Installazione OpenERP 6.1 su Debian

Preparazione del server

Creazione dell’utente openerp che sarà il proprietario dell’applicazione lanciata (per ragioni di sicurezza non è saggio lanciarlo come “root”):

adduser --system --quiet --shell=/bin/bash --home=/opt/openerp --gecos 'OpenERP' --group openerp

Installazione PostgreSQL e configurazione dell’utente openerp come superutente postgres:

apt-get install postgresql

su - postgres -c "createuser -s openerp" 2> /dev/null || true

Installazione delle dipendenze OpenERP

apt-get install blt cpp cpp-4.4 defoma file fontconfig fontconfig-config ghostscript graphviz gsfonts hicolor-icon-theme libart-2.0-2 libatk1.0-0 libatk1.0-data libavahi-client3 libavahi-common-data libavahi-common3 libblas3gf libcairo2 libcdt4 libcgraph5 libcups2 libcupsimage2 libdatrie1 libdb4.7 libdrm-intel1 libdrm-radeon1 libdrm2 libexpat1 libffi5 libfont-freetype-perl libfontconfig1 libfontenc1 libfreetype6 libgd2-noxpm libgfortran3 libgl1-mesa-dri libgl1-mesa-glx libglade2-0 libglib2.0-0 libglib2.0-data libgmp3c2 libgraph4 libgs8 gtk2.0-0 libgtk2.0-bin libgtk2.0-common libgvc5 libgvpr1 libice6 libjasper1 libjbig2dec0 libjpeg62 liblapack3gf liblcms1 libmagic1 libmpfr4 libpango1.0-0 libpango1.0-common libpaper-utils libpaper1 libpathplan4 libpcre3 libpixman-1-0 libpng12-0 libpq5 libsm6 libthai-data libthai0 libtiff4 libutempter0 libxaw7 libxcb-atom1 libxcb-render-util0 libxcb-render0 libxcomposite1 libxcursor1 libxdamage1 libxdot4 libxfixes3 libxfont1 libxft2 libxi6 libxinerama1 libxml2 libxmu6 libxpm4 libxrandr2 libxrender1 libxslt1.1 libxss1 libxt6 libxtst6 libxv1 libxxf86dga1 libxxf86vm1 lsb-release mime-support openssl perl perl-modules postgresql postgresql-8.4 postgresql-client-8.4 postgresql-client-common postgresql-common python python-cairo python-central python-dateutil python-egenix-mxdatetime python-egenix-mxtools python-glade2 python-gobject python-gtk2 python-imaging python-libxml2 python-libxslt1 python-lxml python-matplotlib python-matplotlib-data python-minimal python-numpy python-openssl python-psycopg2 python-pychart python-pydot python-pyparsing python-renderpm python-reportlab python-reportlab-accel python-support python-tk python-tz python2.6 python2.6-minimal sgml-base shared-mime-info ssl-cert tcl8.5 tk8.5 ttf-dejavu-core ttf-liberation ttf-lyx ucf x-ttcidfont-conf x11-common x11-utils xbitmaps xfonts-encodings xfonts-utils xml-core xterm
apt-get install python-dateutil python-feedparser python-gdata python-ldap python-libxslt1 python-lxml python-mako python-openid python-psycopg2 python-pybabel python-pychart python-pydot python-pyparsing python-reportlab python-simplejson python-tz python-vatnumber python-vobject python-webdav python-werkzeug python-xlwt python-yaml python-zsi python-docutils python-psutil bzr wget python-unittest2 python-mock python-jinja2 python-setuptools

Installazione dell’ultimo gdata-python-client dal

tar zxvf gdata-2.0.18.tar.gz
cd gdata-2.0.18/
python install

Installazione OpenERP 6.1 dal tronco launchpad

Scaricamento dell’ultima versione dei file da launchpad mettendole nella cartella /opt/openerp (che è la home dell’utente openerp)

su - openerp
cd /opt/openerp
bzr branch lp:ocb-server/6.1 server
bzr branch lp:ocb-web/6.1 web
bzr branch lp:ocb-addons/6.1 addons
bzr branch lp:aeroolib libaeroo
bzr branch lp:aeroo/openerp6.1.x aeroo


mkdir /etc/openerp/
mkdir /var/log/openerp/
touch /var/log/openerp/openerp-server.log
chown openerp:openerp /var/log/openerp/openerp-server.log
chmod 0640 /var/log/openerp/openerp-server.log

