Installing OpenERP 6.1 on Debian

OpenERP 6.1 from trunk

Prepare Debian Squeeze server

Create an openerp user that’s going to be the owner of the application (for secutity reasons is never clever to run external applications as root):

adduser --system --quiet --shell=/bin/bash --home=/opt/openerp --gecos 'OpenERP' --group openerp

Install the PostgreSQL database and set the user openerp as superuser:

apt-get install postgresql
su - postgres -c "createuser -s openerp" 2> /dev/null || true

Install the OpenERP dependencies:

apt-get install blt cpp cpp-4.4 defoma file fontconfig fontconfig-config ghostscript graphviz gsfonts hicolor-icon-theme libart-2.0-2 libatk1.0-0 libatk1.0-data libavahi-client3 libavahi-common-data libavahi-common3 libblas3gf libcairo2 libcdt4 libcgraph5 libcups2 libcupsimage2 libdatrie1 libdb4.7 libdrm-intel1 libdrm-radeon1 libdrm2 libexpat1 libffi5 libfont-freetype-perl libfontconfig1 libfontenc1 libfreetype6 libgd2-noxpm libgfortran3 libgl1-mesa-dri libgl1-mesa-glx libglade2-0 libglib2.0-0 libglib2.0-data libgmp3c2 libgraph4 libgs8 gtk2.0-0 libgtk2.0-bin libgtk2.0-common libgvc5 libgvpr1 libice6 libjasper1 libjbig2dec0 libjpeg62 liblapack3gf liblcms1 libmagic1 libmpfr4 libpango1.0-0 libpango1.0-common libpaper-utils libpaper1 libpathplan4 libpcre3 libpixman-1-0 libpng12-0 libpq5 libsm6 libthai-data libthai0 libtiff4 libutempter0 libxaw7 libxcb-atom1 libxcb-render-util0 libxcb-render0 libxcomposite1 libxcursor1 libxdamage1 libxdot4 libxfixes3 libxfont1 libxft2 libxi6 libxinerama1 libxml2 libxmu6 libxpm4 libxrandr2 libxrender1 libxslt1.1 libxss1 libxt6 libxtst6 libxv1 libxxf86dga1 libxxf86vm1 lsb-release mime-support openssl perl perl-modules postgresql postgresql-8.4 postgresql-client-8.4 postgresql-client-common postgresql-common python python-cairo python-central python-dateutil python-egenix-mxdatetime python-egenix-mxtools python-glade2 python-gobject python-gtk2 python-imaging python-libxml2 python-libxslt1 python-lxml python-matplotlib python-matplotlib-data python-minimal python-numpy python-openssl python-psycopg2 python-pychart python-pydot python-pyparsing python-renderpm python-reportlab python-reportlab-accel python-support python-tk python-tz python2.6 python2.6-minimal sgml-base shared-mime-info ssl-cert tcl8.5 tk8.5 ttf-dejavu-core ttf-liberation ttf-lyx ucf x-ttcidfont-conf x11-common x11-utils xbitmaps xfonts-encodings xfonts-utils xml-core xterm
apt-get install python-dateutil python-feedparser python-gdata python-ldap python-libxslt1 python-lxml python-mako python-openid python-psycopg2 python-pybabel python-pychart python-pydot python-pyparsing python-reportlab python-simplejson python-tz python-vatnumber python-vobject python-webdav python-werkzeug python-xlwt python-yaml python-zsi python-docutils python-psutil bzr wget python-unittest2 python-mock python-jinja2 python-setuptools

Install the last gdata-python-client version from

tar zxvf gdata-2.0.18.tar.gz
cd gdata-2.0.18/
python install

Install OpenERP 6.1 from the launchpad trunk

Download the most recent files from repository and place them in /opt/openerp:

su - openerp
cd /opt/openerp
bzr branch lp:ocb-server/6.1 server
bzr branch lp:ocb-web/6.1 web
bzr branch lp:ocb-addons/6.1 addons
bzr branch lp:aeroolib libaeroo
bzr branch lp:aeroo/openerp6.1.x aeroo


mkdir /etc/openerp/
mkdir /var/log/openerp/
touch /var/log/openerp/openerp-server.log
chown openerp:openerp /var/log/openerp/openerp-server.log
chmod 0640 /var/log/openerp/openerp-server.log

