From 1f569c7e0921fe0b6e61ab26c2e07e65bcd91d7d Mon Sep 17 00:00:00 2001
From: Andrejus <hi@andrejus.uk>
Date: Sun, 2 May 2021 21:53:29 +0100
Subject: [PATCH] feat: publish script and cleanup

---
 .dockerignore                              |   5 +
 .gitignore                                 |   4 -
 README.md                                  |   4 +-
 files/home/.config/alacritty/alacritty.yml |   4 +-
 files/home/.config/fish/.gitignore         |   5 +-
 files/home/.config/fish/fish_plugins       |   1 +
 files/home/.config/nvim/.gitignore         |   1 +
 files/home/.profile                        |   8 +-
 scripts/install.d/12-poetry.sh             |   2 -
 scripts/install.d/15-java.sh               |   2 -
 scripts/install.d/17-emacs.sh              |   1 +
 scripts/install.d/30-docker.sh             |   2 +
 scripts/install.d/31-gcloud.sh             |   2 -
 scripts/install.d/32-firebase.sh           |   2 -
 scripts/install.d/33-aws.sh                |   2 -
 scripts/install.d/34-terraform.sh          |   2 -
 scripts/install_config.json                |   1 +
 scripts/publish.sh                         |  11 +-
 scripts/setup.sh                           |   2 +-
 terraform/module/main.tf                   | 120 +++++++++++++++++----
 terraform/module/outputs.tf                |   4 +-
 terraform/module/variables.tf              |  17 +++
 22 files changed, 144 insertions(+), 58 deletions(-)
 create mode 100644 files/home/.config/nvim/.gitignore
 delete mode 100644 scripts/install.d/12-poetry.sh
 delete mode 100755 scripts/install.d/15-java.sh
 delete mode 100755 scripts/install.d/31-gcloud.sh
 delete mode 100755 scripts/install.d/32-firebase.sh
 delete mode 100755 scripts/install.d/33-aws.sh
 delete mode 100755 scripts/install.d/34-terraform.sh
 mode change 100644 => 100755 scripts/publish.sh

diff --git a/.dockerignore b/.dockerignore
index 77c370a..70c8676 100644
--- a/.dockerignore
+++ b/.dockerignore
@@ -1,3 +1,8 @@
 .gitignore
 .dockerignore
 Dockerfile
+
+**/plugged
+**/completions
+**/conf.d
+**/fish_variables
diff --git a/.gitignore b/.gitignore
index 34b0f94..3032954 100644
--- a/.gitignore
+++ b/.gitignore
@@ -8,11 +8,7 @@
 **/known_hosts*
 
 # setup files
-**/plugged
 **/autoload
-**/completions
-**/conf.d
-**/fish_variables
 **/gcloud
 **/coc
 **/configstore
diff --git a/README.md b/README.md
index 65b4289..e4bd754 100644
--- a/README.md
+++ b/README.md
@@ -1,10 +1,10 @@
-# andrejusk/dotfiles
+# dots.andrejus.dev
 
 Collection of experimental dotfiles and supporting install scripts.
 
 ## Install
 
-    wget https://raw.githubusercontent.com/andrejusk/dotfiles/master/scripts/setup.sh -qO - | bash
+    wget https://dots.andrejus.dev/setup.sh -qO - | bash
 
 ## Stack
 
diff --git a/files/home/.config/alacritty/alacritty.yml b/files/home/.config/alacritty/alacritty.yml
index 27ee137..daa2955 100644
--- a/files/home/.config/alacritty/alacritty.yml
+++ b/files/home/.config/alacritty/alacritty.yml
@@ -1,5 +1,5 @@
-# env:
-#   TERM: xterm-256color
+env:
+  TERM: xterm-256color
 
