Dradis Community Edition on Ubuntu 24.04 on Azure User Guide
Overview
Dradis Community Edition is an open-source collaboration and reporting framework for security assessments and penetration tests. It gives a team one place to import scanner output (Nmap, Nessus, Burp Suite, OpenVAS, Qualys and more), organise findings on a shared project tree, and generate consistent reports. The cloudimg image installs Dradis CE v5.2.0 from the official dradis/dradis-ce repository (GPL-2.0) on a hardened, fully patched Ubuntu 24.04 base and runs it as a Ruby on Rails 8 application under Puma, fronted by nginx.
There is no default login: Dradis CE uses a single shared password, and both that password and the Rails SECRET_KEY_BASE are generated uniquely on every VM at first boot — nothing is baked into the image.
What is included:
- Dradis Community Edition v5.2.0 at
/home/dradis/dradis-ce - Ruby 3.4.6 built with rbenv/ruby-build (the tag's pinned
.ruby-version) - Rails 8.0 on Puma 7, bound to
127.0.0.1:3000, reverse-proxied by nginx on:80 - SQLite production database + Redis and a Resque background worker
- Precompiled assets (sprockets + importmap + mini_racer; no Node.js needed)
dradis-firstboot.servicegenerating the per-VM shared password +SECRET_KEY_BASEand completing the CE setup wizard non-interactively- 24/7 cloudimg support
Prerequisites
An active Azure subscription, an SSH key, and a VNet + subnet. Standard_B2s (2 vCPU, 4 GB RAM) is the recommended size for evaluation and small teams; move to D2s_v5 or larger for bigger teams or heavy scanner imports.
Step 1: Deploy from Marketplace
Search for "Dradis Community Edition on Ubuntu 24.04 LTS" in the Azure Marketplace, click Get It Now, then Create. Choose your resource group, region, VM size (Standard_B2s recommended), and SSH public key. Allow inbound port 80 (HTTP) and 22 (SSH) in the network security group.
Step 2: SSH into the VM
ssh azureuser@<vm-ip>
The first boot takes 30-60 seconds (per-VM secret generation, database preparation, setup seeding, service start). Wait for the sentinel before browsing:
while [ ! -f /var/lib/cloudimg/dradis-firstboot.done ]; do echo "waiting..."; sleep 5; done; echo "READY"
Step 3: Verify Services
sudo systemctl is-active redis-server dradis dradis-resque nginx
sudo ss -tlnp | grep -E ':80 |:3000 '
All four services report active; nginx listens on :80 and Puma on 127.0.0.1:3000.

Step 4: Read the Per-VM Shared Password
sudo cat /root/dradis-credentials.txt
Pick up DRADIS_SHARED_PASSWORD and DRADIS_URL from the file. Treat these as secrets — the file is mode 0600 root:root.

Step 5: Confirm the Version
head -1 /home/dradis/dradis-ce/CHANGELOG
This prints the Dradis release line, for example v5.2.0 (July 2026).
Step 6: Secure by Default
Dradis ships with no usable default credentials. The unauthenticated site is gated behind the login, and the per-VM shared password is the only way in. You can prove the reject-versus-accept behaviour with the bundled check:
sudo /usr/local/sbin/dradis-authcheck.sh
A correct password lands on the authenticated project view (HTTP 200); a wrong password is bounced back to /login.

Every application page requires the shared password — there is no open UI:
curl -s -o /dev/null -w '%{http_code}\n' http://127.0.0.1/ # 302 -> /login
curl -s -o /dev/null -w '%{http_code}\n' http://127.0.0.1/login # 200 (public login form)

Step 7: Log In
Browse to http://<vm-ip>/login. Enter any user name to identify yourself, plus the DRADIS_SHARED_PASSWORD from Step 4.

Step 8: The Project Overview
After login you land on the project overview, with the node tree on the left and the Overview, Issues, Methodologies, Upload, Export and QA tabs across the top.

Step 9: Issues
The Issues view is where findings live. Create issues by hand or generate them from imported scanner output, tag and prioritise them, and reuse them across nodes.

Step 10: Import Scanner Output
The Upload manager ingests output from the supported tools (Nmap, Nessus, Burp, OpenVAS, Qualys and others) and turns it into nodes, issues and evidence on the project tree.

Step 11: Components
| Component | Path |
|---|---|
| Dradis install | /home/dradis/dradis-ce/ |
| SQLite database | /home/dradis/dradis-ce/storage/production.sqlite3 |
| Environment file | /etc/dradis/dradis.env (holds SECRET_KEY_BASE) |
| Puma service | dradis.service (127.0.0.1:3000) |
| Resque worker | dradis-resque.service |
| nginx site | /etc/nginx/sites-available/dradis |
| Firstboot script | /usr/local/sbin/dradis-firstboot.sh |
| Credential round-trip check | /usr/local/sbin/dradis-authcheck.sh |
| Credentials | /root/dradis-credentials.txt (mode 0600 root:root) |
| Ruby (rbenv) | /home/dradis/.rbenv/shims/ruby (3.4.6) |
Step 12: Change the Shared Password
Once signed in, open Configuration → Manage (top-right gear) to change the shared password, enable per-user accounts, and adjust session timeout. Rotate the initial per-VM password before adding your team.
Step 13: Backup
The two things to back up are the SQLite database and any uploaded attachments.
sudo systemctl stop dradis dradis-resque
sudo cp /home/dradis/dradis-ce/storage/production.sqlite3 /root/dradis-db-$(date +%Y%m%d).sqlite3
sudo systemctl start dradis dradis-resque
Support
cloudimg provides 24/7 support for this image. For Dradis usage and integrations, see the upstream documentation at https://dradis.com/ce/.