Where
app
is specified in all of the sections below below, replace with the name of the each app module in lowercase in place ofapp
. For instance,staffing
andreporting
. What is shown below is just a template for how to configure each app module.
In IIS Manager, click the Application Pools section in the Connections panel. For the API + each app module, create the following app pool:
Name | .NET CLR Version | Managed Pipeline Mode |
---|---|---|
api |
No Managed Code | Integrated |
app |
No Managed Code | Integrated |
Once created, right-click each app pool, click Advanced Settings... and in the Process Model section, set the Identity to the GMSA in the format Domain\account. For example, DOMAIN\gmsa-svcaccount$
. You do not need to provide a password because it is a GMSA.
In File Explorer, navigate to C:\inetpub\wwwroot
and the following folders:
- api
- app
For each of the above directories, right-click the Sites section in the Connections panel of IIS Manager and click Add Website.
Provide the following settings for each site:
Site Name | Application Pool | Physical Path | Binding Type | IP Address | Port | Host Name |
---|---|---|---|---|---|---|
api | api | C:\inetpub\wwwroot\api |
http | IIS IP Address | 80 | api.[domain] |
app | app | C:\inetpub\wwwroot\app |
http | IIS IP Address | 80 | app.[domain] |
The following configurations assume you have installed the IIS modules for URL Rewrite and CORS.
The final configuration steps involve modifying the C:\Windows\System32\inetsrv\config\applicationHost.config
file with the proper URL Rewrite and CORS configurations. To open the config
directory in VS Code, open Run (Win + R) on the IIS server and execute the following:
code C:\Windows\System32\inetsrv\config
The following sections are added to the bottom of the applicationHost.config
file just above the closing </configuration>
tag.
The following configuration is needed to allow Angular applications to manage their own internal routing. The <conditions>
section defines the scenarios where the rule is ignored. For all other cases, URLs encountered by IIS are rewritten to root /
.
<configuration>
<!-- current IIS configuration -->
<system.webServer>
<rewrite>
<rules>
<rule name="angular-dotnet-rules" stopProcessing="true">
<match url=".*" />
<conditions logicalGrouping="MatchAll">
<add input="{REQUEST_FILENAME}" matchType="IsFile" negate="true" />
<add input="{REQUEST_FILENAME}" matchType="IsDirectory" negate="true" />
<add input="{REQUEST_URI}" pattern="^/(api)" negate="true" />
<add input="{REQUEST_URI}" pattern="^/(docs)/([_0-9a-z-/]+)*\.([\w\d]+)" negate="true" />
<add input="{REQUEST_URI}" pattern="^/(files)" negate="true" />
<add input="{REQUEST_URI}" pattern="^/(logger)" negate="true" />
<add input="{REQUEST_URI}" pattern="^/(office)" negate="true" />
<add input="{REQUEST_URI}" pattern="^/(profile-pics)" negate="true" />
<add input="{REQUEST_URI}" pattern="^/(swagger)" negate="true" />
<add input="{REQUEST_URI}" pattern="^/(sync)" negate="true" />
<add input="{REQUEST_URI}" pattern="^/(channel)" negate="true" />
</conditions>
<action type="Rewrite" url="/" />
</rule>
</rules>
</rewrite>
</system.webServer>
</configuration>
The following configures CORS on the API and allows access to each of the app modules. Use the demonstrated <add />
configuration as a template for each app module. It is added directly following the <\system.webServer>
tag in the above configuration.
<configuration>
<location path="api">
<system.webServer>
<httpProtocol>
<customHeaders>
<add name="Access-Control-Allow-Methods" value="GET, POST, PUT, DELETE, OPTIONS, HEAD" />
<add name="Access-Control-Allow-Headers" value="COntent-Type, Accept" />
</customHeaders>
</httpProtocol>
<cors enabled="true" failUnlistedOrigins="true">
<add origin="http://[app].[domain]" allowCredentials="true">
<allowHeaders allowAllRequestedHeaders="true" />
<allowMethods>
<add method="GET" />
<add method="HEAD" />
<add method="POST" />
<add method="PUT" />
<add method="DELETE" />
</allowMethods>
<exposeHeaders>
<add header="Content-Disposition" />
<add header="Access-Control-Allow-Origin" />
</exposeHeaders>
</add>
</cors>
</system.webServer>
</location>
</configuration>