Tutorial Instalasi Odoo 10 Ubuntu 16.04
Instalasi, Konfigurasi, Keamanan, Proxy Nginx, SSL
Login sebagai Root
user@local:~$ ssh root@hostname
Ganti Port SSH
root@alpha:~$ nano /etc/ssh/sshd_config
# What ports, IPs and protocols we listen for
Port 2222
Restart server dan login kembali
root@alpha:~$ reboot now
root@alpha:~$ ssh root@hostname -p2222
Buat user odoo
root@alpha:~$ useradd -d /home/odoo -m odoo -s /bin/bash
root@alpha:~$ passwd odoo
root@alpha:~$ adduser odoo sudo
Tambahkan repository postgres
root@alpha:~$ nano /etc/apt/sources.list
deb http://apt.postgresql.org/pub/repos/apt/ xenial-pgdg main
Download key postgres
root@alpha:~$ wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | sudo apt-key add -
Update dan Upgrade Repository
root@alpha:~$ apt-get update && apt-get upgrade
Install postgres 10
root@alpha:~$ apt-get install postgresql-10
Ganti baris di konfigurasi postgresql.conf
root@alpha:~$ nano /etc/postgresql/10/main/postgresql.conf
Hilangkan comment #
# listen_addresses = 'localhost' ====> listen_addresses = '*'
# password_encryption = on ====> Password_encryption = on
Ganti baris di konfigurasi pg_hba.conf
root@alpha:~$ nano /etc/postgresql/10/main/pg_hba.conf
# "local" is for Unix domain socket connections only
local all all trust
Restart postgresql
root@alpha:~$ /etc/init.d/postgresql restart
Login user postgres; tambahkan akses user odoo untuk postgres
root@alpha:~$ su postgres
postgres@alpha:~$ createuser --createdb --username postgres --no-createrole --pwprompt odoo
Explain the benefits you offer. Don't write about products or services here, write about solutions.Enter password for new role:
Enter it again:
Shall the new role be a superuser? (y/n) y
Exit user postgres
postgres@alpha:~$ exit
Install library python
root@alpha:~$ apt-get install git python-pip python-setuptools python-lxml python-babel python-dateutil python-psycopg2 python-werkzeug python-decorator python-yaml python-pip python-dev python-reportlab python-egenix-mxdatetime python-tz python-pychart python-mako python-pydot python-vobject python-gobject python-yaml python-dateutil python-pychart python-pydot python-webdav python-cherrypy3 python-formencode python-pybabel python-simplejson python-pyparsing python-werkzeug python-xlwt python-glade2 python-matplotlib python-openid python-unittest2 python-psutil python-apipkg python-passlib nginx python-mock python-bs4 python-mechanize python-xlrd python-pandas python-gevent python-boto python-jinja2 python-shapely -y
Install library python tambahan
root@alpha:~$ easy_install xcrun && easy_install pytz && easy_install phonenumbers
Install library python dengan pip
root@alpha:~$ pip install arrow & pip install psycogreen && pip install pdfconv && pip install cachetools && pip install docutils && pip install pypdf && pip install xlsxwriter && pip install pysftp && pip install geojson && pip install pyproj && pip install sodapy && pip install pyopenssl && pip install num2words && pip install oauthlib
Install nodejs
root@alpha:~$ apt-get install nodejs nodejs-legacy node-less && apt-get install npm -y
Install less dengan npm
root@alpha:~$ npm install -g less && npm install -g less-plugin-clean-css
Download odoo 10 terbaru; extract; ganti nama
root@alpha:~$ cd /opt/
root@alpha:~$ wget http://nightly.odoo.com/10.0/nightly/deb/odoo_10.0.latest.tar.gz
root@alpha:~$ tar -xzvf odoo_10.0.latest.tar.gz
root@alpha:~$ mv odoo-yyyymmdd odoo_v10
Buat file link ke odoo server
root@alpha:~$ nano /usr/bin/odoo-server10
#!/bin/sh
cd /opt/odoo_v10
exec /usr/bin/python ./odoo-bin $@
Tambahkan change mode +x
root@alpha:~$ chmod +x /usr/bin/odoo-server10
Konfigurasi nginx untuk listen 80
root@alpha:~$ nano /etc/nginx/sites-available/default
# Tambahkan baris di dalam tag location / di dalam tag server listen 80;
location / {
proxy_pass http://127.0.0.1:8069;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_read_timeout 250;
}
Buat bootable file
root@alpha:~$ nano /etc/init.d/odoo-server10
#!/bin/sh
### BEGIN INIT INFO
# Provides: openerp-server
# Required-Start: $syslog
# Required-Stop: $syslog
# Should-Start: $network
# Should-Stop: $network
# Default-Stop: 0 1 6
# Short-Description: OpenERP Server
# Description: OpenERP is a complete ERP and CRM software.
### END INIT INFO
PROJECT=odoo
PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin/
DAEMON=/usr/bin/odoo-server10
NAME=odoo10
DESC=odoo10
# Specify the user name (Default: openerp).
USER=odoo
# Specify an alternate config file (Default: /etc/openerp-server.conf).
CONFIGFILE=/etc/odoo-server10.conf
# pidfile
PIDFILE=/var/run/$NAME.pid
# Additional options that are passed to the Daemon.
DAEMON_OPTS="-c $CONFIGFILE"
[ -x $DAEMON ] || exit 0
[ -f $CONFIGFILE ] || exit 0
checkpid() {
[ -f $PIDFILE ] || return 1
pid=`cat $PIDFILE`
[ -d /proc/$pid ] && return 0
return 1
}
if [ -f /lib/lsb/init-functions ] || [ -f /etc/gentoo-release ] ; then
do_start() {
start-stop-daemon --start --quiet --pidfile $PIDFILE \
--chuid $USER --background --make-pidfile \
--exec $DAEMON -- $DAEMON_OPTS
RETVAL=$?
sleep 5 # wait for few seconds
return $RETVAL
}
do_stop() {
start-stop-daemon --stop --quiet --pidfile $PIDFILE --oknodo
RETVAL=$?
sleep 2 # wait for few seconds
rm -f $PIDFILE # remove pidfile
return $RETVAL
}
do_restart() {
start-stop-daemon --stop --quiet --pidfile $PIDFILE --oknodo
sleep 2 # wait for few seconds
rm -f $PIDFILE # remove pidfile
start-stop-daemon --start --quiet --pidfile $PIDFILE \
--chuid $USER --background --make-pidfile \
--exec $DAEMON -- $DAEMON_OPTS
RETVAL=$?
sleep 5 # wait for few seconds
return $RETVAL
}
else
do_start() {
$DAEMON $DAEMON_OPTS > /dev/null 2>&1 &
RETVAL=$?
sleep 5 # wait for few seconds
echo $! > $PIDFILE # create pidfile
return $RETVAL
}
do_stop() {
pid=`cat $PIDFILE`
kill -15 $pid
RETVAL=$?
sleep 2 # wait for few seconds
rm -f $PIDFILE # remove pidfile
return $RETVAL
}
do_restart() {
if [ -f $PIDFILE ]; then
do_stop
fi
do_start
return $?
}
fi
start_daemon() {
if [ -f $PIDFILE ]; then
echo "pidfile already exists: $PIDFILE"
exit 1
fi
echo -n "Starting $DESC: "
do_start
checkpid
if [ $? -eq 1 ]; then
rm -f $PIDFILE
echo "failed."
exit 1
fi
echo "done."
}
stop_daemon() {
checkpid
if [ $? -eq 1 ]; then
exit 0
fi
echo -n "Stopping $DESC: "
do_stop
if [ $? -eq 1 ]; then
echo "failed."
exit 1
fi
echo "done."
}
restart_daemon() {
echo -n "Reloading $DESC: "
do_restart
checkpid
if [ $? -eq 1 ]; then
rm -f $PIDFILE
echo "failed."
exit 1
fi
echo "done."
}
status_daemon() {
echo -n "Checking $DESC: "
checkpid
if [ $? -eq 1 ]; then
echo "stopped."
else
echo "running."
fi
}
case "$1" in
start) start_daemon ;;
stop) stop_daemon ;;
restart|force-reload) restart_daemon ;;
status) status_daemon ;;
*)
N=/etc/init.d/$NAME
echo "Usage: $N {start|stop|restart|force-reload|status}" >&2
exit 1
;;
esac
exit 0
# vim: sts=4 st=4 et
# Default-Start: 2 3 4 5
Tambahkan change mode +x
root@alpha:~$ chmod +x /etc/init.d/odoo-server10
Masuk sebagai user odoo
root@alpha:~$ su odoo
Test jalankan file link server manual
odoo@alpha:~$ odoo-server10
# Buka browser Chrome, Mozilla, Safari etc
# masukan link http://ip-address:port
# Contoh http://127.0.0.1:8069
# Jika berhasil log akan seperti berikut
2018-06-28 03:55:02,887 23589 INFO ? odoo: Odoo version 10.0-20180420
2018-06-28 03:55:02,887 23589 INFO ? odoo: addons paths: ['/home/odoo/.local/share/Odoo/addons/10.0', u'/opt/odoo_v10/odoo/addons', u'/opt/odoo_v10/addons']
2018-06-28 03:55:02,887 23589 INFO ? odoo: database: default@default:default
2018-06-28 03:55:02,907 23589 INFO ? odoo.service.server: HTTP service (werkzeug) running on 0.0.0.0:8069
2018-06-28 03:55:14,290 23589 INFO ? odoo.addons.report.models.report: You need Wkhtmltopdf to print a pdf version of the reports.
