From 46cff650a9a5e25d6a31c4ce6daaa3b9bb507622 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Maillard?= Date: Thu, 24 Aug 2017 21:31:06 +0800 Subject: [PATCH 01/60] Fix issue during previous merge --- Dockerfile | 1 - 1 file changed, 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 4084f086..87ecbe10 100644 --- a/Dockerfile +++ b/Dockerfile @@ -3,7 +3,6 @@ MAINTAINER Elico Corp # Define build constants ENV ODOO_VERSION=8.0 \ - PG_VERSION=9.5 PG_VERSION=9.5 \ BINARY_NAME=openerp-server From f25eae08a9b198295e5e0fb1be1f3854bef23e9d Mon Sep 17 00:00:00 2001 From: Elico Corp Date: Sat, 29 Jul 2017 00:00:10 +0800 Subject: [PATCH 02/60] Update OCB 10.0 commit ID: 2292f563135296d59991ddf337cd499d6fe391f4 --- OCB_COMMIT_ID | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/OCB_COMMIT_ID b/OCB_COMMIT_ID index 37d74f3f..da02dfce 100644 --- a/OCB_COMMIT_ID +++ b/OCB_COMMIT_ID @@ -1 +1 @@ -f998ddf09545a5946ed4fac57e8c6afcf208da7d +f998ddf09545a5946ed4fac57e8c6afcf208da7d \ No newline at end of file From 48601eaa187925a5bb62901d00939e881d44c217 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Maillard?= Date: Thu, 17 Aug 2017 15:09:52 +0800 Subject: [PATCH 03/60] Display additional Odoo args --- bin/boot | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bin/boot b/bin/boot index b1cdc739..71199b9a 100755 --- a/bin/boot +++ b/bin/boot @@ -86,7 +86,7 @@ function start { echo $log_src[`date +%F.%H:%M:%S`]' Running odoo...' set +e if [ ! -e $1 ]; then - echo $log_src[`date +%F.%H:%M:%S`]' ...with additional args: $*' + echo $log_src[`date +%F.%H:%M:%S`]' ...with additional args: ' $* fi sudo -i -u \#$TARGET_ID /usr/bin/python \ /opt/odoo/sources/odoo/openerp-server \ From 9c3e5ef861a6f714ebac246a654eb97a4b4c885d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Maillard?= Date: Thu, 17 Aug 2017 16:03:46 +0800 Subject: [PATCH 04/60] Set timezone to UTC --- Dockerfile | 3 +++ sources/odoo.conf | 2 +- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index c37f75d8..7f486b21 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,6 +1,9 @@ FROM ubuntu:14.04 MAINTAINER Elico Corp +# Set timezone to UTC +RUN ln -sf /usr/share/zoneinfo/Etc/UTC /etc/localtime + # generate locales RUN locale-gen en_US.UTF-8 && update-locale RUN echo 'LANG="en_US.UTF-8"' > /etc/default/locale diff --git a/sources/odoo.conf b/sources/odoo.conf index 1d5eee7c..d01c18e5 100644 --- a/sources/odoo.conf +++ b/sources/odoo.conf @@ -2,7 +2,7 @@ admin_passwd = _ADMIN_PASSWORD_ ; set the default timezone for openerp interface -timezone = Europe/Paris +timezone = Etc/UTC db_maxconn = 64 db_name = False From 4a8e275e4500e30408c562b0d05df93e2a73b071 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Maillard?= Date: Thu, 17 Aug 2017 20:27:52 +0800 Subject: [PATCH 05/60] Refactor function start into smaller functions --- bin/boot | 59 +++++++++++++++++++++++++----------------- sources/target_user.sh | 3 --- 2 files changed, 35 insertions(+), 27 deletions(-) diff --git a/bin/boot b/bin/boot index 71199b9a..84ff0a71 100755 --- a/bin/boot +++ b/bin/boot @@ -33,18 +33,34 @@ function _update_odoo_conf_param { fi } -function start { - echo $log_src[`date +%F.%H:%M:%S`]' Checking special requirements...' - bash /opt/scripts/startup.sh - - echo $log_src[`date +%F.%H:%M:%S`]' Updating Odoo conf...' +function _update_odoo_conf_params { _update_odoo_conf_param '_ADMIN_PASSWORD_' $ADMIN_PASSWORD _update_odoo_conf_param '_DB_USER_' $DB_USER _update_odoo_conf_param '_DB_PASSWORD_' $DB_PASSWORD _update_odoo_conf_param '_DB_FILTER_' $DB_FILTER - echo $log_src[`date +%F.%H:%M:%S`]' Update Odoo conf done' +} - echo $log_src[`date +%F.%H:%M:%S`]' Check if need to download addons repo...' +function _setup_ssh_key { + echo $log_src[`date +%F.%H:%M:%S`]' Setting up SSH key...' + ssh_folder=$( getent passwd $TARGET_ID | cut -d: -f6 )/.ssh + echo $log_src[`date +%F.%H:%M:%S`]' Creating SSH folder = '$ssh_folder + mkdir $ssh_folder + echo $log_src[`date +%F.%H:%M:%S`]' Copy SSH private key from /opt/odoo/ssh' + cp /opt/odoo/ssh/id_rsa $ssh_folder + echo $log_src[`date +%F.%H:%M:%S`]' Scanning GitHub key...' + ssh-keyscan github.com > $ssh_folder/known_hosts + echo $log_src[`date +%F.%H:%M:%S`]' Setup SSH config...' + echo "host github.com" > $ssh_folder/config + echo " HostName github.com" >> $ssh_folder/config + echo " User git" >> $ssh_folder/config + echo " IdentityFile $ssh_folder/id_rsa" >> $ssh_folder/config + echo $log_src[`date +%F.%H:%M:%S`]' Securing SSH folder...' + chown -R $TARGET_ID:$TARGET_ID $ssh_folder + chmod 400 $ssh_folder/id_rsa + echo $log_src[`date +%F.%H:%M:%S`]' Setup SSH key done' +} + +function _download_addons { if [ "$ADDONS_REPO" -o -a /opt/odoo/additional_addons/oca_dependencies.txt ]; then echo $log_src[`date +%F.%H:%M:%S`]' Git config for target user' sudo -i -u \#$TARGET_ID git config --global user.email "contact@elico-corp.com" @@ -52,23 +68,7 @@ function start { echo $log_src[`date +%F.%H:%M:%S`]' Checking if need to setup SSH key...' if [ -a /opt/odoo/ssh/id_rsa ]; then - echo $log_src[`date +%F.%H:%M:%S`]' Setting up SSH key...' - SSH_FOLDER=$( getent passwd $TARGET_ID | cut -d: -f6 )/.ssh - echo $log_src[`date +%F.%H:%M:%S`]' Creating SSH folder = '$SSH_FOLDER - mkdir $SSH_FOLDER - echo $log_src[`date +%F.%H:%M:%S`]' Copy SSH private key from /opt/odoo/ssh' - cp /opt/odoo/ssh/id_rsa $SSH_FOLDER - echo $log_src[`date +%F.%H:%M:%S`]' Scanning GitHub key...' - ssh-keyscan github.com > $SSH_FOLDER/known_hosts - echo $log_src[`date +%F.%H:%M:%S`]' Setup SSH config...' - echo "host github.com" > $SSH_FOLDER/config - echo " HostName github.com" >> $SSH_FOLDER/config - echo " User git" >> $SSH_FOLDER/config - echo " IdentityFile $SSH_FOLDER/id_rsa" >> $SSH_FOLDER/config - echo $log_src[`date +%F.%H:%M:%S`]' Securing SSH folder...' - chown -R $TARGET_ID:$TARGET_ID $SSH_FOLDER - chmod 400 $SSH_FOLDER/id_rsa - echo $log_src[`date +%F.%H:%M:%S`]' Setup SSH key done' + _setup_ssh_key fi if [[ -z "$FETCH_OCA_DEPENDENCIES" ]]; then @@ -82,6 +82,17 @@ function start { echo $log_src[`date +%F.%H:%M:%S`]' No additional addons to download' sudo -i -u \#$TARGET_ID bash /opt/odoo/auto_addons/no_addons.sh $odoo_conf_file fi +} + +function start { + echo $log_src[`date +%F.%H:%M:%S`]' Checking special requirements...' + bash /opt/scripts/startup.sh + + echo $log_src[`date +%F.%H:%M:%S`]' Updating Odoo conf...' + _update_odoo_conf_params + + echo $log_src[`date +%F.