Creazione del file di configurazione pieno:

su - openerp -s /bin/bash -c "/opt/openerp/server/openerp-server -s -c /opt/openerp/openerp-server.conf"
mv /opt/openerp/openerp-server.conf /etc/openerp/openerp-server.conf
chown openerp:openerp /etc/openerp/openerp-server.conf
chmod 0640 /etc/openerp/openerp-server.conf
nano /etc/openerp/openerp-server.conf

e cambiamo il contenuto a secondo delle nostre necessità (esempio):

## Server startup config - Common options
# Admin password for creating, restoring and backing up databases
admin_passwd = lapasswordsuperadmin
# default CSV separator for import and export
csv_internal_sep = ,
# to compress reports
reportgz = False
# disable loading data for modules to be installed (comma-separated, use "all" for all modules)
without_demo = False
# Use this for big data importation, if it crashes you will be able to continue at the current state. Provide a filename to store intermediate importation states.
import_partial = 
# file where the server pid will be stored
pidfile = False
# specify additional addons paths (separated by commas) 
addons_path = /opt/openerp/web/addons,/opt/openerp/addons,/opt/openerp/aeroo
# Comma-separated list of server-wide modules default=web
server_wide_modules = None
## XML-RPC / HTTP - XML-RPC Configuration
# disable the XML-RPC protocol
xmlrpc = True
# Specify the TCP IP address for the XML-RPC protocol. The empty string binds to all interfaces.
xmlrpc_interface =
# specify the TCP port for the XML-RPC protocol
xmlrpc_port = 8069
# Enable correct behavior when behind a reverse proxy
proxy_mode = True
## XML-RPC / HTTPS - XML-RPC Secure Configuration
# disable the XML-RPC Secure protocol
xmlrpcs = True
# Specify the TCP IP address for the XML-RPC Secure protocol. The empty string binds to all interfaces.
xmlrpcs_interface = 
# specify the TCP port for the XML-RPC Secure protocol
xmlrpcs_port = 8071
# specify the certificate file for the SSL connection
secure_cert_file = server.cert
# specify the private key file for the SSL connection
secure_pkey_file = server.pkey
## NET-RPC - NET-RPC Configuration
# enable the NETRPC protocol
netrpc = False
# specify the TCP IP address for the NETRPC protocol
netrpc_interface =
# specify the TCP port for the NETRPC protocol
netrpc_port = 8070
## WEB - Web interface Configuration
# Filter listed database REGEXP
dbfilter = .*
## Static HTTP - Static HTTP service
# enable static HTTP service for serving plain HTML files
static_http_enable = False 
# specify the directory containing your static HTML files (e.g '/var/www/')
static_http_document_root = None
# specify the URL root prefix where you want web browsers to access your static HTML files (e.g '/')
static_http_url_prefix = None
## Testing Group - Testing Configuration
# Launch a YML test file.
test_file = False
# If set, will save sample of all reports in this directory.
test_report_directory = False
# Enable YAML and unit tests.
test_disable = False
# Commit database changes performed by YAML or XML tests.
test_commit = False
## Logging Group - Logging Configuration
# file where the server log will be stored (default = None)
logfile = /var/log/openerp/openerp-server.log
# do not rotate the logfile
logrotate = True
# Send the log to the syslog server
syslog = False
# setup a handler at LEVEL for a given PREFIX. An empty PREFIX indicates the root logger. This option can be repeated. Example: "openerp.orm:DEBUG" or "werkzeug:CRITICAL" (default: ":INFO")
log_handler = ["[':INFO']"]
# specify the level of the logging. Accepted values: info, debug_rpc, warn, test, critical, debug_sql, error, debug, debug_rpc_answer, notset
#log_level = debug
log_level = info
## SMTP Group - SMTP Configuration
# specify the SMTP email address for sending email
email_from = False 
# specify the SMTP server for sending email
smtp_server = localhost 
# specify the SMTP port
smtp_port = 25 
# specify the SMTP server support SSL or not
smtp_ssl = False 
# specify the SMTP username for sending email
smtp_user = False
# specify the SMTP password for sending email
smtp_password = False
## Database related options
# specify the database name
db_name = False
# specify the database user name
db_user = openerp
# specify the database password
db_password = False
# specify the pg executable path
pg_path = None
# specify the database host
db_host = False
# specify the database port
db_port = False
# specify the the maximum number of physical connections to posgresql
db_maxconn = 64
# specify a custom database template to create a new database
db_template = template0
## Internationalisation options
translate_modules = ['all']
## Security-related options
# disable the ability to return the list of databases
list_db = True
## Advanced options - Advanced options
# enable debug mode
debug_mode = False
# specify reference timezone for the server (e.g. Europe/Brussels")
timezone = False
# Force a limit on the maximum number of records kept in the virtual osv_memory tables. The default is False, which means no count-based limit.
osv_memory_count_limit = False 
# Force a limit on the maximum age of records kept in the virtual osv_memory tables. This is a decimal value expressed in hours, and the default is 1 hour.
osv_memory_age_limit = 1.0 
# Maximum number of threads processing concurrently cron jobs (default 2)
max_cron_threads = 4
# Use the unaccent function provided by the database when available.
unaccent = False
## Multiprocessing options
# Specify the number of workers, 0 disable prefork mode.
# Maximum allowed virtual memory per worker, when reached the worker be reset after the current request (default 671088640 aka 640MB)
virtual_memory_reset = 671088640
# Maximum allowed virtual memory per worker, when reached, any memory allocation will fail (default 805306368 aka 768MB)
virtual_memory_limit = 805306368
# Maximum allowed CPU time per request (default 60)
cpu_time_limit = 60
cache_timeout = 100000
assert_exit_level = error
demo = {}
login_message = False

