ODOO (Open ERP) AWS setup notes for your unforeseen startup


Setup ODOO on EC2 & RDS (Insecure)


Go to https://www.odoo.com and make sure you understand the needs for an ERP system at your startup. I would advice that you evaluate the pros & cons for using an ERP before jumping into this bureaucratic complication.

Security is prime and make sure you realize that I have not covered any aspect of securing the instance or the application here.
1. Intallation pre-requisites

a. Initialize a RDS PostgreSql service on AWS.

b. Initialize an EC2 instance with Amazon Linux in the same security group as RDS

yum install git libtool zlib devel automake pkgconfig gcc c++ curl make gcc-c++ libxml2-devel rsync
yum install openldap-devel libjpeg-devel python-devel vim
yum -y install babel libxslt-python pyparsing python-dateutil python-decorator python-docutils python-feedparser python-imaging python-jinja2 python-ldap python-lxml python-mako python-mock python-openid python-passlib python-psutil python-psycopg2 python-reportlab python-requests python-simplejson python-unittest2 python-vobject python-werkzeug python-yaml pytz
yum install icu xorg-x11-fonts-75dpi freetype freetype-devel 

> Setup Node
yum install nodejs npm
npm install -g less less-plugin-clean-css
ln -s /usr/local/bin/lessc /usr/bin/lessc
ln -s /usr/bin/nodejs /usr/bin/node

> CentOS 6
yum localinstall http://yum.postgresql.org/9.3/redhat/rhel-6-x86_64/pgdg-centos93-9.3-1.noarch.rpm
wget https://bitbucket.org/wkhtmltopdf/wkhtmltopdf/downloads/wkhtmltox-0.13.0-alpha-7b36694_linux-centos6-amd64.rpm
rpm -ivh wkhtmltox-0.13.0-alpha-7b36694_linux-centos6-amd64.rpm

> CentOS 7
yum localinstall https://yum.postgresql.org/9.3/redhat/rhel-7-x86_64/pgdg-redhat93-9.3-3.noarch.rpm
wget http://download.gna.org/wkhtmltopdf/0.12/
rpm -Uvh wkhtmltox-

yum install postgresql93-contrib postgresql93-devel postgresql93-plpython27
Now lets get the odoo source on the machine to start the setup
git clone https://github.com/odoo/odoo.git
Go to your odoo directory and install the python packages
easy_install -U setuptools
easy_install pip
pip install -r requirements.txt

2. Create a config file openerp-server.conf with the below content

; This is the password that allows database operations:
; admin_passwd = admin
db_host = admindb.xxxxxxx.us-west-2.rds.amazonaws.com
db_port = 5432
db_user = admin
db_password = admin123
addons_path = /usr/lib/python2.7/dist-packages/openerp/addons
logfile = /tmp/odoo-server.log
xmlrpc_port = 8069

Setup a RDS with postgres database server

psql -h admindb.xxxxxxx.us-west-2.rds.amazonaws.com -U admin admindb


3. Run the server with the configurations

chown -R ec2-user odoo 
./odoo-bin --addons-path=addons --config=openerp-server.conf

4. Configure the EC2 Instance

a.) IP routing on the instance. Not secure, but will provide the basic routing to start your system.

iptables -t nat -A OUTPUT -p tcp -d ec2-xxx-xxx-xxx-xxx.us-west-2.compute.amazonaws.com --dport 80 -j REDIRECT --to-port 8069
iptables -t nat -I PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-ports 8069
Make sure you verify the iptables. 
sudo iptables -t nat -L -v

target prot opt source destination
REDIRECT tcp -- anywhere anywhere tcp dpt:http redir ports 8069
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
REDIRECT tcp -- anywhere ip-xxx-xxx-xxx-xxx.us-west-2.compute.internal tcp dpt:http redir ports 8069
target prot opt source destination


b.) Security group config for port 80. Add exception for incoming HTTP traffic
5. Run the ODOO server as a service

echo "Killing any previous instance of odoo"
ps ax | grep odoo | grep -v grep | awk '{print $1}' | xargs sudo kill
echo "Starting the Odoo server"
nohup ./odoo-bin --addons-path=addons --config=openerp-server.conf -d oodb -u all &> /dev/null & disown
echo "Conf : ~/odoo/odoo/openerp-server.conf"
echo "Log : tail -f /tmp/odoo-server.log"

6. Login as admin / admin

Express setup for worlds most advanced PostgreSQL 9.3 server on a CentOS-6.5 x64 instance

Setup a PostgreSQL 9.3 database on CentOS 6.5 Server


Worlds most advanced database is a killer punchline though.

