Digital Ocean

Create Droplet

In this section, we are going to create a Droplet. For more information, refer to .

1. First, Click Droplets from the dropdown

1. Select Data Region and a Basic $6/mo Droplet type

1. Select Authentication Method. In this example, we are going to use Password

1. After a while you should be able to see your droplet created successfully

How to Connect to your Droplet

Install Docker

1. Copy

   curl -fsSL https://get.docker.com -o get-docker.sh

2. Copy

   sudo sh get-docker.sh

3. Install docker-compose:

sudo curl -L "https://github.com/docker/compose/releases/download/1.29.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose

1. Set permission:

sudo chmod +x /usr/local/bin/docker-compose

Setup

1. Clone the repo

git clone https://github.com/FlowiseAI/Flowise.git

1. Cd into docker folder

cd Flowise && cd docker

1. Create a .env file. You can use your favourite editor. I'll use nano

nano .env

1. Specify the env variables:

PORT=3000
DATABASE_PATH=/root/.flowise
APIKEY_PATH=/root/.flowise
SECRETKEY_PATH=/root/.flowise
LOG_PATH=/root/.flowise/logs
BLOB_STORAGE_PATH=/root/.flowise/storage

1. (Optional) You can also specify FLOWISE_USERNAME and FLOWISE_PASSWORD for app level authorization. See more https://github.com/FlowiseAI/FlowiseDocs/blob/main/en/configuration/deployment/broken-reference/README.md

2. Then press Ctrl + X to Exit, and Y to save the file

3. Run docker compose

docker compose up -d

1. You can then view the app: "Your Public IPv4 DNS":3000. Example: 176.63.19.226:3000

2. You can bring the app down by:

docker compose stop

1. You can pull from latest image by:

docker pull flowiseai/flowise

Adding Reverse Proxy & SSL

A reverse proxy is the recommended method to expose an application server to the internet. It will let us connect to our droplet using a URL alone instead of the server IP and port number. This provides security benefits in isolating the application server from direct internet access, the ability to centralize firewall protection, a minimized attack plane for common threats such as denial of service attacks, and most importantly for our purposes, the ability to terminate SSL/TLS encryption in a single place.

A lack of SSL on your Droplet will cause the embeddable widget and API endpoints to be inaccessible in modern browsers. This is because browsers have begun to deprecate HTTP in favor of HTTPS, and block HTTP requests from pages loaded over HTTPS.

Step 1 — Installing Nginx

1. Nginx is available for installation with apt through the default repositories. Update your repository index, then install Nginx:

sudo apt update
sudo apt install nginx

Press Y to confirm the installation. If you are asked to restart services, press ENTER to accept the defaults.

1. You need to allow access to Nginx through your firewall. Having set up your server according to the initial server prerequisites, add the following rule with ufw:

sudo ufw allow 'Nginx HTTP'

1. Now you can verify that Nginx is running:

systemctl status nginx

Output:

● nginx.service - A high performance web server and a reverse proxy server
     Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: enabled)
     Active: active (running) since Mon 2022-08-29 06:52:46 UTC; 39min ago
       Docs: man:nginx(8)
   Main PID: 9919 (nginx)
      Tasks: 2 (limit: 2327)
     Memory: 2.9M
        CPU: 50ms
     CGroup: /system.slice/nginx.service
             ├─9919 "nginx: master process /usr/sbin/nginx -g daemon on; master_process on;"
             └─9920 "nginx: worker process

Next you will add a custom server block with your domain and app server proxy.

Step 2 — Configuring your Server Block + DNS Record

It is recommended practice to create a custom configuration file for your new server block additions, instead of editing the default configuration directly.

1. Create and open a new Nginx configuration file using nano or your preferred text editor:

sudo nano /etc/nginx/sites-available/your_domain

1. Insert the following into your new file, making sure to replace your_domain with your own domain name:

server {
    listen 80;
    listen [::]:80;
    server_name your_domain; #Example: demo.flowiseai.com
    location / {
        proxy_pass http://localhost:3000;
        proxy_http_version 1.1;
        proxy_set_header Host $host;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_cache_bypass $http_upgrade;
    }
}

1. Save and exit, with nano you can do this by hitting CTRL+O then CTRL+X.

2. Next, enable this configuration file by creating a link from it to the sites-enabled directory that Nginx reads at startup, making sure again to replace your_domain with your own domain name::

sudo ln -s /etc/nginx/sites-available/your_domain /etc/nginx/sites-enabled/

1. You can now test your configuration file for syntax errors:

sudo nginx -t

1. With no problems reported, restart Nginx to apply your changes:

sudo systemctl restart nginx

1. Go to your DNS provider, and add a new A record. Name will be your domain name, and value will be the Public IPv4 address from your droplet

Nginx is now configured as a reverse proxy for your application server. You should now be able to open the app: http://yourdomain.com.

Step 3 — Installing Certbot for HTTPS (SSL)

If you'd like to add a secure https connection to your Droplet like https://yourdomain.com, you'll need to do the following:

1. For installing Certbot and enabling HTTPS on NGINX, we will rely on Python. So, first of all, let's set up a virtual environment:

apt install python3.10-venv
sudo python3 -m venv /opt/certbot/
sudo /opt/certbot/bin/pip install --upgrade pip

1. Afterwards, run this command to install Certbot:

sudo /opt/certbot/bin/pip install certbot certbot-nginx

1. Now, execute the following command to ensure that the certbot command can be run:

sudo ln -s /opt/certbot/bin/certbot /usr/bin/certbot

1. Finally, run the following command to obtain a certificate and let Certbot automatically modify the NGINX configuration, enabling HTTPS:

sudo certbot --nginx

1. After following the certificate generation wizard, we will be able to access our Droplet via HTTPS using the address https://yourdomain.com

Set up automatic renewal

To enable Certbot to automatically renew the certificates, it is sufficient to add a cron job by running the following command:

echo "0 0,12 * * * root /opt/certbot/bin/python -c 'import random; import time; time.sleep(random.random() * 3600)' && sudo certbot renew -q" | sudo tee -a /etc/crontab > /dev/null

Congratulations!

Steps to update Flowise on Digital Ocean

1. Navigate to the directory you installed flowise in

cd Flowise/docker

1. Stop and remove docker image

Note: This will not delete your flows as the database is stored in a separate folder

sudo docker compose stop
sudo docker compose rm

1. Pull the latest Flowise Image

docker pull flowiseai/flowise

1. Start the docker

docker compose up -d