS redirect
const urlMapRedirect = new gcp.compute.URLMap("url-map-redirect", {
defaultUrlRedirect: {
stripQuery: false,
httpsRedirect: true,
}
});
const httpProxy = new gcp.compute.TargetHttpProxy("http-proxy", {
urlMap: urlMapRedirect.selfLink,
})
const httpForwardingRule = new gcp.compute.GlobalForwardingRule("http-forwarding-rule", {
target: httpProxy.selfLink,
ipAddress: ip.address,
ipProtocol: "TCP",
portRange: "80",
// loadBalancingScheme: 'EXTERNAL', // default
});