SIF/1010/Platform/IdentityServer.json
|
{
"Parameters": { "Package": { "Type": "string", "Description": "The path to the Web Deploy package to deploy.", "DefaultValue": "" }, "SitecoreIdentityCert": { "Type": "string", "Description": "The certificate to use for encryption. Provide the name or the thumbprint.", "DefaultValue": "" }, "LicenseFile": { "Type": "string", "Description": "The path to the Sitecore license file.", "DefaultValue": ".\\License.xml" }, "SiteName": { "Type": "string", "DefaultValue": "IdentityServer", "Description": "The name of the site to be deployed." }, "SiteRoot": { "Type": "String", "Description": "Root folder to install the site to. If left on the default [systemdrive]:\\inetpub\\wwwroot will be used.", "DefaultValue": "" }, "SqlServer": { "Type": "string", "DefaultValue": ".\\SQLSERVER", "Description": "The Sql Server where databases will be installed." }, "SqlDbPrefix": { "Type": "string", "Description": "The prefix used for all Sql databases.", "DefaultValue": "" }, "SqlSecurityDbName": { "Type": "string", "DefaultValue": "_Core", "Description": "The database to use in Security database connection string." }, "SqlSecurityUser": { "Type": "string", "DefaultValue": "securityuser", "Description": "The user to use in Security database connection string." }, "SqlSecurityPassword": { "Type": "string", "DefaultValue": "SIF-Default", "Description": "The Sql password for the Security database connection string." }, "PasswordRecoveryUrl": { "Type": "string", "Description": "Password recovery Url (Url of CM instance).", "DefaultValue": "" }, "AllowedCorsOrigins": { "Type": "string", "Description": "Pipe-separated list of instances (URIs) that are allowed to login via Sitecore Identity.", "DefaultValue": "" }, "ClientSecret": { "Type": "string", "Description": "Client secret of PasswordClient section. It's a random string between 1 and 100 symbols long.", "DefaultValue": "SIF-Default" }, "CustomConfigurationFile": { "Type": "string", "DefaultValue": "", "Description": "Path to file with custom configuration to be deployed in Identity Server folder." }, "HostMappingName": { "Type": "string", "Reference": "SiteName", "Description": "The host name of the site." }, "DnsName": { "Type": "string", "Reference": "SiteName", "Description": "The dns name of the site." }, "PackagesTempLocation": { "Type": "String", "Description": "Alternative location to save WDP packages. If left on the default $Env:Temp will be used.", "DefaultValue": "", "Validate": "[TestPath(variable('Package.Download.Location'))]" }, "DownloadLocations": { "Type": "String", "Description": "File with URI and SHA256 hashes of dynamically downloadable WDPs.", "DefaultValue": ".\\downloads.json" } }, "Variables": { "Sql.Database.Security.Name": "[concat(parameter('SqlDbPrefix'), parameter('SqlSecurityDbName'))]", "Sql.Database.Security.User": "[parameter('SqlSecurityUser')]", "Sql.Database.Security.Password": "[parameter('SqlSecurityPassword')]", "Sql.Database.Security.ConnectionString": "[concat('Data Source=', parameter('SqlServer'), ';Initial Catalog=', variable('Sql.Database.Security.Name'), ';User ID=', variable('Sql.Database.Security.User'), ';Password=', variable('Sql.Database.Security.Password'))]", "Certificates.Store": "Cert:\\Localmachine\\My", "Certificates.Site.Thumbprint": "[GetCertificateThumbprint(parameter('SitecoreIdentityCert'), variable('Certificates.Store'))]", "Certificates.Site.Path": "[joinpath(variable('Certificates.Store'), variable('Certificates.Site.Thumbprint'))]", "Site.Path": "[if(variable('Site.Path.Test'),variable('Site.Path.Default'),variable('Site.Path.Custom'))]", "Site.Path.Default": "[joinpath(environment('SystemDrive'), 'inetpub', 'wwwroot', parameter('SiteName'))]", "Site.Path.Custom": "[joinpath(parameter('SiteRoot'),parameter('SiteName'))]", "Site.Path.Test": "[equal(parameter('SiteRoot'),'')]", "Site.LicenseFolder": "[joinpath(variable('Site.Path'), 'sitecoreruntime')]", "Site.ConfigFolder": "[joinpath(variable('Site.Path'), 