DEV Community

bwieckow
bwieckow

Posted on

Custom domain for Pay-As-You-Go Azure App Service

Having your application deployed to AppService in Azure with cheapest AppService Plan you are not allowed to customize your domain. Here I will show you how you can quickly overcome it with your own server.
image

Prerequisites:

  • Having server accessible via SSH constantly running.
  • SSL certificates generated.

    (NOTE: You can easily generate your SSL certificates with Let’s Encrypt)

  • DNS entry poinit secrets.your.domain to IP of your server:
    secrets.your.domain. 59 IN A 104.245.210.170

Setting up custom domain

If you have all above configured you are able to follow below steps:

  • Log in to your server.
  • Install NGINX on your OS. E.g CentOS: sudo yum install nginx
  • Nginx does not start on its own. To get Nginx running, type: sudo systemctl start nginx image
  • Enable HTTP/HTTPS communication in your firewall. E.g. CentOS:
sudo firewall-cmd --permanent --zone=public --add-service=http
sudo firewall-cmd --permanent --zone=public --add-service=https
sudo firewall-cmd –reload
Enter fullscreen mode Exit fullscreen mode
  • Create location for your SSL certificates close to NGINX config and put them there:
mkdir /etc/nginx/ssl
mv fullchain.pem /etc/nginx/ssl/your.domain.crt
mv privatekey.pem /etc/nginx/ssl/your.domain.key
Enter fullscreen mode Exit fullscreen mode
  • Create new config file: vim /etc/nginx/conf.d/secerts.your.domain.conf
  • This part will redirect HTTP to HTTPS:
server {
  listen 80;
   listen [::]:80;
   server_name secrets.your.domain;
   return 301 https://$host$request_uri;
}
Enter fullscreen mode Exit fullscreen mode
  • This part will execute proxy pass to the target URL:
 server {
       listen      443 ssl http2 default_server;
       listen      [::]:443 ssl http2 default_server;
       server_name secrets.your.domain;
       root        /usr/share/nginx/html;
       ssl_certificate "/etc/nginx/ssl/your.domain.crt";
       ssl_certificate_key "/etc/nginx/ssl/your.domain.key";
       ssl_session_cache shared:SSL:1m;
       ssl_session_timeout 10m;
       ssl_ciphers HIGH:!aNULL:!MD5;
       ssl_prefer_server_ciphers on;
       location / {
           proxy_pass https://some-service-secrets.azurewebsites.net;
       }
       error_page 404 /404.html;
       location = /404.html {
       }
       error_page 500 502 503 504 /50x.html;
       location = /50x.html {
       }
   }
Enter fullscreen mode Exit fullscreen mode
  • Reload NGINX: nginx -s reload or systemctl restart nginx image

Top comments (0)