%H:%M:%S`]' Check if need to download addons repo...' + _download_addons echo $log_src[`date +%F.%H:%M:%S`]' Running odoo...' set +e diff --git a/sources/target_user.sh b/sources/target_user.sh index 683e61d2..67802e14 100644 --- a/sources/target_user.sh +++ b/sources/target_user.sh @@ -10,11 +10,8 @@ log_src='['${0##*/}']' # Check if there's a target user to run Odoo if [ "$TARGET_ID" ]; then - echo $log_src[`date +%F.%H:%M:%S`]' TARGET_ID = '$TARGET_ID - echo $log_src[`date +%F.%H:%M:%S`]' Check if target user exists...' EXISTS=$( getent passwd $TARGET_ID | wc -l ) - echo $log_src[`date +%F.%H:%M:%S`]' EXISTS = '$EXISTS # Create target user if [ $EXISTS == "0" ]; then From 269cdaae892d25811195f51e8767d1d3933e719f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Maillard?= Date: Fri, 18 Aug 2017 16:51:48 +0800 Subject: [PATCH 06/60] Simplify/refactor target Odoo user mapping --- Dockerfile | 7 ++----- bin/boot | 26 +++++++++++--------------- {sources => bin}/target_user.sh | 23 +++++++++++++++-------- 3 files changed, 28 insertions(+), 28 deletions(-) rename {sources => bin}/target_user.sh (65%) diff --git a/Dockerfile b/Dockerfile index 7f486b21..dd7c7c58 100644 --- a/Dockerfile +++ b/Dockerfile @@ -71,9 +71,6 @@ ADD https://github.com/wkhtmltopdf/wkhtmltopdf/releases/download/0.12.1/wkhtmlto /opt/sources/wkhtmltox.deb RUN dpkg -i /opt/sources/wkhtmltox.deb -# Script to map the Odoo user with the host user (see FIXME inside) -ADD sources/target_user.sh /opt/sources/target_user.sh - # Startup script for custom setup ADD sources/startup.sh /opt/scripts/startup.sh @@ -115,8 +112,8 @@ VOLUME [ \ # Set the default entrypoint (non overridable) to run when starting the container ADD bin /app/bin/ -ENTRYPOINT ["/app/bin/boot"] -CMD ["help"] +ENTRYPOINT [ "/app/bin/boot" ] +CMD [ "help" ] # Expose the odoo ports (for linked containers) EXPOSE 8069 8072 diff --git a/bin/boot b/bin/boot index 84ff0a71..75877f4a 100755 --- a/bin/boot +++ b/bin/boot @@ -29,7 +29,7 @@ function login { function _update_odoo_conf_param { if [ "$2" ]; then echo $log_src[`date +%F.%H:%M:%S`]' Replacing parameter '$1 - sudo -i -u \#$TARGET_ID sed -i "s/$1/$2/g" $odoo_conf_file + sudo -i -u $odoo_user sed -i "s/$1/$2/g" $odoo_conf_file fi } @@ -42,7 +42,7 @@ function _update_odoo_conf_params { function _setup_ssh_key { echo $log_src[`date +%F.%H:%M:%S`]' Setting up SSH key...' - ssh_folder=$( getent passwd $TARGET_ID | cut -d: -f6 )/.ssh + ssh_folder=$( getent passwd $odoo_user | cut -d: -f6 )/.ssh echo $log_src[`date +%F.%H:%M:%S`]' Creating SSH folder = '$ssh_folder mkdir $ssh_folder echo $log_src[`date +%F.%H:%M:%S`]' Copy SSH private key from /opt/odoo/ssh' @@ -55,7 +55,7 @@ function _setup_ssh_key { echo " User git" >> $ssh_folder/config echo " IdentityFile $ssh_folder/id_rsa" >> $ssh_folder/config echo $log_src[`date +%F.%H:%M:%S`]' Securing SSH folder...' - chown -R $TARGET_ID:$TARGET_ID $ssh_folder + chown -R $odoo_user:$odoo_user $ssh_folder chmod 400 $ssh_folder/id_rsa echo $log_src[`date +%F.%H:%M:%S`]' Setup SSH key done' } @@ -63,8 +63,8 @@ function _setup_ssh_key { function _download_addons { if [ "$ADDONS_REPO" -o -a /opt/odoo/additional_addons/oca_dependencies.txt ]; then echo $log_src[`date +%F.%H:%M:%S`]' Git config for target user' - sudo -i -u \#$TARGET_ID git config --global user.email "contact@elico-corp.com" - sudo -i -u \#$TARGET_ID git config --global user.name "Elico Corp - Odoo Docker" + sudo -i -u $odoo_user git config --global user.email "contact@elico-corp.com" + sudo -i -u $odoo_user git config --global user.name "Elico Corp - Odoo Docker" echo $log_src[`date +%F.%H:%M:%S`]' Checking if need to setup SSH key...' if [ -a /opt/odoo/ssh/id_rsa ]; then @@ -77,10 +77,10 @@ function _download_addons { fi echo $log_src[`date +%F.%H:%M:%S`]' Downloading additional addons...' - sudo -i -u \#$TARGET_ID python /opt/odoo/auto_addons/addons.py $FETCH_OCA_DEPENDENCIES $ADDONS_REPO + sudo -i -u $odoo_user python /opt/odoo/auto_addons/addons.py $FETCH_OCA_DEPENDENCIES $ADDONS_REPO else echo $log_src[`date +%F.%H:%M:%S`]' No additional addons to download' - sudo -i -u \#$TARGET_ID bash /opt/odoo/auto_addons/no_addons.sh $odoo_conf_file + sudo -i -u $odoo_user bash /opt/odoo/auto_addons/no_addons.sh $odoo_conf_file fi } @@ -99,7 +99,7 @@ function start { if [ ! -e $1 ]; then echo $log_src[`date +%F.%H:%M:%S`]' ...with additional args: ' $* fi - sudo -i -u \#$TARGET_ID /usr/bin/python \ + sudo -i -u $odoo_user /usr/bin/python \ /opt/odoo/sources/odoo/openerp-server \ -c $odoo_conf_file \ $* @@ -116,13 +116,9 @@ function on_exit() { } trap on_exit INT TERM -echo $log_src[`date +%F.%H:%M:%S`]' Search for target user...' -bash /opt/sources/target_user.sh - -if [[ -z "$TARGET_ID" ]]; then - echo $log_src[`date +%F.%H:%M:%S`]' No target user, falling back to odoo' - TARGET_ID=$( id -u odoo ) -fi +echo $log_src[`date +%F.%H:%M:%S`]' Search for target Odoo user...' +bash /app/bin/target_user.sh +odoo_user=$( cat /tmp/odoo_user ) echo $log_src[`date +%F.%H:%M:%S`]' Search conf file...' if [[ -z "$odoo_conf_file" ]]; then diff --git a/sources/target_user.sh b/bin/target_user.sh similarity index 65% rename from sources/target_user.sh rename to bin/target_user.sh index 67802e14..c76cf1f4 100644 --- a/sources/target_user.sh +++ b/bin/target_user.sh @@ -8,26 +8,33 @@ # log_src='['${0##*/}']' +odoo_user='odoo' + # Check if there's a target user to run Odoo if [ "$TARGET_ID" ]; then echo $log_src[`date +%F.%H:%M:%S`]' Check if target user exists...' - EXISTS=$( getent passwd $TARGET_ID | wc -l ) + exists=$( getent passwd $TARGET_ID | wc -l ) # Create target user - if [ $EXISTS == "0" ]; then - echo $log_src[`date +%F.%H:%M:%S`]' Create target user...' - adduser --uid $TARGET_ID --disabled-password --gecos "" --shell=/bin/bash target-user + if [ $exists == "0" ]; then + echo $log_src[`date +%F.%H:%M:%S`]' Create target Odoo user...' + odoo_user='target-odoo-user' + adduser --uid $TARGET_ID --disabled-password --gecos "" --shell=/bin/bash $odoo_user # Add target user to odoo group so that he can read/write the content of /opt/odoo echo $log_src[`date +%F.%H:%M:%S`]' Add target user to odoo group...' - usermod -a -G odoo target-user - # If the user already exists, check if it's the same as odoo + usermod -a -G odoo $odoo_user else echo $log_src[`date +%F.%H:%M:%S`]' Target user already exists, make sure it is odoo...' - ODOO_ID=$( id -u odoo ) - if [ $TARGET_ID -ne $ODOO_ID ]; then + odoo_user_id=$( id -u $odoo_user ) + + # If the user already exists, check if it's the same as odoo + if [ $TARGET_ID -ne $odoo_user_id ]; then echo $log_src[`date +%F.