'Config', 'production')]", "IdentityServer.Client.Secret": "[parameter('ClientSecret'))]", "Packages.DownloadLocations.File": "[ReadJson(Path:parameter('DownloadLocations'))]", "Packages.DownloadLocations.File.Test": "[TestPath(Path:Parameter('DownloadLocations'))]", "Package.Download.Identifier": "IdentityServer.json", "Package.Download.Location": "[if(variable('Package.Download.Location.Test'),Environment('Temp'),parameter('PackagesTempLocation'))]", "Package.Download.Location.Test": "[equal(parameter('PackagesTempLocation'),'')]", "Package.Download.Object": "[SelectObject(InputObject:variable('Packages.DownloadLocations.File'),ExpandProperty:variable('Package.Download.Identifier'))]", "Package.Download.Uri": "[SelectObject(InputObject:variable('Package.Download.Object'),ExpandProperty:'Uri')]", "Package.Download.Hash": "[SelectObject(InputObject:variable('Package.Download.Object'),ExpandProperty:'Hash')]", "Package.Download.Path": "[JoinPath(variable('Package.Download.Location'),variable('Package.Download.Filename'))]", "Package.Download.Document": "[SplitPath(Path:variable('Package.Download.Uri'),Leaf:true)]", "Package.Download.Filename": "[Split(String:variable('Package.Download.Document'),Characters:'?')]", "Package": "[if(parameter('Package'),parameter('Package'),variable('Package.Download.Path'))]", "Package.Available": "[or(variable('Package.Provided'),not(variable('Packages.DownloadLocations.File.Test')))]", "Package.Provided": "[if(parameter('Package'),parameter('Package'),'')]" }, "Register": { "Tasks": { "RemoveItem": "Remove-Item" }, "ConfigFunction": { "TestPath": "Test-Path", "SelectObject": "Select-Object", "SplitPath": "Split-Path", "GetVariable": "Get-Variable" } }, "Tasks": { "DownloadWDP": { "Description": "Download the WDP and verifies it against the stored hash.", "Type": "DownloadFile", "Params": { "SourceUri": "[variable('Package.Download.URI')]", "DestinationPath": "[variable('Package.Download.Path')]", "Hash": "[variable('Package.Download.Hash')]" }, "Skip": "[variable('Package.Available')]" }, "CreatePaths": { "Description": "Ensure the destination path for the site exists.", "Type": "EnsurePath", "Params": { "Exists": [ "[variable('Site.Path')]" ] } }, "CreateAppPool": { "Description": "Creates or updates the app pool.", "Type": "AppPool", "Params": { "Name": "[parameter('SiteName')]", "Properties": { "ProcessModel": { "identityType": "ApplicationPoolIdentity", "idleTimeoutAction": "Suspend", "loadUserProfile": "True" }, "ManagedRuntimeVersion": "" } } }, "SetAppPoolCertStorePermissions": { "Description": "Set permissions for the App Pool User to access the client certificate.", "Type": "FilePermissions", "Params": { "Path": "[ResolveCertificatePath(variable('Certificates.Site.Path'))]", "Rights": [ { "User": "[concat('IIS AppPool\\', parameter('SiteName'))]", "FileSystemRights": [ "Read" ], "InheritanceFlags": [ "None" ] } ] } }, "CreateWebsite": { "Description": "Creates or updates the IIS website instance.", "Type": "Website", "Params": { "Name": "[parameter('SiteName')]", "ApplicationPool": "[parameter('SiteName')]", "PhysicalPath": "[variable('Site.Path')]" } }, "StopWebsite": { "Description": "Stops the website if it is running.", "Type": "ManageWebsite", "Params": { "Name": "[parameter('SiteName')]", "Action": "Stop" } }, "StopAppPool": { "Description": "Stops the app pool if it is running.", "Type": "ManageAppPool", "Params": { "Name": "[parameter('SiteName')]", "Action": "Stop" } }, "CreateRegistryStorageForAppPool": { "Description": "Provisions the HKLM registry so that the specified user account can persist auto-generated machine keys.", "Type": "ManageKeyStorage", "Params": { "AppPoolName": "[parameter('SiteName')]", "Action": "Create" } }, "RemoveDefaultBinding": { "Description": "Removes the default *:80 web binding.", "Type": "WebBinding", "Params": { "SiteName": "[parameter('SiteName')]", "Remove": [ { "Port": "80", "IPAddress": "*" } ] } }, "CreateBindingsWithThumbprint": { "Description": "Configures