The app should be able to connect to MySQL over TLS/SSL
There are several ways to implement a web application such as Xibo. In my particular setup, I already have MySQL infrastructure, and a cloud that can handle web applications. But Xibo is not setup to communicate with MySQL securely.
Additionally, you are unable to destroy the container and recreate it unless SQL is external. Otherwise, when you destroy the container, the data is gone.
In order to properly run the SQL server outside of the container, Xibo needs to be able to communicate with SQL over TLS/SSL. Otherwise, the only truly secure way to lock down Xibo is to either run SQL on the container itself, or to completely lock down the network it connects through.
I know this was suggested before, but I want to re-open the suggestion. Having SQL communicate securely should be a top priority to enhance the security of Xibo.