This commit is contained in:
Emmanuel Garette 2022-10-01 18:57:37 +02:00
parent b1e7064488
commit f1b2e20063
16 changed files with 341 additions and 229 deletions

View file

@ -1,35 +0,0 @@
#!/bin/bash -e
HOST_NAME=$1
if [ -z "$HOST_NAME" ]; then
echo "usage: $0 host name"
exit 1
fi
# remove current rules
systemctl stop risottofirewall.service || true
apt install --yes systemd-container dnf jq debootstrap htop gettext patch unzip mlocate xz-utils iptables
systemd-tmpfiles --create --clean --remove $PWD/host/configurations/$HOST_NAME/tmpfiles.d/0asystemd-nspawn.conf
systemd-tmpfiles --create --clean --remove $PWD/host/configurations/$HOST_NAME/tmpfiles.d/0rougail.conf
systemctl daemon-reload
systemctl restart systemd-sysctl.service
systemctl enable systemd-networkd
systemctl restart systemd-networkd
systemctl enable systemd-resolved
systemctl restart systemd-resolved
# systemctl mask dev-hugepages.mount
systemctl enable risotto-images.timer
systemctl restart risotto-images.timer
systemctl enable risottofirewall.service
systemctl start risottofirewall.service
#nft add table nat
#nft flush table nat;
#nft 'add chain nat prerouting { type nat hook prerouting priority -100; }'
#nft 'add rule nat prerouting iif enp0s3 tcp dport { 80, 443 } dnat to 192.168.45.12'
#nft 'add chain nat postrouting { type nat hook postrouting priority -100; }'
#nft 'add rule nat postrouting ip saddr 192.168.45.10 oif enp0s8 tcp dport 53 snat to 10.0.3.15'
#nft 'add rule nat postrouting ip saddr 192.168.45.10 oif enp0s8 udp dport 53 snat to 10.0.3.15'
echo "install host OK"
exit 0