the site bindings for the website.", "Type": "WebBinding", "Params": { "SiteName": "[parameter('SiteName')]", "Add": [ { "HostHeader": "[parameter('DNSName')]", "Protocol": "https", "SSLFlags": 1, "Thumbprint": "[variable('Certificates.Site.Thumbprint')]" } ] }, "Skip": "[not(parameter('SitecoreIdentityCert'))]" }, "CreateHostHeader": { "Description": "Sets a hostheader for the website.", "Type": "HostHeader", "Params": { "HostName": "[parameter('HostMappingName')]" }, "Skip": "[not(parameter('HostMappingName'))]" }, "SetPermissions": { "Description": "Sets permissions for the app pool user.", "Type": "FilePermissions", "Params": { "Path": "[variable('Site.Path')]", "Rights": [ { "User": "[concat('IIS AppPool\\', parameter('SiteName'))]", "FileSystemRights": "FullControl", "InheritanceFlags": [ "ContainerInherit", "ObjectInherit" ] } ] } }, "InstallWDP": { "Description": "Syncs the web deploy package with the website.", "Type": "WebDeploy", "Params": { "Verb": "Sync", "Arguments": { "Source": { "Package": "[resolvepath(variable('Package'))]" }, "Dest": "Auto", "SetParam": [ { "Name": "IIS Web Application Name", "Value": "[parameter('SiteName')]" }, { "Name": "Security Connection String", "Value": "[variable('Sql.Database.Security.ConnectionString')]" }, { "Name": "CertificateThumbprint", "Value": "[variable('Certificates.Site.Thumbprint')]" }, { "Name": "PasswordRecoveryUrl", "Value": "[parameter('PasswordRecoveryUrl')]" }, { "Name": "AllowedCorsOrigins", "Value": "[parameter('AllowedCorsOrigins')]" }, { "Name": "ClientSecret", "Value": "[variable('IdentityServer.Client.Secret')]" } ] } } }, "CreateLicenseFolder": { "Description": "Ensure the destination path for the license exists.", "Type": "EnsurePath", "Params": { "Exists": [ "[variable('Site.LicenseFolder')]" ] } }, "SetLicense": { "Description": "Copies the license file to the instance license folder.", "Type": "Copy", "Params": { "Source": "[resolvepath(parameter('LicenseFile'))]", "Destination": "[variable('Site.LicenseFolder')]" }, "Skip": "[not(parameter('LicenseFile'))]" }, "CustomConfigFile": { "Description": "Copies the custom config file to the instance config folder.", "Type": "Copy", "Params": { "Source": "[resolvepath(parameter('CustomConfigurationFile'))]", "Destination": "[variable('Site.ConfigFolder')]" }, "Skip": "[not(parameter('CustomConfigurationFile'))]" }, "StartAppPool": { "Description": "Starts the app pool.", "Type": "ManageAppPool", "Params": { "Name": "[parameter('SiteName')]", "Action": "Start" } }, "StartWebsite": { "Description": "Starts the website.", "Type": "ManageWebsite", "Params": { "Name": "[parameter('SiteName')]", "Action": "Start" } } }, "UninstallTasks": { "StopWebsite": { "Description": "Stops the website if it is running.", "Type": "ManageWebsite", "Params": { "Name": "[parameter('SiteName')]", "Action": "Stop", "ErrorAction": "SilentlyContinue" } }, "StopAppPool": { "Description": "Stops the app pool if it is running.", "Type": "ManageAppPool", "Params": { "Name": "[parameter('SiteName')]", "Action": "Stop", "ErrorAction": "SilentlyContinue" } }, "DeleteRegistryStorageForAppPool": { "Description": "Deletes the HKLM registry so that the specified user account can persist auto-generated machine keys.", "Type": "ManageKeyStorage", "Params": { "AppPoolName": "[parameter('SiteName')]", "Action": "Delete" } }, "RemoveAppPool": { "Description": "Removes the AppPool.", "Type": "RemoveAppPool", "Params": { "Name": "[parameter('SiteName')]" } }, "RemoveWebsite": { "Description": "Removes the website.", "Type": "RemoveWebsite", "Params": { "Name": "[parameter('SiteName')]" } }, "RemoveContent": { "Description": "Removes website content.", "Type": "RemoveItem", "Params": { "Path": "[variable('Site.Path')]", "Recurse": true, "ErrorAction": "SilentlyContinue" } }, "RemoveHostHeader": { "Description": "Removes the hostheader for the website.", "Type": "HostHeader", "Params": { "HostName": "[parameter('SiteName')]", "Action": "Remove" } } } } |