Debian init script

nano /etc/init.d/openerp

con il seguente contenuto:

# Provides:             openerp-server
# Required-Start:       $remote_fs $syslog
# Required-Stop:        $remote_fs $syslog
# Should-Start:         $network
# Should-Stop:          $network
# Default-Start:        2 3 4 5
# Default-Stop:         0 1 6
# Short-Description:    Enterprise Resource Management software
# Description:          Open ERP is a complete ERP and CRM software.

test -x ${DAEMON} || exit 0

set -e

case "${1}" in
                echo -n "Starting ${DESC}: "

                start-stop-daemon --start --quiet --pidfile /var/run/${NAME}.pid \
                        --chuid ${USER} --background --make-pidfile \
                        --exec ${DAEMON} -- --config=${CONFIG} \

                echo "${NAME}."

                echo -n "Stopping ${DESC}: "

                start-stop-daemon --stop --quiet --pidfile /var/run/${NAME}.pid \

                echo "${NAME}."

                echo -n "Restarting ${DESC}: "

                start-stop-daemon --stop --quiet --pidfile /var/run/${NAME}.pid \

                sleep 1

                start-stop-daemon --start --quiet --pidfile /var/run/${NAME}.pid \
                        --chuid ${USER} --background --make-pidfile \
                        --exec ${DAEMON} -- --config=${CONFIG} \

                echo "${NAME}."



                echo "${NAME}."

                echo -n "Stopping ${DESC}: "

                start-stop-daemon --stop --quiet --pidfile /var/run/${NAME}.pid \

                echo "${NAME}."

                echo -n "Restarting ${DESC}: "

                start-stop-daemon --stop --quiet --pidfile /var/run/${NAME}.pid \

                sleep 1

                start-stop-daemon --start --quiet --pidfile /var/run/${NAME}.pid \
                        --chuid ${USER} --background --make-pidfile \
                        --exec ${DAEMON} -- --config=${CONFIG} \

                echo "${NAME}."

                echo "Usage: ${NAME} {start|stop|restart|force-reload}" >&2
                exit 1

exit 0

Configurazione dello script come eseguibile:

chmod +x /etc/init.d/openerp

ed avvio:

/etc/init.d/openerp start

Configurazione come predefinito all’avvio:

update-rc.d openerp defaults

ed il server è reperibile all’indirizzo: http://SERVERIP:8069

NGINX reverse proxy

apt-get install nginx
cd /etc/nginx/
mkdir openerpssl
cd openerpssl

openssl genrsa -des3 -out openerp.pkey 1024
openssl rsa -in openerp.pkey -out openerp.key
openssl req -new -key openerp.key -out openerp.csr
openssl x509 -req -days 365 -in openerp.csr -signkey openerp.key -out openerp.crt

chown root:www-data openerp.crt openerp.key
chmod 640 openerp.crt openerp.key
mkdir /etc/ssl/openerpssl
chown www-data:root /etc/ssl/openerpssl
chmod 710 /etc/ssl/openerpssl
mv openerp.crt openerp.key /etc/ssl/openerpssl/

nano /etc/nginx/sites-available/openerp-net

con il seguente contenuto:

upstream openerpweb {
    server weight=1 fail_timeout=300s;

server {
    listen 80;