%H:%M:%S`]' The target user is not the same as odoo, exiting' exit 1 fi fi fi + +# Return target Odoo user to boot script +echo $odoo_user > /tmp/odoo_user From f88527e9c313a95fe498698fccbd9cca6a6b8574 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Maillard?= Date: Fri, 18 Aug 2017 17:15:21 +0800 Subject: [PATCH 07/60] Default value for odoo.conf parameter substitution --- bin/boot | 20 +++++++++++--------- 1 file changed, 11 insertions(+), 9 deletions(-) diff --git a/bin/boot b/bin/boot index 75877f4a..29710ed5 100755 --- a/bin/boot +++ b/bin/boot @@ -27,17 +27,21 @@ function login { } function _update_odoo_conf_param { + # If no value is provided, use default value + val=$3 if [ "$2" ]; then - echo $log_src[`date +%F.%H:%M:%S`]' Replacing parameter '$1 - sudo -i -u $odoo_user sed -i "s/$1/$2/g" $odoo_conf_file + val=$2 fi + + sudo -i -u $odoo_user sed -i "s/$1/$val/g" $odoo_conf_file } function _update_odoo_conf_params { - _update_odoo_conf_param '_ADMIN_PASSWORD_' $ADMIN_PASSWORD - _update_odoo_conf_param '_DB_USER_' $DB_USER - _update_odoo_conf_param '_DB_PASSWORD_' $DB_PASSWORD - _update_odoo_conf_param '_DB_FILTER_' $DB_FILTER + echo $log_src[`date +%F.%H:%M:%S`]' Updating Odoo conf...' + _update_odoo_conf_param '_ADMIN_PASSWORD_' "$ADMIN_PASSWORD" 'admin' + _update_odoo_conf_param '_DB_USER_' "$DB_USER" + _update_odoo_conf_param '_DB_PASSWORD_' "$DB_PASSWORD" + _update_odoo_conf_param '_DB_FILTER_' "$DB_FILTER" } function _setup_ssh_key { @@ -61,6 +65,7 @@ function _setup_ssh_key { } function _download_addons { + echo $log_src[`date +%F.%H:%M:%S`]' Check if need to download addons repo...' if [ "$ADDONS_REPO" -o -a /opt/odoo/additional_addons/oca_dependencies.txt ]; then echo $log_src[`date +%F.%H:%M:%S`]' Git config for target user' sudo -i -u $odoo_user git config --global user.email "contact@elico-corp.com" @@ -88,10 +93,7 @@ function start { echo $log_src[`date +%F.%H:%M:%S`]' Checking special requirements...' bash /opt/scripts/startup.sh - echo $log_src[`date +%F.%H:%M:%S`]' Updating Odoo conf...' _update_odoo_conf_params - - echo $log_src[`date +%F.%H:%M:%S`]' Check if need to download addons repo...' _download_addons echo $log_src[`date +%F.%H:%M:%S`]' Running odoo...' From 01386f333f957e61fc43d8d24ef76b2d15d703bc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Maillard?= Date: Fri, 18 Aug 2017 20:52:51 +0800 Subject: [PATCH 08/60] Completely change the odoo.conf parameter substitution Before, it was based on a static list of parameters to be substituted. Now, any parameter can be substituted. The pattern for the parameters is "ODOO_" (big caps). --- bin/boot | 38 ++++++++++++++++++++------------------ bin/update_odoo_param.sh | 26 ++++++++++++++++++++++++++ 2 files changed, 46 insertions(+), 18 deletions(-) create mode 100644 bin/update_odoo_param.sh diff --git a/bin/boot b/bin/boot index 29710ed5..ed498f4c 100755 --- a/bin/boot +++ b/bin/boot @@ -26,22 +26,22 @@ function login { set -e } -function _update_odoo_conf_param { - # If no value is provided, use default value - val=$3 - if [ "$2" ]; then - val=$2 - fi +function _update_odoo_conf_params { + # Loop over all the "ODOO_" ENV variables + while read -r var; do + # Remove "ODOO_" from ENV variable and convert to lowercase + param=${var:5} + param=${param,,} - sudo -i -u $odoo_user sed -i "s/$1/$val/g" $odoo_conf_file -} + # Get the value of the corresponding ENV variable and escape slashes + val=${!var} + val=$( echo $val | sed 's/\//\\\//g') -function _update_odoo_conf_params { - echo $log_src[`date +%F.%H:%M:%S`]' Updating Odoo conf...' - _update_odoo_conf_param '_ADMIN_PASSWORD_' "$ADMIN_PASSWORD" 'admin' - _update_odoo_conf_param '_DB_USER_' "$DB_USER" - _update_odoo_conf_param '_DB_PASSWORD_' "$DB_PASSWORD" - _update_odoo_conf_param '_DB_FILTER_' "$DB_FILTER" + bash /app/bin/update_odoo_param.sh $odoo_user $odoo_conf_file $param $val + + # Unset the environment variable for security purpose + unset $var + done <<< "$( printenv | grep '^ODOO_' | sed 's/=.*//g' )" } function _setup_ssh_key { @@ -65,13 +65,12 @@ function _setup_ssh_key { } function _download_addons { - echo $log_src[`date +%F.%H:%M:%S`]' Check if need to download addons repo...' if [ "$ADDONS_REPO" -o -a /opt/odoo/additional_addons/oca_dependencies.txt ]; then - echo $log_src[`date +%F.%H:%M:%S`]' Git config for target user' + # Git config for target user sudo -i -u $odoo_user git config --global user.email "contact@elico-corp.com" sudo -i -u $odoo_user git config --global user.name "Elico Corp - Odoo Docker" - echo $log_src[`date +%F.%H:%M:%S`]' Checking if need to setup SSH key...' + # Setup SSH key if [ -a /opt/odoo/ssh/id_rsa ]; then _setup_ssh_key fi @@ -84,7 +83,7 @@ function _download_addons { echo $log_src[`date +%F.%H:%M:%S`]' Downloading additional addons...' sudo -i -u $odoo_user python /opt/odoo/auto_addons/addons.py $FETCH_OCA_DEPENDENCIES $ADDONS_REPO else - echo $log_src[`date +%F.%H:%M:%S`]' No additional addons to download' + # No additional addons to download sudo -i -u $odoo_user bash /opt/odoo/auto_addons/no_addons.sh $odoo_conf_file fi } @@ -93,7 +92,10 @@ function start { echo $log_src[`date +%F.%H:%M:%S`]' Checking special requirements...' bash /opt/scripts/startup.sh + echo $log_src[`date +%F.%H:%M:%S`]' Updating Odoo conf...' _update_odoo_conf_params + + echo $log_src[`date +%F.%H:%M:%S`]' Check if need to download addons repo...' _download_addons echo $log_src[`date +%F.%H:%M:%S`]' Running odoo...' diff --git a/bin/update_odoo_param.sh b/bin/update_odoo_param.sh new file mode 100644 index 00000000..0210fe05 --- /dev/null +++ b/bin/update_odoo_param.sh @@ -0,0 +1,26 @@ +#!/bin/bash +# +# FIXME the below code should be in boot but for an unknown reason, the +# instruction `grep -q "^$param\s*=" $odoo_conf_file` fails to run in boot, when it +# works fine here. +# Both are bash scripts, but: +# - boot is run by Docker as an entrypoint +# - target_user.sh is run using bash command +# +log_src='['${0##*/}']' + +odoo_user=$1 +odoo_conf_file=$2 +param=$3 +val=$4 + +# Check if the conf already contains that parameter +grep -q "^$param\s*=" $odoo_conf_file + +if [ $? -eq 0 ]; then + # Substitute the value + sudo -i -u $odoo_user sed -i "s/^$param\s*=.*/$param = $val/g" $odoo_conf_file +else + # Append the parameter (hide tee output to stdout) + echo "$param = $val" | sudo -i -u $odoo_user tee -a $odoo_conf_file > /dev/null +fi From bb0ca1328ae2924dab65de1e226331d4684ba484 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Maillard?= Date: Fri, 18 Aug 2017 21:15:45 +0800 Subject: [PATCH 09/60] Simplify odoo.conf thanks to new parameter substitution system --- sources/odoo.conf | 105 +--------------------------------------------- 1 file changed, 2 insertions(+), 103 deletions(-) diff --git a/sources/odoo.conf b/sources/odoo.conf index d01c18e5..7963bcfb 100644 --- a/sources/odoo.conf +++ b/sources/odoo.conf @@ -1,109 +1,8 @@ [options] -admin_passwd = _ADMIN_PASSWORD_ -; set the default timezone for openerp interface timezone = Etc/UTC -db_maxconn = 64 -db_name = False -db_template = template1 -dbfilter = _DB_FILTER_ - -; set this to True if you have installed unaccent in your PostgreSQL -; and want to be able to search without accents -unaccent = True - -; These options are really important and depend on the type of -; deployment you want to have so read the doc carefully and -; set these values accordingly -workers = 0 -max_cron_threads = 2 -limit_memory_hard = 2147483648 -limit_memory_soft = 671088640 -limit_request = 4096 -limit_time_cpu = 120 -limit_time_real = 180 - -; ----------------------------------------------------------------- -; Below options are less critical but you are welcome to tweak them -; ----------------------------------------------------------------- - -csv_internal_sep = , - -debug_mode = False -demo = {} - -email_from = False -import_partial = - -list_db = True - -log_handler = [':INFO'] -log_level = info -logfile = None - -login_message = False - -logrotate = True - -netrpc = False -netrpc_interface = -netrpc_port = 8070 - -osv_memory_age_limit = 1.0 -osv_memory_count_limit = False - -pg_path = None -pidfile = None - -proxy_mode = False -reportgz = False - -secure_cert_file = server.cert -secure_pkey_file = server.pkey - -server_wide_modules = None - -smtp_password = False -smtp_port = 25 -smtp_server = localhost -smtp_ssl = False -smtp_user = False - -static_http_document_root = None -static_http_enable = False -static_http_url_prefix = None - -syslog = False - -test_commit = False -test_enable = False -test_file = False -test_report_directory = False - -translate_modules = ['all'] -without_demo = False - -xmlrpc = True -xmlrpc_interface = -xmlrpc_port = 8069 -xmlrpcs = True -xmlrpcs_interface = -xmlrpcs_port = 8071 - -; DO NOT CHANGE THIS... It is setup accordingly to internal docker image layout -; READ the example run script to understand how it works - -; do not change this +# Specific setup for Docker db_host = db -; if False then Odoo will fallback to 5432 db_port = False - -; the PostgreSQL connection role Odoo will use to connect to its databases -db_user = _DB_USER_ -db_password = _DB_PASSWORD_ - -; additionnal parmameter for version 8+ -data_dir = /opt/odoo/data -longpolling_port = 8072 -proxy_mode = False +data_dir = /opt/odoo/data \ No newline at end of file From 4605eab1237c2a92a502ebb9e6242316db85ff5e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Maillard?= Date: Mon, 21 Aug 2017 14:33:40 +0800 Subject: [PATCH 10/60] Update based on CR feedback --- bin/boot | 16 +++++++++------- bin/update_odoo_param.sh | 10 +++++----- 2 files changed, 14 insertions(+), 12 deletions(-) diff --git a/bin/boot b/bin/boot index ed498f4c..83602fad 100755 --- a/bin/boot +++ b/bin/boot @@ -27,20 +27,21 @@ function login { } function _update_odoo_conf_params { - # Loop over all the "ODOO_" ENV variables - while read -r var; do + # Loop over all the "ODOO_" ENV variables (see `<<<` after `done`) + while read -r env_var; do # Remove "ODOO_" from ENV variable and convert to lowercase - param=${var:5} - param=${param,,} + odoo_param=${env_var:5} + odoo_param=${odoo_param,,} # Get the value of the corresponding ENV variable and escape slashes - val=${!var} + val=${!env_var} val=$( echo $val | sed 's/\//\\\//g') - bash /app/bin/update_odoo_param.sh $odoo_user $odoo_conf_file $param $val + # FIXME Should not be an external script (see reason in script header) + bash /app/bin/update_odoo_param.sh $odoo_user $odoo_conf_file $odoo_param $val # Unset the environment variable for security purpose - unset $var + unset $env_var done <<< "$( printenv | grep '^ODOO_' | sed 's/=.*//g' )" } @@ -121,6 +122,7 @@ function on_exit() { trap on_exit INT TERM echo $log_src[`date +%F.%H:%M:%S`]' Search for target Odoo user...' +# FIXME Should not be an external script (see reason in script header) bash /app/bin/target_user.sh odoo_user=$( cat /tmp/odoo_user ) diff --git a/bin/update_odoo_param.sh b/bin/update_odoo_param.sh index 0210fe05..3bd4052e 100644 --- a/bin/update_odoo_param.sh +++ b/bin/update_odoo_param.sh @@ -11,16 +11,16 @@ log_src='['${0##*/}']' odoo_user=$1 odoo_conf_file=$2 -param=$3 +odoo_param=$3 val=$4 # Check if the conf already contains that parameter -grep -q "^$param\s*=" $odoo_conf_file +found=$( grep -q "^$odoo_param\s*=" $odoo_conf_file ) -if [ $? -eq 0 ]; then +if [ $found -eq 0 ]; then # Substitute the value - sudo -i -u $odoo_user sed -i "s/^$param\s*=.*/$param = $val/g" $odoo_conf_file + sudo -i -u $odoo_user sed -i "s/^$odoo_param\s*=.*/$odoo_param = $val/g" $odoo_conf_file else # Append the parameter (hide tee output to stdout) - echo "$param = $val" | sudo -i -u $odoo_user tee -a $odoo_conf_file > /dev/null + echo "$odoo_param = $val" | sudo -i -u $odoo_user tee -a $odoo_conf_file > /dev/null fi From 3d70647344b96ca4215d3c6113092482b83adfdd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Maillard?= Date: Mon, 21 Aug 2017 14:38:40 +0800 Subject: [PATCH 11/60] Log less verbose and add comments --- bin/boot | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) diff --git a/bin/boot b/bin/boot index 83602fad..e60cb069 100755 --- a/bin/boot +++ b/bin/boot @@ -47,25 +47,35 @@ function _update_odoo_conf_params { function _setup_ssh_key { echo $log_src[`date +%F.%H:%M:%S`]' Setting up SSH key...' + + # Create SSH config folder in $HOME folder of Odoo target user ssh_folder=$( getent passwd $odoo_user | cut -d: -f6 )/.ssh - echo $log_src[`date +%F.%H:%M:%S`]' Creating SSH folder = '$ssh_folder mkdir $ssh_folder - echo $log_src[`date +%F.%H:%M:%S`]' Copy SSH private key from /opt/odoo/ssh' + + # Copy SSH private key from /opt/odoo/ssh cp /opt/odoo/ssh/id_rsa $ssh_folder + echo $log_src[`date +%F.%H:%M:%S`]' Scanning GitHub key...' ssh-keyscan github.com > $ssh_folder/known_hosts - echo $log_src[`date +%F.