description |
---|
Learn how to deploy Flowise on Digital Ocean |
In this section, we are going to create a Droplet. For more information, refer to official guide.
- First, Click Droplets from the dropdown
- Select Data Region and a Basic $6/mo Droplet type
- Select Authentication Method. In this example, we are going to use Password
- After a while you should be able to see your droplet created successfully
For Windows follow this guide.
For Mac/Linux, follow this guide.
-
curl -fsSL https://get.docker.com -o get-docker.sh
-
sudo sh get-docker.sh
- Install docker-compose:
sudo curl -L "https://github.com/docker/compose/releases/download/1.29.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
- Set permission:
sudo chmod +x /usr/local/bin/docker-compose
- Clone the repo
git clone https://github.com/FlowiseAI/Flowise.git
- Cd into docker folder
cd Flowise && cd docker
- Create a
.env
file. You can use your favourite editor. I'll usenano
nano .env
- Specify the env variables:
PORT=3000
DATABASE_PATH=/root/.flowise
APIKEY_PATH=/root/.flowise
SECRETKEY_PATH=/root/.flowise
LOG_PATH=/root/.flowise/logs
BLOB_STORAGE_PATH=/root/.flowise/storage
- (Optional) You can also specify
FLOWISE_USERNAME
andFLOWISE_PASSWORD
for app level authorization. See more broken-reference - Then press
Ctrl + X
to Exit, andY
to save the file - Run docker compose
docker compose up -d
- You can then view the app: "Your Public IPv4 DNS":3000. Example:
176.63.19.226:3000
- You can bring the app down by:
docker compose stop
- You can pull from latest image by:
docker pull flowiseai/flowise
A reverse proxy is the recommended method to expose an application server to the internet. It will let us connect to our droplet using a URL alone instead of the server IP and port number. This provides security benefits in isolating the application server from direct internet access, the ability to centralize firewall protection, a minimized attack plane for common threats such as denial of service attacks, and most importantly for our purposes, the ability to terminate SSL/TLS encryption in a single place.
A lack of SSL on your Droplet will cause the embeddable widget and API endpoints to be inaccessible in modern browsers. This is because browsers have begun to deprecate HTTP in favor of HTTPS, and block HTTP requests from pages loaded over HTTPS.
- Nginx is available for installation with apt through the default repositories. Update your repository index, then install Nginx:
sudo apt update
sudo apt install nginx
Press Y to confirm the installation. If you are asked to restart services, press ENTER to accept the defaults.
- You need to allow access to Nginx through your firewall. Having set up your server according to the initial server prerequisites, add the following rule with ufw:
sudo ufw allow 'Nginx HTTP'
- Now you can verify that Nginx is running:
systemctl status nginx
Output:
● nginx.service - A high performance web server and a reverse proxy server
Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: enabled)
Active: active (running) since Mon 2022-08-29 06:52:46 UTC; 39min ago
Docs: man:nginx(8)
Main PID: 9919 (nginx)
Tasks: 2 (limit: 2327)
Memory: 2.9M
CPU: 50ms
CGroup: /system.slice/nginx.service
├─9919 "nginx: master process /usr/sbin/nginx -g daemon on; master_process on;"
└─9920 "nginx: worker process
Next you will add a custom server block with your domain and app server proxy.
It is recommended practice to create a custom configuration file for your new server block additions, instead of editing the default configuration directly.
- Create and open a new Nginx configuration file using nano or your preferred text editor:
sudo nano /etc/nginx/sites-available/your_domain
- Insert the following into your new file, making sure to replace
your_domain
with your own domain name:
server {
listen 80;
listen [::]:80;
server_name your_domain; #Example: demo.flowiseai.com
location / {
proxy_pass http://localhost:3000;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_cache_bypass $http_upgrade;
}
}
- Save and exit, with
nano
you can do this by hittingCTRL+O
thenCTRL+X
. - Next, enable this configuration file by creating a link from it to the sites-enabled directory that Nginx reads at startup, making sure again to replace
your_domain
with your own domain name::
sudo ln -s /etc/nginx/sites-available/your_domain /etc/nginx/sites-enabled/
- You can now test your configuration file for syntax errors:
sudo nginx -t
- With no problems reported, restart Nginx to apply your changes:
sudo systemctl restart nginx
- Go to your DNS provider, and add a new A record. Name will be your domain name, and value will be the Public IPv4 address from your droplet
Nginx is now configured as a reverse proxy for your application server. You should now be able to open the app: http://yourdomain.com.
If you'd like to add a secure https
connection to your Droplet like https://yourdomain.com, you'll need to do the following:
- For installing Certbot and enabling HTTPS on NGINX, we will rely on Python. So, first of all, let's set up a virtual environment:
apt install python3.10-venv
sudo python3 -m venv /opt/certbot/
sudo /opt/certbot/bin/pip install --upgrade pip
- Afterwards, run this command to install Certbot:
sudo /opt/certbot/bin/pip install certbot certbot-nginx
- Now, execute the following command to ensure that the
certbot
command can be run:
sudo ln -s /opt/certbot/bin/certbot /usr/bin/certbot
- Finally, run the following command to obtain a certificate and let Certbot automatically modify the NGINX configuration, enabling HTTPS:
sudo certbot --nginx
- After following the certificate generation wizard, we will be able to access our Droplet via HTTPS using the address https://yourdomain.com
To enable Certbot to automatically renew the certificates, it is sufficient to add a cron job by running the following command:
echo "0 0,12 * * * root /opt/certbot/bin/python -c 'import random; import time; time.sleep(random.random() * 3600)' && sudo certbot renew -q" | sudo tee -a /etc/crontab > /dev/null
You have successfully setup Flowise on your Droplet, with SSL certificate on your domain 🥳
- Navigate to the directory you installed flowise in
cd Flowise/docker
- Stop and remove docker image
Note: This will not delete your flows as the database is stored in a separate folder
sudo docker compose stop
sudo docker compose rm
- Pull the latest Flowise Image
You can check the latest version release here
docker pull flowiseai/flowise
- Start the docker
docker compose up -d