Skip to content
/ openwebui-oracle-cloud-setup Public
forked from JimPresting/openwebui-oracle-cloud-setup

Complete setup guide for Open WebUI on Oracle Cloud with SSL, custom domain, and auto-updates

0 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

ZineZhu/openwebui-oracle-cloud-setup

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
README.md
README.md
 
 

Repository files navigation

Open WebUI Setup Guide for Oracle Cloud

Complete guide to install and configure Open WebUI on Oracle Cloud with auto-updates, SSL, and custom domain.

Prerequisites

  • Oracle Cloud VM (Ubuntu 22.04)
  • Domain with DNS management access
  • SSH access to your Oracle Cloud instance

1. Initial Setup

SSH into your Oracle Cloud VM

ssh -i your-ssh-key.key ubuntu@your-vm-ip

Install Docker (if not already installed)

sudo apt update
sudo apt install docker.io -y
sudo systemctl start docker
sudo systemctl enable docker

Create project directory

mkdir ~/openwebui
cd ~/openwebui

2. Firewall Configuration

Configure iptables for port 3001

sudo iptables -I INPUT 6 -p tcp --dport 3001 -j ACCEPT
sudo mkdir -p /etc/iptables
sudo iptables-save | sudo tee /etc/iptables/rules.v4

Oracle Cloud Security Lists

Note: You do NOT need to add port 3001 to Oracle Cloud Security Lists if you're using Nginx proxy (recommended). The traffic will come through port 443 (HTTPS) which should already be open.

Only add port 3001 to Oracle Cloud Security Lists if you want direct IP access:

  1. Go to Networking → Virtual Cloud Networks
  2. Select your VCN → Security Lists → Default Security List
  3. Add Ingress Rules:
    • Source CIDR: 0.0.0.0/0
    • IP Protocol: TCP
    • Destination Port Range: 3001

3. Install Open WebUI

Pull and run Open WebUI container

sudo docker run -d \
  --name openwebui \
  -p 3001:8080 \
  -v $(pwd)/data:/app/backend/data \
  --restart unless-stopped \
  ghcr.io/open-webui/open-webui:main

Verify installation

sudo docker ps

You should see the openwebui container running.

4. Test Access

Direct IP access

Open your browser and navigate to:

http://your-vm-ip:3001

5. SSL and Custom Domain Setup (Optional but Recommended)

Add DNS A-Record

Add an A-record for your subdomain pointing to your VM's IP:

  • Host: chat
  • Type: A
  • Value: your-vm-ip

Install Certbot (if not already installed)

sudo snap install core; sudo snap refresh core
sudo snap install --classic certbot

Get SSL certificate

sudo certbot certonly --nginx -d chat.yourdomain.com

Create Nginx configuration

sudo nano /etc/nginx/sites-available/openwebui.conf

Add this configuration:

server {
    server_name chat.yourdomain.com;
    
    location / {
        proxy_pass http://localhost:3001;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_read_timeout 86400;
    }

    listen 443 ssl;
    ssl_certificate /etc/letsencrypt/live/chat.yourdomain.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/chat.yourdomain.com/privkey.pem;
    include /etc/letsencrypt/options-ssl-nginx.conf;
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
}

server {
    if ($host = chat.yourdomain.com) {
        return 301 https://$host$request_uri;
    }
    
    listen 80;
    server_name chat.yourdomain.com;
    return 404;
}

Enable Nginx configuration

sudo ln -s /etc/nginx/sites-available/openwebui.conf /etc/nginx/sites-enabled/
sudo nginx -t
sudo systemctl reload nginx

Test HTTPS access

Open your browser and navigate to:

https://chat.yourdomain.com

6. Auto-Update Setup

Create update script

nano ~/openwebui/update_openwebui.sh

Add this content:

#!/bin/bash

LOG_FILE="/var/log/openwebui_update.log"

echo "=== Open WebUI Update Started: $(date) ===" >> $LOG_FILE

sudo docker stop openwebui >> $LOG_FILE 2>&1
sudo docker rm openwebui >> $LOG_FILE 2>&1

sudo docker pull ghcr.io/open-webui/open-webui:main >> $LOG_FILE 2>&1

cd ~/openwebui
sudo docker run -d \
  --name openwebui \
  -p 3001:8080 \
  -v $(pwd)/data:/app/backend/data \
  --restart unless-stopped \
  ghcr.io/open-webui/open-webui:main >> $LOG_FILE 2>&1

sudo docker image prune -af >> $LOG_FILE 2>&1

echo "=== Open WebUI Update Completed: $(date) ===" >> $LOG_FILE

Make script executable

chmod +x ~/openwebui/update_openwebui.sh

Setup cronjob

sudo crontab -e

Add these lines:

# Open WebUI auto-update every Sunday at 4 AM
0 4 * * 0 /bin/bash /home/ubuntu/openwebui/update_openwebui.sh >/dev/null 2>&1

# Auto-start after reboot
@reboot sleep 60 && cd /home/ubuntu/openwebui && /usr/bin/docker run -d --name openwebui -p 3001:8080 -v $(pwd)/data:/app/backend/data --restart unless-stopped ghcr.io/open-webui/open-webui:main

7. Data Persistence

Important Notes

  • User data, chats, and configurations are stored in ~/openwebui/data/
  • This directory persists through container updates
  • No backup needed for updates - data is preserved automatically
  • API keys and user accounts remain intact during updates

8. Manual Management Commands

View logs

sudo docker logs openwebui

Stop Open WebUI

sudo docker stop openwebui

Start Open WebUI

cd ~/openwebui
sudo docker run -d \
  --name openwebui \
  -p 3001:8080 \
  -v $(pwd)/data:/app/backend/data \
  --restart unless-stopped \
  ghcr.io/open-webui/open-webui:main

Manual update

bash ~/openwebui/update_openwebui.sh

Check update logs

tail -f /var/log/openwebui_update.log

9. Troubleshooting

Container not starting

sudo docker ps -a
sudo docker logs openwebui

Port conflicts

sudo netstat -tlnp | grep 3001

SSL certificate renewal

Certificates auto-renew, but to manually renew:

sudo certbot renew
sudo systemctl reload nginx

10. Security Notes

Oracle Cloud Egress Rules

Ensure your Oracle Cloud Security Lists allow outbound HTTPS traffic for API calls:

  • Destination CIDR: 0.0.0.0/0
  • IP Protocol: TCP
  • Port Range: 443 (HTTPS outbound)

Firewall Status

To check current iptables rules:

sudo iptables -L INPUT -n -v

Quick Start Summary

  1. Install: sudo docker run -d --name openwebui -p 3001:8080 -v $(pwd)/data:/app/backend/data --restart unless-stopped ghcr.io/open-webui/open-webui:main
  2. Access (if using domain): https://chat.yourdomain.com Direct IP access: Only works if you add port 3001 to Oracle Cloud Security Lists
  3. Optional: Setup domain + SSL following steps 5
  4. Optional: Setup auto-updates following steps 6

Your Open WebUI instance will be accessible and automatically maintained!

About

Complete setup guide for Open WebUI on Oracle Cloud with SSL, custom domain, and auto-updates

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published