Azure, >v1.59.0 & Broken Deployments #3630

stefano-co · 2025-08-18T16:07:43Z

stefano-co
Aug 18, 2025

With the release of v1.60 the self-hosted instance we have on Azure broke and won't start anymore. Was there any change that might have impacted this?

Our set up is with the configuration using the guide in the documents for Azure with Docker (https://docs.pwpush.com/assets/files/[PWPush_Setup_Guide_For_Azure.pdf](https://docs.pwpush.com/assets/files/PWPush_Setup_Guide_For_Azure.pdf))

mattgosnell · 2025-08-19T14:00:41Z

mattgosnell
Aug 19, 2025

Hey Stefano-co.

Docker release 1.59.0 and above has introduced "new automatic TLS" > https://github.com/pglombardo/PasswordPusher/releases/tag/v1.59.0

If you look in the Docker config (line 34), you will see that v1.59 and above expose ports 443,80 & 5100.
https://hub.docker.com/layers/pglombardo/pwpush/1.59.0/images/sha256-0081f20cb0affdd17184222026ce4149ae3218f01666e28a56b3a1815f416290

This confuses Azure because Azure web apps in app service plans can only handle one port. If it sees more than one, it will default to port 80.

Here are the three options to get it working again.

Keep Azure doing TLS (simplest for App Service): (This is what I did)

Inside your Azure Web App. > Settings> Environment variables. > Add WEBSITES_PORT and set the value to 5100
This tells Azure to forward traffic to container port 5100 even if the image exposes others.

Leave your custom domain and certificate bound at the App Service level as you had before.

Let the container do TLS (only if you control the public IP directly):

Use Azure Container Apps or Azure Container Instances (not App Service) with external ingress and map 80 and 443 to the container, set TLS_DOMAIN=your.name. ACA terminates TLS at the edge and forwards to your chosen target port; if you want the container to hold the certs itself, give it public 80/443.

If you’re on Azure Container Instances already (not App Service):

ACI can publish multiple ports; make sure you open all you need (e.g., --ports 80 443 5100). But if you’re relying on the new auto-TLS, you only need 80/443 and a TLS_DOMAIN.

2 replies

mattgosnell Aug 19, 2025

@pglombardo You will need to update the Azure docs to reflect the above.

pglombardo Aug 19, 2025
Maintainer

This is excellent information. Thanks for posting! I'll add it to the docs.

stefano-co · 2025-08-19T14:47:24Z

stefano-co
Aug 19, 2025
Author

Thank you @mattgosnell !! This solved the issue. Much appreciated.

0 replies

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Azure, >v1.59.0 & Broken Deployments #3630

Uh oh!

{{title}}

Uh oh!

Replies: 2 comments 2 replies

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{editor}}'s edit

{{editor}}'s edit

Uh oh!

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{title}}

Uh oh!

Select a reply

Uh oh!

Azure, >v1.59.0 & Broken Deployments #3630

Uh oh!

stefano-co Aug 18, 2025

Replies: 2 comments · 2 replies

Uh oh!

Uh oh!

mattgosnell Aug 19, 2025

Uh oh!

mattgosnell Aug 19, 2025

Uh oh!

pglombardo Aug 19, 2025 Maintainer

Uh oh!

stefano-co Aug 19, 2025 Author

stefano-co
Aug 18, 2025

Replies: 2 comments 2 replies

mattgosnell
Aug 19, 2025

pglombardo Aug 19, 2025
Maintainer

stefano-co
Aug 19, 2025
Author