    # Strict Transport Security
    add_header Strict-Transport-Security max-age=2592000;

    rewrite ^/.*$ https://$host$request_uri? permanent;

server {
    # server port and name
    listen        443 default;

    # ssl log files
    access_log    /var/log/nginx/ssl-access.log;
    error_log    /var/log/nginx/ssl-error.log;

    # ssl certificate files
    ssl on;
    ssl_certificate /etc/ssl/openerpssl/openerp.crt;
    ssl_certificate_key /etc/ssl/openerpssl/openerp.key;

    # add ssl specific settings
    keepalive_timeout    60;

    # limit ciphers
    ssl_ciphers            HIGH:!ADH:!MD5;
    ssl_protocols            SSLv3 TLSv1;
    ssl_prefer_server_ciphers    on;

    # increase proxy buffer to handle some OpenERP Web client requests
    proxy_buffers 32 128k;
    proxy_buffer_size 256k;

    client_max_body_size 0;

    location / {
        proxy_pass    http://openerpweb;
        # force timeouts if one of backend dies
        proxy_next_upstream error timeout invalid_header http_500 http_502 http_503;

        # set headers
#        proxy_set_header Host $host;
        proxy_set_header Host $http_host;

        proxy_set_header X-Real-IP $remote_addr;

	proxy_set_header X-Forwarded-Host $http_host;

        proxy_set_header X-Forward-For $proxy_add_x_forwarded_for;

        # Let OpenERP Web client known that we're using HTTPS, otherwise
        # it will generate url using http:// and not https://
        proxy_set_header X-Forwarded-Proto https;

        # by default, do not forward anything
        proxy_redirect off;

    # cache some static data in memory for 60mins.
    # under heavy load this will preserve the OpenERP Web client a little bit.
    location ~* ^/(openerp|openobject)/static/ {
        proxy_cache_valid 200 60m;
        proxy_buffering    on;
        expires 864000;
        proxy_pass http://openerpweb;


Creazione dei collegamenti:

ln -s /etc/nginx/sites-available/openerp-net /etc/nginx/sites-enabled/openerp-net

Configurazione ed installazione Aeroo Reports

cd /opt/openerp/libaeroo/aeroolib
python ./ install
aptitude install python-genshi python-cairo python-openoffice python-uno 

nano /etc/init.d/office_init

con il seguente contenuto:

# Provides:          scriptname
# Required-Start:    $remote_fs $syslog
# Required-Stop:     $remote_fs $syslog
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: Start daemon at boot time
# Description:       Enable service provided by daemon.

set -e

case "$1" in
if [ -f $PIDFILE ]; then
echo "OpenOffice headless server has already started."
sleep 5
echo "Starting OpenOffice headless server"
$SOFFICE_PATH -headless -nologo -nofirststartwizard -accept="socket,host=,port=8100;urp" & > /dev/null 2>&1
touch $PIDFILE
if [ -f $PIDFILE ]; then
echo "Stopping OpenOffice headless server."
killall -9 soffice && killall -9 soffice.bin
rm -f $PIDFILE
echo "Openoffice headless server is not running."
echo "Usage: $0 {start|stop}"
exit 1
exit 0

Configurazione dei permessi del file ed avvio:

chmod 0755 /etc/init.d/office_init
update-rc.d office_init defaults
/etc/init.d/office_init start

Configurazione Webkit

apt-get remove wkhtmltopdf 
apt-get install bzip2
cd /tmp
tar xvjf wkhtmltopdf-0.11.0_rc1-static-amd64.tar.bz2
mv wkhtmltopdf-amd64 /usr/local/bin/wkhtmltopdf
chmod +x /usr/local/bin/wkhtmltopdf

Dentro il database OpenERP: Settings -> Customization -> Low Level Objects -> System parameter, definire la chiave (key) con il nome webkit_path ed il valore /usr/local/bin/wkhtmltopdf.