Create the full configuration file:

su - openerp -s /bin/bash -c "/opt/openerp/server/openerp-server -s -c /opt/openerp/openerp-server.conf"
mv /opt/openerp/openerp-server.conf /etc/openerp/openerp-server.conf
chown openerp:openerp /etc/openerp/openerp-server.conf
chmod 0640 /etc/openerp/openerp-server.conf
nano /etc/openerp/openerp-server.conf

and change it to suit your needs, like for example:

## Server startup config - Common options
# Admin password for creating, restoring and backing up databases
admin_passwd = lapasswordsuperadmin
# default CSV separator for import and export
csv_internal_sep = ,
# to compress reports
reportgz = False
# disable loading data for modules to be installed (comma-separated, use "all" for all modules)
without_demo = False
# Use this for big data importation, if it crashes you will be able to continue at the current state. Provide a filename to store intermediate importation states.
import_partial = 
# file where the server pid will be stored
pidfile = False
# specify additional addons paths (separated by commas) 
addons_path = /opt/openerp/web/addons,/opt/openerp/addons,/opt/openerp/aeroo
# Comma-separated list of server-wide modules default=web
server_wide_modules = None
## XML-RPC / HTTP - XML-RPC Configuration
# disable the XML-RPC protocol
xmlrpc = True
# Specify the TCP IP address for the XML-RPC protocol. The empty string binds to all interfaces.
xmlrpc_interface =
# specify the TCP port for the XML-RPC protocol
xmlrpc_port = 8069
# Enable correct behavior when behind a reverse proxy
proxy_mode = True
## XML-RPC / HTTPS - XML-RPC Secure Configuration
# disable the XML-RPC Secure protocol
xmlrpcs = True
# Specify the TCP IP address for the XML-RPC Secure protocol. The empty string binds to all interfaces.
xmlrpcs_interface = 
# specify the TCP port for the XML-RPC Secure protocol
xmlrpcs_port = 8071
# specify the certificate file for the SSL connection
secure_cert_file = server.cert
# specify the private key file for the SSL connection
secure_pkey_file = server.pkey
## NET-RPC - NET-RPC Configuration
# enable the NETRPC protocol
netrpc = False
# specify the TCP IP address for the NETRPC protocol
netrpc_interface =
# specify the TCP port for the NETRPC protocol
netrpc_port = 8070
## WEB - Web interface Configuration
# Filter listed database REGEXP
dbfilter = .*
## Static HTTP - Static HTTP service
# enable static HTTP service for serving plain HTML files
static_http_enable = False 
# specify the directory containing your static HTML files (e.g '/var/www/')
static_http_document_root = None
# specify the URL root prefix where you want web browsers to access your static HTML files (e.g '/')
static_http_url_prefix = None
## Testing Group - Testing Configuration
# Launch a YML test file.
test_file = False
# If set, will save sample of all reports in this directory.
test_report_directory = False
# Enable YAML and unit tests.
test_disable = False
# Commit database changes performed by YAML or XML tests.
test_commit = False
## Logging Group - Logging Configuration
# file where the server log will be stored (default = None)
logfile = /var/log/openerp/openerp-server.log
# do not rotate the logfile
logrotate = True
# Send the log to the syslog server
syslog = False
# setup a handler at LEVEL for a given PREFIX. An empty PREFIX indicates the root logger. This option can be repeated. Example: "openerp.orm:DEBUG" or "werkzeug:CRITICAL" (default: ":INFO")
log_handler = ["[':INFO']"]
# specify the level of the logging. Accepted values: info, debug_rpc, warn, test, critical, debug_sql, error, debug, debug_rpc_answer, notset
#log_level = debug
log_level = info
## SMTP Group - SMTP Configuration
# specify the SMTP email address for sending email
email_from = False 
# specify the SMTP server for sending email
smtp_server = localhost 
# specify the SMTP port
smtp_port = 25 
# specify the SMTP server support SSL or not
smtp_ssl = False 
# specify the SMTP username for sending email
smtp_user = False
# specify the SMTP password for sending email
smtp_password = False
## Database related options
# specify the database name
db_name = False
# specify the database user name
db_user = openerp
# specify the database password
db_password = False
# specify the pg executable path
pg_path = None
# specify the database host
db_host = False
# specify the database port
db_port = False
# specify the the maximum number of physical connections to posgresql
db_maxconn = 64
# specify a custom database template to create a new database
db_template = template0
## Internationalisation options
translate_modules = ['all']
## Security-related options
# disable the ability to return the list of databases
list_db = True
## Advanced options - Advanced options
# enable debug mode
debug_mode = False
# specify reference timezone for the server (e.g. Europe/Brussels")
timezone = False
# Force a limit on the maximum number of records kept in the virtual osv_memory tables. The default is False, which means no count-based limit.
osv_memory_count_limit = False 
# Force a limit on the maximum age of records kept in the virtual osv_memory tables. This is a decimal value expressed in hours, and the default is 1 hour.
osv_memory_age_limit = 1.0 
# Maximum number of threads processing concurrently cron jobs (default 2)
max_cron_threads = 4
# Use the unaccent function provided by the database when available.
unaccent = False
## Multiprocessing options
# Specify the number of workers, 0 disable prefork mode.
# Maximum allowed virtual memory per worker, when reached the worker be reset after the current request (default 671088640 aka 640MB)
virtual_memory_reset = 671088640
# Maximum allowed virtual memory per worker, when reached, any memory allocation will fail (default 805306368 aka 768MB)
virtual_memory_limit = 805306368
# Maximum allowed CPU time per request (default 60)
cpu_time_limit = 60
cache_timeout = 100000
assert_exit_level = error
demo = {}
login_message = False

Debian init script:

nano /etc/init.d/openerp

with similar content:

# Provides:             openerp-server
# Required-Start:       $remote_fs $syslog
# Required-Stop:        $remote_fs $syslog
# Should-Start:         $network
# Should-Stop:          $network
# Default-Start:        2 3 4 5
# Default-Stop:         0 1 6
# Short-Description:    Enterprise Resource Management software
# Description:          Open ERP is a complete ERP and CRM software.

test -x ${DAEMON} || exit 0

set -e

case "${1}" in
                echo -n "Starting ${DESC}: "

                start-stop-daemon --start --quiet --pidfile /var/run/${NAME}.pid \
                        --chuid ${USER} --background --make-pidfile \
                        --exec ${DAEMON} -- --config=${CONFIG} \

                echo "${NAME}."

                echo -n "Stopping ${DESC}: "

                start-stop-daemon --stop --quiet --pidfile /var/run/${NAME}.pid \

                echo "${NAME}."

                echo -n "Restarting ${DESC}: "

                start-stop-daemon --stop --quiet --pidfile /var/run/${NAME}.pid \

                sleep 1

                start-stop-daemon --start --quiet --pidfile /var/run/${NAME}.pid \
                        --chuid ${USER} --background --make-pidfile \
                        --exec ${DAEMON} -- --config=${CONFIG} \

                echo "${NAME}."



                echo "${NAME}."

                echo -n "Stopping ${DESC}: "

                start-stop-daemon --stop --quiet --pidfile /var/run/${NAME}.pid \

                echo "${NAME}."

                echo -n "Restarting ${DESC}: "

                start-stop-daemon --stop --quiet --pidfile /var/run/${NAME}.pid \

                sleep 1

                start-stop-daemon --start --quiet --pidfile /var/run/${NAME}.pid \
                        --chuid ${USER} --background --make-pidfile \
                        --exec ${DAEMON} -- --config=${CONFIG} \

                echo "${NAME}."

                echo "Usage: ${NAME} {start|stop|restart|force-reload}" >&2
                exit 1

exit 0

Set the script as executable:

chmod +x /etc/init.d/openerp

and run the service.

