Artificial Intelligence (AI) Azure

Flowise on Ubuntu 24.04 on Azure User Guide

| Product: Flowise on Ubuntu 24.04 LTS on Azure

Overview

Flowise is the open source, low code visual builder for AI agents, chatbots and LLM workflows. You drag and drop nodes to chain models, prompts, vector stores, retrieval and tools, then publish the result as an API or an embeddable chat widget - all running on your own VM. The cloudimg image installs Docker CE from the official Docker repository and runs Flowise as a container (managed by Docker with a restart policy), bound to the loopback connector 127.0.0.1:3000 behind an nginx reverse proxy on port 80. nginx protects the whole app with HTTP Basic Auth, and a unique login password is generated on the first boot of every VM. Flowise's own project data - the SQLite database, encryption keys, uploads and your saved flows - lives on a dedicated Azure data disk, and each boot pulls the latest published Flowise image so your VM is never left on a stale build. Backed by 24/7 cloudimg support.

What is included:

  • Flowise running as a container managed by Docker, pulled fresh (latest) on first boot
  • Docker CE preinstalled from the official Docker apt repository
  • The Flowise builder UI on :80, fronted by nginx with HTTP Basic Auth
  • A unique Basic Auth login password generated on first boot and recorded in a root-only file
  • A dedicated Azure data disk at /var/lib/flowise holding the SQLite database, keys and uploads
  • docker.service + nginx.service as systemd units, enabled and active
  • An unauthenticated /healthz endpoint for Azure Load Balancer health probes
  • Streaming and websocket friendly nginx proxy configuration for agent responses
  • 24/7 cloudimg support

Prerequisites

An active Azure subscription, an SSH key pair, and a VNet + subnet in the target region. Standard_B2s (2 vCPU / 4 GiB RAM) is a reasonable starting point - Flowise itself is a builder and orchestration layer; the heavy inference happens on whichever model provider you connect it to. NSG inbound: allow 22/tcp from your management network and 80/tcp. Flowise serves plain HTTP on port 80; for production, terminate TLS in front of it with your own domain and consider adding 443/tcp (see Maintenance). You will also need your own API key for whichever LLM provider you plan to use (OpenAI, Anthropic, Google Gemini, Groq, Mistral, OpenRouter), or a reachable local inference server such as Ollama.

Step 1 - Deploy from the Azure Marketplace

Sign in to the Azure Portal, choose Create a resource, search the Marketplace for Flowise by cloudimg, and select Create. On Basics pick your subscription, resource group, region and size; under Administrator account choose SSH public key and paste your key; under Inbound port rules allow SSH (22) and HTTP (80). Review the dedicated data disk on the Disks tab, then Review + create -> Create.

Step 2 - Deploy from the Azure CLI

az vm create \
  --resource-group <your-rg> \
  --name flowise \
  --image <marketplace-image-urn> \
  --size Standard_B2s \
  --admin-username azureuser \
  --ssh-key-values ~/.ssh/id_ed25519.pub \
  --vnet-name <your-vnet> --subnet <your-subnet> \
  --public-ip-sku Standard

az vm open-port --resource-group <your-rg> --name flowise --port 80 --priority 1010

Step 3 - Connect to your VM

ssh azureuser@<vm-public-ip>

Step 4 - Confirm the services are running

systemctl is-active docker.service nginx.service
docker ps --filter name=flowise --format 'table {{.Names}}\t{{.Image}}\t{{.Status}}'

Both systemd units report active, and Docker shows the flowise container Up. Docker manages the Flowise container (bound to the loopback connector 127.0.0.1:3000), and nginx fronts it on port 80 behind HTTP Basic Auth.

docker.service and nginx.service active, and the flowise container healthy on the loopback connector 3000

Step 5 - Retrieve your login credentials

The appliance's network access gate is HTTP Basic Auth (user admin). The password is generated uniquely on the first boot of your VM and written to a root-only file:

sudo cat /root/flowise-credentials.txt

This file contains FLOWISE_URL, FLOWISE_USERNAME and FLOWISE_PASSWORD. Store the password somewhere safe - it is the key to the reverse proxy gate in front of Flowise.

The Flowise image reference and the per-VM credentials file with the generated admin password and URL

Step 6 - Confirm the health endpoint

nginx serves an unauthenticated health endpoint for load balancers and probes:

curl -s http://localhost/healthz

It returns ok. This endpoint never requires authentication, so it is safe for an Azure Load Balancer health probe.