View file

@ -1,177 +0,0 @@
#!/bin/bash -e
HOST_NAME=$1
IMAGE_NAME=$2
if [ -z "$IMAGE_NAME" ]; then
echo "PAS DE NOM DE MODULE"
exit 1
fi
. config.sh
rm -rf "$IMAGE_NAME_RISOTTO_IMAGE_DIR" tmp
mkdir -p "$RISOTTO_IMAGE_DIR"
PKG=""
BASE_DIR=""
for script in $(ls $IMAGE_NAME/manual/preinstall/*.sh 2> /dev/null); do
. "$script"
done
if [ -z "$OS_NAME" ]; then
echo "NO OS NAME DEFINED"
exit 0
fi
if [ -z "$RELEASEVER" ]; then
echo "NO RELEASEVER DEFINED"
exit 0
fi
if [ -z "$INSTALL_TOOL" ]; then
echo "NO INSTALL TOOL DEFINED"
exit 0
fi
BASE_NAME="$OS_NAME-$RELEASEVER"
BASE_DIR="$IMAGE_BASE_RISOTTO_BASE_DIR/$BASE_NAME"
BASE_TAR="$IMAGE_BASE_RISOTTO_BASE_DIR-$BASE_NAME".tar
BASE_PKGS_FILE="$IMAGE_BASE_RISOTTO_BASE_DIR-$BASE_NAME.pkgs"
BASE_LOCK="$IMAGE_BASE_RISOTTO_BASE_DIR-$BASE_NAME.build"
function dnf_opt() {
INSTALL_DIR=$1
INSTALL_PKG=$2
echo "--setopt=install_weak_deps=False --nodocs --noplugins --installroot=$INSTALL_DIR --releasever $RELEASEVER install $INSTALL_PKG"
}
function new_package_base() {
if [ "$INSTALL_TOOL" = "dnf" ]; then
OPT=$(dnf_opt "$BASE_DIR" "$BASE_PKG")
dnf --assumeno $OPT | grep ^" " > "$BASE_PKGS_FILE".new
else
debootstrap --include="$BASE_PKG" --variant=minbase "$RELEASEVER" "$BASE_DIR" > /dev/null
chroot "$BASE_DIR" dpkg-query -f '${binary:Package} ${source:Version}\n' -W > "$BASE_PKGS_FILE".new
fi
}
function install_base() {
if [ "$INSTALL_TOOL" = "dnf" ]; then
OPT=$(dnf_opt "$BASE_DIR" "$BASE_PKG")
dnf --assumeyes $OPT
fi
}
function new_package() {
if [ "$INSTALL_TOOL" = "dnf" ]; then
OPT=$(dnf_opt "$IMAGE_NAME_RISOTTO_IMAGE_DIR" "$PKG")
dnf --assumeno $OPT | grep ^" " > "$IMAGE_NAME_RISOTTO_IMAGE_DIR".pkgs.new
else
chroot "$IMAGE_NAME_RISOTTO_IMAGE_DIR" apt install --no-install-recommends --yes $PKG -s 2>/dev/null|grep ^"Inst " > "$IMAGE_NAME_RISOTTO_IMAGE_DIR".pkgs.new
fi
}
function install_pkg() {
if [ "$INSTALL_TOOL" = "dnf" ]; then
OPT=$(dnf_opt "$IMAGE_NAME_RISOTTO_IMAGE_DIR" "$PKG")
dnf --assumeyes $OPT
else
chroot "$IMAGE_NAME_RISOTTO_IMAGE_DIR" apt install --no-install-recommends --yes $PKG
fi
}
if [ ! -f "$BASE_LOCK" ]; then
echo " - reinstallation de l'image de base"
rm -rf "$BASE_DIR"
new_package_base
diff -u "$BASE_PKGS_FILE" "$BASE_PKGS_FILE".new && NEW_BASE=false || NEW_BASE=true
if [ ! -f "$BASE_TAR" ] || [ "$NEW_BASE" = true ]; then
mkdir -p "$IMAGE_BASE_RISOTTO_BASE_DIR"
install_base
cd "$IMAGE_BASE_RISOTTO_BASE_DIR"
tar cf "$BASE_TAR" "$BASE_NAME"
cd - > /dev/null
if [ -f "$BASE_PKGS_FILE" ]; then
mv "$BASE_PKGS_FILE" "$BASE_PKGS_FILE".old
fi
mv "$BASE_PKGS_FILE".new "$BASE_PKGS_FILE"
rm -rf "$IMAGE_BASE_RISOTTO_BASE_DIR"
fi
rm -rf "$BASE_DIR"
touch "$BASE_LOCK"
fi
tar xf "$BASE_TAR"
