Odoo on a minimal Centos 7.x / RedHat 7.x web server

An eye on the doc

First steps — just for those who forget something

Create one user account, add the user to the wheel group. This will let you use sudo. Add your ssh-key, from local to remote :

$ ssh-copy-id -i ~/.ssh/id_rsa.pub user@IP

Install yum utilities and some of your favorite’s command-line tools. Yum utilities comes with the useful yum-config-manager. Even if you don’t use it, it can show you the whole params of each repositories. Here below I install  Lynx text browser to read html pages in Midnight-Commander.

# yum install yum-utils
# yum install nano mlocate screen wget mc lynx unzip

Install postgresql-server and start it otherwise Odoo will not be able to create odoo user.

# yum install postgresql-server
# postgresql-setup initdb
$ systemctl start postgresql

Enable EPEL repository

We need complementary packages, not provided by distribution repository. Basicaly we have two solutions :

  1. add Software Collections packages
  2. add new repositories

Software Collections are installed in parallel from distribution’s package. Our server will only run Odoo, so there is no need to separate packages. It is easier to add repositories.

EPEL is Extra Packages for Enterprise Linux. The epel-release package is included in the CentOS Extras repository that is enabled by default. One just need to type :

# yum install epel-release

To clear any cached information, and to make sure the changes are immediately recognized :

# yum clean all 
# yum update

If you need, install some more utilities from Epel. I like p7zip.

Add Odoo repository

Odoo provide package. You can download it or install from nightly builds repository (both are the same).

# yum-config-manager --add-repo=https://nightly.odoo.com/10.0/nightly/rpm/odoo.repo
# yum clean all
# yum update
# yum install odoo
$ systemctl start odoo

Download wkhtmltopdf and install it. Do not use the package from Epel repository as it can’t handle headers and footers.

A bit of testing

Stop Firewalld and connect to http://[your-hostname]:8069/ default login/password is admin/admin. Create a dummy or template database. Don’t install applications, just configure Administrator account :
in configuration menu, go to users and change Administrator’s timezone, email, and choose a solid password. You will be disconnected. Login with the new params. If it’ ok, disconnect again and stop Odoo server. Restart Firewalld to protect your web server.

Basical configuration

Odoo master password, Firewalld, fail2ban, services.

Choose a new Odoo master password. You may play with a password generator. Add it to odoo.conf :

# nano /etc/odoo/odoo.conf

[options]
; This is the password that allows database operations:
admin_passwd = whatever big and solid
db_host = False
db_port = False
db_user = odoo
db_password = False
addons_path = /usr/lib/python2.7/site-packages/odoo/addons

Need to open the port on Firewalld. We create Odoo service that we will enable on the firewall public zone.

# nano /etc/firewalld/services/odoo.xml

<?xml version="1.0" encoding="utf-8"?>
<service>
 <short>Odoo</short>
 <description>
  Open Odoo default port.
 </description>
 <port protocol="tcp" port="8069"/>
</service>

Enable Odoo on public zone ; the –permanent option needs to be the first option for all permanent calls (1). Don’t forget to reload the firewall !

# firewall-cmd --permanent --zone=public --add-service=odoo
# firewall-cmd --reload

Similarly, enable http and https services:

# firewall-cmd --permanent --zone=public --add-service=http
# firewall-cmd --permanent --zone=public --add-service=https
# firewall-cmd --reload

Install and start Fail2ban, then enable services on startup :

# systemctl enable postgresql
# systemctl enable odoo
# systemctl enable fail2ban

And start Odoo again. Connect to Odoo.

A template database

Now we will setup a « template » database. Something with all the basics that we need. Start with security and backup :

Install Letsencrypt and Database Auto-Backup module from OCA’s server tools repository. Download zip from https://github.com/OCA/server-tools/

Setup auto-backup. Test it : make a backup, get it, try to restore.

You will certainly need to increase the time-out on your Odoo server. Beware that as long as you db grows, the backup grows as well. But the heavier part will certainly be the multiples files (images, documents, …) that Odoo will generates for you.

Use Letsencrypt to get an SSL certificate as soon as domains are moved on your server.

Web environment ribbon is a very useful utility for those who works on several Odoo instances. You will got a red ribbon on the top left corner in every page (ribbon name and color can be changed).

Add users, configure company, email servers, etc.

Backup or duplicate your database with Odoo database manager. You will leave your first copy untouched. It will be used as a template. For further installations, just duplicate your template and install everything you need.

If you want a server admin panel

Avoid extra dependencies (PHP, MySQL, …). If you can, choose Perl based or Python based software if possible.

  • Webmin use Perl, it have a lots of modules, is actively developped, but old ;
  • BlueOnyx is built with Java and Perl, based on a product developped by Cobalt, it’s solid but  a bit old ;
  • Ajenti use Python but does only a few things so far, it is recent and light ;
  • A few other ones doesn’t need MySQL, but use PHP.

Accelerate Odoo

Depending on what you need you will configure Postgresql, Odoo and Nginx web server for speed and efficiency.

How-to move Odoo to another server

On the old server Odoo is setup with e-commerce website. On the new server, avoid extra dependencies if Odoo doesn’t need them (web server, php, …).

First steps

  1. keep a TODO-list
  2. create a subdomain, to test your paiement module on the new server
  3. install your ssh-key
  4. install some command-line tools : midnight-commander, nano editor, mlocate, wget, screen, unzip
  5. might want to install a graphical web-server admin. I like Webmin, because it’s well maintained, depends only of Perl and use its own web server.
  6. install a networked resource monitoring tool with graphs output, like Munin (or webminstats if you use Webmin)
  7. install Postgresql, create necessary users and configure it. Refer to Odoo install documentation.
  8. install Odoo, setup Odoo with workers and debug log
  9. stop firewall to access Webmin and Odoo, you will configure the firewall later (TODO list)

Setup Odoo

  1. create a dummy database with all necessary modules, add all modules you had on the old server. Test it (might want to include demo datas to test it extensively — check ‘evaluate Odoo’ when you are creating the database).
  2. test your credit card paiement module
  3. backup your old Odoo database
  4. create a new, empty, database on the new server
  5. restore your old database on the new database. test it extensively
  6. install letsencrypt Odoo module, first install python-pip, then do
    sudo pip install acme-tiny
    sudo pip install IPy
  7. install auto backup odoo module on the new server and test it : do a backup/restore operation. First install python-pip and do
    sudo pip install pysftp
  8. install nginx and set it up
  9. install fail2ban
  10. open necessary ports on the firewall and restart it