-
Notifications
You must be signed in to change notification settings - Fork 0
/
webapp.bicep
178 lines (162 loc) · 4.15 KB
/
webapp.bicep
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
@description('Deploy in VNet')
param vnet bool
@description('Server Name for Azure app service')
param appServicePlanName string
@description('Name for Azure Web app')
param webAppName string
@description('Location for all resources.')
param location string
@description('Name of the VNet')
param virtualNetworkName string
@description('Name of the integration subnet')
param integrationSubnetName string
@description('Name of azure key vault')
param keyVaultName string
@description('Secret Name of the ctf database url in key vault')
param ctfDatabaseUrlSecretName string
@description('Secret Name of the ctf cache url in key vault')
param ctfCacheUrlSecretName string
@description('Log Anaytics Workspace Id')
param logAnalyticsWorkspaceId string
@description('App Service Plan SKU tier')
param appServicePlanSkuTier string
@description('App Service Plan SKU name')
param appServicePlanSkuName string
resource appServicePlan 'Microsoft.Web/serverfarms@2020-12-01' = {
name: appServicePlanName
location: location
kind: 'linux'
properties: {
reserved: true
}
sku: {
name: appServicePlanSkuName
tier: appServicePlanSkuTier
}
}
resource webApp 'Microsoft.Web/sites@2022-03-01' = {
name: webAppName
location: location
tags: {}
identity: {
type: 'SystemAssigned'
}
properties: {
virtualNetworkSubnetId: (vnet ? resourceId('Microsoft.Network/virtualNetworks/subnets', virtualNetworkName, integrationSubnetName) : null)
vnetRouteAllEnabled: (vnet ? true : false)
siteConfig: {
appSettings: [
{
name: 'DATABASE_URL'
value: '@Microsoft.KeyVault(SecretUri=https://${keyVaultName}.vault.azure.net/secrets/${ctfDatabaseUrlSecretName}/)'
}
{
name: 'REDIS_URL'
value: '@Microsoft.KeyVault(SecretUri=https://${keyVaultName}.vault.azure.net/secrets/${ctfCacheUrlSecretName}/)'
}
{
name: 'REVERSE_PROXY'
value: 'False'
}
{
name: 'WEBSITES_PORT'
value: '8000'
}
{
name: 'DOCKER_REGISTRY_SERVER_URL'
value: 'https://index.docker.io'
}
]
linuxFxVersion: 'DOCKER|ctfd/ctfd:latest'
}
serverFarmId: appServicePlan.id
}
}
resource appServiceAppSettings 'Microsoft.Web/sites/config@2020-06-01' = {
parent: webApp
name: 'logs'
properties: {
applicationLogs: {
fileSystem: {
level: 'Warning'
}
}
httpLogs: {
fileSystem: {
retentionInMb: 40
retentionInDays: 5
enabled: true
}
}
failedRequestsTracing: {
enabled: true
}
detailedErrorMessages: {
enabled: true
}
}
}
resource diagnosticsSettings 'Microsoft.Insights/diagnosticSettings@2021-05-01-preview' = {
name: '${webAppName}-diagnostics'
scope: webApp
properties: {
logs: [
{
category: 'AppServiceHTTPLogs'
categoryGroup: null
enabled: true
retentionPolicy: {
days: 0
enabled: false
}
}
{
category: 'AppServiceConsoleLogs'
categoryGroup: null
enabled: true
retentionPolicy: {
days: 0
enabled: false
}
}
{
category: 'AppServiceAppLogs'
categoryGroup: null
enabled: true
retentionPolicy: {
days: 0
enabled: false
}
}
{
category: 'AppServiceAuditLogs'
categoryGroup: null
enabled: false
retentionPolicy: {
days: 0
enabled: false
}
}
{
category: 'AppServiceIPSecAuditLogs'
categoryGroup: null
enabled: false
retentionPolicy: {
days: 0
enabled: false
}
}
{
category: 'AppServicePlatformLogs'
categoryGroup: null
enabled: true
retentionPolicy: {
days: 0
enabled: false
}
}
]
workspaceId: logAnalyticsWorkspaceId
}
}
output servicePrincipalId string = webApp.identity.principalId