%H:%M:%S`]' Setup SSH config...' + + # Setup SSH config echo "host github.com" > $ssh_folder/config echo " HostName github.com" >> $ssh_folder/config echo " User git" >> $ssh_folder/config echo " IdentityFile $ssh_folder/id_rsa" >> $ssh_folder/config + + # Secure SSH folder echo $log_src[`date +%F.%H:%M:%S`]' Securing SSH folder...' chown -R $odoo_user:$odoo_user $ssh_folder chmod 400 $ssh_folder/id_rsa + echo $log_src[`date +%F.%H:%M:%S`]' Setup SSH key done' } function _download_addons { + # 2 reasons to download extra addons: + # 1) ENV variable ADDONS_REPO is defined + # 2) There's a file called `oca_dependencies.txt` at the root of extra addons folder if [ "$ADDONS_REPO" -o -a /opt/odoo/additional_addons/oca_dependencies.txt ]; then # Git config for target user sudo -i -u $odoo_user git config --global user.email "contact@elico-corp.com" From 9a348ee3125a7d541a19731c8cda0d4150350ef1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Maillard?= Date: Mon, 21 Aug 2017 14:42:01 +0800 Subject: [PATCH 12/60] Log less verbose --- bin/boot | 1 - 1 file changed, 1 deletion(-) diff --git a/bin/boot b/bin/boot index e60cb069..bcdf8582 100755 --- a/bin/boot +++ b/bin/boot @@ -65,7 +65,6 @@ function _setup_ssh_key { echo " IdentityFile $ssh_folder/id_rsa" >> $ssh_folder/config # Secure SSH folder - echo $log_src[`date +%F.%H:%M:%S`]' Securing SSH folder...' chown -R $odoo_user:$odoo_user $ssh_folder chmod 400 $ssh_folder/id_rsa From a17a38236ca5f467e7d6667bfae6117ec96dfeb6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Maillard?= Date: Mon, 21 Aug 2017 15:12:55 +0800 Subject: [PATCH 13/60] Make log less verbose --- bin/boot | 8 ++++---- bin/target_user.sh | 8 ++++---- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/bin/boot b/bin/boot index bcdf8582..d4bcbdab 100755 --- a/bin/boot +++ b/bin/boot @@ -85,8 +85,8 @@ function _download_addons { _setup_ssh_key fi + # Always fetch dependencies unless specified if [[ -z "$FETCH_OCA_DEPENDENCIES" ]]; then - echo $log_src[`date +%F.%H:%M:%S`]' Fetch dependencies undefined, set to True' FETCH_OCA_DEPENDENCIES=True fi @@ -105,7 +105,7 @@ function start { echo $log_src[`date +%F.%H:%M:%S`]' Updating Odoo conf...' _update_odoo_conf_params - echo $log_src[`date +%F.%H:%M:%S`]' Check if need to download addons repo...' + # Check if need to download addons repo _download_addons echo $log_src[`date +%F.%H:%M:%S`]' Running odoo...' @@ -130,12 +130,12 @@ function on_exit() { } trap on_exit INT TERM -echo $log_src[`date +%F.%H:%M:%S`]' Search for target Odoo user...' +echo $log_src[`date +%F.%H:%M:%S`]' Searching for target Odoo user...' # FIXME Should not be an external script (see reason in script header) bash /app/bin/target_user.sh odoo_user=$( cat /tmp/odoo_user ) -echo $log_src[`date +%F.%H:%M:%S`]' Search conf file...' +echo $log_src[`date +%F.%H:%M:%S`]' Searching for conf file...' if [[ -z "$odoo_conf_file" ]]; then odoo_conf_file="/opt/odoo/etc/odoo.conf" fi diff --git a/bin/target_user.sh b/bin/target_user.sh index c76cf1f4..313924b1 100644 --- a/bin/target_user.sh +++ b/bin/target_user.sh @@ -12,20 +12,20 @@ odoo_user='odoo' # Check if there's a target user to run Odoo if [ "$TARGET_ID" ]; then - echo $log_src[`date +%F.%H:%M:%S`]' Check if target user exists...' + # Check whether target user exists or not exists=$( getent passwd $TARGET_ID | wc -l ) # Create target user if [ $exists == "0" ]; then - echo $log_src[`date +%F.%H:%M:%S`]' Create target Odoo user...' + echo $log_src[`date +%F.%H:%M:%S`]' Creating target Odoo user...' odoo_user='target-odoo-user' adduser --uid $TARGET_ID --disabled-password --gecos "" --shell=/bin/bash $odoo_user # Add target user to odoo group so that he can read/write the content of /opt/odoo - echo $log_src[`date +%F.%H:%M:%S`]' Add target user to odoo group...' + echo $log_src[`date +%F.%H:%M:%S`]' Adding user to `odoo` group...' usermod -a -G odoo $odoo_user else - echo $log_src[`date +%F.%H:%M:%S`]' Target user already exists, make sure it is odoo...' + # Target user already exists, make sure it's odoo odoo_user_id=$( id -u $odoo_user ) # If the user already exists, check if it's the same as odoo From 773651274c26d1bd98f2c3ce3851328d126ee210 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Maillard?= Date: Mon, 21 Aug 2017 16:36:18 +0800 Subject: [PATCH 14/60] Store return value of `grep` in variable --- bin/boot | 1 + bin/target_user.sh | 3 ++- bin/update_odoo_param.sh | 3 ++- 3 files changed, 5 insertions(+), 2 deletions(-) diff --git a/bin/boot b/bin/boot index d4bcbdab..b2f143f0 100755 --- a/bin/boot +++ b/bin/boot @@ -134,6 +134,7 @@ echo $log_src[`date +%F.%H:%M:%S`]' Searching for target Odoo user...' # FIXME Should not be an external script (see reason in script header) bash /app/bin/target_user.sh odoo_user=$( cat /tmp/odoo_user ) +rm -f /tmp/odoo_user echo $log_src[`date +%F.%H:%M:%S`]' Searching for conf file...' if [[ -z "$odoo_conf_file" ]]; then diff --git a/bin/target_user.sh b/bin/target_user.sh index 313924b1..8232c782 100644 --- a/bin/target_user.sh +++ b/bin/target_user.sh @@ -30,7 +30,8 @@ if [ "$TARGET_ID" ]; then # If the user already exists, check if it's the same as odoo if [ $TARGET_ID -ne $odoo_user_id ]; then - echo $log_src[`date +%F.%H:%M:%S`]' The target user is not the same as odoo, exiting' + echo $log_src[`date +%F.%H:%M:%S`]' ERROR: The ID of the target user already' \ + 'exists but it is not the same as the ID of `odoo` user' exit 1 fi fi diff --git a/bin/update_odoo_param.sh b/bin/update_odoo_param.sh index 3bd4052e..d1a5037e 100644 --- a/bin/update_odoo_param.sh +++ b/bin/update_odoo_param.sh @@ -15,7 +15,8 @@ odoo_param=$3 val=$4 # Check if the conf already contains that parameter -found=$( grep -q "^$odoo_param\s*=" $odoo_conf_file ) +grep -q "^$odoo_param\s*=" $odoo_conf_file +found=$? if [ $found -eq 0 ]; then # Substitute the value From 2cbfe4d0784194578117b552acaf82dcb6f4a914 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Maillard?= Date: Mon, 21 Aug 2017 17:09:24 +0800 Subject: [PATCH 15/60] Change email address of Git user --- bin/boot | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bin/boot b/bin/boot index b2f143f0..a71a81aa 100755 --- a/bin/boot +++ b/bin/boot @@ -77,7 +77,7 @@ function _download_addons { # 2) There's a file called `oca_dependencies.txt` at the root of extra addons folder if [ "$ADDONS_REPO" -o -a /opt/odoo/additional_addons/oca_dependencies.txt ]; then # Git config for target user - sudo -i -u $odoo_user git config --global user.email "contact@elico-corp.com" + sudo -i -u $odoo_user git config --global user.email "webmaster@elico-corp.com" sudo -i -u $odoo_user git config --global user.name "Elico Corp - Odoo Docker" # Setup SSH key From 4e9db2727d40de7ebf6b151df6b21d46c607b143 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Maillard?