NocoDB on Ubuntu 24.04 on Azure User Guide
Overview
NocoDB is an open-source no-code database platform and Airtable alternative. It turns a SQL database into a smart spreadsheet with grid, gallery, kanban, form and calendar views, an auto-generated REST and GraphQL API, webhooks, roles and real-time collaboration - so a whole team can build applications on shared data without writing code. The cloudimg image runs NocoDB 2026.06.2 from the official container image, stores its metadata in a local PostgreSQL 16 instance whose data directory lives on a dedicated Azure data disk, fronts it with nginx on port 80, and generates a unique admin account on the first boot of every VM. Backed by 24/7 cloudimg support.
What is included:
- NocoDB 2026.06.2 (container
nocodb/nocodb:2026.06.2, AGPL-3.0) with grid, gallery, kanban, form and calendar views - A local PostgreSQL 16 metadata store bound to loopback
127.0.0.1:5432, its data directory on the dedicated data disk - nginx on
:80as a reverse proxy to the loopback NocoDB backend, with WebSocket upgrade headers for realtime, plus an unauthenticated/healthendpoint - An nftables rule that drops any inbound connection to
:8080that does not arrive on loopback, so NocoDB is only reachable through nginx - A per-VM admin account (
admin@cloudimg.local) generated on first boot and recorded in a root-only file - A dedicated Azure data disk at
/var/lib/nocodbfor the PostgreSQL metadata (pgdata) and NocoDB attachments (data) postgresql.service,nocodb.serviceandnginx.serviceas systemd units, enabled and active- 24/7 cloudimg support
Prerequisites
An active Azure subscription, an SSH key pair, and a VNet + subnet in the target region. Standard_B4ms (4 vCPU / 16 GiB RAM) is the recommended size - the NocoDB and PostgreSQL stack is comfortable there. NSG inbound: allow 22/tcp from your management network and 80/tcp. NocoDB serves plain HTTP on port 80; for production, terminate TLS in front of it (an Azure Application Gateway / Front Door, or a reverse proxy with certbot) with your own domain.
Step 1 - Deploy from the Azure Marketplace
Sign in to the Azure Portal, choose Create a resource, search the Marketplace for NocoDB by cloudimg, and select Create. On Basics pick your subscription, resource group, region and size (Standard_B4ms recommended); under Administrator account choose SSH public key and paste your key; under Inbound port rules allow SSH (22) and HTTP (80). Review the dedicated data disk on the Disks tab, then Review + create -> Create.
Step 2 - Deploy from the Azure CLI
az vm create \
--resource-group <your-rg> \
--name nocodb \
--image <marketplace-image-urn> \
--size Standard_B4ms \
--admin-username azureuser \
--ssh-key-values ~/.ssh/id_ed25519.pub \
--vnet-name <your-vnet> --subnet <your-subnet> \
--public-ip-sku Standard
az vm open-port --resource-group <your-rg> --name nocodb --port 80 --priority 1010
Step 3 - Connect to your VM
ssh azureuser@<vm-public-ip>
Step 4 - Confirm the services are running
systemctl is-active postgresql nocodb.service nginx.service
All three report active. On first boot NocoDB creates a per-VM admin against a clean PostgreSQL metadata database.

Step 5 - Retrieve your admin password
The admin password is generated uniquely on the first boot of your VM and written to a root-only file:
sudo cat /root/nocodb-credentials.txt
This file contains NOCODB_ADMIN_EMAIL (admin@cloudimg.local) and NOCODB_ADMIN_PASSWORD. Store the password somewhere safe.
Step 6 - Confirm the health endpoint
nginx serves an unauthenticated health file for load balancers and probes:
curl -s http://localhost/health; echo
It returns ok.

Step 7 - Open the dashboard
Browse to http://<vm-public-ip>/ and sign in as admin@cloudimg.local with the password from Step 5. Open signup is disabled (invite-only), so only accounts you invite can join.

After signing in you land on your workspace. A base is a container for tables, views and their shared data - create one to start building.

Open a table to work in the grid view - a spreadsheet-style editor where each row is a record and each column a typed field. Switch a table to gallery, kanban, form or calendar with a click.

The team and base settings cover members and roles, API tokens, webhooks and other configuration.

Step 8 - Verify authentication from the command line
NocoDB's sign-in endpoint rejects a wrong password and accepts the per-VM admin password. Read the password into a variable, then authenticate through nginx:
NC_PASS=$(sudo grep '^NOCODB_ADMIN_PASSWORD=' /root/nocodb-credentials.txt | cut -d= -f2-)
curl -s -X POST -H 'Content-Type: application/json' \
-d "{\"email\":\"admin@cloudimg.local\",\"password\":\"$NC_PASS\"}" \
http://localhost/api/v1/auth/user/signin | head -c 120; echo
The response contains a "token" field - that JWT authenticates subsequent API calls (for example xc-auth on /api/v2/... endpoints).

Step 9 - Confirm the PostgreSQL backend on the dedicated disk
NocoDB stores its metadata (bases, tables, views, users) in a local PostgreSQL 16 instance whose data directory lives on the dedicated Azure data disk, so it survives container restarts, reboots and resizes:
findmnt /var/lib/nocodb
sudo -u postgres psql -tAc "SELECT count(*) FROM information_schema.tables WHERE table_schema='public'" nocodb
The mount is backed by a separate Azure data disk captured into the image and re-provisioned on every VM. The table count is one or more - the NocoDB metadata schema. PostgreSQL listens on loopback 127.0.0.1:5432 only.
Building your app
NocoDB is a full no-code platform. Create a base, add tables and typed columns, and switch between grid, gallery, kanban, form and calendar views. Share forms to collect data, add filters, sorts and group-bys, wire up webhooks on row changes, and invite teammates with per-base roles. Every table is instantly available through the auto-generated REST and GraphQL API - point any HTTP client at http://<your-domain>/api/v2/ with a token created in the base settings. See the NocoDB documentation for the API reference, views, automations and SDKs.
Maintenance
- Users and roles: invite members and assign per-base roles from the base settings; open signup is disabled by default.
- Backups: snapshot the
/var/lib/nocodbdata disk, or take a logical dump of thenocodbPostgreSQL database. - Data: the PostgreSQL metadata lives under
/var/lib/nocodb/pgdataand NocoDB attachments under/var/lib/nocodb/data. - TLS: NocoDB serves plain HTTP on port 80; front it with TLS (an Azure Application Gateway / Front Door, or certbot) and your own domain before production use.
- Upgrades: NocoDB runs as a container pinned to
nocodb/nocodb:2026.06.2; move to a newer tag and restart the service to upgrade. - Security patches: unattended-upgrades remains enabled so the OS continues to receive security updates automatically.
Support
cloudimg provides 24/7 expert support for this image. Contact support@cloudimg.co.uk.