Mục Lục
- 1 Step 1 — Configuring the Firewall
- 2 Step 2 — Configuring Locales
- 3 Step 3 — Installing MariaDB
- 4 Step 4 — Configuring MariaDB for ERPNext
- 5 Step 5 — Setting Up ERPNext 12
- 6 Step 6 — Installing Frappe Bench CLI
- 7 Step 7 — Installing the ERPNext 12 Web Application
- 8 Step 8 — Setting Up ERPNext 12 For Production
Step 1 — Configuring the Firewall
sudo ufw allow 22,25,143,80,443,3306,8000/tcp
sudo ufw enable
sudo ufw status
Step 2 — Configuring Locales
sudo apt update
sudo localectl set-keymap us && sudo localectl set-locale LANG=en_US.utf8
sudo nano /etc/environment
Now add the following content:
LC_ALL=en_US.UTF-8
LC_CTYPE=en_US.UTF-8
LANG=en_US.UTF-8
Save and close the file.
Reboot your server to apply all changes:
sudo reboot
Step 3 — Installing MariaDB
sudo apt install mariadb-server
sudo apt install python3-mysqldb libmysqlclient-dev
Setup MariaDB first time:
sudo mysql_secure_installation
Creating a MariaDB Super Admin User
sudo mysql -u root -p
Now create a new database named after the user you want to assign for MariaDB connections. This tutorial will use soncq
but you can choose a different name:
CREATE DATABASE soncq;
Now create the MariaDB user soncq
with privileges similar to root and then give the user a strong password of your choice. Keep the password in a secure place; you will need it later:
GRANT ALL PRIVILEGES ON *.* TO 'soncq'@'%' IDENTIFIED BY 'p@ssw0rd' WITH GRANT OPTION;
Now confirm both the user creation and the new user’s privileges:
SELECT host, user, Super_priv FROM mysql.user;
---------------------------------
Output
+-----------+-------+------------+
| Host | User | Super_priv |
+-----------+-------+------------+
| localhost | root | Y |
| localhost | mysql | Y |
| % | soncq | Y |
+-----------+-------+------------+
3 rows in set (0.001 sec)
And then:
FLUSH PRIVILEGES;
exit
Step 4 — Configuring MariaDB for ERPNext
Stop MariaDB
sudo systemctl stop mariadb
Create a MariaDB configuration
sudo nano /etc/mysql/mariadb.conf.d/mariadb.cnf
Now add the following content:
[mysqld]
# GENERAL #
user = mysql
default-storage-engine = InnoDB
socket = /var/lib/mysql/mysql.sock
pid-file = /var/lib/mysql/mysql.pid
# MyISAM #
key-buffer-size = 32M
myisam-recover = FORCE,BACKUP
# SAFETY #
max-allowed-packet = 256M
max-connect-errors = 1000000
innodb = FORCE
# DATA STORAGE #
datadir = /var/lib/mysql/
# BINARY LOGGING #
log-bin = /var/lib/mysql/mysql-bin
expire-logs-days = 14
sync-binlog = 1
# REPLICATION #
server-id = 1
# CACHES AND LIMITS #
tmp-table-size = 32M
max-heap-table-size = 32M
query-cache-type = 0
query-cache-size = 0
max-connections = 500
thread-cache-size = 50
open-files-limit = 65535
table-definition-cache = 4096
table-open-cache = 10240
# INNODB #
innodb-flush-method = O_DIRECT
innodb-log-files-in-group = 2
innodb-log-file-size = 512M
innodb-flush-log-at-trx-commit = 1
innodb-file-per-table = 1
innodb-buffer-pool-size = 5462M
innodb-file-format = barracuda
innodb-large-prefix = 1
collation-server = utf8mb4_unicode_ci
character-set-server = utf8mb4
character-set-client-handshake = FALSE
max_allowed_packet = 256M
# LOGGING #
log-error = /var/lib/mysql/mysql-error.log
log-queries-not-using-indexes = 0
slow-query-log = 1
slow-query-log-file = /var/lib/mysql/mysql-slow.log
# CONNECTIONS #
pid-file = /var/run/mysqld/mysqld.pid
socket = /var/run/mysqld/mysqld.sock
bind-address = 0.0.0.0
[mysql]
default-character-set = utf8mb4
[mysqldump]
max_allowed_packet=256M
Start MariaDB
sudo systemctl start mariadb
sudo systemctl enable mariadb
Step 5 — Setting Up ERPNext 12
Install system-wide dependencies using the following command:
sudo apt install -y curl build-essential python3-testresources python3-setuptools python3-dev libffi-dev python3-pip libcurl4 dnsmasq fontconfig git htop libcrypto++-dev libfreetype6-dev liblcms2-dev libwebp-dev libxext6 libxrender1 libxslt1-dev libxslt1.1 libffi-dev ntpdate postfix python3-dev python-tk screen vim xfonts-75dpi xfonts-base zlib1g-dev apt-transport-https libsasl2-dev libldap2-dev libcups2-dev pv libjpeg8-dev libtiff5-dev tcl8.6-dev tk8.6-dev libdate-manip-perl logwatch
Next, update pip3
, which is Python’s standard package manager, and then install the latest versions of three additional Python modules:
sudo -H python3 -m pip install --upgrade setuptools cryptography psutil
Setting Up Node.js and Yarn
Add the NodeSource repository to your system:
curl -sL https://deb.nodesource.com/setup_12.x -o nodesource_setup.sh
Now you can inspect the contents of the downloaded script:
sudo nano nodesource_setup.sh
Once you are satisfied with the script’s contents you can run the script:
sudo bash nodesource_setup.sh
This script will automatically update the apt
list. Now you can install nodejs
on your server:
sudo apt install nodejs
Next, install yarn
globally using the npm
package manager:
sudo npm install -g yarn
Now that you have installed Node you can continue to configure wkhtmltopdf
for your platform.
