update to run with podman containers

.gitignore

@@ -1,3 +1 @@
 build
-*.pyc
-*.bak

Makefile

@@ -1,7 +1,2 @@
-CREDIT_ANCHORTEXT = Turnkey Odoo Appliance
-
-BACKPORTS=y # install Odoo v16.x from backports
-BACKPORTS_PINS=odoo-16
-
-include $(FAB_PATH)/common/mk/turnkey/lapp.mk
+CREDIT_ANCHORTEXT = TurnKey Odoo Appliance
 include $(FAB_PATH)/common/mk/turnkey.mk

README.rst

@@ -14,70 +14,35 @@ This appliance includes all the standard features in `TurnKey Core`_:
 
 - Odoo configurations for TurnKey v18.x:
 
-    - Odoo v16 installed from debian backports apt repo (v18.x).
+    - Odoo v18 installed from Docker Hub.
     - Includes modules from base install of Odoo.
 
-- **Security note**: As of 18.0, due to using the debian backports repo
-  Updates to Odoo **ARE NOT** configured to install automatically.
+- **Security note**: Updates to Odoo **ARE NOT** configured to install automatically.
 
 - SSL support out of the box.
 - `Adminer`_ administration frontend for PostgreSQL (listening on
   port 12322 - uses SSL).
-- Webmin modules for configuring Apache2, PostgreSQL and Postfix.
-
-**To create a new Odoo Databse (i.e. site)**
-
-To create a new Odoo DB, the Odoo config file needs to be edited and the
-Odoo service restarted.
-
-Overview of process:
-1. Edit /etc/odoo/odoo
-   - change value of "db_name" from "TurnkeylinuxExample" to your desired DB
-     name
-2. Restart odoo.service
-3. Reload Odoo login screen in your browser and you should be good to go
-
-Webmin steps:
-1.
-    - Browse to 'Tools' >> 'FileManager'
-    - Navigate to '/etc/odoo' and edit the 'odoo.conf' file
-    - Edit as per step 1 above
-    - Save changes
-2.
-    - Navigate to 'System' >> 'Bootup and Shutdown'
-    - Find the "odoo.service" in the list and select it via the checkbox
-    - Scroll to the bottom and select 'Restart'
-3.
-    - As per step 3 above
-
-CLI steps:
-1.
-    - Edit /etc/odoo/odoo as per step 1
-2.
-    - Restart odoo.service::
-
-        systemctl restart odoo
-3.
-    - As per step 3 above
+- Webmin modules for configuring PostgreSQL and Postfix.
 
 **Notice for special Odoo Localization**
 
-In case you run a L10n Odoo Localization you will need other PIP Packages
-and Libs installed on your system, please check your localization support on
-OCA_.
+In case you need an Odoo Localization you might need other `pip` packages
+and libs installed in the `odoo` container, please check your localization support
+on OCA_.
 
 Credentials *(passwords set at first boot)*
 -------------------------------------------
 
 **Note**: the Odoo password set at firstboot applies to both the Odoo
-admin account (example app) AND the masterpassword  - however these can be
-changed individually after firstboot.
+admin account (example app) AND the master password, however these can be
+changed individually as per upstream docs_ after firstboot.
 
 -  Webmin, SSH: username **root**
--  PostgreSQL, Adminer: username **postgres**
+-  PostgreSQL, Adminer: randomly generated (see `/etc/turnkey-podman/.env`)
 -  Odoo Master Account: **admin**
 
-.. _Odoo: https://www.odoo.com/
+.. _Odoo: https://www.odoo.com
 .. _TurnKey Core: https://www.turnkeylinux.org/core
-.. _Adminer: https://www.adminer.org/
+.. _Adminer: https://www.adminer.org
 .. _OCA: https://github.com/OCA
+.. _docs: https://www.odoo.com/documentation

changelog

@@ -1,3 +1,9 @@
+turnkey-odoo-18.1 (1) turnkey; urgency=low
+
+  * Install Odoo v18, PostgreSQL v15 and latest Nginx from Docker Hub images.
+
+ -- Anton Pyrogovskyi <[email protected]>  Tue, 19 Nov 2024 16:11:52 +0100
+
 turnkey-odoo-18.0 (1) turnkey; urgency=low
 
   * Install Odoo v16.x from Debian backports (bookworm-backports) apt

conf.d/main

@@ -1,87 +1,38 @@
 #!/bin/bash -ex
 
-# Set variables
-#
-
-DB_USER=odoo
-DB_PASS=$(mcookie)
-DB_NAME="TurnkeylinuxExample"
+export DEPS=( postgres:15-alpine nginx:alpine odoo:18 )
 