/etc/init.d/openerp start

Set the service as boot default:

update-rc.d openerp defaults

The server is reachable on: http://SERVERIP:8069

NGINX reverse proxy

apt-get install nginx
cd /etc/nginx/
mkdir openerpssl
cd openerpssl

openssl genrsa -des3 -out openerp.pkey 1024
openssl rsa -in openerp.pkey -out openerp.key
openssl req -new -key openerp.key -out openerp.csr
openssl x509 -req -days 365 -in openerp.csr -signkey openerp.key -out openerp.crt

chown root:www-data openerp.crt openerp.key
chmod 640 openerp.crt openerp.key
mkdir /etc/ssl/openerpssl
chown www-data:root /etc/ssl/openerpssl
chmod 710 /etc/ssl/openerpssl
mv openerp.crt openerp.key /etc/ssl/openerpssl/

nano /etc/nginx/sites-available/openerp-net

with a content like:

upstream openerpweb {
    server weight=1 fail_timeout=300s;

server {
    listen 80;

    # Strict Transport Security
    add_header Strict-Transport-Security max-age=2592000;

    rewrite ^/.*$ https://$host$request_uri? permanent;

server {
    # server port and name
    listen        443 default;

    # ssl log files
    access_log    /var/log/nginx/ssl-access.log;
    error_log    /var/log/nginx/ssl-error.log;

    # ssl certificate files
    ssl on;
    ssl_certificate /etc/ssl/openerpssl/openerp.crt;
    ssl_certificate_key /etc/ssl/openerpssl/openerp.key;

    # add ssl specific settings
    keepalive_timeout    60;

    # limit ciphers
    ssl_ciphers            HIGH:!ADH:!MD5;
    ssl_protocols            SSLv3 TLSv1;
    ssl_prefer_server_ciphers    on;

    # increase proxy buffer to handle some OpenERP Web client requests
    proxy_buffers 32 128k;
    proxy_buffer_size 256k;

    client_max_body_size 0;

    location / {
        proxy_pass    http://openerpweb;
        # force timeouts if one of backend dies
        proxy_next_upstream error timeout invalid_header http_500 http_502 http_503;

        # set headers
#        proxy_set_header Host $host;
        proxy_set_header Host $http_host;

        proxy_set_header X-Real-IP $remote_addr;

	proxy_set_header X-Forwarded-Host $http_host;

        proxy_set_header X-Forward-For $proxy_add_x_forwarded_for;

        # Let OpenERP Web client known that we're using HTTPS, otherwise
        # it will generate url using http:// and not https://
        proxy_set_header X-Forwarded-Proto https;

        # by default, do not forward anything
        proxy_redirect off;

    # cache some static data in memory for 60mins.
    # under heavy load this will preserve the OpenERP Web client a little bit.
    location ~* ^/(openerp|openobject)/static/ {
        proxy_cache_valid 200 60m;
        proxy_buffering    on;
        expires 864000;
        proxy_pass http://openerpweb;


Create the symlink to enable the site:

ln -s /etc/nginx/sites-available/openerp-net /etc/nginx/sites-enabled/openerp-net

Configure Aeroo Reports

cd /opt/openerp/libaeroo/aeroolib
python ./ install
aptitude install python-genshi python-cairo python-openoffice python-uno 

nano /etc/init.d/office_init

with a content like:

# Provides:          scriptname
# Required-Start:    $remote_fs $syslog
# Required-Stop:     $remote_fs $syslog
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: Start daemon at boot time
# Description:       Enable service provided by daemon.

set -e

case "$1" in
if [ -f $PIDFILE ]; then
echo "OpenOffice headless server has already started."
sleep 5
echo "Starting OpenOffice headless server"
$SOFFICE_PATH -headless -nologo -nofirststartwizard -accept="socket,host=,port=8100;urp" & > /dev/null 2>&1
touch $PIDFILE
if [ -f $PIDFILE ]; then
echo "Stopping OpenOffice headless server."
killall -9 soffice && killall -9 soffice.bin
rm -f $PIDFILE
echo "Openoffice headless server is not running."
echo "Usage: $0 {start|stop}"
exit 1
exit 0

Configure the permissions, settings and start the service:

chmod 0755 /etc/init.d/office_init
update-rc.d office_init defaults
/etc/init.d/office_init start

Webkit configuration

apt-get remove wkhtmltopdf 
apt-get install bzip2
cd /tmp
tar xvjf wkhtmltopdf-0.11.0_rc1-static-amd64.tar.bz2
mv wkhtmltopdf-amd64 /usr/local/bin/wkhtmltopdf
chmod +x /usr/local/bin/wkhtmltopdf

In the OpenERP database: Settings -> Customization -> Low Level Objects -> System parameter, define the key named webkit_path with value  /usr/local/bin/wkhtmltopdf.