Node-RED on Ubuntu 24.04 on Azure User Guide

Overview

Node-RED is the low-code, flow-based development tool for event-driven applications. Its browser-based editor lets you wire together hardware devices, APIs and online services from a rich palette of nodes, then deploy flows to its lightweight Node.js runtime in a single click. It is the de facto standard for IoT integration, API orchestration, home and industrial automation, and rapid prototyping of event-driven logic. The cloudimg image installs Node-RED 5.0.0 on Node.js 22 LTS, runs it as a dedicated systemd service bound to loopback behind an nginx reverse proxy on port 80 with HTTP Basic auth, persists all flows and settings on a dedicated Azure data disk, and generates a unique editor password on the first boot of every VM. Backed by 24/7 cloudimg support.

What is included:

• Node-RED 5.0.0 on Node.js 22 LTS, installed globally via npm
• The browser flow editor and runtime, fronted by nginx on :80 (the editor websocket is proxied)
• HTTP Basic auth (the editor controls a runtime that can execute code, so it is bound to loopback) with a per-VM password in a root-only file
• A dedicated Azure data disk at /var/lib/node-red holding flows, settings and palette nodes - separate from the OS disk and re-provisioned with every VM
• node-red.service + nginx.service as systemd units, enabled and active
• 24/7 cloudimg support

Prerequisites

An active Azure subscription, an SSH key pair, and a VNet + subnet in the target region. Standard_B2ms (2 vCPU / 8 GiB RAM) is a good starting point; scale up for large flows or many concurrent messages. NSG inbound: allow 22/tcp from your management network and 80/tcp for the editor (front with TLS for public exposure - see Enabling HTTPS).

Step 1 - Deploy from the Azure Marketplace

Sign in to the Azure Portal, choose Create a resource, search the Marketplace for Node-RED by cloudimg, and select Create. On Basics pick your subscription, resource group, region and size; under Administrator account choose SSH public key and paste your key; under Inbound port rules allow SSH (22) and HTTP (80). Review the dedicated data disk on the Disks tab, then Review + create -> Create.

Step 2 - Deploy from the Azure CLI

az vm create \
  --resource-group <your-rg> \
  --name node-red \
  --image <marketplace-image-urn> \
  --size Standard_B2ms \
  --admin-username azureuser \
  --ssh-key-values ~/.ssh/id_ed25519.pub \
  --vnet-name <your-vnet> --subnet <your-subnet> \
  --public-ip-sku Standard

az vm open-port --resource-group <your-rg> --name node-red --port 80 --priority 1010

Step 3 - Connect to your VM

ssh azureuser@<vm-public-ip>

Step 4 - Confirm the services are running

systemctl is-active node-red.service nginx.service

Both services report active. Node-RED starts in a few seconds while the Node.js runtime loads the flow file.

Step 5 - Retrieve your editor password

The admin password is generated uniquely on the first boot of your VM and written to a root-only file:

sudo cat /root/node-red-credentials.txt

This file contains NODE_RED_ADMIN_USER (admin) and NODE_RED_ADMIN_PASSWORD, plus the editor URL. Store the password somewhere safe.

Step 6 - Check the health endpoint

nginx serves an unauthenticated health endpoint for load balancers and probes:

curl -s http://localhost/health

It returns ok.

Step 7 - Open the flow editor

Browse to http://<vm-public-ip>/ and sign in as admin with the password from Step 5. The Node-RED editor opens with the node palette on the left, the flow canvas in the centre, and the information and debug sidebars on the right. Drag nodes from the palette onto the canvas, wire them together, and click Deploy to run your flow.

Double-click any node to configure it. Function nodes let you transform messages with JavaScript:

The main menu gives you import/export, flow management and settings:

Step 8 - Confirm the runtime from the command line

The Node-RED runtime exposes a /settings endpoint behind the same Basic auth. Confirm it is serving and reports its version:

curl -s -u admin:<NODE_RED_ADMIN_PASSWORD> http://localhost/settings | head -c 300; echo

You get a JSON response that includes "version":"5.0.0" along with the runtime configuration.

Step 9 - Install extra palette nodes

Node-RED has a catalogue of thousands of community nodes for databases, messaging, cloud services, dashboards and protocols. Install them from the editor via Menu -> Manage palette -> Install, or from the command line into the user directory:

sudo -u node-red npm --prefix /var/lib/node-red install node-red-dashboard

After installing from the command line, restart Node-RED so it loads the new nodes:

sudo systemctl restart node-red

Step 10 - Confirm flows live on the dedicated disk

Your flows, settings, credentials and installed nodes are stored on the dedicated Azure data disk so they survive OS changes and can be resized independently:

findmnt /var/lib/node-red

The mount is backed by a separate Azure data disk captured into the image and re-provisioned on every VM.

Enabling HTTPS

The nginx reverse proxy terminates plain HTTP on port 80. For public exposure, put a certificate in front of it - add a DNS name for the VM and use the companion cloudimg nginx-ssl-certbot image as a TLS reverse proxy, or install certbot and extend the existing nginx site with a listen 443 ssl; server block. Keep Node-RED itself bound to loopback so the only public surface is the authenticated, TLS-terminated proxy. The proxy already forwards the websocket the editor needs.

Maintenance

• Flows: edit and deploy from the browser editor; the flow file lives at /var/lib/node-red/flows.json.
• Backups: snapshot the /var/lib/node-red data disk to back up flows, credentials and installed nodes.
• Upgrades: sudo npm install -g node-red@latest then sudo systemctl restart node-red.
• Security patches: unattended-upgrades remains enabled so the OS continues to receive security updates automatically.

Support

cloudimg provides 24/7 expert support for this image. Contact support@cloudimg.co.uk.