 window:
   dynamic_title: true
diff --git a/files/home/.config/fish/.gitignore b/files/home/.config/fish/.gitignore
index a94e2fd..20c132f 100644
--- a/files/home/.config/fish/.gitignore
+++ b/files/home/.config/fish/.gitignore
@@ -1,2 +1,3 @@
-functions
-!functions/nvm.fish
+completions
+conf.d
+fish_variables
diff --git a/files/home/.config/fish/fish_plugins b/files/home/.config/fish/fish_plugins
index 949607f..85cb5ec 100644
--- a/files/home/.config/fish/fish_plugins
+++ b/files/home/.config/fish/fish_plugins
@@ -4,3 +4,4 @@ jorgebucaran/replay.fish
 joseluisq/gitnow
 tomyun/base16-fish
 PatrickF1/fzf.fish
+jorgebucaran/fisher
diff --git a/files/home/.config/nvim/.gitignore b/files/home/.config/nvim/.gitignore
new file mode 100644
index 0000000..ed0e3f9
--- /dev/null
+++ b/files/home/.config/nvim/.gitignore
@@ -0,0 +1 @@
+plugged
diff --git a/files/home/.profile b/files/home/.profile
index b724b0f..26b7d07 100644
--- a/files/home/.profile
+++ b/files/home/.profile
@@ -48,13 +48,6 @@ export YARN_DIR=${YARN_DIR:-"$HOME/.yarn"}
 mkdir -p "$YARN_DIR"
 export PATH="$YARN_DIR/bin:$PATH"
 
-# fzf
-export FZF_DEFAULT_OPTS="--reverse"
-export FZF_DEFAULT_COMMAND='fdfind --type f --hidden --follow --exclude .git'
-export FZF_CTRL_T_COMMAND="$FZF_DEFAULT_COMMAND"
-export FZF_COMPLETION_TRIGGER='**'
-[ -f ~/.fzf.bash ] && source ~/.fzf.bash
-
 # z (jump around)
 export Z_DATA_DIR=${Z_DATA:-"$XDG_DATA_HOME/z"}
 export Z_DATA=${Z_DATA:-"$Z_DATA_DIR/data"}
@@ -74,3 +67,4 @@ fi
 # (__)  (__)(_")("_)\_)-' '-(_/(__)  (__)(__)
 #
 alias j="z"
+alias fd=`which fdfind`
diff --git a/scripts/install.d/12-poetry.sh b/scripts/install.d/12-poetry.sh
deleted file mode 100644
index bceaead..0000000
--- a/scripts/install.d/12-poetry.sh
+++ /dev/null
@@ -1,2 +0,0 @@
-#!/usr/bin/env bash
-poetry --version
diff --git a/scripts/install.d/15-java.sh b/scripts/install.d/15-java.sh
deleted file mode 100755
index 0fdcee5..0000000
--- a/scripts/install.d/15-java.sh
+++ /dev/null
@@ -1,2 +0,0 @@
-#!/usr/bin/env bash
-java --version
diff --git a/scripts/install.d/17-emacs.sh b/scripts/install.d/17-emacs.sh
index fb2967d..3bd6cbb 100644
--- a/scripts/install.d/17-emacs.sh
+++ b/scripts/install.d/17-emacs.sh
@@ -1,4 +1,5 @@
 #!/usr/bin/env bash
 if [ ! -d ~/.emacs.d ]; then
+    echo "Cloning spacemacs"
     git clone https://github.com/syl20bnr/spacemacs ~/.emacs.d
 fi
diff --git a/scripts/install.d/30-docker.sh b/scripts/install.d/30-docker.sh
index 70a6ebd..3d9ad2e 100755
--- a/scripts/install.d/30-docker.sh
+++ b/scripts/install.d/30-docker.sh
@@ -3,9 +3,11 @@ docker --version
 
 readonly docker_group="docker"
 if ! grep -q "$docker_group" /etc/group; then
+    echo "Adding docker group"
     sudo groupadd "$docker_group"
 fi
 
