tobiassjosten/main.tf

## main.tf
terraform {
  required_version = "~>1.3.6"

  required_providers {
    google = {
      source  = "hashicorp/google"
      version = "~>4.84.0"
    }

    cloudflare = {
      source  = "cloudflare/cloudflare"
      version = ">= 4.15.0"
    }
  }

  backend "gcs" {
    bucket                      = "<GLOBALLY-UNIQUE-NAME>"
    impersonate_service_account = var.gcp_service_account
  }
}

provider "google" {
  project                     = var.gcp_project_id
  region                      = var.gcp_region
  zone                        = var.gcp_zone
  impersonate_service_account = var.gcp_service_account
}

provider "cloudflare" {
  api_token = var.cf_token
}

## variables.tf
variable "gcp_project_id" {
  type    = string
}

variable "gcp_location" {
  type    = string
}

variable "gcp_region" {
  type    = string
}

variable "gcp_zone" {
  type    = string
}

# @todo This email needs to also be added to the list of domain owners in Google Search Console.
variable "gcp_service_account" {
  type    = string
}

variable "gcp_website_verification" {
  type    = string
}

variable "cf_token" {
  type = string
}

variable "cf_zone_id" {
  type    = string
}

variable "website_domain" {
  type    = string
}

locals {
  website_domain_parts = split(".", var.website_domain)
  website_subdomain    = join(".", slice(local.website_domain_parts, 0, length(local.website_domain_parts) - 2))
}

## website.tf
resource "google_storage_bucket_iam_member" "website" {
  bucket = google_storage_bucket.website.name
  role   = "roles/storage.objectViewer"
  member = "allUsers"
}

resource "google_storage_bucket" "website" {
  name          = var.website_domain
  location      = var.gcp_location
  force_destroy = true

  uniform_bucket_level_access = true

  website {
    main_page_suffix = "index.html"
    not_found_page   = "404.html"
  }

  cors {
    origin          = ["https://${var.website_domain}"]
    method          = ["GET"]
    response_header = ["*"]
    max_age_seconds = 3600
  }
}

resource "cloudflare_record" "website_verification" {
  name    = "@"
  value   = var.gcp_website_verification
  zone_id = var.cf_zone_id
  type    = "TXT"
}

resource "cloudflare_record" "website" {
  name    = local.website_subdomain
  value   = "c.storage.googleapis.com."
  zone_id = var.cf_zone_id
  type    = "CNAME"
  proxied = true
}
	terraform {
	required_version = "~>1.3.6"

	required_providers {
	google = {
	source = "hashicorp/google"
	version = "~>4.84.0"
	}

	cloudflare = {
	source = "cloudflare/cloudflare"
	version = ">= 4.15.0"
	}
	}

	backend "gcs" {
	bucket = "<GLOBALLY-UNIQUE-NAME>"
	impersonate_service_account = var.gcp_service_account
	}
	}

	provider "google" {
	project = var.gcp_project_id
	region = var.gcp_region
	zone = var.gcp_zone
	impersonate_service_account = var.gcp_service_account
	}

	provider "cloudflare" {
	api_token = var.cf_token
	}
	variable "gcp_project_id" {
	type = string
	}

	variable "gcp_location" {
	type = string
	}

	variable "gcp_region" {
	type = string
	}

	variable "gcp_zone" {
	type = string
	}

	# @todo This email needs to also be added to the list of domain owners in Google Search Console.
	variable "gcp_service_account" {
	type = string
	}

	variable "gcp_website_verification" {
	type = string
	}

	variable "cf_token" {
	type = string
	}

	variable "cf_zone_id" {
	type = string
	}

	variable "website_domain" {
	type = string
	}

	locals {
	website_domain_parts = split(".", var.website_domain)
	website_subdomain = join(".", slice(local.website_domain_parts, 0, length(local.website_domain_parts) - 2))
	}
	resource "google_storage_bucket_iam_member" "website" {
	bucket = google_storage_bucket.website.name
	role = "roles/storage.objectViewer"
	member = "allUsers"
	}

	resource "google_storage_bucket" "website" {
	name = var.website_domain
	location = var.gcp_location
	force_destroy = true

	uniform_bucket_level_access = true

	website {
	main_page_suffix = "index.html"
	not_found_page = "404.html"
	}

	cors {
	origin = ["https://${var.website_domain}"]
	method = ["GET"]
	response_header = ["*"]
	max_age_seconds = 3600
	}
	}

	resource "cloudflare_record" "website_verification" {
	name = "@"
	value = var.gcp_website_verification
	zone_id = var.cf_zone_id
	type = "TXT"
	}

	resource "cloudflare_record" "website" {
	name = local.website_subdomain
	value = "c.storage.googleapis.com."
	zone_id = var.cf_zone_id
	type = "CNAME"
	proxied = true
	}