2018-06-28 03:55:14,681 23589 INFO ? odoo.http: HTTP Configuring static files
2018-06-28 03:55:14,702 23589 INFO database odoo.modules.loading: loading 1 modules...
2018-06-28 03:55:14,747 23589 INFO database odoo.modules.loading: 1 modules loaded in 0.04s, 0 queries
2018-06-28 03:55:14,762 23589 INFO database odoo.modules.loading: loading 12 modules...
2018-06-28 03:55:14,810 23589 INFO database odoo.modules.loading: 12 modules loaded in 0.05s, 0 queries
2018-06-28 03:55:15,087 23589 INFO database odoo.modules.loading: Modules loaded.
2018-06-28 03:55:15,092 23589 INFO database odoo.addons.base.ir.ir_http: Generating routing map
Buat file .conf untuk konfigurasi path addon
# s adalah sintaks untuk membuat file konfigurasi
odoo@alpha:~$ odoo-server10 -sc /tmp/odoo-server10.conf
Pindahkan file konfigurasi /tmp/odoo-server10.conf ke /etc/
odoo@alpha:~$ sudo mv /tmp/odoo-server10.conf /etc/
Download addons anda dari git
odoo@alpha:~$ cd /opt/
odoo@alpha:~$ sudo mkdir addons
odoo@alpha:~$ sudo git clone https://user-anda@bitbucket.org/user-anda/addons10_develop.git
Edit konfigurasi sesuai settingan addons; host; port; worker; etc
odoo@alpha:~$ sudo nano /etc/odoo-server10.conf
#Tambahan path addons lain dibatasi dengan tanda , (koma)
addons_path = /opt/addons/addons10_develop,/opt/odoo_v10/odoo/addons,/opt/odoo_v10/addons
#Ganti password untuk keamanan database anda saat pembuatan melalui browser
admin_passwd = qwery@yuiop
csv_internal_sep = ,
data_dir = /home/odoo/.local/share/Odoo
#Ganti dengan ip address server database anda jika ingin memisahkan antara server aplikasi dan server database
db_host = False
db_maxconn = 64
db_name = False
db_password = False
db_port = False
db_template = template1
db_user = odoo
dbfilter = .*
.......
xmlrpc_interface =
#Ganti port jika ingin menggunakan port lain
xmlrpc_port = 8069
Jalankan server odoo dengan konfigurasi yang sudah dibuat tadi tanpa sintaks s
odoo@alpha:~$ odoo-server10 -c /etc/odoo-server10.conf
# Buka browser Chrome, Mozilla, Safari etc
# masukan link http://ip-address:port
# Contoh http://127.0.0.1:8069
# Jika berhasil log akan seperti berikut ada tambahan path addons dan user akan berubah sesuai settingan
2018-06-28 04:22:04,090 23981 INFO ? odoo: Odoo version 10.0-20180420
2018-06-28 04:22:04,091 23981 INFO ? odoo: Using configuration file at /etc/odoo-server10.conf
2018-06-28 04:22:04,091 23981 INFO ? odoo: addons paths: ['/home/odoo/.local/share/Odoo/addons/10.0', u'/opt/addons/addons10_develop,/opt/odoo_v10/odoo/addons', u'/opt/odoo_v10/addons']
2018-06-28 04:22:04,092 23981 INFO ? odoo: database: odoo@default:default
2018-06-28 04:22:04,112 23981 INFO ? odoo.service.server: HTTP service (werkzeug) running on 0.0.0.0:8069
2018-06-28 04:22:23,666 23981 INFO ? odoo.addons.report.models.report: You need Wkhtmltopdf to print a pdf version of the reports.
