{"id":16992951,"url":"https://github.com/userbradley/gcs-web-server","last_synced_at":"2026-02-13T17:32:41.764Z","repository":{"id":176417847,"uuid":"609606171","full_name":"userbradley/gcs-web-server","owner":"userbradley","description":"Infrastructure to deploy and host a website on GKE using NGINX and GCS","archived":false,"fork":false,"pushed_at":"2025-12-12T14:49:07.000Z","size":35199,"stargazers_count":3,"open_issues_count":1,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-12-14T05:53:13.642Z","etag":null,"topics":["cloud","gcs","google","google-cloud","google-cloud-storage","kubernetes","nginx"],"latest_commit_sha":null,"homepage":"","language":"HCL","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/userbradley.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-03-04T17:28:49.000Z","updated_at":"2025-12-12T14:48:39.000Z","dependencies_parsed_at":"2024-10-28T13:23:55.155Z","dependency_job_id":"7de8dbdd-4676-4dae-9539-e9d08aa99fe8","html_url":"https://github.com/userbradley/gcs-web-server","commit_stats":null,"previous_names":["userbradley/gcs-web-server"],"tags_count":3,"template":false,"template_full_name":null,"purl":"pkg:github/userbradley/gcs-web-server","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/userbradley%2Fgcs-web-server","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/userbradley%2Fgcs-web-server/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/userbradley%2Fgcs-web-server/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/userbradley%2Fgcs-web-server/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/userbradley","download_url":"https://codeload.github.com/userbradley/gcs-web-server/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/userbradley%2Fgcs-web-server/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29413398,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-13T06:24:03.484Z","status":"ssl_error","status_checked_at":"2026-02-13T06:23:12.830Z","response_time":78,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cloud","gcs","google","google-cloud","google-cloud-storage","kubernetes","nginx"],"created_at":"2024-10-14T03:31:12.837Z","updated_at":"2026-02-13T17:32:41.755Z","avatar_url":"https://github.com/userbradley.png","language":"HCL","funding_links":[],"categories":[],"sub_categories":[],"readme":"# GCS Web server\n\n\u003e [!CAUTION]\n\u003e No longer maintained\n\u003e \n\u003e This repo is no longer maintained on an active basis. I will however respond to issues and feature requests, but as far as I am concerned this repo is feature complete.\n\n\u003c!-- TOC --\u003e\n* [GCS Web server](#gcs-web-server)\n  * [Quick start](#quick-start)\n  * [What you need pre-existing](#what-you-need-pre-existing)\n    * [GKE Cluster](#gke-cluster)\n    * [GKE Project with Oauth Consent Screen](#gke-project-with-oauth-consent-screen)\n    * [Service project](#service-project)\n    * [Secrets project](#secrets-project)\n  * [Useful information](#useful-information)\n    * [Where the content should go](#where-the-content-should-go)\n    * [What health check endpoints exist?](#what-health-check-endpoints-exist)\n    * [Custom 404 page](#custom-404-page)\n    * [Custom 5xx errors](#custom-5xx-errors)\n    * [What ports does the container listen on](#what-ports-does-the-container-listen-on)\n    * [Where is the docker image](#where-is-the-docker-image)\n\u003c!-- TOC --\u003e\n\n\nOpinionated infrastructure and supporting materials to host a website from a GCS Bucket on GKE\n\n## Why?\n\nGCP does not allow us to put IAP on a backend bucket, and I run several GKE clusters so this seems like a pretty simple solution\n\n\n\n## Quick start\n\nSee the [Full example repository](https://github.com/userbradley/gcs-web-server-example) where minimal input is required from your self\nto get up and running\n\nAny issues, check the [Troubleshooting Page](troubleshooting.md)\n\n## What is required\n\n* Terraform installed locally\n* Helm installed locally\n\n## Terraform specifics\n\n### What terraform resources are created\n\nSee the [Resources](terraform/README.md#resources) section\n\n**Q:** Why are we creating a secret?\n\n**A:** The secrets are created so that if you need to allow other team members to upgrade the helm chart, they are able to pull\nthe secrets from your central secret manager\n\n### Helm specifics\n\nYou will need to create a DNS record pointing to the IP address created by the module.