-# We will use a random password for now. Reset during inithook
-ODOO_ADMIN_PASSWORD=$(mcookie)
+# clean up build fs
+fs_cleanup() {
+  mount -l -t fuse.fuse-overlayfs | cut -d " " -f3 | xargs -rL1 fusermount -u || true
+  umount -vRf /sys || true
+  rm -f /dev/fuse
+}
 
-# User name that Odoo will run under
-SERVICE_USER=$DB_USER
+cache_images() {
+  # umount everything if build fails; otherwise `deck -D` won't work!
+  trap fs_cleanup INT TERM EXIT
 
-CONF=/etc/odoo/odoo.conf
+  # podman requires sysfs & cgroups & fuse for fuse-overlayfs
+  mount -t sysfs sysfs /sys -o ro,nosuid,nodev,noexec,relatime
+  mkdir -p /sys/fs/{cgroup,fuse/connections}
+  mount -t cgroup2 cgroup2 /sys/fs/cgroup -o rw,nosuid,nodev,noexec,relatime
+  mount -t fusectl fusectl /sys/fs/fuse/connections -o rw,nosuid,nodev,noexec,relatime
+  mknod /dev/fuse -m 0666 c 10 229 || true
 
-# Create database role for odoo
-# *******************************************
-
-# Start postgresql server
-systemctl start postgresql
+  [[ "$FAB_HTTP_PROXY" ]] && export HTTP_PROXY="$FAB_HTTP_PROXY"
 
-# Create db user
-su postgres -c "createuser --superuser --createdb --no-createrole $DB_USER"
+  local name
+  for i in "${DEPS[@]}"; do
+    name="$(basename "$i" | cut -d':' -f1)"
 
-# Set db user password
-su postgres -c "psql postgres" << EOF
-alter user $DB_USER with encrypted password '$DB_PASS';
-EOF
-su postgres -c "psql postgres" << EOF
-create database "$DB_NAME" owner $DB_USER;
-EOF
+    podman pull "docker.io/$i"
+    podman save --format oci-dir -o "/var/cache/podman-images/$name" "$i"
+  done
 
-# Set password/name in config file
-sed -i "s|db_password =.*|db_password = $DB_PASS|" $CONF
-sed -i "s|db_host =.*|db_host = localhost|" $CONF
-echo "db_name = $DB_NAME" >> $CONF
+  unset HTTP_PROXY
 
-# Stop postgresql server
-systemctl stop postgresql
+  podman system reset -f
+}
 
-# Set admin password to random value for now
-sed -i "s|admin_passwd =.*|admin_passwd = $ODOO_ADMIN_PASSWORD|" $CONF
-chown odoo:odoo $CONF
-
-# Add and disable service user
-usermod -L $SERVICE_USER
-
-# Enable needed modules
-a2enmod proxy_http headers rewrite		
-
-# Configure sites
-a2dissite 000-default
-a2ensite odoo.conf
-
-# Populate database
-systemctl start postgresql
-systemctl start apache2
-
-su odoo -g odoo -s '/bin/bash' -c 'odoo -i base \
-    --stop-after-init --db_host=localhost \
-    -d '"\"$DB_NAME\""' \
-    -r '"\"$DB_USER\""' \
-    -w '"\"$DB_PASS\""' \
-    -s -c '"\"$CONF\""
-
-# enable and start odoo
-systemctl enable odoo
-systemctl start odoo
-
-while [[ "$(curl -Lk http://localhost)" = *"Unavailable"* ]]; do
-    sleep 1
-done
-
-URL="https://127.0.0.1/web"
-CURL="curl --insecure -c /tmp/cookie -b /tmp/cookie"
-
-$CURL $URL/login
-sleep 1
-$CURL $URL/database/manager
-sleep 1
-$CURL $URL/database/change_password --data-raw "master_pwd=admin&master_pwd_new=${ODOO_ADMIN_PASSWORD}"
-
-systemctl stop odoo
-systemctl stop postgresql
-systemctl stop apache2 
+cache_images

overlay/etc/nginx/conf.d/odoo.conf

@@ -0,0 +1,27 @@
+server {
+    listen 80 default_server;
+    server_name _;
+
+    location / {
+        return 301 https://$http_host$request_uri;
+    }
+}
+
+server {
+    listen 443 ssl default_server;
+    server_name _;
+    http2 on;
+
+    ssl_certificate      /etc/ssl/private/cert.pem;
+    ssl_certificate_key  /etc/ssl/private/cert.key;
+    ssl_dhparam          /etc/ssl/private/dhparams.pem;
+
+    proxy_set_header X-Forwarded-Host $http_host;
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header X-Forwarded-Proto $scheme;
+
+    location / {
+        proxy_pass http://127.0.0.1:8069;
+    }
+}
+

