Docker Compose deployment
This guide assumes that all prerequisites have been met. Please visit the corresponding Prerequisites page for your infrastructure provider.
We recommend configuring your database or Redis details in either the tower.yml
or the docker-compose.yml
, but not both.
In order for your DB or Redis volume to persist after a docker restart
, uncomment the volumes
key in the db
or redis
section of your docker-compose.yml file. Use this section to specify a local path to the DB or Redis instance.
Deploy Tower
Environment variables
TOWER_SERVER_URL=http://localhost:8000
TOWER_CONTACT_EMAIL=admin@your-org.com
TOWER_JWT_SECRET=<Replace This With A Secret String containing at least 35 characters>
TOWER_CRYPTO_SECRETKEY=<Replace This With Another Secret String>
TOWER_LICENSE=<YOUR TOWER LICENSE KEY>
# Compute environment settings
TOWER_ENABLE_PLATFORMS=awsbatch-platform,azbatch-platform,gls-platform,k8s-platform,slurm-platform
# DB settings
TOWER_DB_URL=jdbc:mysql://db:3306/tower
TOWER_DB_DRIVER=org.mariadb.jdbc.Driver
TOWER_DB_DIALECT=io.seqera.util.MySQL55DialectCollateBin
TOWER_DB_USER=tower
TOWER_DB_PASSWORD=tower
FLYWAY_LOCATIONS=classpath:db-schema/mysql
# SMTP settings
TOWER_SMTP_HOST=mail
TOWER_SMTP_PORT=587
TOWER_SMTP_USER=foo
TOWER_SMTP_PASSWORD=foo
tower.yml
# Replace these settings with a SMTP server provided by your cloud vendor
# The mail scope is used for providing config to the underlying Micronaut framework
mail:
from: "${TOWER_CONTACT_EMAIL}"
smtp:
host: ${TOWER_SMTP_HOST}
port: ${TOWER_SMTP_PORT}
user: ${TOWER_SMTP_USER}
password: ${TOWER_SMTP_PASSWORD}
# `starttls` should be enabled with a production SMTP host
auth: true
starttls:
enable: false
required: false
# Duration of Tower sign-in email link validity
auth:
mail:
duration: 30m
# The tower scope is used for providing config for your Tower Enterprise installation
tower:
trustedEmails:
- '*@org.xyz'
- 'named_user@org.xyz'
# Tower instance-wide configuration for authentication. For further information, see https://install.tower.nf/latest/configuration/authentication/
auth:
google:
allow-list:
- "*@org.xyz"
oidc:
allow-list:
- "*@org.xyz"
# Tower instance-wide configuration for SCM providers. For further information, see https://install.tower.nf/latest/configuration/git_integration/
scm:
providers:
github:
user: <YOUR GITHUB USER NAME>
password: <YOUR GITHUB ACCESS TOKEN OR PASSWORD>
gitlab:
user: <YOUR GITLAB USER NAME>
password: <YOUR GITLAB PASSWORD>
token: <YOUR GITLAB TOKEN>
bitbucket:
user: <YOUR BITBUCKET USER NAME>
password: <YOUR BITBUCKET TOKEN OR PASSWORD>
docker-compose.yml
version: "3"
services:
db:
image: mysql:5.6
networks:
- backend
expose:
- 3306
environment:
MYSQL_ALLOW_EMPTY_PASSWORD: "yes"
MYSQL_USER: tower
MYSQL_PASSWORD: tower
MYSQL_DATABASE: tower
restart: always
# enable this snippet to store the Mysql data in the host volume
# volumes:
# - $HOME/.tower/db/mysql:/var/lib/mysql
redis:
image: cr.seqera.io/public/redis:5.0.8
networks:
- backend
expose:
- 6379
command: --appendonly yes
restart: always
# enable this snippet to store the Redis data in the host volume
# volumes:
# - $HOME/.tower/db/redis:/data
cron:
image: cr.seqera.io/private/nf-tower-enterprise/backend:v23.1.3
command: -c '/wait-for-it.sh db:3306 -t 60; /migrate-db.sh; /tower.sh'
networks:
- frontend
- backend
volumes:
- $PWD/tower.yml:/tower.yml
env_file:
- tower.env
environment:
- MICRONAUT_ENVIRONMENTS=prod,redis,cron
restart: always
depends_on:
- db
- redis
backend:
image: cr.seqera.io/private/nf-tower-enterprise/backend:v23.1.3
command: -c '/wait-for-it.sh db:3306 -t 60; /tower.sh'
networks:
- frontend
- backend
expose:
- 8080
volumes:
- $PWD/tower.yml:/tower.yml
env_file:
- tower.env
environment:
- MICRONAUT_ENVIRONMENTS=prod,redis,ha
restart: always
depends_on:
- db
- redis
- cron
frontend:
image: cr.seqera.io/private/nf-tower-enterprise/frontend:v23.1.3
networks:
- frontend
ports:
- 8000:80
restart: always
depends_on:
- backend
networks:
frontend: {}
backend: {}
-
Download and configure tower.env.
-
Download and configure tower.yml, update values for allowed emails.
-
Download and configure docker-compose.yml.
The
db
andmail
containers should only be used for local testing; you may remove them if you have configured these services elsewhere.Make sure to customize the
TOWER_ENABLE_PLATFORMS
variable to include the execution platform(s) you will use. -
Deploy Tower and wait for it to initialize (takes a few minutes):
docker-compose up
For more information on configuration, see Configuration options.
Test the application
To make sure that Tower is properly configured, follow these steps:
-
Login to Tower.
-
Create an organization.
-
Create a workspace within that organization.
-
Create a new Compute Environment. Refer to Compute Environments for detailed instructions.
-
Select Quick Launch from the Launchpad tab in your workspace.
-
Enter the repository URL for the
nf-core/rnaseq
pipeline (https://github.com/nf-core/rnaseq
). -
In the Config profiles dropdown, select the
test
profile. -
In the Pipeline parameters text area, change the output directory to a sensible location based on your Compute Environment:
# save to S3 bucket
outdir: s3://<your-bucket>/results
# save to scratch directory (Kubernetes)
outdir: /scratch/results -
Select Launch.
You'll be transitioned to the Runs tab for the workflow. After a few minutes, you'll see the progress logs in the Execution log tab for that workflow.
Once you've made sure that Tower is configured correctly and you can launch workflows, you can run docker-compose up -d
to deploy Tower as a background process. You can then disconnect from the VM instance.