Skip to content

Instantly share code, notes, and snippets.

@ca0abinary
Created June 22, 2021 22:16
Show Gist options
  • Save ca0abinary/6997f519b5526f3961e85c8a2a5c63f3 to your computer and use it in GitHub Desktop.
Save ca0abinary/6997f519b5526f3961e85c8a2a5c63f3 to your computer and use it in GitHub Desktop.
Windows Container + IIS + HTTPS (Self-signed) + ARR 3.0 Proxy
# escape=`
FROM mcr.microsoft.com/windows/servercore:20H2
# Windows Features
RUN powershell -Command `
Add-WindowsFeature Web-Server; `
Add-WindowsFeature NET-Framework-45-ASPNET; `
Add-WindowsFeature Web-Asp-Net45; `
Add-WindowsFeature NET-WCF-TCP-Activation45; `
Add-WindowsFeature NET-WCF-HTTP-Activation45;
# Chocolatey
RUN powershell -Command Set-ExecutionPolicy Bypass -Scope Process -Force; iex ((New-Object System.Net.WebClient).DownloadString('https://chocolatey.org/install.ps1'))
# Application Request Router 3.0 + Proxy (only needed for MGC -> Solr communications)
RUN powershell -Command choco install -y iis-arr; `
powershell -Command ."$env:SystemRoot\system32\inetsrv\appcmd" set config -section:system.webServer/proxy /enabled:true /commit:apphost
# Generate self-signed cert for IIS
RUN powershell -Command `
$cert = (New-SelfSignedCertificate -DnsName localhost -CertStoreLocation cert:Localmachine\My).Thumbprint; `
New-WebBinding -Name 'Default Web Site' -IP '*' -Port 443 -Protocol https; `
Get-Item cert:\LocalMachine\MY\$cert ^| New-Item IIS:\SslBindings\0.0.0.0!443;
# RUN %WINDIR%\System32\inetsrv\appcmd set apppool /apppool.name:DefaultAppPool /enable32BitAppOnWin64:true & `
# %WINDIR%\System32\inetsrv\appcmd set apppool /apppool.name:DefaultAppPool /managedRuntimeVersion:'v4.0'
# Copy files
# Expose ports
EXPOSE 80 443
# This runs forever
ENV WEB_LOG_PATH C:\inetpub\logs
ENTRYPOINT ["powershell", "-command", "while (! $(ls -File -Path $env:WEB_LOG_PATH)) { echo \"[$(Get-Date)] Waiting for log\"; sleep 5 }; Get-Content -Path \"$($(ls -File -Path $env:WEB_LOG_PATH | select -first 1).FullName)\" -Last 1 -Wait"]
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment