brett.spaulding
/
InstallScript_Odoo
mirror of https://github.com/Yenthe666/InstallScript.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Changed multiple if statements to PROXY_MODE installation

Browse Source
pull/233/head
Carlitos Melgar 6 years ago
parent 43a7f51897
commit 62e3a97fe1
1 changed files with 174 additions and 97 deletions
Show Stats Download Patch File Download Diff File

271
odoo_install.sh
Unescape View File

@ -94,9 +94,9 @@ if [ $INSTALL_WKHTMLTOPDF = "True" ]; then
echo -e "\n---- Install wkhtml and place shortcuts on correct place for ODOO 13 ----\n"
#pick up correct one from x64 & x32 versions:
if [ "$(getconf LONG_BIT)" == "64" ]; then
_url=$WKHTMLTOX_X64
_url=$WKHTMLTOX_X64
else
_url=$WKHTMLTOX_X32
_url=$WKHTMLTOX_X32
fi
sudo wget $_url
sudo gdebi --n "$(basename $_url)"
@ -122,28 +122,28 @@ echo -e "\n---- Installing ODOO Server ----\n"
sudo git clone --depth 1 --branch $OE_VERSION https://www.github.com/odoo/odoo $OE_HOME_EXT/
if [ $IS_ENTERPRISE = "True" ]; then
# Odoo Enterprise install!
# Odoo Enterprise install!
echo -e "\n---- Create symlink for node ----\n"
sudo ln -s /usr/bin/nodejs /usr/bin/node
sudo su $OE_USER -c "mkdir $OE_HOME/enterprise"
sudo su $OE_USER -c "mkdir $OE_HOME/enterprise/addons"
sudo ln -s /usr/bin/nodejs /usr/bin/node
sudo su $OE_USER -c "mkdir $OE_HOME/enterprise"
sudo su $OE_USER -c "mkdir $OE_HOME/enterprise/addons"
GITHUB_RESPONSE=$(sudo git clone --depth 1 --branch $OE_VERSION https://www.github.com/odoo/enterprise "$OE_HOME/enterprise/addons" 2>&1)
while [[ $GITHUB_RESPONSE == *"Authentication"* ]]; do
echo "------------------------WARNING------------------------------"
echo "Your authentication with Github has failed! Please try again."
printf "In order to clone and install the Odoo enterprise version you \nneed to be an offical Odoo partner and you need access to\nhttp://github.com/odoo/enterprise.\n"
echo "TIP: Press ctrl+c to stop this script."
echo "-------------------------------------------------------------"
echo " "
GITHUB_RESPONSE=$(sudo git clone --depth 1 --branch $OE_VERSION https://www.github.com/odoo/enterprise "$OE_HOME/enterprise/addons" 2>&1)
while [[ $GITHUB_RESPONSE == *"Authentication"* ]]; do
echo "------------------------WARNING------------------------------"
echo "Your authentication with Github has failed! Please try again."
printf "In order to clone and install the Odoo enterprise version you \nneed to be an offical Odoo partner and you need access to\nhttp://github.com/odoo/enterprise.\n"
echo "TIP: Press ctrl+c to stop this script."
echo "-------------------------------------------------------------"
echo " "
GITHUB_RESPONSE=$(sudo git clone --depth 1 --branch $OE_VERSION https://www.github.com/odoo/enterprise "$OE_HOME/enterprise/addons" 2>&1)
done
done
echo -e "\n---- Added Enterprise code under $OE_HOME/enterprise/addons ----\n"
echo -e "\n---- Installing Enterprise specific libraries ----\n"
sudo -H pip3 install num2words ofxparse dbfread ebaysdk firebase_admin pyOpenSSL
sudo npm install -g less
sudo npm install -g less-plugin-clean-css
sudo -H pip3 install num2words ofxparse dbfread ebaysdk firebase_admin pyOpenSSL
sudo npm install -g less
sudo npm install -g less-plugin-clean-css
fi
echo -e "\n---- Create custom module directory ----\n"
@ -160,23 +160,23 @@ echo -e "\n---- Creating server config file ----\n"
sudo su root -c "printf '[options] \n; This is the password that allows database operations:\n' >> /etc/${OE_CONFIG}.conf"
if [ $GENERATE_RANDOM_PASSWORD = "True" ]; then
echo -e "\n---- Generating random admin password ----\n"
