One-click secure deployment of a self-hosted Mozilla Sync Service on Azure Container Instances (for synchronizing Firefox bookmarks, passwords, etc.)
This is a pretty simple script that uses both my ARM bootstrapper and my one-click Nginx+LetsEncrypt deployment to create a push button experience for securely self-hosting Firefox sync data on Azure, using Container Instances and Azure Files.
Simply click the buttons below to deploy. If you clone it, either clone both the above repos as well or just leave the hard-coded variable URIs in place.
- Creates a deployment Container Instance using the latest azure-cli Docker image. (azure-bootstrapper)
- Creates an Azure Files storage share for keeping MySQL database, LetsEncrypt certificates and Nginx config. (azure-letsencrypt)
- Clones this repo into the deployment container and executes bootstrap.sh. This script sets correct permissions on the Azure Files storage account, then passes configuration values from the ARM template into the Nginx config. (azure-letsencrypt)
- Creates a separate Container Group consisting of an Nginx container, a Mozilla SyncServer container and a MySQL container. (azure-ffoxsync)
IMPORTANT NOTE: In order to validate the SSL certificate, you will need to create a cname record for your domain and point it at the ACI DNS name in the Azure portal.
Parameter Name | What it does | Default |
---|---|---|
syncDomainName | public DNS record for your Firefox Sync Server | required for SSL support, can set to 'unsecured' for testing |
syncPort | publicly-exposed port for your Firefox Sync Server | defaults to 443 |
ssl-env | LetsEncrypt environment to use for registration | defaults to blank; set this to "staging" for testing |
services: azure-container-instances,azure-files,docker,nginx,letsencrypt,mozilla-sync-server
- add vnet deployment option to enable conditional LetsEncrypt support
- add support for pre-existing storage account
- add support for using AzureDNS to publish DNS entry
- add support for storing certs/secrets in keyvault
- add bootstrapper/inline script to update w better FFox config