mv "$BASE_NAME" "$IMAGE_NAME_RISOTTO_IMAGE_DIR"
if [ -n "$COPR" ]; then
#FIXME signature...
mkdir -p "$REPO_DIR"
cd "$REPO_DIR"
wget -q "$COPR"
cd - > /dev/null
fi
if [ "$FUSION" = true ]; then
dnf -y install "https://download1.rpmfusion.org/free/fedora/rpmfusion-free-release-$RELEASEVER.noarch.rpm" --installroot="$IMAGE_NAME_RISOTTO_IMAGE_DIR" > /dev/null
fi
# FIXME verifier s'il y a des modifs sur pre/post
if [ -f "$IMAGE_NAME_RISOTTO_IMAGE_DIR".base.pkgs ] && [ -f "$IMAGE_NAME_RISOTTO_IMAGE_DIR".pkgs ]; then
echo " - différence(s) avec les paquets de base"
diff -u "$IMAGE_NAME_RISOTTO_IMAGE_DIR".base.pkgs "$BASE_PKGS_FILE" && INSTALL=false || INSTALL=true
else
INSTALL=true
fi
new_package
if [ "$INSTALL" = false ]; then
echo " - différence(s) avec les paquets de l'image"
diff -u "$IMAGE_NAME_RISOTTO_IMAGE_DIR".pkgs "$IMAGE_NAME_RISOTTO_IMAGE_DIR".pkgs.new && INSTALL=false || INSTALL=true
fi
find $IMAGE_NAME/manual -type f -exec md5sum '{}' \; > "$IMAGE_NAME_RISOTTO_IMAGE_DIR".md5sum.new
if [ "$INSTALL" = false ]; then
diff -u "$IMAGE_NAME_RISOTTO_IMAGE_DIR".md5sum "$IMAGE_NAME_RISOTTO_IMAGE_DIR".md5sum.new && INSTALL=false || INSTALL=true
fi
if [ "$INSTALL" = true ]; then
echo " - installation"
if [ -f "$IMAGE_NAME_RISOTTO_IMAGE_DIR"_"$RELEASEVER".version ]; then
VERSION=$(cat "$IMAGE_NAME_RISOTTO_IMAGE_DIR"_"$RELEASEVER".version)
else
VERSION=0
fi
mkdir tmp
ORI_DIR=$PWD
cd tmp
if [ ! "$VERSION" = 0 ]; then
tar xf "$IMAGE_NAME_RISOTTO_IMAGE_NAME"
if [ "$INSTALL_TOOL" = "apt" ]; then
chown _apt "$IMAGE_NAME"
fi
else
mkdir "$IMAGE_NAME"
fi
cd "$IMAGE_NAME"
../../make_changelog "$IMAGE_NAME" "$VERSION" "$OS_NAME" "$RELEASEVER" > "$IMAGE_NAME_RISOTTO_IMAGE_DIR"_"$RELEASEVER"_"$VERSION"_changelog.md
cd $ORI_DIR
rm -rf tmp
install_pkg
sleep 2
for script in $(ls $IMAGE_NAME/manual/postinstall/*.sh 2> /dev/null); do
. "$script"
done
CONTAINER=$IMAGE_NAME ./make_volatile /etc
if [ ! "$?" = 0 ]; then
echo "make_volatile failed"
exit 1
fi
cd "$RISOTTO_IMAGE_DIR"
#7zr a "$IMAGE_NAME".7z "$IMAGE_NAME"
if [ -f "$IMAGE_NAME_RISOTTO_IMAGE_NAME" ]; then
mv -f "$IMAGE_NAME_RISOTTO_IMAGE_NAME" "$IMAGE_NAME_RISOTTO_IMAGE_NAME".old
fi
tar cf "$IMAGE_NAME_RISOTTO_IMAGE_NAME" "$IMAGE_NAME"
sha256sum "$IMAGE_NAME_RISOTTO_IMAGE_NAME" > "$IMAGE_NAME_RISOTTO_IMAGE_NAME".sha
cd - > /dev/null
cp -f "$BASE_PKGS_FILE" "$IMAGE_NAME_RISOTTO_IMAGE_DIR".base.pkgs
mv -f "$IMAGE_NAME_RISOTTO_IMAGE_DIR".pkgs.new "$IMAGE_NAME_RISOTTO_IMAGE_DIR".pkgs
mv -f "$IMAGE_NAME_RISOTTO_IMAGE_DIR".md5sum.new "$IMAGE_NAME_RISOTTO_IMAGE_DIR".md5sum
VERSION=$((VERSION + 1))
echo "$VERSION" > "$IMAGE_NAME_RISOTTO_IMAGE_DIR"_"$RELEASEVER".version
fi
rm -rf "$IMAGE_NAME_RISOTTO_IMAGE_DIR"
echo " => OK"
exit 0

