--- title: "Budibase - Form Builder & Database" publish: true --- Budibase is shaping up to be out webapp development platform of choice! Learning as we go with it :) ## Budibase Installation and Public Deployment Manual with Cloudflared Tunnel ### Table of Contents: 1. Overview 2. Requirements 3. Installing Docker and Docker Compose on Ubuntu 4. Configuring Budibase with Docker Compose 5. Setting Up Cloudflare Tunnel for Public Access 6. Cloudflare SSL Configuration and HTTPS for Secure Traffic 7. Setting Up Network Proxies for Budibase 8. Outbound Allow-list Configuration 9. Complete Deployment Instructions 10. Monitoring and Future Management 11. Helpful Commands and Troubleshooting --- ### 1. Overview This guide provides step-by-step instructions to install **Budibase** on an **Ubuntu** server and securely deploy it using a **Cloudflare Tunnel**. By following these instructions, Budibase will be available over the internet with a Cloudflare-proxied domain, secured by HTTPS, and configured to route traffic through an organizational HTTP/HTTPS proxy. --- ### 2. Requirements Before we start, here is what you'll need: - An Ubuntu (or other Linux) system with typical system requirements (Docker supported). - An internet connection. - A Cloudflare account (free-tier works fine). - Domain registered in Cloudflare (you will point your domain's DNS to Cloudflare). - A proxy (if you are using an organizational proxy for HTTP and HTTPS). --- ### 3. Installing Docker and Docker Compose on Ubuntu #### 3.1 Install Docker Run the following commands to install Docker on your Ubuntu machine: ```bash # Update the system packages. sudo apt update # Install prerequisite packages. sudo apt install apt-transport-https ca-certificates curl software-properties-common # Add Docker's official GPG key. curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg # Set up the Docker stable repository. echo \ "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu \ $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null # Install Docker. sudo apt update sudo apt install docker-ce docker-ce-cli containerd.io ``` Enable and start Docker: ```bash sudo systemctl enable docker sudo systemctl start docker ``` Verify Docker is successfully installed: ```bash docker --version ``` #### 3.2 Install Docker Compose Install Docker Compose to manage multi-container Docker environments like Budibase: ```bash sudo curl -L "https://github.com/docker/compose/releases/download/v$(curl -s https://api.github.com/repos/docker/compose/releases/latest | grep -Po '"tag_name": "\K[0-9.]+')" -o /usr/local/bin/docker-compose sudo chmod +x /usr/local/bin/docker-compose docker-compose --version ``` --- ### 4. Configuring Budibase with Docker Compose #### 4.1 Download Budibase Docker Compose Configuration Files Start by creating a directory to store Budibase Docker Compose files: ```bash mkdir ~/budibase && cd ~/budibase ``` Create the `docker-compose.yml` file: ```bash nano docker-compose.yml ``` Paste the following content into this file: ```yaml version: "3" services: app-service: restart: unless-stopped image: budibase.docker.scarf.sh/budibase/apps container_name: bbapps environment: SELF_HOSTED: 1 COUCH_DB_URL: http://${COUCH_DB_USER}:${COUCH_DB_PASSWORD}@couchdb-service:5984 WORKER_URL: http://worker-service:4003 MINIO_URL: http://minio-service:9000 MINIO_ACCESS_KEY: ${MINIO_ACCESS_KEY} MINIO_SECRET_KEY: ${MINIO_SECRET_KEY} INTERNAL_API_KEY: ${INTERNAL_API_KEY} BUDIBASE_ENVIRONMENT: ${BUDIBASE_ENVIRONMENT} PORT: 4002 API_ENCRYPTION_KEY: ${API_ENCRYPTION_KEY} JWT_SECRET: ${JWT_SECRET} REDIS_URL: redis-service:6379 REDIS_PASSWORD: ${REDIS_PASSWORD} BB_ADMIN_USER_EMAIL: ${BB_ADMIN_USER_EMAIL} BB_ADMIN_USER_PASSWORD: ${BB_ADMIN_USER_PASSWORD} worker-service: restart: unless-stopped image: budibase.docker.scarf.sh/budibase/worker container_name: bbworker environment: SELF_HOSTED: 1 PORT: 4003 MINIO_URL: http://minio-service:9000 COUCH_DB_URL: http://${COUCH_DB_USER}:${COUCH_DB_PASSWORD}@couchdb-service:5984 minio-service: restart: unless-stopped image: minio/minio volumes: - minio_data:/data command: server /data --console-address ":9001" redis-service: restart: unless-stopped image: redis command: redis-server --requirepass "${REDIS_PASSWORD}" volumes: - redis_data:/data couchdb-service: restart: unless-stopped image: budibase/couchdb environment: - COUCHDB_PASSWORD=${COUCH_DB_PASSWORD} - COUCHDB_USER=${COUCH_DB_USER} volumes: - couchdb3_data:/opt/couchdb/data volumes: couchdb3_data: {} minio_data: {} redis_data: {} ``` Create the `.env` file to store environment variables: ```bash nano .env ``` Paste the following values into the file: ```bash # Port configuration MAIN_PORT=10000 # Secrets (change these for