Assuming you are a root user and looking for just the command that will get you through the installation.
  - CentOS 6.5 x64 ISO minimal installation 
    Download Link: https://www.centos.org/download 
  - I prefer to install most of the dev dependencies beforehand via 
    $ sudo yum groupinstall 'Development Tools'

1. Create a User
   $ adduser postgres
   $ passwd postgres

2. Add this user to the sudoers list
   $ vim /etc/sudoers
   postgres ALL=(ALL)    ALL
3. Get the postgres repo for installation
   $ yum localinstall http://yum.postgresql.org/9.3/redhat/rhel-6-x86_64/pgdg-centos93-9.3-1.noarch.rpm
     yum localinstall https://yum.postgresql.org/9.3/redhat/rhel-7-x86_64/pgdg-redhat93-9.3-3.noarch.rpm
   $ yum list postgres*
   $ yum install postgresql93-server

4. Data folder is at the location
   $ ls /var/lib/pgsql/9.3/
5. Make this run as a service 
   $ service postgresql-9.3 initdb
     /usr/pgsql-9.3/bin/pg_ctl init -D /var/lib/pgsql/9.3/data/ -o --pwprompt -U postgres
     /usr/pgsql-9.3/bin/initdb --pgdata=/var/lib/pgsql/9.3/data/ -W -U postgres
   $ chkconfig postgresql-9.3 on
6. Control commands for the server
   $ service postgresql-9.3 start
     /usr/pgsql-9.3/bin/pg_ctl -D /var/lib/pgsql/9.3/data -l logfile start
   $ service postgresql-9.3 stop
     /usr/pgsql-9.3/bin/pg_ctl -D /var/lib/pgsql/9.3/data -l logfile stop
   $ service postgresql-9.3 restart
7. Change to user postgres for accessing the database through psql client
   $ su postgres
   $ psql

8. Modify the IPv4 access to this machine,
   by editing "/var/lib/pgsql/9.3/data/pg_hba.conf"

   host    all             all               md5
   host    all             all             md5
   host    all             all                  ident

9. Modify the service host to listen for all external clients
   by editing "/var/lib/pgsql/9.3/data/postgresql.conf"

   listen_addresses = '*'

10. Update the iptables policy for database server access
   $ vim /etc/sysconfig/iptables
     -A INPUT -m state --state NEW -m tcp -p tcp --dport 5432 -j ACCEPT
   $ service iptables restart
   $ service iptables restart 
   Diagnostics for port forwarding. The DB server is unreachable hence switching the firewall OFF
   $ netstat -nlp | grep 5432
   $ sudo service iptables save
   $ sudo service iptables stop
   $ chkconfig iptables off

11. Update the password of the default user postgres. 
   This is done by logging in via the localhost psql client as above via default postgres user. 
   postgres# GRANT ALL privileges ON database postgres TO postgres; 
   postgres# ALTER USER postgres WITH password 'postgres'; 

   This will allow password based authentication via user postgres. 
   Verification can be done by attempting access as below: 
   $ psql -h -U postgres -d postgres

Direct Reference : https://wiki.postgresql.org/wiki/YUM_Installation

Universal Database Manager: http://dbeaver.jkiss.org

In case the YUM repository is not set properly use the relevant EPEL repo 

## RHEL/CentOS 7 64-Bit ##
# wget http://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-8.noarch.rpm
# rpm -ivh epel-release-7-5.noarch.rpm
## RHEL/CentOS 6 64-Bit ##
# wget http://download.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
# rpm -ivh epel-release-6-8.noarch.rpm




A quick way to have a portable version running on windows locally is mentioned below,

Donwload: http://www.enterprisedb.com/products-services-training/pgbindownload

Extract the archive into a folder at “C:/Dev/pgsql”

Init: "C:/Dev/pgsql/bin\pg_ctl" -D  "C:/Dev/pgsql/data" initdb
Start: "C:/Dev/pgsql/bin\pg_ctl" -D "C:/Dev/pgsql/data" -l logfile start
Stop: "C:/Dev/pgsql/bin\pg_ctl" -D "C:/Dev/pgsql/data" -l logfile stop
Connect: "C:/Dev/pgsql/bin\psql" -U postgres

You can initially connect to database postgres, and later use the following to have a new user created with privilege on a db

CREATE USER postgres WITH PASSWORD 'postgres';