View file

@ -1,17 +0,0 @@
#!/bin/bash -e
HOST_NAME=$1
if [ -z "$HOST_NAME" ]; then
echo "usage: $0 host name"
exit 1
fi
. config.sh
rm -f $IMAGE_BASE_RISOTTO_BASE_DIR*.build
for image in *; do
if [ -d "$image" ]; then
echo
echo "Install image $image"
./install_image "$HOST_NAME" "$image"
fi
done
rm -f $IMAGE_BASE_RISOTTO_BASE_DIR*.build
exit 0

32
seed/odoo/DEBUG.md Normal file
View file

@ -0,0 +1,32 @@
echo "log_level = debug" > /etc/odoo/odoo.conf
echo "log_db= debug" > /etc/odoo/odoo.conf
systemctl restart odoo
Voir les logs dans la console
=============================
sed -i 's/syslog/#syslog/g' /etc/odoo/odoo.conf
su - odoo
/usr/bin/odoo --config /etc/odoo/odoo.conf
Connaitre les modules initialisés
=================================
Il se peut qu'il manque des dépendances au chargement des modules lors qu'on le fait à la main (je ne sais pas pourquoi).
Pour connaitre la liste des modules à charger, le faire "graphiquement" puis avec Risotto et comparer les deux listes.
Avec fichier de log :
```
grep "Loading module" /var/log/odoo/odoo-server.log|awk -F'Loading module' '{ print $2 }'| awk '{ print $1 }'|sort -u
```
Avec journald :
```
journalctl -m -M odoo.in.silique.fr -g "Loading module"|awk -F'Loading module' '{ print $2 }'| awk '{ print $1 }'|sort -u
```

View file

@ -0,0 +1,10 @@
format: '0.1'
description: Odoo
depends:
- base-debian-bullseye
- postgresql-client
- reverse-proxy-client
- relay-mail-client
- ldap-client-debian
- oauth2-client
- nginx-https

View file

@ -0,0 +1,93 @@
<?xml version='1.0' encoding='UTF-8'?>
<rougail version="0.10">
<services>
<service name="odoo" target="multi-user">
<override/>
<file engine="none" source="sysuser-odoo.conf">/sysusers.d/1odoo.conf</file>
<file source="tmpfile-odoo.conf">/tmpfiles.d/0odoo.conf</file>
<file mode="700">/sbin/config_odoo.py</file>
<file mode="400" owner="odoo">/etc/odoo/odoo.conf</file>
<file mode="400" owner="odoo">/etc/odoo/postgresql.pass</file>
<file>/etc/hosts</file>
<file source="config-nginx.conf">/etc/nginx/default.d/odoo.conf</file>
</service>
</services>
<variables>
<family name="odoo" description="Odoo">
<variable name="odoo_admin_password" description="Mot de passe de l'administrateur" hidden="True"/>
<variable name="odoo_admin_email" type="mail" description="Adresse courriel de l'administrateur" mandatory="True"/>
<variable name="odoo_company_name" description="Nom" mandatory="True"/>
<variable name="odoo_company_street" description="Adresse" mandatory="True"/>
<variable name="odoo_company_city" description="Ville" mandatory="True"/>
<variable name="odoo_company_zip" description="Code postal" mandatory="True"/>
<variable name="odoo_company_vat" description="Numéro TVA" mandatory="True"/>
<variable name="odoo_company_registry" description="Registre de la société" mandatory="True"/>
<variable name="odoo_company_phone" description="Numéro de téléphone"/>
<variable name="odoo_company_mobile" description="Numéro de téléphone mobile"/>
<variable name="odoo_company_email" description="Adresse courriel" mandatory="True"/>
<variable name="odoo_company_website" description="Site internet" mandatory="True"/>
<variable name="odoo_company_logo" type="filename" description="Chemin du logo" mandatory="True"/>
<variable name="odoo_company_footer" description="Pied de page des documents" mandatory="True"/>
<variable name="odoo_company_layout" description="Agencement des documents" mandatory="True" type="choice">
<value>standard</value>
<choice>standard</choice>
<choice>bold</choice>
<choice>boxed</choice>
<choice>striped</choice>
</variable>
<variable name="odoo_addons" description="Liste des applications à activer" multi="True">
<value>base</value>
<value>l10n_fr</value>
<value>l10n_fr_fec</value>
<value>account</value>
<value>hr</value>
<value>hr_contract</value>
<value>sale_management</value>
</variable>
</family>
<family name="postgresql">
<variable name="pg_client_key_owner" redefine="True">
<value>odoo</value>
</variable>
</family>
<family name="oauth2_client">
<variable name="oauth2_is_client_application" redefine='True'>
<value>True</value>
</variable>
<variable name="oauth2_client_name" redefine='True'>
<value>ERP</value>
</variable>
<variable name="oauth2_client_description" redefine='True'>
<value>ERP Odoo</value>
</variable>
<variable name="oauth2_client_category" redefine='True'>
<value>Entreprise</value>
</variable>
<variable name="oauth2_client_logo" redefine='True'>
<value>silique_note.png</value>
</variable>
<family name="external">
<variable name="oauth2_client_external" redefine="True" multi='True'/>
<variable name="oauth2_client_family" redefine="True" multi="True"/>
</family>
</family>
<family name="annuaire">
<family name="client">
<variable name="ldap_key_file_owner" redefine="True">
<value>odoo</value>
</variable>
</family>
</family>
</variables>
<constraints>
<fill name="get_password">
<param name="server_name" type="variable">domain_name_eth0</param>
<param name="username">admin</param>
<param name="description">admin</param>
<param name="type">cleartext</param>
<param name="hide" type="variable">hide_secret</param>
<param name="temporary" type="boolean">True</param>
<target>odoo_admin_password</target>
</fill>
</constraints>
</rougail>