 if ! groups "$USER" | grep -q "\b$docker_group\b"; then
+    echo "Adding user to docker group"
     sudo usermod -aG docker "$USER"
 fi
diff --git a/scripts/install.d/31-gcloud.sh b/scripts/install.d/31-gcloud.sh
deleted file mode 100755
index d6675f1..0000000
--- a/scripts/install.d/31-gcloud.sh
+++ /dev/null
@@ -1,2 +0,0 @@
-#!/usr/bin/env bash
-gcloud --version
diff --git a/scripts/install.d/32-firebase.sh b/scripts/install.d/32-firebase.sh
deleted file mode 100755
index ed19a2a..0000000
--- a/scripts/install.d/32-firebase.sh
+++ /dev/null
@@ -1,2 +0,0 @@
-#!/usr/bin/env bash
-firebase --version
diff --git a/scripts/install.d/33-aws.sh b/scripts/install.d/33-aws.sh
deleted file mode 100755
index bfb313c..0000000
--- a/scripts/install.d/33-aws.sh
+++ /dev/null
@@ -1,2 +0,0 @@
-#!/usr/bin/env bash
-aws --version
diff --git a/scripts/install.d/34-terraform.sh b/scripts/install.d/34-terraform.sh
deleted file mode 100755
index 9cfbcc4..0000000
--- a/scripts/install.d/34-terraform.sh
+++ /dev/null
@@ -1,2 +0,0 @@
-#!/usr/bin/env bash
-terraform --version
diff --git a/scripts/install_config.json b/scripts/install_config.json
index dcc762a..3086c10 100644
--- a/scripts/install_config.json
+++ b/scripts/install_config.json
@@ -51,6 +51,7 @@
         "fish",
         "fonts-nanum",
         "fortune-mod",
+        "fzf",
         "google-cloud-sdk",
         "git",
         "kubectl",
diff --git a/scripts/publish.sh b/scripts/publish.sh
old mode 100644
new mode 100755
index 18c1bca..ff4b735
--- a/scripts/publish.sh
+++ b/scripts/publish.sh
@@ -1,8 +1,11 @@
 #!/usr/bin/env bash
 set -eo pipefail
 
-#
-# Script that publishes the set up script for new installations.
-#
+BUCKET=${BUCKET:-"dots.andrejus.dev"}
 
-echo "Publishing..."
+NAME=$(basename "$0")
+REL_DIR=$(dirname "$0")
+ABS_DIR=$(readlink -f $REL_DIR/../) # Scripts are nested inside of /scripts
+
+# Publish setup script to public bucket
+gsutil cp "$ABS_DIR/scripts/setup.sh" "gs://$BUCKET/setup.sh"
diff --git a/scripts/setup.sh b/scripts/setup.sh
index 6127a2b..dd0dfeb 100755
--- a/scripts/setup.sh
+++ b/scripts/setup.sh
@@ -15,7 +15,7 @@ setup_dir=${DOTFILES_DIR:-$HOME/.dotfiles}
 
 # Prevent overwriting existing installation
 mkdir -p $setup_dir
-if [ -z `ls -A $setup_dir` ]; then
+if [[ -z $(ls -A $setup_dir) ]]; then
     echo "Setting up $setup_dir"
 else
     echo "Failed: Setup directory not empty $setup_dir"
diff --git a/terraform/module/main.tf b/terraform/module/main.tf
index 003d04d..9ef5acf 100644
--- a/terraform/module/main.tf
+++ b/terraform/module/main.tf
@@ -1,36 +1,112 @@
-# Static bucket
+locals {
+  fqdn = "${var.domain}."
+}
+
+# =================================================================
+# Public bucket for static content
+# =================================================================
+resource "google_project_service" "storage" {
+  service = "storage.googleapis.com"
+}
+
 resource "google_storage_bucket" "bucket" {
-  provider = google-beta
+  name       = var.domain
+  depends_on = [google_project_service.storage]
 
-  project = var.project
+  location = var.gcs_location
+}
 
-  name          = var.domain
-  location      = "EU"
-  storage_class = "MULTI_REGIONAL"
+resource "google_storage_default_object_access_control" "bucket_public" {
+  bucket = google_storage_bucket.bucket.name
+  role   = "READER"
+  entity = "allUsers"
+}
 
-  versioning {
-    enabled = var.enable_versioning
+
+# =================================================================
+# Expose bucket via HTTPS using Cloud CDN
+#
+# Adapted from
+# https://medium.com/cognite/configuring-google-cloud-cdn-with-terraform-ab65bb0456a9
+# =================================================================
+resource "google_project_service" "compute" {
+  service = "compute.googleapis.com"
+}
+
+resource "google_compute_backend_bucket" "backend" {
+  name       = "${var.prefix}-backend"
+  depends_on = [google_project_service.compute]
+
+  bucket_name = google_storage_bucket.bucket.name
+  description = "Bucket backend for serving static content through CDN"
+  enable_cdn  = true
+}
+
+resource "google_compute_url_map" "urlmap" {
+  name            = "${var.prefix}-urlmap"
+  description     = "URL map to bucket backend service"
+  default_service = google_compute_backend_bucket.backend.self_link
+}
+
+resource "google_compute_managed_ssl_certificate" "certificate" {
+  name       = "${var.prefix}-certificate"
+  depends_on = [google_project_service.compute]
+
+  managed {
+    domains = [local.fqdn]
   }
 }
 
