---
layout: default
navsection: installguide
title: Install the API server
navorder: 1
...

# API server setup

## Prerequisites:

1. A GNU/Linux (virtual) machine
2. A domain name for your api server
3. Ruby >= 2.0.0
4. Bundler: `gem install bundler`
5. Curl libraries: `sudo apt-get install libcurl3 libcurl3-gnutls libcurl4-openssl-dev`

## Download the source tree

    git clone https://github.com/curoverse/arvados.git
    cd arvados

See also: [Downloading the source code](https://arvados.org/projects/arvados/wiki/Download) on the Arvados wiki.

## Install gem dependencies

    cd services/api && bundle install

## Configure the API server

Configure the database:

    cp -i config/database.yml.sample config/database.yml

Edit `config/database.yml` to your liking and make sure the database
and db user exist. Then set up the database:
 
    RAILS_ENV=production bundle exec rake db:setup

Then set up omniauth:

    cp -i config/initializers/omniauth.rb.example config/initializers/omniauth.rb

Edit `config/initializers/omniauth.rb`. Choose an *APP_SECRET* and
*APP_ID*. Also set *CUSTOM_PROVIDER_URL*.

Make sure your Omniauth provider knows about your *APP_ID* and *APP_SECRET*
combination.

Edit the main configuration.

    cp -i config/application.yml.example config/application.yml

First, choose a unique 5-character alphanumeric string to use as your
`uuid_prefix`. An example is given that generates a 5-character string
based on a hash of your hostname. The `uuid_prefix` is a unique
identifier for your API server. It also serves as the first part of
the hostname for your API server:

    {{ site.arvados_api_host }}

For a development site, use your own domain instead of arvadosapi.com.

You also need to install a secret_token for signing cookies. Generate
a new secret:

    rake secret

Put it in `config/application.yml` in the production or common section:

    secret_token: your-new-secret-here

You will also want to change `compute_node_nameservers` to suit your
environment.

Consult `application.default.yml` for a full list of configuration
options. Always put your local configuration in `application.yml`
instead of editing `application.default.yml`.

## Apache/Passenger

Set up Apache and Passenger. Point them to the services/api directory in the source tree.

To enable streaming so users can monitor crunch jobs in real time, add
to your Apache configuration:

    PassengerBufferResponse off

## Add an admin user

Point browser to the API endpoint. Log in with a google account.

In the rails console:

    Thread.current[:user] = User.find(1)
    Thread.current[:user].is_admin = true
    User.find(1).update_attributes is_admin: true, is_active: true
    User.find(1).is_admin

This should be

     => true

## Create a token

In rails console

     a = ApiClient.new(owner_uuid:'0'); a.save!
     x = ApiClientAuthorization.new(api_client_id:a.id, user_id:1); x.save; x.api_token