security) API_ENCRYPTION_KEY=testsecret JWT_SECRET=testsecret MINIO_ACCESS_KEY=budibase MINIO_SECRET_KEY=budibase COUCH_DB_PASSWORD=budibase COUCH_DB_USER=budibase REDIS_PASSWORD=budibase INTERNAL_API_KEY=budibase # Optional Admin account BB_ADMIN_USER_EMAIL=admin@example.com BB_ADMIN_USER_PASSWORD=admin ``` --- ### 5. Setting Up Cloudflare Tunnel for Public Access #### 5.1 Installing Cloudflared To expose Budibase publicly while hiding your server’s real IP address, use Cloudflare Tunnel. First, install the `cloudflared` utility. ```bash sudo apt-get install -y curl curl -fsSL https://pkg.cloudflare.com/gpg.pkg.cloudflare.com/gpg | sudo gpg --dearmor -o /usr/share/keyrings/cloudflare-tunnel-archive-keyring.gpg echo "deb [signed-by=/usr/share/keyrings/cloudflare-tunnel-archive-keyring.gpg] https://pkg.cloudflare.com/ $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/cloudflared.list sudo apt-get update sudo apt-get install cloudflared ``` #### 5.2 Authenticating Cloudflared with Cloudflare Run the following command to log into Cloudflare and authenticate the tunnel: ```bash cloudflared tunnel login ``` #### 5.3 Creating the Cloudflare Tunnel ```bash cloudflared tunnel create budibase-tunnel ``` Note the **tunnel ID** and **name** from the output—it is needed later. #### 5.4 Configuring the Cloudflared Tunnel Create the configuration for the tunnel to proxy traffic to Budibase: ```bash sudo mkdir -p /etc/cloudflared/ sudo nano /etc/cloudflared/config.yml ``` Add the following lines: ```yaml tunnel: budibase-tunnel credentials-file: /etc/cloudflared/.json ingress: - hostname: your-subdomain.example.com service: http://localhost:10000 - service: http_status:404 ``` Replace `` with the tunnel ID from the previous step. Replace `your-subdomain.example.com` with your actual domain/subdomain. #### 5.5 Start the Tunnel ```bash cloudflared tunnel run budibase-tunnel ``` Optionally, install **cloudflared** as a service to ensure it runs automatically: ```bash sudo cloudflared service install ``` --- ### 6. Cloudflare SSL Configuration and HTTPS for Secure Traffic #### 6.1 Enable HTTPS in Cloudflare Dashboard 1. Go to **SSL/TLS** in your Cloudflare account. 2. Set the mode to **Full** or **Full (Strict)** (recommended for production). 3. Enable **Always Use HTTPS** to make sure all traffic is routed over HTTPS. #### 6.2 [Optional] Setup Origin SSL Certificates To ensure secure traffic between Cloudflare and your server: 1. Go to **SSL/TLS** > **Origin Server**. 2. Click **Create Certificate**. 3. Copy the **certificate** and **private key** and install them on your server. --- ### 7. Setting Up Network Proxies for Budibase If your server is inside a restricted network where a proxy service is necessary, modify the environment settings to allow proxying for HTTP/HTTPS services: - Modify Docker Compose as follows: ```yaml services: app-service: environment: GLOBAL_AGENT_HTTP_PROXY: http://your-proxy.net GLOBAL_AGENT_HTTPS_PROXY: https://your-proxy.net GLOBAL_AGENT_NO_PROXY: couchdb-service,minio-service,localhost ``` Update **both** `app-service` and `worker-service` to ensure traffic is routed through your proxy server. --- ### 8. Outbound Allow-list Configuration Make sure your firewall or proxy settings allow outbound traffic to the following URLs for Budibase to function fully: - `https://cdn.jsdelivr.net` - `https://fonts.gstatic.com` - `https://rsms.me` - `https://maxcdn.bootstrapcdn.com` - `https://prod-budi-templates.s3-eu-west-1.amazonaws.com` - `https://account.budibase.app` (for license check if required). --- ### 9. Complete Deployment Instructions Now that everything is set up, you can start the deployment: 1. **Start Docker Compose**: ```bash docker-compose up -d ``` 2. **Check Cloudflare Tunnel**: ```bash cloudflared tunnel info ``` 3. Visit your application in the browser at `https://your-subdomain.example.com`. --- ### 10. Monitoring and Future Management - **Monitor Docker Logs** to check the status of your Budibase services: ```bash docker-compose logs -f ``` - **Check the Status of the Tunnel**: ```bash cloudflared tunnel info ``` - **Stop or Restart the Budibase Deployment**: ```bash docker-compose down docker-compose up -d ``` --- ### 11. Helpful Commands and Troubleshooting - **Restart Docker Containers**: ```bash docker-compose down && docker-compose up -d ``` - **Edit Configuration**: ```bash nano docker-compose.yml nano .env ``` - **Debugging Issues**: Check Docker logs for issues: ```bash docker-compose logs ``` Check tunnel status and logs: ```bash cloudflared tunnel info cloudflared tunnel logs ``` --- Congratulations! Following these steps, Budibase should now be securely running and available to the public through your Cloudflare-proxied hostname.