Using a Azure Virtual Machine is the recommended way to deploy Onyx on Azure. It is simple and should meet the performance needs of 90% of organizations looking to use Onyx. The steps are very similar to deploying on AWS EC2. Before we get started, make sure you have an account with Azure and have the necessary permissions to create a VM instance.

Feel free to reach out to us via the links on our Contact Us page for more individual help.

Getting an Instance

Steps to create a VM instance from Azure Cloud Console:

  1. Go to the Azure Console. Click on the Crate option in the Virtual machine section.

  1. Select an existing subscription / resource group or create a new one under your organization.
  2. For instance configuration for Onyx, we recommend at least 16GB of RAM, 4-8vCPU cores, and 500GB of disk for a small-mid sized organization (< 5000 users). You can choose the machine type as per your requirements. If you’re unsure, the D4s_v3 series is a good starting point.

  1. Make sure to allow HTTPS traffic in the firewall settings and valid scopes for the instance.

For the below guide, we will assume that you’ve chosen to use Ubuntu Server. For other operating systems, the steps are similar but you may need to use different commands to install dependencies.

Pointing your Domain to the Instance

Next, we should point your domain to the VM instance we just created. To do this, we need to go to your DNS and add two records. For this guide, I’ll be assuming your DNS provider is GoDaddy, but it should be almost exactly the same for any DNS provider.

If you don’t have a domain to use yet, then you can either buy one from a DNS provider like GoDaddy or just skip HTTPS for now.

First, we need to grab the External IP address of the instance. You can get that from the VM Instance page on the Azure Console.

Finally, we need to head to the DNS provider and add two entries into the DNS:

The first record directs traffic to that domain to your GCP VM instance. The second record will handle www.<YOUR_DOMAIN> and ensure that this also takes the user to your VM instance.

Installing Dependencies

Next, we need to prepare the instance so we can actually get Onyx up and running. To do this, you’ll need three things: git, docker, and docker compose. For Ubuntu Server, this can be done with the following:

# Add Docker's official GPG key:
sudo apt-get update
sudo apt-get install ca-certificates curl
sudo install -m 0755 -d /etc/apt/keyrings
sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc
sudo chmod a+r /etc/apt/keyrings/docker.asc

# Add the repository to Apt sources:
echo \
  "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu \
  $(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \
  sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt-get update

Starting up Onyx

Now that we have everything we need, we can startup Onyx.

First, let’s clone the repo:

git clone https://github.com/onyx-dot-app/onyx.git

Next, let’s set the necessary env variables:

cd onyx/deployment/docker_compose
touch .env
touch .env.nginx

In the .env file, you can copy past the following (filling in the missing fields as needed):

WEB_DOMAIN=<YOUR_DOMAIN>  # something like "https://www.onyx.app"

# if your email is something like "chris@onyx.app", then this should be "onyx.app"
# this prevents people outside your company from creating an account
VALID_EMAIL_DOMAINS=<YOUR_COMPANIES_EMAIL_DOMAIN>

AUTH_TYPE=basic
# if you want to enable email verification, uncomment the following
# REQUIRE_EMAIL_VERIFICATION=true
# SMTP_USER=<GMAIL_ACCOUNT_EMAIL_YOU_WANT_TO_SEND_VERIFICATION_EMAILS_WITH>
# SMTP_PASS=<GMAIL_ACCOUNT_PW_YOU_WANT_TO_SEND_VERIFICATION_EMAILS_WITH>

# if you've gone through the Google OAuth setup guide, then comment out
# the above and uncomment the following
# AUTH_TYPE=google_oauth
# GOOGLE_OAUTH_CLIENT_ID=
# GOOGLE_OAUTH_CLIENT_SECRET=
# SECRET=<RANDOMLY_GENERATED_UUID>

# Default values here are what Postgres uses by default, feel free to change.
POSTGRES_USER=postgres
POSTGRES_PASSWORD=password

In the .env.nginx file, put the following:

DOMAIN=<YOUR_DOMAIN>  # something like "onyx.app"

Next, let’s get our SSL certificate from letsencrypt. To do this, we can simply run:

./init-letsencrypt.sh

If are skipping the HTTPS setup, you should start things up with: docker-compose -f docker-compose.dev.yml -p onyx-stack up -d --build --force-recreate instead of the above. You can then access Onyx from the IP address from earlier.

Voila, you’re all done! 🎉

After waiting a few minutes (you can monitor the progress with docker logs onyx-stack-api_server-1 -f; once you see a log for INFO: Application startup complete. then everything should be good to go).