# Install Bigpicture Edition
TIP
If you encounter any issues, please provide a detailed description of the problem in the Bigpicture edition ticket system on Github. (opens new window)
# Prerequisites
A cluster must be installed and running before proceeding with the installation. See Clusters.
# Installation
This installation procedure is for desktop or laptop computers running a Debian based Linux operating systems.
You must have installed Docker engine (opens new window) and git, and have root permissions (sudo in Debian/Ubuntu).
Clone the repository on your computer:
git clone --branch BP2025.1 https://github.com/Cytomine-ULiege/Cytomine-bigpicture-edition.git1Go into the cloned folder:
cd Cytomine-bigpicture-edition1Edit the file
cytomine.templateif you want to change default values (like URLs and/or SMTP setup) and also to configure the light import of BP Structured datasets (See specific features).WARNING
The variable
SCHEDULER_MASTER_URLandSCHEDULER_OAUTH_TOKENhave to be set to the value generated by your cluster in order to use the App Engine. See MicroK8s Cytomine configuration for more information on how to get these values.Launch the Cytomine installer. This will create all the folders and files necessary to launch Cytomine with Compose:
sudo docker pull cytomine/installer sudo docker run -v $(pwd):/install --user "$(id -u):$(id -g)" --rm -it cytomine/installer:latest deploy -s /install1
2Launch cytomine:
sudo docker compose up -d1Cytomine is ready to be used:
- If you have kept the default values your Cytomine is now available on http://localhost/ (opens new window).
- By default, an admin account has been created for you. To connect to the platform in your browser, retrieve the randomly generated admin password by opening the
cytomine.ymlfile and go toservices: default: core : constant: ADMIN_PASSWORD:. You can use this password with theadminusername to get authenticated on your Cytomine.
# Update configuration
If you want to change the configuration of a running instance:
Update your configuration in the
cytomine.templatefile.Relaunch the Cytomine installer to update your configuration file:
sudo docker pull cytomine/installer sudo docker run -v $(pwd):/install --user "$(id -u):$(id -g)" --rm -it cytomine/installer:latest deploy -s /install1
2Restart your running instance:
sudo docker compose restart1
# Stop Cytomine
To stop your Cytomine instance, use:
sudo docker compose down
The server is stopped but data (databases and images) are preserved.
# OIDC Identity Broker LS-AAI integration configuration
Cytomine uses keycloak as IAM and also as a broker to negotiate with LS-AAI to authenticate users using authorization_code flow and go to https://127.0.0.1/iam/realms/cytomine/.well-known/openid-configuration (opens new window) for the metadata, for configuration follow steps below:
# A. Configure the broker
- Access keycloak admin console https://127.0.0.1/iam/admin (opens new window) and authenticate using the default
adminuser and find the password for it incytomine.ymlunderKEYCLOAK_ADMIN_PASSWORDand notice this is not the cytomine admin. - Click
Identity Providersin the menu. - From the
Add providerlist, selectOpenID Connect v1.0orkeycloak openID connect. Redirect URIis prefilled- Enter display name as
LS_AAI - Enter this link
https://login.aai.lifescience-ri.eu/oidc/.well-known/openid-configurationinDiscovery Endpointfor LS-AAI OIDC metadata - In
client authenticationselectClient secret set as basic auth - Contact cytomine team at Uliege to get the
client IDandclient secret, clickcontact usbutton below - Click save
# B. Map claims to roles
The following config assigns the role admin to all external users and this is mandatory.
- Go to
Mapperstab click onadd mapper - Enter
namefor the mapper and keepsync mode overrideas inherit - Select
Hardcoded Role Mapper - From client
coreselectADMINrole - Click save
once steps above are followed a new button appears in the login form to start the authentication process for users coming from other organizations.