andrejus/dotfiles
1
1
Fork 0
Code Issues Activity

fix: publish CI

Browse Source
This commit is contained in:
Andrejus
2021-05-02 23:34:45 +01:00
parent e2e7c8cbcc
commit 7bba783de3
3 changed files with 20 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
.github/workflows/publish.yml vendored
View File

@@ -1,9 +1,8 @@
name: Dotfiles publisher name: Dotfiles publisher
on: [push] on:
# on: push:
# push: branches:
# branches: - master
# - master
jobs: jobs:
publish-installer: publish-installer:

4
README.md
View File

@@ -4,10 +4,14 @@ Collection of my dotfiles and supporting install scripts
## Install ## Install
[![Dotfiles publisher](https://github.com/andrejusk/dotfiles/actions/workflows/publish.yml/badge.svg?branch=master)](https://github.com/andrejusk/dotfiles/actions/workflows/publish.yml)
wget https://dots.andrejus.dev/setup.sh -qO - | bash wget https://dots.andrejus.dev/setup.sh -qO - | bash
## Stack ## Stack
[![Dotfiles CI](https://github.com/andrejusk/dotfiles/actions/workflows/ci.yml/badge.svg)](https://github.com/andrejusk/dotfiles/actions/workflows/ci.yml)
Tested and maintained against Debian buster Tested and maintained against Debian buster
### Shells ### Shells

27
terraform/module/main.tf
View File

@@ -3,12 +3,17 @@ locals {
} }
# ================================================================= # =================================================================
# Public bucket for static content # Public bucket for static content with uploader service account
# ================================================================= # =================================================================
resource "google_project_service" "storage" { resource "google_project_service" "storage" {
service = "storage.googleapis.com" service = "storage.googleapis.com"
} }
resource "google_service_account" "uploader_sa" {
account_id = "${var.prefix}-uploader-sa"
display_name = "Uploader Service Account"
}
resource "google_storage_bucket" "bucket" { resource "google_storage_bucket" "bucket" {
name = var.domain name = var.domain
depends_on = [google_project_service.storage] depends_on = [google_project_service.storage]
@@ -20,10 +25,13 @@ resource "google_storage_bucket" "bucket" {
} }
} }
resource "google_storage_default_object_access_control" "bucket_public" { resource "google_storage_bucket_acl" "bucket_acl" {
bucket = google_storage_bucket.bucket.name bucket = google_storage_bucket.bucket.name
role = "READER"
entity = "allUsers" role_entity = [
"READER:allUsers",
"OWNER:user-${google_service_account.uploader_sa.email}",
]
} }
resource "google_storage_bucket_object" "index" { resource "google_storage_bucket_object" "index" {
@@ -32,17 +40,6 @@ resource "google_storage_bucket_object" "index" {
bucket = google_storage_bucket.bucket.name bucket = google_storage_bucket.bucket.name
} }
resource "google_service_account" "uploader_sa" {
account_id = "${var.prefix}-uploader-sa"
display_name = "Uploader Service Account"
}
resource "google_storage_default_object_access_control" "upload" {
bucket = google_storage_bucket.bucket.name
role = "OWNER"
entity = "user-${google_service_account.uploader_sa.email}"
}
# ================================================================= # =================================================================
# Expose bucket via HTTPS using Cloud CDN # Expose bucket via HTTPS using Cloud CDN
# #