odoo:deployment
Odoo 16 - Deployment
Download debian-12.1.0-amd64-netinst.iso
install -m 0755 -d /etc/apt/keyrings curl -fsSL https://download.docker.com/linux/debian/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg chmod a+r /etc/apt/keyrings/docker.gpg
echo \ "deb [arch="$(dpkg --print-architecture)" signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian \ "$(. /etc/os-release && echo "$VERSION_CODENAME")" stable" | \
tee /etc/apt/sources.list.d/docker.list > /dev/null
apt install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin [options] proxy_mode = True limit_memory_hard = 1677721600 limit_memory_soft = 629145600 limit_request = 8192 limit_time_cpu = 600 limit_time_real = 1200 max_cron_threads = 1 workers = 8
addons_path = /mnt/extra-addons data_dir = /var/lib/odoo
driver: local driver_opts: type: none device: /ruta/en/tu/host o: bind
apt install snapd
snap install --classic certbot ln -s /snap/bin/certbot /usr/bin/certbot
apt install nginx
upstream ubills-odoo { server 127.0.0.1:8069; } upstream ubills-odoochat { server 127.0.0.1:8072; } server { server_name u-bills.com; proxy_read_timeout 720s; proxy_connect_timeout 720s; proxy_send_timeout 720s; # Add Headers for odoo proxy mode proxy_set_header X-Forwarded-Host $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Real-IP $remote_addr; # log access_log /var/log/nginx/ubills-odoo.access.log; error_log /var/log/nginx/ubills-odoo.error.log; # Redirect longpoll requests to odoo longpolling port location /longpolling { proxy_pass http://ubills-odoochat; } # Redirect requests to odoo backend server location / { proxy_redirect off; proxy_pass http://ubills-odoo/; } # common gzip gzip_types text/css text/less text/plain text/xml application/xml application/json application/javascript; gzip on; listen 80; }
[Unit] Description=Odoo containers Requires=docker.service After=docker.service [Service] Restart=on-failure ExecStart=/usr/local/bin/docker compose -f /home/odoo/docker-compose.yml up ExecStop=/usr/local/bin/docker compose -f /home/odoo/docker-compose.yml down [Install] WantedBy=default.target
Cerbot installation (SSL certificate generator)
root@odoo:/home/odoo# rm -frv data/* root@odoo:/home/odoo# docker compose up [+] Running 3/3 ✔ Network odoo_default Created 0.2s ✔ Container odoo-db-1 Created 0.7s ✔ Container odoo-web-1 Created 0.4s Attaching to odoo-db-1, odoo-web-1 odoo-db-1 | The files belonging to this database system will be owned by user "postgres". odoo-db-1 | This user must also own the server process. odoo-db-1 | odoo-db-1 | odoo-db-1 | The database cluster will be initialized with locale "en_US.utf8". odoo-db-1 | The default database encoding has accordingly been set to "UTF8". odoo-db-1 | The default text search configuration will be set to "english". odoo-db-1 | odoo-db-1 | Data page checksums are disabled. odoo-db-1 | odoo-db-1 | odoo-db-1 | fixing permissions on existing directory /var/lib/postgresql/data/pgdata ... ok odoo-db-1 | creating subdirectories ... odoo-db-1 | ok odoo-db-1 | selecting dynamic shared memory implementation ... posix odoo-db-1 | selecting default max_connections ... odoo-db-1 | 100 odoo-db-1 | selecting default shared_buffers ... odoo-db-1 | 128MB odoo-db-1 | selecting default time zone ... odoo-db-1 | Etc/UTC odoo-db-1 | creating configuration files ... odoo-db-1 | ok odoo-db-1 | running bootstrap script ... odoo-db-1 | ok odoo-db-1 | performing post-bootstrap initialization ... odoo-db-1 | ok odoo-db-1 | syncing data to disk ... ^CGracefully stopping... (press Ctrl+C again to force) Aborting on container exit... [+] Stopping 2/2 ✔ Container odoo-web-1 Stopped 11.3s ✔ Container odoo-db-1 Stopped 1.4s canceled root@odoo:/home/odoo# docker compose up -d [+] Running 2/2 ✔ Container odoo-db-1 Started 0.8s ✔ Container odoo-web-1 Started 1.8s root@odoo:/home/odoo# down -bash: down: command not found root@odoo:/home/odoo# docker compose down [+] Running 3/3 ✔ Container odoo-web-1 Removed 2.1s ✔ Container odoo-db-1 Removed 7.6s ✔ Network odoo_default Removed 0.4s root@odoo:/home/odoo#
root@odoo:~# apt install snapd Reading package lists... Done Building dependency tree... Done Reading state information... Done The following additional packages will be installed: liblzo2-2 squashfs-tools Suggested packages: zenity | kdialog The following NEW packages will be installed: liblzo2-2 snapd squashfs-tools 0 upgraded, 3 newly installed, 0 to remove and 0 not upgraded. Need to get 15.1 MB of archives. After this operation, 62.0 MB of additional disk space will be used. Do you want to continue? [Y/n] y Get:1 http://ftp.us.debian.org/debian bookworm/main amd64 liblzo2-2 amd64 2.10-2 [56.9 kB] Get:2 http://ftp.us.debian.org/debian bookworm/main amd64 squashfs-tools amd64 1:4.5.1-1 [183 kB] Get:3 http://ftp.us.debian.org/debian bookworm/main amd64 snapd amd64 2.57.6-1+b5 [14.9 MB] Fetched 15.1 MB in 18s (823 kB/s) Selecting previously unselected package liblzo2-2:amd64. (Reading database ... 35560 files and directories currently installed.) Preparing to unpack .../liblzo2-2_2.10-2_amd64.deb ... Unpacking liblzo2-2:amd64 (2.10-2) ... Selecting previously unselected package squashfs-tools. Preparing to unpack .../squashfs-tools_1%3a4.5.1-1_amd64.deb ... Unpacking squashfs-tools (1:4.5.1-1) ... Selecting previously unselected package snapd. Preparing to unpack .../snapd_2.57.6-1+b5_amd64.deb ... Unpacking snapd (2.57.6-1+b5) ... Setting up liblzo2-2:amd64 (2.10-2) ... Setting up squashfs-tools (1:4.5.1-1) ... Setting up snapd (2.57.6-1+b5) ... Created symlink /etc/systemd/system/multi-user.target.wants/snapd.aa-prompt-listener.service → /lib/systemd/system/snapd.aa-prompt-listener.service. Created symlink /etc/systemd/system/multi-user.target.wants/snapd.apparmor.service → /lib/systemd/system/snapd.apparmor.service. Created symlink /etc/systemd/system/multi-user.target.wants/snapd.recovery-chooser-trigger.service → /lib/systemd/system/snapd.recovery-chooser-trigger.service. Created symlink /etc/systemd/system/multi-user.target.wants/snapd.seeded.service → /lib/systemd/system/snapd.seeded.service. Created symlink /etc/systemd/system/cloud-final.service.wants/snapd.seeded.service → /lib/systemd/system/snapd.seeded.service. Unit /lib/systemd/system/snapd.seeded.service is added as a dependency to a non-existent unit cloud-final.service. Created symlink /etc/systemd/system/multi-user.target.wants/snapd.service → /lib/systemd/system/snapd.service. Created symlink /etc/systemd/system/sockets.target.wants/snapd.socket → /lib/systemd/system/snapd.socket. Processing triggers for man-db (2.11.2-2) ... Processing triggers for dbus (1.14.8-2~deb12u1) ... Processing triggers for mailcap (3.70+nmu1) ... Processing triggers for libc-bin (2.36-9+deb12u1) ... root@odoo:~# snap install --classic certbot 2023-09-02T19:47:01-04:00 INFO Waiting for automatic snapd restart... Warning: /snap/bin was not found in your $PATH. If you've not restarted your session since you installed snapd, try doing that. Please see https://forum.snapcraft.io/t/9469 for more details. certbot 2.6.0 from Certbot Project (certbot-eff✓) installed root@odoo:~# ln -s /snap/bin/certbot /usr/bin/certbot root@odoo:~# apt install nginx Reading package lists... Done Building dependency tree... Done Reading state information... Done The following additional packages will be installed: nginx-common Suggested packages: fcgiwrap nginx-doc ssl-cert The following NEW packages will be installed: nginx nginx-common 0 upgraded, 2 newly installed, 0 to remove and 0 not upgraded. Need to get 640 kB of archives. After this operation, 1,696 kB of additional disk space will be used. Do you want to continue? [Y/n] y Get:1 http://ftp.us.debian.org/debian bookworm/main amd64 nginx-common all 1.22.1-9 [112 kB] Get:2 http://ftp.us.debian.org/debian bookworm/main amd64 nginx amd64 1.22.1-9 [527 kB] Fetched 640 kB in 2s (285 kB/s) Preconfiguring packages ... Selecting previously unselected package nginx-common. (Reading database ... 35664 files and directories currently installed.) Preparing to unpack .../nginx-common_1.22.1-9_all.deb ... Unpacking nginx-common (1.22.1-9) ... Selecting previously unselected package nginx. Preparing to unpack .../nginx_1.22.1-9_amd64.deb ... Unpacking nginx (1.22.1-9) ... Setting up nginx-common (1.22.1-9) ... Created symlink /etc/systemd/system/multi-user.target.wants/nginx.service → /lib/systemd/system/nginx.service. Setting up nginx (1.22.1-9) ... Upgrading binary: nginx. Processing triggers for man-db (2.11.2-2) ... root@odoo:~# nano /etc/nginx/sites-enabled/default root@odoo:~# echo "" > /etc/n nanorc netconfig network/ networks nftables.conf nginx/ nsswitch.conf root@odoo:~# echo "" > /etc/nginx/sites-enabled/default root@odoo:~# nano /etc/nginx/sites-enabled/default root@odoo:~# cat /etc/nginx/sites-enabled/default upstream ubills-odoo { server 127.0.0.1:8069; } upstream ubills-odoochat { server 127.0.0.1:8072; } server { server_name u-bills.com; proxy_read_timeout 720s; proxy_connect_timeout 720s; proxy_send_timeout 720s; # Add Headers for odoo proxy mode proxy_set_header X-Forwarded-Host $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Real-IP $remote_addr; # log access_log /var/log/nginx/ubills-odoo.access.log; error_log /var/log/nginx/ubills-odoo.error.log; # Redirect longpoll requests to odoo longpolling port location /longpolling { proxy_pass http://ubills-odoochat; } # Redirect requests to odoo backend server location / { proxy_redirect off; proxy_pass http://ubills-odoo/; } # common gzip gzip_types text/css text/less text/plain text/xml application/xml application/json application/javascript; gzip on; listen 80; } root@odoo:~# nginx -t nginx: the configuration file /etc/nginx/nginx.conf syntax is ok nginx: configuration file /etc/nginx/nginx.conf test is successful root@odoo:~# systemctl restart nginx root@odoo:~# cd /home/odoo/ root@odoo:/home/odoo# docker compose up -d [+] Running 3/3 ✔ Network odoo_default Created 0.2s ✔ Container odoo-db-1 Started 2.1s ✔ Container odoo-web-1 Started 2.4s root@odoo:/home/odoo#
root@odoo:/home/odoo# certbot --nginx Saving debug log to /var/log/letsencrypt/letsencrypt.log Enter email address (used for urgent renewal and security notices) (Enter 'c' to cancel): gm@itclatam.com - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Please read the Terms of Service at https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf. You must agree in order to register with the ACME server. Do you agree? - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - (Y)es/(N)o: y - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Would you be willing, once your first certificate is successfully issued, to share your email address with the Electronic Frontier Foundation, a founding partner of the Let's Encrypt project and the non-profit organization that develops Certbot? We'd like to send you email about our work encrypting the web, EFF news, campaigns, and ways to support digital freedom. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - (Y)es/(N)o: y Account registered. Which names would you like to activate HTTPS for? We recommend selecting either all domains, or all domains in a VirtualHost/server block. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 1: u-bills.com - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Select the appropriate numbers separated by commas and/or spaces, or leave input blank to select all options shown (Enter 'c' to cancel): 1 Requesting a certificate for u-bills.com Successfully received certificate. Certificate is saved at: /etc/letsencrypt/live/u-bills.com/fullchain.pem Key is saved at: /etc/letsencrypt/live/u-bills.com/privkey.pem This certificate expires on 2023-12-01. These files will be updated when the certificate renews. Certbot has set up a scheduled task to automatically renew this certificate in the background. Deploying certificate Successfully deployed certificate for u-bills.com to /etc/nginx/sites-enabled/default Congratulations! You have successfully enabled HTTPS on https://u-bills.com - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - If you like Certbot, please consider supporting our work by: * Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate * Donating to EFF: https://eff.org/donate-le - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - root@odoo:/home/odoo#
root@odoo:/home/odoo# certbot --nginx Saving debug log to /var/log/letsencrypt/letsencrypt.log Enter email address (used for urgent renewal and security notices) (Enter 'c' to cancel): gm@itclatam.com - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Please read the Terms of Service at https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf. You must agree in order to register with the ACME server. Do you agree? - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - (Y)es/(N)o: y - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Would you be willing, once your first certificate is successfully issued, to share your email address with the Electronic Frontier Foundation, a founding partner of the Let's Encrypt project and the non-profit organization that develops Certbot? We'd like to send you email about our work encrypting the web, EFF news, campaigns, and ways to support digital freedom. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - (Y)es/(N)o: y Account registered. Which names would you like to activate HTTPS for? We recommend selecting either all domains, or all domains in a VirtualHost/server block. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 1: u-bills.com - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Select the appropriate numbers separated by commas and/or spaces, or leave input blank to select all options shown (Enter 'c' to cancel): 1 Requesting a certificate for u-bills.com Successfully received certificate. Certificate is saved at: /etc/letsencrypt/live/u-bills.com/fullchain.pem Key is saved at: /etc/letsencrypt/live/u-bills.com/privkey.pem This certificate expires on 2023-12-01. These files will be updated when the certificate renews. Certbot has set up a scheduled task to automatically renew this certificate in the background. Deploying certificate Successfully deployed certificate for u-bills.com to /etc/nginx/sites-enabled/default Congratulations! You have successfully enabled HTTPS on https://u-bills.com - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - If you like Certbot, please consider supporting our work by: * Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate * Donating to EFF: https://eff.org/donate-le - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - root@odoo:/home/odoo# docker compose down [+] Running 3/3
odoo/deployment.txt · Last modified: 2023/09/30 10:40 by aperez