---
layout: default
navsection: installguide
title: Install Workbench
...
{% comment %}
Copyright (C) The Arvados Authors. All rights reserved.
SPDX-License-Identifier: CC-BY-SA-3.0
{% endcomment %}
# "Install dependencies":#dependencies
# "Update config.yml":#update-config
# "Update Nginx configuration":#update-nginx
# "Install arvados-workbench":#install-packages
# "Restart the API server and controller":#restart-api
# "Confirm working installation":#confirm-working
# "Trusted client setting":#trusted_client
h2(#dependencies). Install dependencies
# "Install Ruby and Bundler":ruby.html
# "Install nginx":nginx.html
# "Install Phusion Passenger":https://www.phusionpassenger.com/library/walkthroughs/deploy/ruby/ownserver/nginx/oss/install_passenger_main.html
h2(#configure). Update config.yml
Edit @/etc/arvados/config.yml@ to set the keys below. The full set of configuration options are in the "Workbench section of config.yml":{{site.baseurl}}/admin/config.html
Services:
Workbench:
ExternalURL: "https://workbench.ClustedID.example.com"
Workbench:
SecretKeyBase: aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
Users:
AutoAdminFirstUser: true
This application needs a secret token. Generate a new secret:
~$ ruby -e 'puts rand(2**400).to_s(36)'
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
Then put that value in the @Workbench.SecretKeyBase@ field.
You probably want to enable @Users.AutoAdminFirstUser@ . The first user to log in when no other admin user exists will automatically be made an admin.
h2(#update-nginx). Update nginx configuration
Use a text editor to create a new file @/etc/nginx/conf.d/arvados-workbench.conf@ with the following configuration. Options that need attention are marked with "TODO".
server {
listen [your public IP address]:443 ssl;
server_name workbench.ClusterID.example.com;
ssl on;
ssl_certificate /YOUR/PATH/TO/cert.pem;
ssl_certificate_key /YOUR/PATH/TO/cert.key;
root /var/www/arvados-workbench/current/public;
index index.html;
passenger_enabled on;
# If you're using RVM, uncomment the line below.
#passenger_ruby /usr/local/rvm/wrappers/default/ruby;
# `client_max_body_size` should match the corresponding setting in
# the API.MaxRequestSize and Controller's server's Nginx configuration.
client_max_body_size 128m;
}
{% assign arvados_component = 'arvados-workbench' %}
{% include 'install_packages' %}
{% include 'restart_api' %}
h2(#confirm-working). Confirm working installation
Visit @https://workbench.ClusterID.example.com@ in a browser. You should be able to log in using the login method you configured in the previous step. If @Users.AutoAdminFirstUser@ is true, you will be an admin user.
h2(#trusted_client). Trusted client flag
Log in to Workbench once to ensure that the Arvados API server has a record of the Workbench client. (It's OK if Workbench says your account hasn't been activated yet. We'll deal with that next.)
In the API server project root, start the Rails console. {% include 'install_rails_command' %}
At the console, enter the following commands to locate the ApiClient record for your Workbench installation (typically, while you're setting this up, the @last@ one in the database is the one you want), then set the @is_trusted@ flag for the appropriate client record:
irb(main):001:0> wb = ApiClient.all.last; [wb.url_prefix, wb.created_at]
=> ["https://workbench.example.com/", Sat, 19 Apr 2014 03:35:12 UTC +00:00]
irb(main):002:0> include CurrentApiClient
=> true
irb(main):003:0> act_as_system_user do wb.update_attributes!(is_trusted: true) end
=> true