\n\n**Q:** What values can I set in the helm chart?\n\n**A:** see [helmcharts/gcs-web-server/values.yaml](helmcharts/gcs-web-server/values.yaml)\n\n\n\n## What you need pre-existing\n\n* GKE Cluster with Workload Identity enabled\n* GKE Project with IAP Oauth Consent screen created\n* _service project_ where the buckets and service accounts can be created\n* Secrets project\n\nThese requirements will be explained in detail below\n\n### GKE Cluster\n\nSee [Allow Pods to authenticate to Google CLoud APIs using Workload Identity](https://cloud.google.com/kubernetes-engine/docs/how-to/workload-identity) on how to enable Workload Identity on your cluster\n\n### GKE Project with Oauth Consent Screen\n\nThis is required for IAP\n\nNavigate to [**APIs \u0026 Services** \u003e **OAuth consent screen**](https://console.cloud.google.com/apis/credentials/consent)\n\n### Service project\n\nA service project is required to store the below items in\n\n* Service accounts\n* GCS Buckets\n* Workload Identity Bindings\n\nWe do not create these in the GKE project, as it's best practice to keep a deployment per project.\n\nYou should create the project in the format of:\n\n```shell\n\u003ccompany-name\u003e-\u003cname-of-site\u003e\n```\n\nDo not prepend `{env}` to this, as the Module will create buckets and service accounts for all environments (if you chose to create multiple) in the same project\n\n\n### Secrets project\n\nA secrets project is required as the module creates secrets with the IAP oauth credentials (If enabled)\n\nYou can set this to any project that has the `secrets` api enabled\n\n\n## Useful information about the container\n\n### Where the content should go\n\nUpload what ever static site you want in to the root of the bucket. It will render `html`, `css` and `javascript`\n\nAll pages will get rendered when you hit the link.\n\nThe server supports sub-pages, so if you are uploading everything in go `gs://gcs-webstite/site/index.html` - Your page will \nbe available at `http://\u003c\u003e/site/index.html`\n\n### What health check endpoints exist?\n\n| Name of endpoint | Response code | Example response        |\n|------------------|---------------|-------------------------|\n| `/healthz`       | `http/200`    | `{\"status\":\"UP\"}`       |\n| `/health`        | `http/200`    | `{\"status\":\"UP\"}`       |\n\n\u003e **Note**\n\u003e These endpoints do not generate logs, to save costs.\n\n### Custom 404 page\n\nTo make use of your own custom 404 page, place a `404.html` file in the root of the bucket/ \n\nThis page will be served for the below errors:\n\n* [404](https://http.cat/404)\n* [403](https://http.cat/403)\n\n### Custom 5xx errors\n\nCurrently not supported. If this is required please open an issue.\n\n### What ports does the container listen on\n\n| IP Stack version | IP address | Port |\n|------------------|------------|------|\n| `v6`             | `[::]`     | `80` |\n| `v4`             | `0.0.0.0`  | `80` |\n\n### Where is the docker image\n\n* [GitHub Container Registry](https://github.com/userbradley/gcs-web-server/pkgs/container/gcs-web-server)\n* [Google Artifact Registry](https://console.cloud.google.com/artifacts/docker/breadnet-container-store/europe-west2/public/gcs-web-server)\n\n## FAQ\n\n### What CLI tools do I need installed\n\n* Helm\n* Terraform\n\nOptionally: `skaffold`\n\n###  Why do you create a secret\n\nA secret is created by default (eg: you cant turn it off) so that if other members of the team need access to upgrade the helm chart,\nthey have the secrets locally.\n\n[See how to print latest secret](https://documentation.breadnet.co.uk/cloud/gcp/print-secret-gcloud/)\n\n\n### How do I create Multiple environments?\n\nTo create multiple environments, simply copy and paste the entire module, and change the `env` to one of `dev`, `test`, or `prod`\n\n### Why only `dev` test and `prod`\n\nLimitation in the helm chart that I have not fixed yet\n\n[Open GitHub issue](https://github.com/userbradley/gcs-web-server/issues/6)\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fuserbradley%2Fgcs-web-server","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fuserbradley%2Fgcs-web-server","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fuserbradley%2Fgcs-web-server/lists"}