Implementation of ‘Odoo’ Business Software, on a Linux Server

Introduction

The implementation of a comprehensive business software solution is essential for enhancing operational efficiency, streamlining processes, and driving growth within our organization. This document provides a depiction of the implementation of Odoo, a versatile open-source ERP system, on a Linux server. Odoo was selected because of its multi-tenancy capabilities, which support multiple database instances, and its extensive customization options tailored to specific business needs. Odoo's cost-effective pricing plans make it a suitable solution for multi-organizational levels. The implementation process encompasses several key phases: system preparation, installation of necessary dependencies, configuration of PostgreSQL, setup and configuration of Odoo, reinforcement of security measures, implementation of reliable backup and recovery procedures, and the establishment of a monitoring system using Grafana. This systematic approach guarantees the seamless integration of Odoo into the company's infrastructure, offering a dependable and scalable ERP solution.

Justification for Software Choice

Odoo is a comprehensive open-source multi-tenant Enterprise Resource Planning software. It was chosen because a single Odoo system can run and serve multiple database instances. The software is highly customizable, with customizations depending on the "current database," starting from the modules being loaded. When working with the backend (web client) as a logged-in company user, there are no issues as the database can be selected when logged in, and customizations loaded afterward. However, non-logged users (portal, website) pose a challenge, as Odoo needs to know which database should be used to load the website page or perform the operation. If multi-tenancy is not used, there's only one database to use, but if there are multiple accessible databases, Odoo needs a rule to know which one to use. The command "--db-filter" specifies how the database should be selected based on the requested hostname.

?

Odoo offers three different cost options:

1. One APP Free, for employees needing access to a single app with limited resources.

2. The standard account, which starts at $24.90 per user, per month, provides access to all apps and online access.

3. The custom option, starting at $37.40 per user, per month, includes all apps, Odoo Online Access/Odoo.sh**/On-premise, Odoo Studio, Multi-Company, and External API. This option is recommended for upper-level managers and system administrators.

Plan Implementation

System Requirements

Hardware:

CPU: Dual-core Processor (more processors for better performance)

RAM: minimum, 2 GB (4-8GB for better performance)

Storage: minimum; 10 GB of free disk space (20GB+ for better performance), preferably SSD

Reliable internet connection and high-speed internet connection

Software:

OS: Ubuntu 18.04 LTS/later, Debian 9/later, CentOS 7/later

Dependencies: Python 3.6/later, Database, PostgreSQL 10/later

Odoo needs a PostgreSQL server to run properly. The default configuration for the Odoo ‘deb’ package is to use the PostgreSQL server on the same host as the Odoo instance:

$ sudo apt install postgresql -y

Installation Steps

Update:

sudo yum update -y

?

Install EPEL Repository:

sudo yum install epel-release -y

Upgrade:

sudo apt upgrade -y

?

Install Dependencies:

sudo yum install git python3 python3-devel postgresql postgresql-server postgresql-devel wget nodejs npm libxslt-devel bzip2-devel openldap-devel libjpeg-devel freetype-devel -y

?

Init PostgreSQL Database:

sudo postgresql-setup initdb

sudo systemctl start postgresql

sudo systemctl enable postgresql

?

Create PostgreSQL Super User:

sudo su - postgres

createuser --createdb --username postgres --no-createrole --no-superuser --pwprompt odoo

exit

?

Install Wkhtmlopdf:

sudo wget https://github.com/wkhtmltopdf/packaging/releases/download/0.12.6-1/wkhtmltox-0.12.6-1.centos7.x86_64.rpm

sudo yum localinstall wkhtmltox-0.12.6-1.centos7.x86_64.rpm -y

?

Install Odoo Enterprise Repository: This will Require credentials, attained when registering organization's database but, only after entering your subscription code in the banner in the APP dashboard. If the registration is successful, the banner will turn green and display the database expiration date.

sudo mkdir /opt/odoo

sudo chown $USER:$USER /opt/odoo

git clone --depth 1 --branch 14.0 https://github.com/odoo/enterprise.git /opt/odoo/enterprise

?

Install Python Dependencies:

sudo pip3 install -r /opt/odoo/enterprise/requirements.txt

?

