Deploying Retool with PostgreSQL

Retool is a low-code platform that makes it fast and easy to build internal tools. Retool offers many integrations through APIs to data sources like GraphQL, Firebase, MongoDB, Amazon S3, Google Sheets and more and allows you to create GUIs and dashboards around any of these. Developers can use Retool to quickly build powerful tools like dashboards, admin panels or custom apps.

This guide will walk you through the steps to deploy Retool from its official Docker image and set up a PostgreSQL database which Retool will use to store its configuration.

1. Create a new PostgreSQL database. In the networking options, keep TLS enabled and External Access disabled. You can start with the nf-compute-10 plan with 4GB of storage and one replica.

   • When TLS is enabled, a Let’s Encrypt TLS certificate is provisioned for the addon, which will ensure secure communication between the addon and the service we will later create in this project.

   • This PostgreSQL will store the Retool configuration data, not any analytics or dashboards. You will connect your databases or other data sources for GUIs or dashboards once Retool is set up.

2. Create a deployment service. Choose external image as deployment source and the image path will be tryretool/backend:latest from DockerHub. By default Port 3000 will be publicly exposed with the HTTP protocol and Ports 3001 and 3002 will automatically be detected and created using the TCP protocol.

   • The configuration and deployment of the Retool instance requires more compute, therefore for this deployment service, we recommend starting with the nf-compute-100-2 plan (1 vCPU and 2048 MB memory) and one instance. Smaller plans may not be enough for Retool to start properly.

3. Create a new secret group which will store the environment variables and build arguments. We will manually add key value secrets and link the PostgreSQL database we created earlier.

   1. Manual Secrets

      Key	Value
      NODE_ENV	production
      BASE_DOMAIN	The unique service code.run deployment URL or linked custom domain (hostname only)
      LICENSE_KEY	Your license key for Retool
      JWT_SECRET	256 character random key
      ENCRYPTION_KEY	64 character random key

      

      • JWT_SECRET and ENCRYPTION_KEY can be generated using our random key generator in the secret groups or environment editors. Click the key icon in the top right to generate a random key.

      • If you are running Linux you can run cat /dev/urandom | base64 | head -c 256 and cat /dev/urandom | base64 | head -c 64.

      • Descriptions for the keys required can be found in the Retool documentation here.

   2. Inherited connection details from the database

      Variable name	Alias
      host	POSTGRES_HOST
      port	POSTGRES_PORT
      tlsEnabled	POSTGRES_SSL_ENABLED
      database	POSTGRES_DB
      username	POSTGRES_USER
      password	POSTGRES_PASSWORD

      

      • All of the alias values can be found in this Github page, except the Alias for tlsEnabled which is found in this Retool documentation page.

      • Inheriting environment variables ensures that the database connection details are automatically injected in the environment, avoiding the need to manually copy and paste them.

Once your secret group is created, go back to the deployment service and rollout restart the service to make sure the environment variables are updated. Once the restart is finished, go to the service URL where you will be prompted to create your Retool user and connect to your data sources!