REST Server to sign Google Cloud Media CDN URLs written in Golang. Mostly http handler around sample in https://gist.github.com/mlevkov/8d1a481992494210cb2e5cc3a1c05221
May require recent version of Go to compile
Before you get started, verify that your project is allow-listed for Media CDN services.
Clone this repository.
git clone https://github.com/alekssaul/urlsigner
cd urlsigner
Run the certgen utility to generate public and private ed25519 certificates in URL safe Base64 encoded format
go run ./certgenMove the certificate files into terraform assets folder
mv *.key ./deploy/terraform/assets/Review https://cloud.google.com/media-cdn/docs/ssl-certificates page to understand how Media CDN uses SSL certificates. If self-managing certificates obtain certificates (i.e. Verisign, Let's Encrypt etc) and inset them into Certificate Manager by following https://cloud.google.com/media-cdn/docs/configure-ssl-certificates#self-managed-cert
gcloud certificate-manager certificates describe $certname --format=json | jq '.name' -rRunning above command will provide you the location of the certificate to be referred by certificatemanager_certificate_location variable in Terraform
deploy/terraform folder contains terraform specs to bootstrap a test infrastructure for Media CDN.
Run terraform commands to initialize the terraform plugins.
cd deploy/terraform
terraform initRun terraform plan to validate infrastructure changes
terraform planDeploy the Media CDN settings
terrform applySet the KEYSET and PRIVATEKEY environmental variable to output of terraform
export KEYSET=$(terraform output --raw keyset)
export PRIVATEKEY=$(terraform output --raw keyset_primary_private)Deploy the service to cloud run
gcloud run deploy --set-env-vars=KEYSET=$KEYSET --update-secrets=PRIVATEKEY=$PRIVATEKEY