Configuration Steps

Initial Configuration:

Create Configuration File:

sudo nano /etc/odoo.conf

?

Within /etc/odoo.conf Configuration file: ?

[options]

admin_passwd = your_admin_password

db_host = False

db_port = False

db_user = odoo

db_password = odoo

addons_path = /opt/odoo/enterprise/addons

logfile = /var/log/odoo/odoo.log

?

Create Log Directory:

sudo mkdir /var/log/odoo

sudo chown odoo: /var/log/odoo

?

Setting Up Odoo Service:

Create a Systemd Service File:

sudo nano /etc/systemd/system/odoo.service

Within /etc/system/system/odoo.service Systemd Services File:

[Unit]

Description=Odoo

Documentation=https://www.odoo.com

[Service]

# Ubuntu/Debian convention:

Type=simple

User=odoo

ExecStart=/usr/bin/python3 /opt/odoo/enterprise/odoo-bin -c /etc/odoo.conf

[Install]

WantedBy=default.target

?

Enable and Start Odoo Service:

sudo systemctl daemon-reload

sudo systemctl enable odoo

sudo systemctl start odoo

?

Customization:

By default, PostgreSQL only allows connections over UNIX sockets and loopback connections (e.g., from "localhost," the same machine the PostgreSQL server is installed on).

When no host is provided, UNIX sockets are used by default, which is suitable if you want Odoo and PostgreSQL to run on the same machine. However, if you want Odoo and PostgreSQL to run on different machines, PostgreSQL will need to listen on network interfaces. In this case, you have two main options:

1. Use an SSH Tunnel: Accept loopback connections and use an SSH tunnel between the machine running Odoo and the one running PostgreSQL. Configure Odoo to connect to its local end of the tunnel.
2. Direct Network Connection: Configure PostgreSQL to listen on the necessary network interfaces and connect directly. Optionally, use SSL/TLS to secure the connection.

User Management:

Configuring Individual Ubuntu Virtual Machine

Update System Packages:

sudo apt update

sudo apt upgrade -y

?

Install Required Dependencies:

sudo apt install git python3 python3-pip build-essential wget nodejs npm libxslt-dev libzip-dev libldap2-dev libsasl2-dev python3-dev libpq-dev -y

Install PostgreSQL:

sudo apt install postgresql postgresql-server-dev-all -y

Initialize PostgreSQL Database:

sudo systemctl start postgresql

sudo systemctl enable postgresql

Create PostgreSQL Users:

sudo su - postgres

createuser --createdb --username postgres --no-createrole --no-superuser --pwprompt odoo

exit

?

Install Wkhtmltopdf:

sudo apt install xvfb libfontconfig wkhtmltopdf -y

?

Clone Odoo Enterprise Repository:

sudo mkdir /opt/odoo

sudo chown $USER:$USER /opt/odoo

git clone --depth 1 --branch 14.0 https://github.com/odoo/enterprise.git /opt/odoo/enterprise

?

Install Python Dependencies:

pip3 install -r /opt/odoo/enterprise/requirements.txt

Create Configuration File:

pip3 install -r /opt/odoo/enterprise/requirements.txt

Within /opt/odoo/enterprise/requirements.txt Configuration File:

[options]

admin_passwd = your_admin_password

db_host = False

db_port = False

db_user = odoo

db_password = odoo

addons_path = /opt/odoo/enterprise/addons

logfile = /var/log/odoo/odoo.log

?

Create Log Directory:

sudo mkdir /var/log/odoo

sudo chown odoo: /var/log/odoo

?

Set Up Odoo Service on Ubuntu individual Virtual Machines

Create a Systemd Service File: (Repeat for each Client)

sudo nano /etc/systemd/system/odoo.service

Within Systemd Service File:

[Unit]

Description=Odoo

Documentation=https://www.odoo.com

[Service]

# Ubuntu/Debian convention:

Type=simple

User=odoo

ExecStart=/usr/bin/python3 /opt/odoo/enterprise/odoo-bin -c /etc/odoo.conf

[Install]

WantedBy=default.target

?

