---
layout: default
navsection: installguide
-title: Install the Arvados Workbench application
+title: Install Workbench
...
+{% comment %}
+Copyright (C) The Arvados Authors. All rights reserved.
-h2. Prerequisites
+SPDX-License-Identifier: CC-BY-SA-3.0
+{% endcomment %}
-# A GNU/linux (virtual) machine (can be shared with the API server)
-# A hostname for your Workbench application
+# "Install dependencies":#dependencies
+# "Update config.yml":#update-config
+# "Update Nginx configuration":#update-nginx
+# "Trusted client flag":#trusted_client
+# "Install arvados-workbench":#install-packages
+# "Restart the API server and controller":#restart-api
+# "Confirm working installation":#confirm-working
-h2. Download the source tree
+h2(#dependencies). Install dependencies
-Please follow the instructions on the "Download page":https://arvados.org/projects/arvados/wiki/Download in the wiki.
+# "Install Ruby and Bundler":ruby.html
+# "Install nginx":nginx.html
+# "Install Phusion Passenger":https://www.phusionpassenger.com/library/walkthroughs/deploy/ruby/ownserver/nginx/oss/install_passenger_main.html
-The Workbench application is in @arvados/apps/workbench@.
+h2(#configure). Update config.yml
-h2. Configure the Workbench application
+Edit @config.yml@ to set the keys below. The full set of configuration options are in the "Workbench section of config.yml":{{site.baseurl}}/admin/config.html
+
+<notextile>
+<pre><code> Services:
+ Workbench1:
+ ExternalURL: <span class="userinput">"https://workbench.ClusterID.example.com"</span>
+ Workbench:
+ SecretKeyBase: <span class="userinput">aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa</span>
+ Users:
+ AutoAdminFirstUser: true
+</code></pre>
+</notextile>
This application needs a secret token. Generate a new secret:
<notextile>
-<pre><code>~/arvados/apps/workbench$ <span class="userinput">rake secret</span>
+<pre><code>~$ <span class="userinput">ruby -e 'puts rand(2**400).to_s(36)'</span>
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
</code></pre>
</notextile>
-Copy @config/application.yml.example@ to @config/application.yml@ and edit it appropriately for your environment.
+Then put that value in the @Workbench.SecretKeyBase@ field.
-* Set @secret_token@ to the string you generated with @rake secret@.
-* Point @arvados_login_base@ and @arvados_v1_base@ at your "API server":install-api-server.html
-* @site_name@ can be any string to identify this Workbench.
-* Assuming that the SSL certificate you use for development isn't signed by a CA, make sure @arvados_insecure_https@ is @true@.
+You probably want to enable @Users.AutoAdminFirstUser@ . The first user to log in when no other admin user exists will automatically be made an admin.
-Copy @config/piwik.yml.example@ to @config/piwik.yml@ and edit to suit.
+h2(#update-nginx). Update nginx configuration
-h3. Apache/Passenger (optional)
+Use a text editor to create a new file @/etc/nginx/conf.d/arvados-workbench.conf@ with the following configuration. Options that need attention are marked in <span class="userinput">red</span>.
-Set up Apache and Passenger. Point them to the apps/workbench directory in the source tree.
+<notextile>
+<pre><code>server {
+ listen 80;
+ server_name workbench.<span class="userinput">ClusterID.example.com</span>;
+ return 301 https://workbench.<span class="userinput">ClusterID.example.com</span>$request_uri;
+}
+
+server {
+ listen 443 ssl;
+ server_name workbench.<span class="userinput">ClusterID.example.com</span>;
+
+ ssl_certificate <span class="userinput">/YOUR/PATH/TO/cert.pem</span>;
+ ssl_certificate_key <span class="userinput">/YOUR/PATH/TO/cert.key</span>;
+
+ root /var/www/arvados-workbench/current/public;
+ index index.html;
+
+ passenger_enabled on;
+ # If you're using RVM, uncomment the line below.
+ #passenger_ruby /usr/local/rvm/wrappers/default/ruby;
+
+ # `client_max_body_size` should match the corresponding setting in
+ # the API.MaxRequestSize and Controller's server's Nginx configuration.
+ client_max_body_size 128m;
+}
+</code></pre>
+</notextile>
-h2. Trusted client setting
+h2(#trusted_client). Trusted client flag
-Log in to Workbench once (this ensures that the Arvados API server has a record of the Workbench client).
+In the <strong>API server</strong> project root, start the Rails console. {% include 'install_rails_command' %}
-In the API server project root, start the rails console. Locate the ApiClient record for your Workbench installation, then set the `is_trusted` flag for the appropriate client record:
+Create an ApiClient record for your Workbench installation with the @is_trusted@ flag set.
-<notextile><pre><code>~/arvados/services/api$ <span class="userinput">RAILS_ENV=development bundle exec rails console</span>
-irb(main):001:0> <span class="userinput">ApiClient.where('url_prefix like ?', '%workbench%')</span>
-=> {:id => 1234}
-irb(main):002:0> <span class="userinput">ApiClient.find(1234).update_attributes is_trusted: true</span>
+<notextile><pre><code>irb(main):001:0> <span class="userinput">include CurrentApiClient</span>
+=> true
+irb(main):002:0> <span class="userinput">act_as_system_user do ApiClient.create!(url_prefix: "https://workbench.ClusterID.example.com/", is_trusted: true) end</span>
+=> #<ApiClient id: 2, uuid: "...", owner_uuid: "...", modified_by_client_uuid: nil, modified_by_user_uuid: "...", modified_at: "2019-12-16 14:19:10", name: nil, url_prefix: "https://workbench.ClusterID.example.com/", created_at: "2019-12-16 14:19:10", updated_at: "2019-12-16 14:19:10", is_trusted: true>
</code></pre>
</notextile>
+
+{% assign arvados_component = 'arvados-workbench' %}
+
+{% include 'install_packages' %}
+
+{% include 'restart_api' %}
+
+h2(#confirm-working). Confirm working installation
+
+Visit @https://workbench.ClusterID.example.com@ in a browser. You should be able to log in using the login method you configured in the previous step. If @Users.AutoAdminFirstUser@ is true, you will be an admin user.
projects / arvados.git / blobdiff