8
seed/odoo/funcs/odoo.py Normal file
View file

@ -0,0 +1,8 @@
from base64 import b64encode as _b64encode
from os.path import isfile as _isfile
def get_logo(filename):
if not _isfile(filename):
raise Exception(f'cannot find odoo logo {filename}')
return _b64encode(open(filename, 'rb') .read())

View file

@ -0,0 +1,38 @@
set -e
ODOO_VERSION="15.0"
#FIXME
ODOO_VERSION="master"
WKHTML_VERSION="0.12.6.1-2"
#curl http://nightly.odoo.com/${ODOO_VERSION}/nightly/rpm/odoo_${ODOO_VERSION}.latest.rpm -o odoo_${ODOO_VERSION}.latest.rpm
#OPT=$(dnf_opt_base "$IMAGE_NAME_RISOTTO_IMAGE_DIR")
#dnf --assumeyes $OPT localinstall odoo_${ODOO_VERSION}.latest.rpm
#rm -f odoo_${ODOO_VERSION}.latest.rpm
mv $IMAGE_NAME_RISOTTO_IMAGE_DIR/etc/resolv.conf /tmp
echo "nameserver 9.9.9.9" > $IMAGE_NAME_RISOTTO_IMAGE_DIR/etc/resolv.conf
WKHTML_PKG=wkhtmltox_$WKHTML_VERSION.bullseye_amd64.deb
curl https://nightly.odoo.com/odoo.key -o "$IMAGE_NAME_RISOTTO_IMAGE_DIR/odoo.key"
curl -L "https://github.com/wkhtmltopdf/packaging/releases/download/$WKHTML_VERSION/$WKHTML_PKG" -o "$IMAGE_NAME_RISOTTO_IMAGE_DIR/$WKHTML_PKG"
echo """#!/bin/bash -xe
cat /odoo.key | apt-key add -
rm /odoo.key
echo "deb http://nightly.odoo.com/$ODOO_VERSION/nightly/deb/ ./" >> /etc/apt/sources.list
apt update
apt install --no-install-recommends -y odoo
dpkg -i /"$WKHTML_PKG" || true
rm -f /"$WKHTML_PKG"
apt -f install -y
""" > $IMAGE_NAME_RISOTTO_IMAGE_DIR/install.sh
chmod 755 $IMAGE_NAME_RISOTTO_IMAGE_DIR/install.sh
chroot $IMAGE_NAME_RISOTTO_IMAGE_DIR /install.sh
sed -i "s/'postgres'/odoo.tools.config['db_name']/g" $IMAGE_NAME_RISOTTO_IMAGE_DIR/usr/lib/python3/dist-packages/odoo/service/server.py
sed -i "s/'postgres'/odoo.tools.config['db_name']/g" $IMAGE_NAME_RISOTTO_IMAGE_DIR/usr/lib/python3/dist-packages/odoo/service/db.py
sed -i "s/'postgres'/odoo.tools.config['db_name']/g" $IMAGE_NAME_RISOTTO_IMAGE_DIR/usr/lib/python3/dist-packages/odoo/addons/bus/models/bus.py
sed -i "s/'postgres'/odoo.tools.config['db_name']/g" $IMAGE_NAME_RISOTTO_IMAGE_DIR/usr/lib/python3/dist-packages/odoo/addons/base/models/ir_cron.py
sed -i "s@ldap://@ldaps://@g" $IMAGE_NAME_RISOTTO_IMAGE_DIR/usr/lib/python3/dist-packages/odoo/addons/auth_ldap/models/res_company_ldap.py
mv -f /tmp/resolv.conf $IMAGE_NAME_RISOTTO_IMAGE_DIR/etc/resolv.conf
set +e