Enable and Start Odoo Service: (Repeat for each Client)

sudo systemctl daemon-reload

sudo systemctl enable odoo

sudo systemctl start odoo

Secure Remote Access: (Repeat for each Client)

sudo apt install openssh-server

sudo systemctl start ssh

sudo systemctl enable ssh

?

Configure SSH for key-based authentication: (Repeat for each Client)

Generate SSH keys on client machine:

ssh-keygen

Copy public key to server:

ssh-copy-id [email protected]

Test SSH Key-Based Authentication:

ssh [email protected]

?

Disable Password authentication: (Repeat for each Client)

sudo nano /etc/ssh/sshd_config

Within /etc/ssh/sshd_config Configuration file:

PasswordAuthentication no

Restart SSH Services:

sudo systemctl restart ssh

?

Configure Firewall: (Repeat for each Client)

o?? sudo ufw allow 8069/tcp

o?? sudo ufw allow 22/tcp

o?? sudo ufw enable

Configure Network Connectivity for Remote Users: (Repeat for each Client)

o?? SSH tunnel from the client machine: ssh -L 8069:localhost:8069 [email protected]

o?? Configuration (shows only databases with the names beginning with ‘mycompany’): < [options] dbfilter = ^mycompany.*$

Network Connectivity:

Configure Firewall: CentOS Server

sudo firewall-cmd --permanent --add-port=8069/tcp

sudo firewall-cmd –reload

Configure Firewall: Ubuntu VM Clients

(Steps taken during User Management section.Do not repeat multiple times on the same client.)

sudo ufw allow 8069/tcp

sudo ufw allow 22/tcp

sudo ufw enable

?

Secure SSH Access: CentOS Server

Disable root login/password authentication: Create configuration file

sudo nano /etc/ssh/sshd_config

Within sshd Configuration File:

PermitRootLogin no

PasswordAuthentication no

Restart SSH Services:

sudo systemctl restart sshd

?

Secure SSH Access: Ubuntu VM Clients

Refer to, Page 13.

Printing Setup:

Install CUPS: CentOS Server

sudo yum install cups

sudo systemctl start cups

sudo systemctl enable cups

Install Printer Drivers:

HP Printers: sudo yum install hplip

Epson: go to Epson website, download and install the appropriate drivers

Configure CUPS: Open Web Browser

Access CUPS web interface: ‘https://192.168.1.10:631’ (Requires, system username/password)

Add the Printers: within CUPS web interface

Go to Administration > Add Printer > Select chosen printer from list of available printers

Share Printers: within CUPS web interface

Go to Printers > Administration > Set Printer Options >

Check the option; Share This Printer

Configure Firewall to Allow CUPS traffic through:

sudo firewall-cmd –permanent –add-port=631/tcp

sudo firewall-cmd –reload

Install CUPS: Ubuntu Clients

sudo apt-get install cups

Access CUPS web interface on Client: https://localhost:631

??????????? Network Printer should be automatically discovered if shared correctly

OS Level Security:

Install and Configure Fail2Ban:

sudo yum install fail2ban -y

Create configuration file for jail settings:

sudo cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local

sudo nano /etc/fail2ban/jail.local

??????????? Enable sshd jail Configuration File:

[sshd]

Enabled = true

Port = ssh

Filter =sshd

Logpath = /var/log/secure

Maxretry = 5

Start and Enable Fail2Ban services:

sudo systemctl enable fail2ban

sudo systemctl start fail2ban

?

Enable SELinux:

sudo setenforce 1

sudo nano /etc/selinux/config

??????????? Inside SELinux Configuration file:

SELINUX=enforcing

?

Regular Updates and Patching:

sudo yum update -y

?

Backup & Recovery

Create the below script to backup process that includes Database and Configuration files:

sudo nano /bin/bash/backup_odoo.sh

# Variables

BACKUP_DIR=”/backups”

BACKUP_DATE=$(date +\%F)

BACKUP_FILE= “${BACKUP_DIR}/ODOO_BACKUP_$backup_date}.SQL”

?

# Perform the database backup

sudo -u postgres pg_dumpall > ${BACKUP_FILE}

?

# Backup the configuration files

sudo cp /etc/odoo.conf ${BACKUP_DIR}/odoo.conf_${BACKUP_DATE}

sudo cp -r /opt/odoo/enterprise ${BACKUP_DIR}/odoo_enterprise_${BACKUP_DATE}

?

# Log the backup process

echo “$(date + ‘%Y-%m-%d %H:%M:%S’) – Backup completed: ${BACKUP_FILE}, /etc/odoo.conf, /opt/odoo/enterprise” >> ${BACKUP_DIR}/backup.log

?

Script to verify latest backups:

#!/bin/bash

# verify_backup.sh

?

# Variables

BACKUP_DIR=“/backups”

LATEST_BACKUP=$(ls -t ${BACKUP_DIR}/odoo_backup_*.sql | head -n 1)

LOG_FILE=“{BACKUP_DIR}/verify_backup.log”

TEMP_DB=“temp_restore_db”

?

# Function to log messages

log_message() {

??????????? echo “$(date +‘%Y-%m-%d %H:%M:%S’ - $1“ >> ${LOG_FILE}

}

?

# Log the start of the verification process

log_message “Starting backup verification process.”

?

# Check if backup file exists

if [ -f “${LATEST_BACKUP}” ]; then

??????????? # Drop the temp database if it exists

??????????? sudo -u postgress psql -c “DROP DATABASE IF EXISTS ${TEMP_DB};”

?

??????????? # Create a new temp database

??????????? sudo -u postgres psql -c “CREATE DATABASE ${TEMP_DB};”

?

??????????? if [ $? -eq 0 ]; then

??????????????????????? log_message “Temporary database ${TEMP_DB} created successfully.”

?

??????????????????????? # Restore the backup to the temp database

??????????????????????? sudo -u postgres psql ${TEMP_DB} < ${LATEST_BACKUP}

?

??????????? ??????????? if [ $? -eq 0]; then

??????????????????????????????????? log_message “Backup ${LATEST_BACKUP} restored successfully to temporary database.”

??????????????????????????????????? sudo -u postgres psql -c “DROP DATABASE ${TEMP_DB};”

??????????????????????????????????? log_message “Temporary database ${TEMP_DB] dropped after verification.”

??????????? ??????????? else

??????????????????????????????????? log_message “Error restoring backup ${LATEST_BACKUP} to temporary database.”

??????????????????????????????????? sudo -u postgres psql -c “DROP DATABASE ${TEMP_DB};”

??????????????????????????????????? log_message “Temporary database ${TEMP_DB} dropped due to restore failure.”

??????????????????????? fi

??????????? else

??????????????????????? log_message “Error creating temporary database ${TEMP_DB}.”

??????????? fi

else

??????????? log_message “No backup file found for verification.”

fi

# Log the end of the verification process

log_message “Backup verification process completed.”

?

Schedule Backup and Verification:

sudo nano /etc/cron.d/odoo_backup

??????????? Within /etc/cron.d/odoo_backup Configuration file:

0 2 * root /etc/cron.d/odoo_backup

?

03 * 0 root /etc/cron.d/odoo_backup

?

Enable verify_backup.sh script as Executable:

sudo chmod +x /etc/cron.d/odoo_backup

Monitoring and Maintenance

Add Grafana Repository:?

sudo apt-get install -y software-properties-common

sudo add-apt-repository "deb https://packages.grafana.com/oss/deb stable main"

sudo apt-get update

?

Install Grafana:

sudo apt-get install grafana -y

Start and Enable Grafana Services:

sudo systemctl start grafana-server

sudo systemctl enable grafana-server

?

Configure Grafana: Access the Grafana web interface via the Default Port

https://192.168.1.10:3000

Components and User Details

Components:

Odoo Enterprise is a suite of business applications covering all business needs, including CRM, e-commerce, accounting, inventory, point of sale, project management, and more. It is built on a modern technology stack and provides a modular architecture, allowing businesses to implement only the modules they need.

o?? Installation Location: /opt/odoo/enterprise

o?? Configuration File: /etc/odoo.conf

o?? Service Management Systemd service file: /etc/system/system/odoo.service

PostgreSQL is a powerful, open-source object-relational database system. It is used as the database backend for Odoo, storing all the application data.