2018-06-28 04:22:24,072 23981 INFO ? odoo.http: HTTP Configuring static files
Jalankan server dengan auto bootable
odoo@alpha:~$ sudo service nginx restart
odoo@alpha:~$ sudo service odoo-server10 restart
# Buka browser Chrome, Mozilla, Safari etc
# masukan link tanpa port http://ip-address
# Contoh http://127.0.0.1
2018-06-28 04:22:04,090 23981 INFO ? odoo: Odoo version 10.0-20180420
2018-06-28 04:22:04,091 23981 INFO ? odoo: Using configuration file at /etc/odoo-server10.conf
2018-06-28 04:22:04,091 23981 INFO ? odoo: addons paths: ['/home/odoo/.local/share/Odoo/addons/10.0', u'/opt/addons/addons10_develop,/opt/odoo_v10/odoo/addons', u'/opt/odoo_v10/addons']
2018-06-28 04:22:04,092 23981 INFO ? odoo: database: odoo@default:default
2018-06-28 04:22:04,112 23981 INFO ? odoo.service.server: HTTP service (werkzeug) running on 0.0.0.0:8069
2018-06-28 04:22:23,666 23981 INFO ? odoo.addons.report.models.report: You need Wkhtmltopdf to print a pdf version of the reports.
2018-06-28 04:22:24,072 23981 INFO ? odoo.http: HTTP Configuring static files
Menambahkan tingkat keamanan server dengan ssl
Untuk meningkatkan keamanan server anda tambahkan proxy ssl untuk akses https syaratnya anda sudah memiliki domain dan mengarahkan domain anda ke ip server yang sudah terinstall odoo; SSL bisa anda sewa di penyedia jasa hosting; untuk kali ini saya menggunakan ssl gratis dari https://www.letsencrypt.org/
Login sebagai root
odoo@alpha:~$ sudo su root
Download Free SSL by letsencrypt
root@alpha:~$ git clone https://github.com/letsencrypt/letsencrypt
Cloning into 'letsencrypt'...
remote: Counting objects: 57869, done.
remote: Compressing objects: 100% (85/85), done.
remote: Total 57869 (delta 55), reused 57 (delta 29), pack-reused 57754
Receiving objects: 100% (57869/57869), 18.73 MiB | 1.41 MiB/s, done.
Resolving deltas: 100% (41835/41835), done.
Checking connectivity... done.
Matikan service nginx
root@alpha:~$ service nginx stop
Jalankan letsencrypt-auto
root@alpha:~$ letsencrypt/letsencrypt-auto certonly --standalone
..............
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator standalone, Installer None
Enter email address (used for urgent renewal and security notices) (Enter 'c' to
cancel): email-anda@yahoo.com
..............
-------------------------------------------------------------------------------
Please read the Terms of Service at
https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf. You must
agree in order to register with the ACME server at
https://acme-v01.api.letsencrypt.org/directory
-------------------------------------------------------------------------------
(A)gree/(C)ancel: A
..............
Would you be willing to share your email address with the Electronic Frontier
Foundation, a founding partner of the Let's Encrypt project and the non-profit
organization that develops Certbot? We'd like to send you email about our work
encrypting the web, EFF news, campaigns, and ways to support digital freedom.
-------------------------------------------------------------------------------
(Y)es/(N)o: Y
Please enter in your domain name(s) (comma and/or space separated) (Enter 'c'
to cancel): domain-anda.com www.domain-anda.com
Cek file hasil enkripsi
root@alpha:~$ ls /etc/letsencrypt/live/domain-anda.com
Tambahkan nginx untuk listen 443
root@alpha:~$ nano /etc/nginx/sites-available/default
# Tambahkan baris di dalam tag location / di dalam tag server listen 443;
server {
listen 443 ssl;
ssl_certificate /etc/letsencrypt/live/domain-anda.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/domain-anda.com/privkey.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
root /usr/share/nginx/html;
index index.html index.htm;
# Make site accessible from http://localhost/
server_name localhost;
location / {
proxy_pass http://127.0.0.1:8069;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_read_timeout 250;
}
Menambahkan keamanan dengan firewall ufw
Tingkatkan keamanan server anda dengan mengaktifkan firewall ufw
Cek status firewall
root@alpha:~$ ufw status
Status: inactive
Allow port ssh 2222; 80; 443
root@alpha:~$ ufw allow 2222
root@alpha:~$ ufw allow 80
root@alpha:~$ ufw allow 443
Skipping adding existing rule
Skipping adding existing rule (v6)
Aktifkan firewall
root@alpha:~$ ufw enable
Command may disrupt existing ssh connections. Proceed with operation (y|n)? y
Firewall is active and enabled on system startup
Cek status firewall
root@alpha:~$ ufw status
To Action From
-- ------ ----
22 ALLOW Anywhere
2224 ALLOW Anywhere
80 ALLOW Anywhere
443 ALLOW Anywhere
22 (v6) ALLOW Anywhere (v6)
2224 (v6) ALLOW Anywhere (v6)
80 (v6) ALLOW Anywhere (v6)
443 (v6) ALLOW Anywhere (v6)
Update Hosts
root@alpha:~$ sudo nano /etc/hostname
root@alpha:~$ sudo nano /etc/hosts