View file

@ -0,0 +1,3 @@
PKG="$PKG dirmngr gnupg2 python3-ldap"
#PKG="$PKG curl wkhtmltopdf python3-chardet python3-ldap python3-libsass"
# missing python3-chardet dependency (for initialize database)

View file

@ -0,0 +1,19 @@
# Redirect requests to odoo backend server
location / {
proxy_redirect off;
proxy_pass http://127.0.0.1:8069;
proxy_read_timeout 720s;
proxy_connect_timeout 720s;
proxy_send_timeout 720s;
# Add Headers for odoo proxy mode
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
# common gzip
gzip_types text/css text/scss text/plain text/xml application/xml application/json application/javascript;
gzip on;
}

View file

@ -0,0 +1,75 @@
%echo '#!/usr/bin/env python3'
from os import environ
environ['ODOO_RC'] = '/etc/odoo/odoo.conf'
from odoo import registry, SUPERUSER_ID
from odoo.api import Environment
with registry('%%pg_client_database').cursor() as cr:
ctx = Environment(cr, SUPERUSER_ID, {})["res.users"].context_get()
env = Environment(cr, SUPERUSER_ID, ctx)
# Company
env.company.name = '%%odoo_company_name'
env.company.street = '%%odoo_company_street'
env.company.city = '%%odoo_company_city'
env.company.zip = '%%odoo_company_zip'
env.company.vat = '%%odoo_company_vat'
env.company.company_registry = '%%odoo_company_registry'
env.company.phone = '%%odoo_company_phone'
env.company.mobile = '%%odoo_company_mobile'
env.company.email = '%%odoo_company_email'
env.company.website = '%%odoo_company_website'
env.company.logo = %%get_logo(%%odoo_company_logo)
env.company.report_footer = '%%odoo_company_footer'
env.company.external_report_layout_id = env.ref('web.external_layout_%%odoo_company_layout').id
doc = env['base.document.layout'].create({'company_id': env.company.id})
doc._onchange_company_id()
# Admin
admin = env['res.users'].search([('name', '=', 'Administrator')])
admin.email = "%%odoo_admin_email"
admin.password = '%%odoo_admin_password'
# URL
env['ir.config_parameter'].set_param('web.base.url', 'https://%%revprox_client_external_domainnames[0]')
env['ir.config_parameter'].set_param('web.base.url.freeze', True)
# LDAP
env['res.config.settings'].create({'module_auth_ldap': True}).execute()
ldaps = env.company.ldaps
if ldaps:
ldap = ldaps[0]
ldap.ldap_server = '%%ldap_server_address'
ldap.ldap_server_port = '636'
ldap.ldap_binddn = '%%ldapclient_user'
ldap.ldap_password = '%%ldapclient_user_password'
ldap.ldap_filter = 'cn=%s'
ldap.ldap_base = '%%ldapclient_user_dn'
else:
ldap = env['res.company.ldap'].create({'company': env.company.id,
'ldap_server': '%%ldap_server_address',
'ldap_server_port': '636',
'ldap_binddn': '%%ldapclient_user',
'ldap_password': '%%ldapclient_user_password',
'ldap_filter': 'cn=%s',
'ldap_base': '%%ldapclient_user_dn',
})
env.company.ldaps = ldap
# SMTP
mail = env['ir.mail_server'].search([('name', '=', 'Silique')])
if mail.id is False:
env['ir.mail_server'].create({'name': 'Silique',
'smtp_host': '%%smtp_relay_address',
'smtp_port': '25',
'smtp_authentication': 'login',
'smtp_user': '%%smtp_relay_user@%%ip_eth0',
'smtp_pass': '%%smtp_relay_password',
'smtp_encryption': 'starttls',
})
else:
mail.smtp_host = '%%smtp_relay_address'
mail.smtp_port = '25'
mail.smtp_authentication = 'login'
mail.smtp_user = '%%smtp_relay_user@%%ip_eth0'
mail.smtp_pass = '%%smtp_relay_password'
mail.smtp_encryption = 'starttls'
env['ir.config_parameter'].set_param('base_setup.default_external_email_server', True)