cd /tmp
wget https://github.com/wkhtmltopdf/wkhtmltopdf/releases/download/0.12.5/wkhtmltox_0.12.5-1.bionic_amd64.deb
sudo dpkg -i wkhtmltox_0.12.5-1.bionic_amd64.deb
sudo cp /usr/local/bin/wkhtmlto* /usr/bin/
sudo chmod a+x /usr/bin/wk*
Installing Redis
sudo apt install redis-server
sudo systemctl enable redis-server
Step 6 — Installing Frappe Bench CLI
Make sure that the Frappe user (in this case soncq
) has the proper rights on its home
directory:
sudo chown soncq -R /home/soncq
Now clone the frappe/bench
repository to your home directory. Remember to replace soncq
with your system username:
git clone https://github.com/frappe/bench /home/soncq/.bench --depth 1 --branch master
Install the bench
CLI:
sudo pip3 install -e /home/soncq/.bench
Setting Up Frappe Framework Environment
echo fs.inotify.max_user_watches=524288 | sudo tee -a /etc/sysctl.conf && sudo sysctl -p
Next, initialize Frappe Framework 12.
bench init /home/soncq/frappe-bench --frappe-path https://github.com/frappe/frappe --frappe-branch version-12 --python python3
Step 7 — Installing the ERPNext 12 Web Application
Change to the directory where Frappe was initialized.
cd /home/soncq/frappe-bench
Before continuing, you will need to install specific versions of Python libraries numpy
and pandas
into the Frappe virtual environment. Install these packages using the following command:
./env/bin/pip install numpy==1.18.5 && ./env/bin/pip install pandas==0.24.2
Now, you can continue with the installation. Download ERPNext 12 from its repository using the bench
CLI:
bench get-app erpnext https://github.com/frappe/erpnext --branch version-12
Next, create the new site, replacing congtycuatoi.ddns.net
with the domain that you have associated with this server’s IP:
bench new-site congtycuatoi.ddns.net --admin-password 'admin_p@ssw0rd' --mariadb-root-username soncq --mariadb-root-password 'p@ssw0rd'
Following this, install the ERPNext application onto the site:
bench --site congtycuatoi.ddns.net install-app erpnext
Once the installation completes, you will have a working ERPNext 12 application. Now let’s test it using a bench
command:
bench start
Step 8 — Setting Up ERPNext 12 For Production
Although your ERPNext 12 application is ready, the system as a whole is not yet prepared for production. To ensure ERPNext’s reliability and security you will need to enable a few additional services:
- Fail2ban provides an extra layer of protection against brute force attempts from malicious users and bots.
- Nginx functions mainly as a web proxy, redirecting all traffic from port
8000
to port80
(HTTP) or port443
(HTTPS) - Supervisor ensures that ERPNext’s key processes are constantly up and running, restarting them as necessary.
Up to this point, you have installed and configured ERPNext 12 manually, which has allowed you to customize the process to match any particular use case. Nevertheless, for the rest of the production setup, you can leverage the convenience of the bench
CLI and let it automate the installation and configuration of these remaining services.
Ensure you are in the Frappe working directory:
cd /home/soncq/frappe-bench
Now use the following command to finish setting up ERPNext 12 for production:
sudo bench setup production soncq --yes
The configuration files created by the bench
command are:
- Two Nginx configuration files located at
/etc/nginx/nginx.conf
and/etc/nginx/conf.d/frappe-bench.conf
- One Fail2Ban proxy jail located at
/etc/fail2ban/jail.d/nginx-proxy.conf
and one filter located at/etc/fail2ban/filter.d/nginx-proxy.conf
These default configurations will suffice for this tutorial, but you should feel free to explore and adjust these files to match your requirements. You can stop all services by running:
sudo supervisorctl stop all
And then, once you are ready, you can restart your services:
sudo supervisorctl start all
Testing Your ERPNext 12 Installation
systemctl list-unit-files | grep 'fail2ban\|nginx\|supervisor'
After confirming that everything is working as expected, you can test ERPNext 12 live on your server. Open your favorite browser and navigate congtycuatoi.ddns.net
, or whereever you are hosting your ERPNext 12 application.
After a few seconds, you should see the ERPNext 12 login screen. Use Administrator for the username (email) and the admin_p@ssw0rd
you created previously for the password.