---
layout: default
navsection: installguide
title: Install Workbench
...
{% comment %}
Copyright (C) The Arvados Authors. All rights reserved.
SPDX-License-Identifier: CC-BY-SA-3.0
{% endcomment %}
# "Install dependencies":#dependencies
# "Update config.yml":#update-config
# "Update Nginx configuration":#update-nginx
# "Trusted client flag":#trusted_client
# "Install arvados-workbench":#install-packages
# "Restart the API server and controller":#restart-api
# "Confirm working installation":#confirm-working
h2(#dependencies). Install dependencies
# "Install Ruby and Bundler":ruby.html
# "Install nginx":nginx.html
# "Install Phusion Passenger":https://www.phusionpassenger.com/library/walkthroughs/deploy/ruby/ownserver/nginx/oss/install_passenger_main.html
h2(#configure). Update config.yml
Edit @config.yml@ to set the keys below. The full set of configuration options are in the "Workbench section of config.yml":{{site.baseurl}}/admin/config.html
Services:
Workbench1:
ExternalURL: "https://workbench.ClusterID.example.com"
Workbench:
SecretKeyBase: aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
Users:
AutoAdminFirstUser: true
This application needs a secret token. Generate a new secret:
~$ ruby -e 'puts rand(2**400).to_s(36)'
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
Then put that value in the @Workbench.SecretKeyBase@ field.
You probably want to enable @Users.AutoAdminFirstUser@ . The first user to log in when no other admin user exists will automatically be made an admin.
h2(#update-nginx). Update nginx configuration
Use a text editor to create a new file @/etc/nginx/conf.d/arvados-workbench.conf@ with the following configuration. Options that need attention are marked in red.
server {
listen 80;
server_name workbench.ClusterID.example.com;
return 301 https://workbench.ClusterID.example.com$request_uri;
}
server {
listen 443 ssl;
server_name workbench.ClusterID.example.com;
ssl_certificate /YOUR/PATH/TO/cert.pem;
ssl_certificate_key /YOUR/PATH/TO/cert.key;
root /var/www/arvados-workbench/current/public;
index index.html;
passenger_enabled on;
# If you're using RVM, uncomment the line below.
#passenger_ruby /usr/local/rvm/wrappers/default/ruby;
# `client_max_body_size` should match the corresponding setting in
# the API.MaxRequestSize and Controller's server's Nginx configuration.
client_max_body_size 128m;
}
h2(#trusted_client). Trusted client flag
In the API server project root, start the Rails console. {% include 'install_rails_command' %}
Create an ApiClient record for your Workbench installation with the @is_trusted@ flag set.
irb(main):001:0> include CurrentApiClient
=> true
irb(main):002:0> act_as_system_user do ApiClient.create!(url_prefix: "https://workbench.ClusterID.example.com/", is_trusted: true) end
=> #<ApiClient id: 2, uuid: "...", owner_uuid: "...", modified_by_client_uuid: nil, modified_by_user_uuid: "...", modified_at: "2019-12-16 14:19:10", name: nil, url_prefix: "https://workbench.ClusterID.example.com/", created_at: "2019-12-16 14:19:10", updated_at: "2019-12-16 14:19:10", is_trusted: true>
{% assign arvados_component = 'arvados-workbench' %}
{% include 'install_packages' %}
{% include 'restart_api' %}
h2(#confirm-working). Confirm working installation
Visit @https://workbench.ClusterID.example.com@ in a browser. You should be able to log in using the login method you configured in the previous step. If @Users.AutoAdminFirstUser@ is true, you will be an admin user.