= Date: Tue, 22 Aug 2017 11:40:35 +0800 Subject: [PATCH 16/60] Make log less verbose Previously (clone) ------------------ [boot][2017-08-22.03:28:40] Downloading additional addons... Cloning into '/opt/odoo/additional_addons/project'... Cloning into '/opt/odoo/additional_addons/account-analytic'... Cloning into '/opt/odoo/additional_addons/project-reporting'... Cloning into '/opt/odoo/additional_addons/project-service'... Cloning into '/opt/odoo/additional_addons/web'... remote_url: https://github.com/OCA/project.git 9.0 CLONE: /opt/odoo/additional_addons/project 9.0 CLONE: /opt/odoo/additional_addons/account-analytic 9.0 CLONE: /opt/odoo/additional_addons/project-reporting 9.0 CLONE: /opt/odoo/additional_addons/project-service 9.0 CLONE: /opt/odoo/additional_addons/web 9.0 [boot][2017-08-22.03:30:34] Running odoo... Now (clone) ----------- [boot][2017-08-22.03:28:40] Downloading additional addons... Cloning into '/opt/odoo/additional_addons/project'... Cloning into '/opt/odoo/additional_addons/account-analytic'... Cloning into '/opt/odoo/additional_addons/project-reporting'... Cloning into '/opt/odoo/additional_addons/project-service'... Cloning into '/opt/odoo/additional_addons/web'... [boot][2017-08-22.03:30:34] Running odoo... Previously (pull) ----------------- [boot][2017-08-22.03:41:58] Downloading additional addons... From https://github.com/OCA/project * branch 9.0 -> FETCH_HEAD Already up-to-date. From https://github.com/OCA/account-analytic * branch 9.0 -> FETCH_HEAD Already up-to-date. From https://github.com/OCA/project-reporting * branch 9.0 -> FETCH_HEAD Already up-to-date. From https://github.com/OCA/project-service * branch 9.0 -> FETCH_HEAD Already up-to-date. From https://github.com/OCA/web * branch 9.0 -> FETCH_HEAD Already up-to-date. remote_url: https://github.com/OCA/project.git 9.0 PULL: /opt/odoo/additional_addons/project 9.0 PULL: /opt/odoo/additional_addons/account-analytic 9.0 PULL: /opt/odoo/additional_addons/project-reporting 9.0 PULL: /opt/odoo/additional_addons/project-service 9.0 PULL: /opt/odoo/additional_addons/web 9.0 [boot][2017-08-22.03:42:08] Running odoo... Now (pull) ---------- [boot][2017-08-22.03:41:58] Downloading additional addons... From https://github.com/OCA/project * branch 9.0 -> FETCH_HEAD Already up-to-date. From https://github.com/OCA/account-analytic * branch 9.0 -> FETCH_HEAD Already up-to-date. From https://github.com/OCA/project-reporting * branch 9.0 -> FETCH_HEAD Already up-to-date. From https://github.com/OCA/project-service * branch 9.0 -> FETCH_HEAD Already up-to-date. From https://github.com/OCA/web * branch 9.0 -> FETCH_HEAD Already up-to-date. [boot][2017-08-22.03:42:08] Running odoo... Several reasons: - duplicated info - the output of `CLONE`/`PULL` was actually happenning after the clone/pull of all repos, when it was in fact supposed to be displayed before --- auto_addons/addons.py | 4 ---- 1 file changed, 4 deletions(-) diff --git a/auto_addons/addons.py b/auto_addons/addons.py index 91945f8d..ca43b2d5 100644 --- a/auto_addons/addons.py +++ b/auto_addons/addons.py @@ -194,13 +194,11 @@ def download(self, parent=None, is_loop=False, fetch_dep=True): return if os.path.exists(self.path): if fetch_dep: - print('PULL: %s %s' % (self.path, self.branch)) cmd = self.update_cmd call(cmd) else: self.fetch_branch_name() else: - print('CLONE: %s %s' % (self.path, self.branch)) result = call(self.download_cmd) if result != 0: if parent and parent.parent: @@ -271,7 +269,6 @@ def main(): if remote_url: # Only one master repo to download - print('remote_url: %s ' % remote_url) Repo(remote_url).download(fetch_dep=fetch_dep) else: # List of repos is defined in oca_dependencies.txt at the root of @@ -281,7 +278,6 @@ def main(): l = line.strip('\n').strip() if l.startswith('#') or not l: continue - print('remote_url: %s ' % l) Repo(l).download(fetch_dep=fetch_dep) write_addons_path() From 3e3e58c51b0b1f475a85df2398521b0175e867d8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Maillard?= Date: Tue, 22 Aug 2017 12:01:08 +0800 Subject: [PATCH 17/60] Make logs less verbose --- bin/boot | 4 ---- 1 file changed, 4 deletions(-) diff --git a/bin/boot b/bin/boot index a71a81aa..6c34aad4 100755 --- a/bin/boot +++ b/bin/boot @@ -46,8 +46,6 @@ function _update_odoo_conf_params { } function _setup_ssh_key { - echo $log_src[`date +%F.%H:%M:%S`]' Setting up SSH key...' - # Create SSH config folder in $HOME folder of Odoo target user ssh_folder=$( getent passwd $odoo_user | cut -d: -f6 )/.ssh mkdir $ssh_folder @@ -67,8 +65,6 @@ function _setup_ssh_key { # Secure SSH folder chown -R $odoo_user:$odoo_user $ssh_folder chmod 400 $ssh_folder/id_rsa - - echo $log_src[`date +%F.%H:%M:%S`]' Setup SSH key done' } function _download_addons { From f109b34bc9cbe1d04803dae1717dc10312eac365 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Maillard?= Date: Tue, 22 Aug 2017 16:47:54 +0800 Subject: [PATCH 18/60] Use README for the help command + remove unused login command --- Dockerfile | 3 +++ bin/boot | 14 +------------- 2 files changed, 4 insertions(+), 13 deletions(-) diff --git a/Dockerfile b/Dockerfile index dd7c7c58..5645668b 100644 --- a/Dockerfile +++ b/Dockerfile @@ -110,6 +110,9 @@ VOLUME [ \ "/opt/scripts" \ ] +# Use README for the help command +ADD README.md /usr/share/man/help.txt + # Set the default entrypoint (non overridable) to run when starting the container ADD bin /app/bin/ ENTRYPOINT [ "/app/bin/boot" ] diff --git a/bin/boot b/bin/boot index 6c34aad4..4b467e24 100755 --- a/bin/boot +++ b/bin/boot @@ -10,19 +10,7 @@ log_src='['${0##*/}']' function help { set +e - cat bin/help.txt - set -e -} - -function login { - echo $log_src[`date +%F.%H:%M:%S`]' Running bash' - set +e - if [[ ! -e $1 && $1 = "root" ]]; then - /bin/bash - else - sudo su - odoo - fi - SERVICE_PID=$! + cat /usr/share/man/help.txt set -e } From 3e116b45c83fb40363e91242b9dcdb0856039dd9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Maillard?