overlay/etc/odoo/odoo.conf

@@ -0,0 +1,5 @@
+[options]
+addons_path = /mnt/extra-addons
+data_dir = /var/lib/odoo
+admin_passwd = admin
+proxy_mode = True

overlay/etc/turnkey-podman/.env.template

@@ -0,0 +1,8 @@
+# db container
+POSTGRES_DB=${DB_NAME}
+POSTGRES_USER=${DB_USER}
+POSTGRES_PASSWORD=${DB_PASS}
+
+# odoo container
+USER=${DB_USER}
+PASSWORD=${DB_PASS}

overlay/usr/lib/inithooks/bin/odoo.py

@@ -1,35 +1,29 @@
 #!/usr/bin/python3
+"""Set Odoo admin/master password
 
-"""Set Odoo Admin Password
 Option:
-    --pass=    unless provided, will ask interactively
+    --pass=     unless provided, will ask interactively
 """
 
-import re
+import os
 import sys
 import getopt
-
-import crypt
-import random
-import hashlib
-import configparser
-
 import subprocess
+
+from libinithooks import inithooks_cache
 from libinithooks.dialog_wrapper import Dialog
-from pgsqlconf import PostgreSQL
 from passlib.context import CryptContext
 
 def usage(s=None):
     if s:
-        print("Error:", s, file=sys.stderr)
+        print("Error:", s, file=sys.stderr, **kwargs)
     print("Syntax: %s [options]" % sys.argv[0], file=sys.stderr)
     print(__doc__, file=sys.stderr)
     sys.exit(1)
 
 def main():
     try:
-        opts, args = getopt.gnu_getopt(sys.argv[1:], "h",
-                                       ['help', 'pass='])
+        opts, args = getopt.gnu_getopt(sys.argv[1:], "h", ['help', 'pass='])
     except getopt.GetoptError as e:
         usage(e)
 
@@ -40,38 +34,27 @@ def main():
         elif opt == '--pass':
             password = val
 
-
     if not password:
         d = Dialog('TurnKey Linux - First boot configuration')
         password = d.get_password(
-            "Odoo Database Managment & example 'admin' Password",
-            "Enter new password for Odoo Database Management - create/delete/manage Odoo DBs. "
-                "This password will also login to 'admin' account of default/example Odoo.",
-            blacklist=['\\', '/'])
+            "Odoo Password",
+            "Enter new password for the Odoo 'admin' account and database management.",
+        )
 
-    processed_password = CryptContext(['pbkdf2_sha512']).hash(password)
+    hash = CryptContext(schemes=['pbkdf2_sha512']).hash(password)
 
-    default_db = 'TurnkeylinuxExample'
-    default_db_exists = True
-    try:
-        p = PostgreSQL(default_db)
-        p.execute("UPDATE res_users SET password='{}' WHERE id=2".format(
-            processed_password).encode('utf8'))
-    except subprocess.CalledProcessError as e:
-        default_db_exists = False
-        print(f"Default DB ({default_db}) not found - skipping setting passsword for that")
+    db_name = os.environ.get("POSTGRES_DB", "odoo")
+    db_user = os.environ.get("POSTGRES_USER", "odoo")
 
-    sys.path.insert(0, '/usr/lib/python3/dist-packages')
-    import odoo
-    odoo.tools.config.parse_config(['--config=/etc/odoo/odoo.conf'])
-    odoo.tools.config.set_admin_password(password)
-    odoo.tools.config.save()
+    stmts = ["UPDATE res_users SET password='%s' WHERE id=2;" % (hash)]
+    for stmt in stmts:
+        _ = subprocess.run(["podman", "exec", "db", "psql", "-U", db_user, db_name, "-c", stmt])
 
-    # restart odoo to apply updated password
-    subprocess.run(['systemctl', 'restart', 'odoo'])
+    config = "/etc/odoo/odoo.conf"
+    _ = subprocess.run(["sed", "-ri", 's|^admin_passwd.*$|admin_passwd = %s|' % (hash), config])
 
-    if not default_db_exists:
-        sys.exit(1)
+    print("Restarting services; please wait...")
+    _ = subprocess.run(['podman', 'restart', 'odoo'])
 
 if __name__ == "__main__":
     main()