o?? Configuration Files: /var/lib/pgsql/data (CentOS), /etc/postgresql (Ubuntu)

o?? Service Management: ‘systemctl’ (ex. ‘sudo systemctl start postgresql’)

Wkhtmltopdf is an open-source command line tool to render HTML into PDF using the Webkit rendering engine. It is used by Odoo to generate PDF reports.

o?? Installation Location: /usr/local/bin/wkhtmlopdf

CUPS (Common Printing System) is a modular printing system for Unix-like operating systems which allows a computer to act as a print server.

o?? Configuration File: /etc/cups/cupsd.conf

o?? Service Management: sudo systemctl start cups

User Details:

Admin Users: System Administrators have full access to all Odoo modules, system settings, user management, and database management

·???????? Configurations: Access to Odoo backend and frontend, Ability to create and manage other user accounts, Full control over all system configurations

Manager Users: Department Managers w/ access to manage their specific departments

·???????? HR Manager: Access to Employees, Attendance, and Leaves modules

o?? Permissions; Access to Employee, Attendance, and Leaves modules

o?? Configurations; Employee performance dashboard, attendance tracking

·???????? Sales Manager:

o?? Permissions; Access to Sales, CRIM, and Invoicing modules.

o?? Configurations; Custom dashboard w/ sales analytics, access to sales team reports

·???????? Operations Manager:

o?? Permissions; Access to Operations, Manufacturing, and Purchase modules

o?? Configurations; Operations dashboard, production management tools.

Regular Users: Employees w/ limited access to their respective department functions

·???????? HR Assistant:

o?? Permissions; Access to Employee records with limited edit permissions

o?? Configurations; Leave request management, employee onboarding tracking

·???????? Salesperson:

o?? Permissions; Access to sales and CRIM modules with read/write permissions

o?? Configurations; Lead management dashboard, sales pipeline tracking

·???????? Customer Support:

o?? Permissions; Access to Customer Support, Ticketing, and Knowledge Base modules

o?? Ticket management dashboard, customer interaction tools.

Diagrams and Sketches??????????

Network Diagram:

?

User Management Diagram:

Conclusion

The process of deploying Odoo on a Linux server, as detailed in this document, involves a comprehensive setup procedure that begins with system preparation and concludes with the final monitoring phase. Following these steps closely allows the organization to utilize a strong and flexible ERP solution that meets its operational needs and promotes efficiency. The addition of Grafana for monitoring brings an extra layer of reliability, ensuring consistent tracking and maintenance of system performance. This implementation not only addresses current operational needs but also prepares the organization for future growth. Looking ahead, future considerations for growth may include plans such as further customizing Odoo modules to better meet our expanding business requirements, expanding our infrastructure to accommodate increasing demand, and continually improving our security measures. These efforts will establish the foundation for our organization's digital transformation and position us for sustained success in the long term.

?

References

CentOS 8 documentation. CentOS 8 documentation?:: CentOS Docs Site. (n.d.). Retrieved from https://docs.centos.org/en-US/8-docs/

Fail2Ban 0.9.0.dev documentation. Fail2ban Package Documentation. (n.d.). Retrieved from https://fail2ban.readthedocs.io/en/latest/fail2ban.html

Grafana Documentation. Grafana Labs. (n.d.). Retrieved from https://grafana.com/docs/grafana/latest/

PostgreSQL Documentation. PostgreSQL. (n.d.). Retrieved from https://www.postgresql.org/docs/

System configuration. Odoo. (n.d.). Retrieved from https://www.odoo.com/documentation/16.0/administration/on_premise/deploy.html

Ubuntu server documentation. Ubuntu. (n.d.). Retrieved from ?https://ubuntu.com/server/docs

?UncomplicatedFirewall Documentation. Ubuntu wiki. (n.d.). Retrieved from https://wiki.ubuntu.com/UncomplicatedFirewall

WKHTMLTOPDF Documentation. WK<html>TOpdf . (n.d.). Retrieved from https://wkhtmltopdf.org/usage/wkhtmltopdf.txt

Woerner, T. (n.d.). firewalld Documentation. firewalld. Retrieved from ?https://firewalld.org/documentation/