View file

@ -0,0 +1,4 @@
127.0.0.1 localhost %%revprox_client_external_domainnames[0]
::1 localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters

View file

@ -0,0 +1,38 @@
[options]
; This is the password that allows database operations:
admin_passwd = %%odoo_admin_password
db_host = %%pg_client_server_domainname
db_port = 5432
db_user = %%pg_client_username
db_password = %%pg_client_password
db_name = %%pg_client_database
# FIXME db_sslmode = verify-full
db_sslmode = require
no_database_list = True
addons_path = /usr/lib/python3/dist-packages/odoo/addons
data_dir = /srv/odoo
proxy_mode = True
http_interface = 127.0.0.1
syslog = True
without_demo = True
max_cron_threads = 1
workers = 2
#limit_time_real = 1800
#limit_time_cpu = 1800
#
#limit_memory_hard = 5368706371
#limit_memory_soft = 4831835734
# 'smtp_port', 'smtp_ssl'
# 'email_from', 'smtp_server', 'smtp_user', 'smtp_password', 'from_filter',
# 'smtp_ssl_certificate_filename', 'smtp_ssl_private_key_filename',
#
# language load_language
language = fr_FR
load_language = fr_FR

View file

@ -0,0 +1,18 @@
[Unit]
After=risotto.target
[Service]
Environment="PGSSLROOTCERT=/etc/pki/tls/certs/postgresql.crt"
Environment="PGSSLCERT=/etc/pki/tls/certs/postgresql.crt"
Environment="PGSSLKEY=/etc/pki/tls/private/postgresql.key"
Environment="PGPASSFILE=/etc/odoo/postgresql.pass"
#if database not imported, imported it active addons
%set %%addons = ','.join(%%odoo_addons)
ExecStartPre=/usr/bin/bash -c '/usr/bin/psql --set=sslmode=verify-full -h %%pg_client_server_domainname -U %%pg_client_username %%pg_client_database -c "\dt account_account" 2>&1 | grep -vq "not find" || (echo "INIT DATABASE"; /usr/bin/odoo --config /etc/odoo/odoo.conf -i %%addons --stop-after-init; echo "OK")'
#change default values in database
ExecStartPre=+/usr/local/lib/sbin/config_odoo.py
ExecStart=
ExecStart=/usr/bin/odoo --config /etc/odoo/odoo.conf
TimeoutStartSec=360

View file

@ -0,0 +1,2 @@
g odoo 1000 -
u odoo 998:1000 "ODOO" /srv/odoo /bin/bash

View file

@ -0,0 +1 @@
d /srv/odoo 750 odoo odoo - -