-# Allow public read
-resource "google_storage_default_object_acl" "bucket_acl" {
-  provider    = google-beta
-  bucket      = google_storage_bucket.bucket.name
-  role_entity = ["READER:allUsers"]
+resource "google_compute_target_https_proxy" "https" {
+  name             = "${var.prefix}-https-proxy"
+  url_map          = google_compute_url_map.urlmap.self_link
+  ssl_certificates = [google_compute_managed_ssl_certificate.certificate.self_link]
 }
 
-# DNS entry
-resource "google_dns_record_set" "cname" {
-  provider = google-beta
+resource "google_compute_global_address" "ipv4" {
+  name       = "${var.prefix}-ipv4"
+  depends_on = [google_project_service.compute]
 
-  depends_on = [google_storage_bucket.bucket]
+  ip_version   = "IPV4"
+  address_type = "EXTERNAL"
+}
 
-  project = var.project
+resource "google_compute_global_address" "ipv6" {
+  name       = "${var.prefix}-ipv6"
+  depends_on = [google_project_service.compute]
 
-  name         = "${var.domain}."
+  ip_version   = "IPV6"
+  address_type = "EXTERNAL"
+}
+
+resource "google_compute_global_forwarding_rule" "fwd_ipv4" {
+  name       = "${var.prefix}-fwd-ipv4"
+  target     = google_compute_target_https_proxy.https.self_link
+  ip_address = google_compute_global_address.ipv4.address
+  port_range = "443"
+}
+
+resource "google_compute_global_forwarding_rule" "fwd_ipv6" {
+  name       = "${var.prefix}-fwd-ipv6"
+  target     = google_compute_target_https_proxy.https.self_link
+  ip_address = google_compute_global_address.ipv6.address
+  port_range = "443"
+}
+
+resource "google_dns_record_set" "dns_a_record" {
+  name         = local.fqdn
   managed_zone = var.dns_zone
-  type         = "CNAME"
-  ttl          = 300
-  rrdatas      = ["c.storage.googleapis.com."]
+
+  type    = "A"
+  ttl     = var.dns_ttl
+  rrdatas = [google_compute_global_address.ipv4.address]
+}
+
+resource "google_dns_record_set" "dns_aaaa_record" {
+  name         = local.fqdn
+  managed_zone = var.dns_zone
+
+  type    = "AAAA"
+  ttl     = var.dns_ttl
+  rrdatas = [google_compute_global_address.ipv6.address]
 }
diff --git a/terraform/module/outputs.tf b/terraform/module/outputs.tf
index a0639ac..d7b9c3b 100644
--- a/terraform/module/outputs.tf
+++ b/terraform/module/outputs.tf
@@ -1,7 +1,7 @@
 output "bucket_url" {
-    value = "storage.googleapis.com/${var.domain}"
+  value = "storage.googleapis.com/${var.domain}"
 }
 
 output "bucket_link" {
-    value = google_storage_bucket.bucket.self_link
+  value = google_storage_bucket.bucket.self_link
 }
diff --git a/terraform/module/variables.tf b/terraform/module/variables.tf
index 39fbdd9..e37ac54 100644
--- a/terraform/module/variables.tf
+++ b/terraform/module/variables.tf
@@ -1,3 +1,8 @@
+variable "prefix" {
+  description = "Resource prefix"
+  default     = "dots"
+}
+
 variable "project" {
   description = "Google Cloud project to host resources in"
   type        = string
@@ -12,3 +17,15 @@ variable "dns_zone" {
   description = "Cloud DNS zone to use"
   type        = string
 }
+
+variable "gcs_location" {
+  type        = string
+  description = "Google Stoage location to provision resources in"
+  default     = "EU" # Multi-region, Europe
+}
+
+variable "dns_ttl" {
+  type        = number
+  description = "DNS TTL to use for records"
+  default     = 3600
+}