Step 7 - Confirm the login password is enforced

Because a password is set on first boot, an unauthenticated request to Flowise is rejected (HTTP 401), so nobody reaches your builder or your saved flows without the password:

curl -s -o /dev/null -w '%{http_code}\n' http://127.0.0.1/

It prints 401. A wrong password is also rejected with 401; only the per-VM password from Step 5 returns 200:

curl -s -o /dev/null -w '%{http_code}\n' -u 'admin:<FLOWISE_PASSWORD>' http://127.0.0.1/

This prints 200.

nginx returning 401 for an unauthenticated request and 200 once the per-VM admin password is supplied, with a note that your provider keys are stored encrypted on the data disk

Step 8 - Sign in and create your Flowise account

Browse to http://<vm-public-ip>/. Your browser first prompts for HTTP Basic Auth credentials - enter admin and the password from Step 5. Behind that gate, Flowise shows a one time Setup Account screen on first visit: enter an administrator name, a valid email (used as your login id) and a password (at least 8 characters with upper case, lower case, a digit and a special character), then Sign Up. This account is stored only in your VM's own database on the dedicated data disk - no external connection is made.

The Flowise Setup Account first run screen behind the nginx Basic Auth gate

Step 9 - Explore the dashboard

After signing in you land on the Chatflows dashboard. The left rail gives you Chatflows (single agent systems, chatbots and simple LLM flows), Agentflows (multi agent systems), Assistants, Marketplaces, Tools, Credentials, Variables, API Keys and Document Stores. A fresh install shows "No Chatflows Yet" - you will create your first from a template in the next steps.

The signed in Flowise Chatflows dashboard with the full builder navigation

Step 10 - Browse the Marketplace of templates

Open Marketplaces from the left rail to explore prebuilt agent and chatflow templates - Agentic RAG, Agents Handoff, Deep Research, Human in the Loop, Interacting with API and many more. These are ready made starting points you can open on the canvas and adapt.

The Flowise Marketplace of prebuilt agent and chatflow templates

Step 11 - Open a flow on the visual canvas

Select a template to open it in Flowise's drag and drop canvas. Each node is a building block - a Start node, a model that detects user intention, and downstream agents each bound to a model - wired together with edges. Before you run a flow, open Credentials in the left rail and add your own LLM provider API key (OpenAI, Anthropic, Gemini, Groq, Mistral, OpenRouter) or point a node at a local endpoint; the key is encrypted and stored only in this VM's database on the data disk. Then press Use Template (or the play control) to save it as your own chatflow and start chatting.

A multi agent template opened in the Flowise drag and drop visual canvas showing nodes and edges

Step 12 - Confirm your project data lives on the dedicated disk

Flowise's SQLite database, encryption keys, uploads and your saved flows are stored under /var/lib/flowise on the dedicated Azure data disk, so they survive OS changes and can be resized independently:

findmnt /var/lib/flowise

The mount is backed by a separate Azure data disk captured into the image and re-provisioned on every VM.

Maintenance

  • Edge password: the Basic Auth password in front of Flowise is set on first boot. To change it, run sudo sh -c 'printf "admin:%s\n" "$(openssl passwd -apr1 NEW_PASSWORD)" > /var/lib/flowise/.htpasswd' && sudo systemctl reload nginx.
  • Flowise account: your Flowise login (email and password from Step 8) is managed inside the app under the account and workspace settings; it is stored in the VM's own database.
  • LLM API keys: provider keys are entered under Credentials and stored encrypted in the VM database on the data disk - back up /var/lib/flowise to preserve them along with your flows.
  • Upgrades: Flowise runs as the flowise container from flowiseai/flowise:latest, and first boot pulls the latest image automatically. To upgrade an already running VM, run sudo docker pull flowiseai/flowise:latest then recreate the container with the same -p 127.0.0.1:3000:3000 -v /var/lib/flowise:/root/.flowise binding.
  • TLS: Flowise serves plain HTTP on port 80; front it with TLS (for example certbot with your own domain) before production use, especially before entering real API keys.
  • Security patches: unattended-upgrades remains enabled so the OS continues to receive security updates automatically.
  • License: Flowise is Apache 2.0 licensed. This image ships the open source Flowise; the cloudimg charge covers packaging, security patching, image maintenance and support.

Support

cloudimg provides 24/7 expert support for this image. Contact support@cloudimg.co.uk.