OE_SUPERADMIN=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 16 | head -n 1)
OE_SUPERADMIN=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 16 | head -n 1)
fi
sudo su root -c "printf 'admin_passwd = ${OE_SUPERADMIN}\n' >> /etc/${OE_CONFIG}.conf"
if [ $OE_VERSION \> "11.0" ]; then
sudo su root -c "printf 'http_port = ${OE_PORT}\n' >> /etc/${OE_CONFIG}.conf"
sudo su root -c "printf 'http_port = ${OE_PORT}\n' >> /etc/${OE_CONFIG}.conf"
else
sudo su root -c "printf 'xmlrpc_port = ${OE_PORT}\n' >> /etc/${OE_CONFIG}.conf"
sudo su root -c "printf 'xmlrpc_port = ${OE_PORT}\n' >> /etc/${OE_CONFIG}.conf"
fi
sudo su root -c "printf 'logfile = /var/log/${OE_USER}/${OE_CONFIG}.log\n' >> /etc/${OE_CONFIG}.conf"
if [ $IS_ENTERPRISE = "True" ]; then
sudo su root -c "printf 'addons_path=${OE_HOME}/enterprise/addons,${OE_HOME_EXT}/addons\n' >> /etc/${OE_CONFIG}.conf"
sudo su root -c "printf 'addons_path=${OE_HOME}/enterprise/addons,${OE_HOME_EXT}/addons\n' >> /etc/${OE_CONFIG}.conf"
else
sudo su root -c "printf 'addons_path=${OE_HOME_EXT}/addons,${OE_HOME}/custom/addons\n' >> /etc/${OE_CONFIG}.conf"
sudo su root -c "printf 'addons_path=${OE_HOME_EXT}/addons,${OE_HOME}/custom/addons\n' >> /etc/${OE_CONFIG}.conf"
fi
sudo chown $OE_USER:$OE_USER /etc/${OE_CONFIG}.conf
@ -266,82 +266,109 @@ sudo chown root: /etc/init.d/$OE_CONFIG
echo -e "\n---- Start ODOO on Startup ----\n"
sudo update-rc.d $OE_CONFIG defaults
#--------------------------------------------------
# Install Nginx if needed
#--------------------------------------------------
if [ $INSTALL_NGINX = "True" ]; then
echo -e "\n---- Installing and setting up Nginx ----"
#-----------------------------------------------------------------------
# PROXY_MODE != PROXY_NONE (Nginx will be install to port 80 and/or 443)
#-----------------------------------------------------------------------
if [ $PROXY_MODE != "PROXY_NONE" ]; then
echo -e "\n---- Installing and setting up Nginx ----\n"
sudo apt install nginx -y
cat <<EOF > ~/odoo
server {
listen 80;
# set proper server name after domain set
server_name $WEBSITE_NAME;
# Add Headers for odoo proxy mode
proxy_set_header X-Forwarded-Host \$host;
proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto \$scheme;
proxy_set_header X-Real-IP \$remote_addr;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
proxy_set_header X-Client-IP \$remote_addr;
proxy_set_header HTTP_X_FORWARDED_HOST \$remote_addr;
# odoo log files
access_log /var/log/nginx/$OE_USER-access.log;
error_log /var/log/nginx/$OE_USER-error.log;
# increase proxy buffer size
proxy_buffers 16 64k;
proxy_buffer_size 128k;
proxy_read_timeout 900s;
proxy_connect_timeout 900s;
proxy_send_timeout 900s;
# force timeouts if the backend dies
proxy_next_upstream error timeout invalid_header http_500 http_502
http_503;
types {
text/less less;
text/scss scss;
}
# enable data compression
gzip on;
gzip_min_length 1100;
gzip_buffers 4 32k;
gzip_types text/css text/less text/plain text/xml application/xml application/json application/javascript application/pdf image/jpeg image/png;
gzip_vary on;
client_header_buffer_size 4k;
large_client_header_buffers 4 64k;
client_max_body_size 0;
location / {
proxy_pass http://127.0.0.1:$OE_PORT;
# by default, do not forward anything
proxy_redirect off;
}
location /longpolling {
proxy_pass http://127.0.0.1:$LONGPOLLING_PORT;
cat <<EOF >~/odoo
upstream odoo {
server 127.0.0.1:$OE_PORT;
}
location ~* .(js|css|png|jpg|jpeg|gif|ico)$ {
expires 2d;
proxy_pass http://127.0.0.1:$OE_PORT;
add_header Cache-Control "public, no-transform";
