REST Server to sign Google Cloud Media CDN URLs written in Golang. Mostly http handler around sample in https://gist.github.com/mlevkov/8d1a481992494210cb2e5cc3a1c05221
May require recent version of Go to compile
Before you get started, verify that your project is allow-listed for Media CDN services.
Clone this repository.
git clone https://github.com/alekssaul/urlsigner
cd urlsigner
Run the certgen utility to generate public and private ed25519 certificates in URL safe Base64 encoded format
go run ./certgen
Move the certificate files into terraform assets folder
mv *.key ./deploy/terraform/assets/
Review https://cloud.google.com/media-cdn/docs/ssl-certificates page to understand how Media CDN uses SSL certificates. If self-managing certificates obtain certificates (i.e. Verisign, Let's Encrypt etc) and inset them into Certificate Manager by following https://cloud.google.com/media-cdn/docs/configure-ssl-certificates#self-managed-cert
gcloud certificate-manager certificates describe $certname --format=json | jq '.name' -r
Running above command will provide you the location of the certificate to be referred by certificatemanager_certificate_location
variable in Terraform
deploy/terraform
folder contains terraform specs to bootstrap a test infrastructure for Media CDN.
Run terraform commands to initialize the terraform plugins.
cd deploy/terraform
terraform init
Run terraform plan to validate infrastructure changes
terraform plan
Deploy the Media CDN settings
terrform apply
Set the KEYSET and PRIVATEKEY environmental variable to output of terraform
export KEYSET=$(terraform output --raw keyset)
export PRIVATEKEY=$(terraform output --raw keyset_primary_private)
Deploy the service to cloud run
gcloud run deploy --set-env-vars=KEYSET=$KEYSET --update-secrets=PRIVATEKEY=$PRIVATEKEY