Azure Functions are Microsoft’s serverless offering, and they can be a great option for building simple, scalable applications and APIs. A common practice is to apply a CNAME with your custom domain to the Azure DNS entry, and have users access your application from that domain, “hiding” the implementation. Today HTTPS is necessary, and Azure has built-in capability to apply a custom domain and certificate to your Function App.
If you want to get your certificates from Letsencrypt, there is a site extension by Simon J.K. Pedersen that will handle that for you; there are many great posts that show how to set this up for App Services, and the same approach works for Functions as well, with some additional steps.
All of the existing posts are basically how-to guides, walking you through a manual configuration. This is fine for securing a few sites, but in production we’d ideally automate the process, especially if we’re going to build many small services on top of Azure Functions.
To help with this, I’ve created a sample GitHub repository that contains scripts to automate the setup of an Azure Function App as much as possible. Using Terraform and the Azure CLI, the scripts will:
- Create the basic scaffolding for a Function App (Resource Group, App Service, Application Insights, etc.)
- Configure the App Service with the necessary settings for the extension to work
- Publish two functions–one to manage the Letsencrypt certs, and another test function to verify the cert is working
- Configure the required proxy and route template to handle letsencrypt requests
You will still need to request a CNAME for your Function App, and manually install the extension into your Function app, but the rest of the configuration and creation is taken care of via the scripts, and can be customized as needed!
comments powered by Disqus