}
# cache some static data in memory for 60mins.
location ~ /[a-zA-Z0-9_-]*/static/ {
proxy_cache_valid 200 302 60m;
proxy_cache_valid 404 1m;
proxy_buffering on;
expires 864000;
proxy_pass http://127.0.0.1:$OE_PORT;
upstream odoochat {
server 127.0.0.1:$LONGPOLLING_PORT;
}
$(
if [ "$PROXY_MODE" = "PROXY_HTTP" ]; then
echo "# PROXY MODE USES HTTP"
echo " server {"
echo " listen 80;"
echo " server_name "$WEBSITE_NAME";"
fi
if [ "$PROXY_MODE" = "PROXY_LETSENCRYPT" ]; then
echo "# PROXY MODE USES LETSENCRYPT"
echo " server {"
echo " listen 80;"
echo " server_name "$WEBSITE_NAME";"
echo " "
echo " rewrite ^(.*) https://\$host\$1 permanent;"
echo " }"
echo " "
echo " server {"
echo " listen 443 ssl http2;"
echo " server_name "$WEBSITE_NAME";"
echo " "
echo " include snippets/ssl.conf;"
echo " include snippets/letsencrypt.conf;"
fi
)
# Add Headers for odoo proxy mode
proxy_set_header X-Forwarded-Host \$host;
proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto \$scheme;
proxy_set_header X-Real-IP \$remote_addr;
proxy_set_header X-Client-IP \$remote_addr;
proxy_set_header HTTP_X_FORWARDED_HOST \$remote_addr;
# odoo log files
access_log /var/log/nginx/$OE_USER-access.log;
error_log /var/log/nginx/$OE_USER-error.log;
# increase proxy buffer size
proxy_buffers 16 64k;
proxy_buffer_size 128k;
proxy_read_timeout 900s;
proxy_connect_timeout 900s;
proxy_send_timeout 900s;
# force timeouts if the backend dies
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503;
types {
text/less less;
text/scss scss;
}
# enable data compression
gzip on;
gzip_min_length 1100;
gzip_buffers 4 32k;
gzip_types text/css text/scss text/less text/plain text/xml application/xml application/json application/javascript application/pdf image/jpeg image/png;
gzip_vary on;
client_header_buffer_size 4k;
large_client_header_buffers 4 64k;
client_max_body_size 0;
location / {
proxy_pass http://odoo;
proxy_redirect off; # by default, do not forward anything
}
location /longpolling {
proxy_pass http://odoochat;
}
location ~* .(js|css|png|jpg|jpeg|gif|ico)$ {
expires 2d;
proxy_pass http://odoo;
add_header Cache-Control "public, no-transform";
}
# cache some static data in memory for 60mins.
location ~ /[a-zA-Z0-9_-]*/static/ {
proxy_cache_valid 200 302 60m;
proxy_cache_valid 404 1m;
proxy_buffering on;
expires 864000;
proxy_pass http://odoo;
}
}
EOF
@ -358,12 +385,59 @@ fi
# Enable ssl with certbot
#--------------------------------------------------
if [ $INSTALL_NGINX = "True" ] && [ $ENABLE_SSL = "True" ] && [ $ADMIN_EMAIL != "odoo@example.com" ] && [ $WEBSITE_NAME != "_" ];then
if [ $PROXY_MODE = "PROXY_LETSENCRYPT" ] && [ $ADMIN_EMAIL != "odoo@example.com" ] && [ $WEBSITE_NAME != "_" ]; then
echo -e "\n---- Installing and setting up Cerbot ----\n"
sudo add-apt-repository ppa:certbot/certbot -y && sudo apt-get update -y
sudo apt-get install python-certbot-nginx -y
echo -e "\n---- Generating dhparam ----\n"
sudo openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048
sudo mkdir -p /var/lib/letsencrypt/.well-known
sudo chgrp www-data /var/lib/letsencrypt
sudo chmod g+s /var/lib/letsencrypt
echo -e "\n---- Wrting snippets: ssl.conf + letsencrypt.conf ----\n"
cat <<EOF >/etc/nginx/snippets/ssl.conf
ssl_dhparam /etc/ssl/certs/dhparam.pem;
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:50m;
ssl_session_tickets off;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS';
ssl_prefer_server_ciphers on;
ssl_stapling on;
ssl_stapling_verify on;
resolver 8.8.8.8 8.8.4.4 valid=300s;
resolver_timeout 30s;
add_header Strict-Transport-Security "max-age=15768000; includeSubdomains; preload" always;
add_header X-Frame-Options SAMEORIGIN;
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
EOF
cat <<EOF >/etc/nginx/snippets/letsencrypt.conf
location ^~ /.well-known/acme-challenge/ {
allow all;
root /var/lib/letsencrypt/;
default_type "text/plain";
try_files \$uri =404;
}
EOF
echo -e "\n---- Generating and installing SSL certificates ----\n"
sudo certbot --nginx -d $WEBSITE_NAME --noninteractive --agree-tos --email $ADMIN_EMAIL --redirect
sudo service nginx reload
echo -e "\n---- SSL/HTTPS is enabled! ----\n"
echo -e "\n---- Updating cron job to renew certificate ----\n"
sudo sed -i 's/43200/3600/g' /etc/cron.d/certbot
sudo sed -i 's/-q renew/-q renew --renew-hook "systemctl reload nginx"/g' /etc/cron.d/certbot
else
echo -e "\n---- SSL/HTTPS isn't enabled due to choice of the user or because of a misconfiguration! ----\n"
fi
@ -381,6 +455,9 @@ echo "Password superadmin (database): $OE_SUPERADMIN"
echo "Start Odoo service: sudo service $OE_CONFIG start"
echo "Stop Odoo service: sudo service $OE_CONFIG stop"
echo "Restart Odoo service: sudo service $OE_CONFIG restart"
if [ $PROXY_MODE != "PROXY_NONE" ]; then
echo -e "\n---- Nginx configuration file: /etc/nginx/sites-available/odoo ----\n"
else
echo -e "\n---- Nginx was not installed because PROXY_MODE is PROXY_NONE ----\n"
fi
echo "-----------------------------------------------------------"

Write Preview
Loading…
Cancel
Save