I have…
- [X] Read the following guideline: https://docs.squidex.io/01-getting-started/installation/troubleshooting-and-support. I understand that my support request might get deleted if I do not follow the guideline.
I’m submitting a…
- [ ] Regression (a behavior that stopped working in a new release)
- [ ] Bug report
- [ ] Performance issue
- [X] Documentation issue or request
Current behavior
The instructions for deploying Squidex to Azure creates MongoDB on an Azure Container Instance that is accessible by the entire internet. Currently ACI’s cannot be put behind a private vnet without creating a costly Application Gateway which will only work as long as the ACI’s IP doesn’t change. This does not seem like a secure method of holding content that could be internal to a company.
There is some references in the github and forum to a docker-compose file that has both the mongoDB and the squidex installation (see here), however it does not seem possible to mount the mongoDB to an Azure file share without incurring wiredtiger connection errors. There was some mention of SMB 3.0 not being supported in Azure App Services but that was from 2019 and I’m not sure if it has been updated since.
Expected behavior
It would be nice to have documentation that shows to how to securely host/store data for the mongoDB, or if that is not possible, add a notice that an ACI is not really a secure method of hosting a database.
Minimal reproduction of the problem
- Deploy docker-compose to app services
- add a path mapping from the azure file share to the data/db path of mongodb (or wherever you decide to set the data path to in mongo)
- see wiredtiger errors
Environment
- [ ] Self hosted with docker
- [ ] Self hosted with IIS
- [ x] Self hosted with other version (AZURE)
- [ ] Cloud version
Version: lastest docker image
Browser:
- [ x] Chrome (desktop)
- [ ] Chrome (Android)
- [ ] Chrome (iOS)
- [ x] Firefox
- [ ] Safari (desktop)
- [ ] Safari (iOS)
- [ ] IE
- [ ] Edge
Others:
I have tried for the past week to get this working but the only method seems to be using the ACI, or having the MongoDB store locally which will only persist until the app is restarted.
Has anyone got this working?