From 1618cd2a2cc91d4164420c69a1771957a4719a31 Mon Sep 17 00:00:00 2001 From: ohadschn Date: Sat, 30 Dec 2017 19:20:12 +0200 Subject: [PATCH 1/2] Multiple site slot documentation Bumped version to 0.8.5.1 --- .../Properties/AssemblyInfo.cs | 4 ++-- .../Properties/AssemblyInfo.cs | 4 ++-- README.md | 24 ++++++++++--------- 3 files changed, 17 insertions(+), 15 deletions(-) diff --git a/OhadSoft.AzureLetsEncrypt.Renewal/OhadSoft.AzureLetsEncrypt.Renewal.WebJob/Properties/AssemblyInfo.cs b/OhadSoft.AzureLetsEncrypt.Renewal/OhadSoft.AzureLetsEncrypt.Renewal.WebJob/Properties/AssemblyInfo.cs index cce8f13..f27fafb 100644 --- a/OhadSoft.AzureLetsEncrypt.Renewal/OhadSoft.AzureLetsEncrypt.Renewal.WebJob/Properties/AssemblyInfo.cs +++ b/OhadSoft.AzureLetsEncrypt.Renewal/OhadSoft.AzureLetsEncrypt.Renewal.WebJob/Properties/AssemblyInfo.cs @@ -34,5 +34,5 @@ // You can specify all the values or you can default the Build and Revision Numbers // by using the '*' as shown below: // [assembly: AssemblyVersion("1.0.*")] -[assembly: AssemblyVersion("0.8.5.0")] -[assembly: AssemblyFileVersion("0.8.5.0")] +[assembly: AssemblyVersion("0.8.5.1")] +[assembly: AssemblyFileVersion("0.8.5.1")] diff --git a/OhadSoft.AzureLetsEncrypt.Renewal/OhadSoft.AzureLetsEncrypt.Renewal/Properties/AssemblyInfo.cs b/OhadSoft.AzureLetsEncrypt.Renewal/OhadSoft.AzureLetsEncrypt.Renewal/Properties/AssemblyInfo.cs index cbabc04..ec23371 100644 --- a/OhadSoft.AzureLetsEncrypt.Renewal/OhadSoft.AzureLetsEncrypt.Renewal/Properties/AssemblyInfo.cs +++ b/OhadSoft.AzureLetsEncrypt.Renewal/OhadSoft.AzureLetsEncrypt.Renewal/Properties/AssemblyInfo.cs @@ -31,5 +31,5 @@ // You can specify all the values or you can default the Build and Revision Numbers // by using the '*' as shown below: // [assembly: AssemblyVersion("1.0.*")] -[assembly: AssemblyVersion("0.8.5.0")] -[assembly: AssemblyFileVersion("0.8.5.0")] \ No newline at end of file +[assembly: AssemblyVersion("0.8.5.1")] +[assembly: AssemblyFileVersion("0.8.5.1")] \ No newline at end of file diff --git a/README.md b/README.md index 8af885f..29585f8 100644 --- a/README.md +++ b/README.md @@ -40,7 +40,6 @@ The `letsencrypt-webapp-renewer` WebJob is configured via [Web App Settings](htt 1. `letsencrypt:webAppName-clientId` 1. `letsencrypt:webAppName-clientSecret` (should be set as a **connection string**) 1. `letsencrypt:webAppName-servicePlanResourceGroup` (optional, defaults to the Web App Resource Group) - 1. `letsencrypt:webAppName-siteSlotName` (optional, defaults to the main deployment slot) 1. `letsencrypt:webAppName-useIpBasedSsl` (optional, defaults to `false`) 1. `letsencrypt:webAppName-rsaKeyLength` (optional, defaults to `2048`) 1. `letsencrypt:webAppName-acmeBaseUri` (optiona, defaults to `https://acme-v01.api.letsencrypt.org`) @@ -48,15 +47,6 @@ The `letsencrypt-webapp-renewer` WebJob is configured via [Web App Settings](htt For more information about the various renewal settings see: https://github.com/sjkp/letsencrypt-siteextension. -### Sovereign Cloud (Mooncake, BlackForest, etc.) -The following settings are required in order to renew certificates on sovereign clouds: - 1. `letsencrypt:webAppName-azureAuthenticationEndpoint` - 1. `letsencrypt:webAppName-azureTokenAudience` - 1. `letsencrypt:webAppName-azureManagementEndpoint` - 1. `letsencrypt:webAppName-azureDefaultWebSiteDomainName` - -You can run the `Get-AzureEnvironment` PowerShell cmdlet to get the required values. For more information about configuring sovereign clouds see: https://github.com/sjkp/letsencrypt-siteextension/wiki/Azure-Germany,-US-or-China. - ### Sample configuration - `letsencrypt:webApps`: `ohadsoft;howlongtobeatsteam` - `letsencrypt:ohadsoft-subscriptionId`: `e432f869-4777-4380-a654-3440216992a2` @@ -74,10 +64,22 @@ You can run the `Get-AzureEnvironment` PowerShell cmdlet to get the required val - `letsencrypt:howlongtobeatsteam-clientId`: `5e1346b6-7db5-4eae-b9fa-7b3d5e42e6c7` - (**connection string**) `letsencrypt:howlongtobeatsteam-clientSecret`: `MySecretPassword123` +### Sovereign Cloud (Mooncake, BlackForest, etc.) +The following settings are required in order to renew certificates on sovereign clouds: + 1. `letsencrypt:webAppName-azureAuthenticationEndpoint` + 1. `letsencrypt:webAppName-azureTokenAudience` + 1. `letsencrypt:webAppName-azureManagementEndpoint` + 1. `letsencrypt:webAppName-azureDefaultWebSiteDomainName` + +You can run the `Get-AzureEnvironment` PowerShell cmdlet to get the required values. For more information about configuring sovereign clouds see: https://github.com/sjkp/letsencrypt-siteextension/wiki/Azure-Germany,-US-or-China. + +### Site Deployment Slots +In order to specify a Site Deployment Slot for a given web app, use the following syntax for the web app's name: `webAppName{siteSlotName}`. For example, if you had a `foo` site with no deployment slots and a `bar` site with `staging` and `prod` deployment slots, you would configure `letsencrypt:webApps` to be `foo;bar{staging};bar{prod}`. The normal setting rules still apply, so you would have to define `letsencrypt:foo-subscriptionId`, `letsencrypt:bar{staging}-subscriptionId`, `letsencrypt:bar{prod}-subscriptionId` and so forth. + ### Shared configuration It is sometimes useful to share configuraiton settings beween web apps. For example, you might be using the same client credentials, the same subscription ID, or the same resource group for multiple web apps. In order to share a configuration setting between web apps, simply omit the `webAppName-` component of the configuration key. For example, in order to configure shared client credentials, set the `letsencrypt:clientId` app setting and `letsencrypt:clientSecret` connection string. These values will now be used by default for all configured web apps, unless explicitly overriden by setting the fully WebApp-qualified key name (by including the `webAppName-` component, e.g. `letsencrypt:mySpecialSite-clientId`). -All settings except `hosts` and `siteSlotName` may be shared. +All settings except `hosts`may be shared. ## Installation 1. (**optional but highly recommended**) Create a new dedicated Web App for cert renewal, to which you will deploy the `letsencrypt-webapp-renewer` WebJob. This will drastically decrease the likelihood of accidental deletion of the renewal WebJob (e.g. upon deployment of a different app to the same Web App using _Delete Existing files_) From 55e31b8abbd31103fb6fd8dd1bf1407ff0fe10f9 Mon Sep 17 00:00:00 2001 From: ohadschn Date: Sat, 30 Dec 2017 19:24:47 +0200 Subject: [PATCH 2/2] Multi Site Deployment Slots improved docs wording --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 29585f8..d15c463 100644 --- a/README.md +++ b/README.md @@ -74,7 +74,7 @@ The following settings are required in order to renew certificates on sovereign You can run the `Get-AzureEnvironment` PowerShell cmdlet to get the required values. For more information about configuring sovereign clouds see: https://github.com/sjkp/letsencrypt-siteextension/wiki/Azure-Germany,-US-or-China. ### Site Deployment Slots -In order to specify a Site Deployment Slot for a given web app, use the following syntax for the web app's name: `webAppName{siteSlotName}`. For example, if you had a `foo` site with no deployment slots and a `bar` site with `staging` and `prod` deployment slots, you would configure `letsencrypt:webApps` to be `foo;bar{staging};bar{prod}`. The normal setting rules still apply, so you would have to define `letsencrypt:foo-subscriptionId`, `letsencrypt:bar{staging}-subscriptionId`, `letsencrypt:bar{prod}-subscriptionId` and so forth. +In order to specify a Site Deployment Slot for a given web app, use the following syntax for the web app's name: `webAppName{siteSlotName}`. For example, if you have a `foo` site with no deployment slots and a `bar` site with `staging` and `prod` deployment slots, configure `letsencrypt:webApps` to be `foo;bar{staging};bar{prod}`. Different deployment slots are treated as different web apps and the normal setting rules apply, so you would still need to configure the regular settings for each of them (e.g. `letsencrypt:foo-subscriptionId`, `letsencrypt:bar{staging}-subscriptionId`, `letsencrypt:bar{prod}-subscriptionId` and so forth). ### Shared configuration It is sometimes useful to share configuraiton settings beween web apps. For example, you might be using the same client credentials, the same subscription ID, or the same resource group for multiple web apps. In order to share a configuration setting between web apps, simply omit the `webAppName-` component of the configuration key. For example, in order to configure shared client credentials, set the `letsencrypt:clientId` app setting and `letsencrypt:clientSecret` connection string. These values will now be used by default for all configured web apps, unless explicitly overriden by setting the fully WebApp-qualified key name (by including the `webAppName-` component, e.g. `letsencrypt:mySpecialSite-clientId`).