Appsettings.json + Azure Web App + Docker

PowerShell Universal
1 
Product: PowerShell Universal
Version: 1.5.2

Hey Everyone,

I’m playing around with PU and Azure Web Service using Docker containers. I have 90% of it working with persistent storage using Azure FileShare Storage, but I can’t seem to get the appsettings.json file right.

I used the docs - https://docs.ironmansoftware.com/getting-started/docker#linux

to create my own custom docker image. should I be creating a new ENV path for the appsettings.json file? and where should I put this thing? I tried stuffing it in the Azure FileShare in multiple locations, but no luck.

image
image1001×321 16.2 KB

2

Hi, i have performed this same task a while back and had no issues with the appsettings.json - if you are using Linux docker then it’s the appsettings.linux.json file you need to use. What i did was create the json file, then as part of docker deploy copy that file over to /home/Universal directory. This all worked - I am not on the laptop now that has the code but can look tomorrow. I did not have to create any special ENV variables. Linux Docker was super-fast and promising.

The issue i had with Azure Docker, which i will revisit soon is the auth. As i use OIDC auth to AAD for each user, this didn’t work as any combination of SSL and AAD Auth i tried doesn’t work, the webapp AAD auth doesn’t pass through to the dashboard, and OIDC won’t work as it requires HTTPS response which won’t work for the dashboard as the webapp uses HTTPS and the dashboard is on 5000(or 80 - couldn’t get 443 working as the webapp uses 443). Since then i now know i can edit the manifest of the AAD app to add/update https: to http: and it doesn’t complain so this may be straight forward to allow the webapp to look after SSL, and the PSU to request OIDC for AAD auth - i plan to revisit this in few weeks’ time.

3

Thanks @neo

I was looking to do something a bit different by having the appsettings.json file in the shared storage so i could just grab the latest PU docker image, and deploy it without having to pull down the appsettings.json file during docker create time.

In the docker file we have ENV variables… do we know if there is a variable I can create to point to a different location for the appsettings? Maybe a question for @adam ?

ENV Data__AppSettingsPath ./data/appsettings.json

And for the Auth

I had the same issue with OIDC back in the 2.X days. The only way I was able to get around it was to not use App Service, and use Container Instances with either K8 or NGINX as a load balancer infront of the UD container.

But I will take another crack at it later as well.

4

Sorry to bring up an older thread, wondering if you guys were able to figure out the Azure AD auth for App Services?

5

Found this article that might explain the issue with a solution, but might be out of our control.
Solved: .NET Core Azure AD in Docker Container Incorrectly Uses a non-https redirect URI - SeanKilleen.com

6

Looks like in the App Config you can add ASPNETCORE_FORWARDEDHEADERS_ENABLED = true and it will forward the headers or whatever correctly to the container.

image

Found this article that helped me.
Forwarded Headers Middleware Updates in .NET Core 3.0 preview 6 | ASP.NET Blog (microsoft.com)

2 Likes
7

Did you ever manage to get this working with the appsettings file in the shared storage?

8

What settings are you looking to push into appsettings.json?

I pass everything via environment settings.

9

Ultimate goal is to have my ssl certificates in the shared-volume and append this to appsettings.linux file

  "HttpsFromPem": {
    "Url": "https://*:5001",
      "Certificate": {
        "Path": "path-to/ssl/certificate.pem",
        "KeyPath": "path-to/ssl/key.pem"
      }
  }

Right now i can only get it to work by bash-ing into the container and copying the certificates and appending the configuration manually

10

are you using docker?

11

Yes i am using docker

12

Appsetting parameters can be passed through environment variables.

One option off the top of my head is to pass the pem files in your compose script and mount them as files in your /tmp folder.

Example:

volumes:
      - C:\labs\docker\PSU:/root
      - C:\labs\docker\PSU\certificate.pem:/tmp/ssl/certificate.pem
      - C:\labs\docker\PSU\Key.pem:/tmp/ssl/Key.pem

After that, add the appropriate env variables to your compose script.

This can take a bit of head scratching, it should look something like this…

environment:
      - HttpsFromPem__Url=https://*:5001
      - HttpsFromPem__Certificate__Path=/tmp/ssl/certificate.pem
      - HttpsFromPem__Certificate__KeyPath=/tmp/ssl/Key.pem
13

Hi Matt,
Apologies for not responding sooner.
I’m still kind of new to docker, all those settings are a bit overwhelming :slight_smile:

After some more searching and reading i got it to work, updating so others can benefit as well. This syntax got it working for me:

  - Kestrel__Endpoints__HttpsFromPem__Url=https://*:13143
  - Kestrel__Endpoints__HttpsFromPem__Certificate__Path=/tmp/ssl/cert.pem
  - Kestrel__Endpoints__HttpsFromPem__Certificate__KeyPath=/tmp/ssl/key.pem

The __ are separators
The entries in between must match the tree structure from appsettings.json

Thanks!

14

Glad it worked :slight_smile: