← Back to Guides
Profile image for Maria Alonso

By Maria Alonso

Published 11th January 2022

Deploying Retool with PostgreSQL

Retool is a low-code platform that makes it fast and easy to build internal tools. Retool offers many integrations through APIs to data sources like GraphQL, Firebase, MongoDB, Amazon S3, Google Sheets and more and allows you to create GUIs and dashboards around any of these. Developers can use Retool to quickly build powerful tools like dashboards, admin panels or custom apps.

This guide will walk you through the steps to deploy Retool from its official Docker image and set up a PostgreSQL database which Retool will use to store its configuration.

  1. Create a new PostgreSQL database. In the networking options, keep TLS enabled and External Access disabled. You can start with the nf-compute-10 plan with 4GB of storage and one replica.

    • When TLS is enabled, a Let’s Encrypt TLS certificate is provisioned for the addon, which will ensure secure communication between the addon and the service we will later create in this project.

    • This PostgreSQL will store the Retool configuration data, not any analytics or dashboards. You will connect your databases or other data sources for GUIs or dashboards once Retool is set up.

  2. Create a deployment service. Choose external image as deployment source and the image path will be tryretool/backend:latest from DockerHub. By default Port 3000 will be publicly exposed with the HTTP protocol and Ports 3001 and 3002 will automatically be detected and created using the TCP protocol.

    • The configuration and deployment of the Retool instance requires more compute, therefore for this deployment service, we recommend starting with the nf-compute-100-2 plan (1 vCPU and 2048 MB memory) and one instance. Smaller plans may not be enough for Retool to start properly.

  3. Create a new secret group which will store the environment variables and build arguments. We will manually add key value secrets and link the PostgreSQL database we created earlier.

    1. Manual Secrets

      KeyValue
      NODE_ENVproduction
      BASE_DOMAINThe unique service code.run deployment URL or linked custom domain (hostname only)
      LICENSE_KEYYour license key for Retool
      JWT_SECRET256 character random key
      ENCRYPTION_KEY64 character random key

      Environment Secrets

      • JWT_SECRET and ENCRYPTION_KEY can be generated using our random key generator in the secret groups or environment editors. Click the key icon in the top right to generate a random key.

      • If you are running Linux you can run cat /dev/urandom | base64 | head -c 256 and cat /dev/urandom | base64 | head -c 64.

      • Descriptions for the keys required can be found in the Retool documentation here.

    2. Inherited connection details from the database

      Variable nameAlias
      hostPOSTGRES_HOST
      portPOSTGRES_PORT
      tlsEnabledPOSTGRES_SSL_ENABLED
      databasePOSTGRES_DB
      usernamePOSTGRES_USER
      passwordPOSTGRES_PASSWORD

      Addon Connection Details Inheritance

      • All of the alias values can be found in this Github page, except the Alias for tlsEnabled which is found in this Retool documentation page.

      • Inheriting environment variables ensures that the database connection details are automatically injected in the environment, avoiding the need to manually copy and paste them.

Once your secret group is created, go back to the deployment service and rollout restart the service to make sure the environment variables are updated. Once the restart is finished, go to the service URL where you will be prompted to create your Retool user and connect to your data sources!

Share this article with your network