= Date: Tue, 22 Aug 2017 16:49:23 +0800 Subject: [PATCH 19/60] Move code to start function since it doesn't make sense out of it --- bin/boot | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/bin/boot b/bin/boot index 4b467e24..8d0addd0 100755 --- a/bin/boot +++ b/bin/boot @@ -83,6 +83,17 @@ function _download_addons { } function start { + echo $log_src[`date +%F.%H:%M:%S`]' Searching for target Odoo user...' + # FIXME Should not be an external script (see reason in script header) + bash /app/bin/target_user.sh + odoo_user=$( cat /tmp/odoo_user ) + rm -f /tmp/odoo_user + + echo $log_src[`date +%F.%H:%M:%S`]' Searching for conf file...' + if [[ -z "$odoo_conf_file" ]]; then + odoo_conf_file="/opt/odoo/etc/odoo.conf" + fi + echo $log_src[`date +%F.%H:%M:%S`]' Checking special requirements...' bash /opt/scripts/startup.sh @@ -114,17 +125,6 @@ function on_exit() { } trap on_exit INT TERM -echo $log_src[`date +%F.%H:%M:%S`]' Searching for target Odoo user...' -# FIXME Should not be an external script (see reason in script header) -bash /app/bin/target_user.sh -odoo_user=$( cat /tmp/odoo_user ) -rm -f /tmp/odoo_user - -echo $log_src[`date +%F.%H:%M:%S`]' Searching for conf file...' -if [[ -z "$odoo_conf_file" ]]; then - odoo_conf_file="/opt/odoo/etc/odoo.conf" -fi - echo $log_src[`date +%F.%H:%M:%S`]' Running command...' for arg in "$*" do From 8b1e3126a1684d359c7b3cdcf97500f605f546a7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Maillard?= Date: Tue, 22 Aug 2017 17:17:20 +0800 Subject: [PATCH 20/60] Make sure target user is owner of volumes If the folders mapped to the volumes didn't exist, Docker has created them with root instead of the target Odoo user. Making sure to give back the ownership to the corresponding host user. --- Dockerfile | 6 +++--- bin/boot | 13 ++++++++++--- 2 files changed, 13 insertions(+), 6 deletions(-) diff --git a/Dockerfile b/Dockerfile index 5645668b..10c49c02 100644 --- a/Dockerfile +++ b/Dockerfile @@ -96,9 +96,9 @@ ADD auto_addons /opt/odoo/auto_addons User 0 -# Provide read/write access to group (for host user mapping). For some reason, the -# files added in a volume (e.g. odoo.conf) belong to root. This command imperatively -# needs to run before creating the volumes. +# Provide read/write access to odoo group (for host user mapping). This command +# must run before creating the volumes since they become readonly until the +# container is started. RUN chmod -R 775 /opt/odoo && chown -R odoo:odoo /opt/odoo VOLUME [ \ diff --git a/bin/boot b/bin/boot index 8d0addd0..3679c83e 100755 --- a/bin/boot +++ b/bin/boot @@ -89,6 +89,13 @@ function start { odoo_user=$( cat /tmp/odoo_user ) rm -f /tmp/odoo_user + # If the folders mapped to the volumes didn't exist, Docker has created + # them with root instead of the target Odoo user. Making sure to give back + # the ownership to the corresponding host user. + chown $odoo_user:$odoo_user /opt/odoo/{etc,additional_addons,data,ssh,var} \ + /opt/odoo/data/{addons,filestore,sessions} \ + /opt/odoo/var/{run,log,egg-cache} + echo $log_src[`date +%F.%H:%M:%S`]' Searching for conf file...' if [[ -z "$odoo_conf_file" ]]; then odoo_conf_file="/opt/odoo/etc/odoo.conf" @@ -109,9 +116,9 @@ function start { echo $log_src[`date +%F.%H:%M:%S`]' ...with additional args: ' $* fi sudo -i -u $odoo_user /usr/bin/python \ - /opt/odoo/sources/odoo/openerp-server \ - -c $odoo_conf_file \ - $* + /opt/odoo/sources/odoo/openerp-server \ + -c $odoo_conf_file \ + $* SERVICE_PID=$! set -e From d624f9a5279881f52b98f223604174d3e3f52515 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Maillard?= Date: Tue, 22 Aug 2017 17:42:42 +0800 Subject: [PATCH 21/60] Remove implemented roadmap and improve basic help. --- README.md | 31 ++++--------------------------- 1 file changed, 4 insertions(+), 27 deletions(-) diff --git a/README.md b/README.md index ed13c3e9..eec062d9 100644 --- a/README.md +++ b/README.md @@ -1,28 +1,5 @@ -# odoo-docker -Docker files to build dockers based on: -* standard Odoo code -* OCB code +# elicocorp/odoo +Simple yet powerful Odoo image for Docker based on Odoo/OCB code. -This work is original based on the docker from http://www.xcg-consulting.fr and available here: -https://hub.docker.com/r/xcgd/odoo/ - -# Roadmap -* Instead of having a predefined list of odoo.conf parameters available as ENV variables, allow - to change any of them dynamically. - 1. Suggested solution: - * pattern for ENV variable: "ODOO_CONF_" + parameter + "=" + value, e.g.: - * ODOO_CONF_dbfilter=^stable_.* - * ODOO_CONF_db_user=odoo - * ODOO_CONF_limit_memory_soft=671088640 - * then, in the boot script: - * loop over each parameter of odoo.conf - * check if there's an ENV variable "ODOO_CONF_" + parameter - * if so, replace the parameter in odoo.conf - 2. Other suggestion: - * remove all optional parameters from odoo.conf template, only keep the mandatory/important - ones (e.g. admin_passwd, db_user, etc.) - * replace those parameters using the current function (or using solution #1) - * either: - 1. append a user defined odoo.conf to the one in the image (add this user defined - odoo.conf by Dockerfile or by volume) - 2. or use ENV variables to customize parameters (I'm more in favor of that solution) \ No newline at end of file +This image is a fork of [XCG Consulting](https://www.xcg-consulting.fr/) +available [here](https://hub.docker.com/r/xcgd/odoo/). From be3d4eaa58c6ee1dd8d6a9fd36ec7625811e39ae Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Maillard?= Date: Tue, 22 Aug 2017 20:49:57 +0800 Subject: [PATCH 22/60] [WIP] Documentation of the image --- README.md | 218 +++++++++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 215 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index eec062d9..a37efb0c 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,217 @@ # elicocorp/odoo -Simple yet powerful Odoo image for Docker based on Odoo/OCB code. +Simple yet powerful Odoo image for Docker based on [OCB][ocb] code and +maintained by [Elico Corp][ec]. -This image is a fork of [XCG Consulting](https://www.xcg-consulting.fr/) -available [here](https://hub.docker.com/r/xcgd/odoo/). + [ocb]: https://github.com/OCA/OCB "Odoo Community Backports" + [ec]: https://www.elico-corp.com/ + +This image is a fork of [XCG Consulting][xcg] Odoo Docker image available +[here][xcgd]. + + [xcg]: https://www.xcg-consulting.fr/ + [xcgd]: https://hub.docker.com/r/xcgd/odoo/ + +## Usage +In order to use this image, a recent version of [Docker][dk] must be installed +on the target host. For more information about Docker Engine, see the +[documentation][dk-doc]. + + [dk]: https://www.docker.com/ + [dk-doc]: https://docs.docker.com/engine/ + +Running this image without specifying a command will display this help message: + + docker run elicocorp/odoo:10.0 + +The easiest way to use this image is to run it along with a [PostgreSQL][pg] +image. + + [pg]: https://hub.docker.com/_/postgres/ + +**Note:** The [PostgreSQL image][ec-pg] of Elico Corp can be used as well. + + [ec-pg]: https://hub.docker.com/r/elicocorp/postgres/ + +Below is an example of a simple `docker-compose.yml` to use this image. +For more information about Docker Compose, see the [documentation][dc-doc]. + + [dc-doc]: https://docs.docker.com/compose/ + + version: '3.3' + services: + + postgres: + image: postgres:9.5 + environment: + - POSTGRES_USER=odoo + network_mode: bridge + + odoo: + image: elicocorp/odoo:10.0 + command: start + ports: + - 127.0.0.1:8069:8069 + links: + - postgres:db + environment: + - ODOO_DB_USER=odoo + network_mode: bridge + +**Note 1:** With this configuration, Odoo will be accessible at the following +URL *only* from the local host: + +It is possible to publish it following one of these options: + +1. map a reverse-proxy to `127.0.0.1:8069` +2. remove `127.0.0.1:` in order to publish the port `8069` + +**Note 2:** With this configuration: + +1. Odoo is running without master password +2. `odoo` PostgreSQL user is a superuser who doesn't require any password + +See [Security] section for more info. + +**Note 3:** With this configuration, all the data will be lost once the +containers are stopped. + +See [Data persistency] section for more info. + +## Security +It is recommended to: + +1. set a master password for Odoo using `ODOO_ADMIN_PASSWD` +2. start PostgreSQL with a different superuser (e.g. `postgres`) +3. give the superuser a password using `POSTGRES_PASSWORD` +4. create a separate PostgreSQL user for Odoo (e.g. `odoo`) with his own +password and specify it using `ODOO_DB_PASSWORD` + +The `docker-compose.yml` should look like: + + version: '3.3' + services: + + postgres: + image: postgres:9.5 + environment: + - POSTGRES_USER=postgres + - POSTGRES_PASSWORD=strong_pg_superuser_password + network_mode: bridge + + odoo: + image: elicocorp/odoo:10.0 + command: start + ports: + - 127.0.0.1:8069:8069 + links: + - postgres:db + environment: + - ODOO_ADMIN_PASSWD=strong_odoo_master_password + - ODOO_DB_USER=odoo + - ODOO_DB_PASSWORD=strong_pg_odoo_password + network_mode: bridge + +## Data persistency +As soon as the [containers][dk-con] are removed, all modifications made in Odoo +will be lost. There are 2 main [volumes][dk-vol] that must be made persistent +in order to preserve the data: + + [dk-con]: https://www.docker.com/what-container + "What is a Container | Docker" + [dk-vol]: https://docs.docker.com/engine/admin/volumes/volumes/ + "Use volumes | Docker Documentation" + +1. the PostgreSQL database in `/var/lib/postgresql/data` +2. the Odoo filestore in `/opt/odoo/data/filestore` + +Optionally, it is also possible to map the Odoo sessions folder in +`/opt/odoo/data/sessions` + +In the following example, these volumes are mapped under the folder `volumes` +which is in the same folder as the `docker-compose.yml`. This command will +create the corresponding folders: + + mkdir -p ./volumes/{postgres,odoo/filestore,odoo/sessions} + +The `docker-compose.yml` should look like: + + version: '3.3' + services: + + postgres: + image: postgres:9.5 + environment: + - POSTGRES_USER=postgres + - POSTGRES_PASSWORD=strong_pg_superuser_password + volumes: + - ./volumes/postgres:/var/lib/postgresql/data + network_mode: bridge + + odoo: + image: elicocorp/odoo:10.0 + command: start + ports: + - 127.0.0.1:8069:8069 + links: + - postgres:db + environment: + - ODOO_ADMIN_PASSWD=strong_odoo_master_password + - ODOO_DB_USER=odoo + - ODOO_DB_PASSWORD=strong_pg_odoo_password + volumes: + - ./volumes/odoo/filestore:/opt/odoo/data/filestore + - ./volumes/odoo/sessions:/opt/odoo/data/sessions + network_mode: bridge + +## Host user mapping + +TODO + +## Odoo configuration file +The configuration file is generated automatically at startup. Any available +Odoo parameter can be provided as an environment variable, prefixed by `ODOO_`. + +**Note:** As a convention, it is preferrable to use only big caps but this is +not mandatory. The parameters will be converted to small caps in the +configuration file. + +In the previous `docker-compose.yml` examples, the following Odoo parameters +have already been defined: + +* `admin_passwd` (environment variable `ODOO_ADMIN_PASSWD`) +* `db_user` (environment variable `ODOO_DB_USER`) +* `db_password` (environment variable `ODOO_DB_PASSWORD`) + +For a complete list of Odoo parameters, see the [documentation][od-par]. + + [od-par]: https://www.odoo.com/documentation/10.0/reference/cmdline.html + +It is also possible to use a custom Odoo configuration file. The most common +way are: + +1. `ADD` the configuration file in `/opt/odoo/etc/odoo.conf` using a +[Dockerfile][dkf] +2. Map the `/opt/odoo/etc/odoo.conf` using a [volume][dk-vol] + + [dkf]: https://docs.docker.com/engine/reference/builder/ + "Dockerfile reference | Docker Documentation" + +## Additionnal addons + +TODO + +### Automatically pull Git repositories + +Based on [`oca_dependencies.txt`][oca-dep] + + [oca-dep]: https://github.com/OCA/maintainer-quality-tools/blob/master/sample_files/oca_dependencies.txt + +TODO + +### GitHub SSH authentication + +TODO + +## Customize this image + +TODO From fc7ec16530753b1b24d2dc6bbedf55dbc9c3d918 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Maillard?= Date: Tue, 22 Aug 2017 20:59:05 +0800 Subject: [PATCH 23/60] Remove unnecessary folders - /opt/odoo/data/addons doesn't always exist - /opt/odoo/ssh is usually readonly --- bin/boot | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/bin/boot b/bin/boot index 3679c83e..1c9c4d7f 100755 --- a/bin/boot +++ b/bin/boot @@ -92,8 +92,8 @@ function start { # If the folders mapped to the volumes didn't exist, Docker has created # them with root instead of the target Odoo user. Making sure to give back # the ownership to the corresponding host user. - chown $odoo_user:$odoo_user /opt/odoo/{etc,additional_addons,data,ssh,var} \ - /opt/odoo/data/{addons,filestore,sessions} \ + chown $odoo_user:$odoo_user /opt/odoo/{etc,additional_addons,data,var} \ + /opt/odoo/data/{filestore,sessions} \ /opt/odoo/var/{run,log,egg-cache} echo $log_src[`date +%F.%H:%M:%S`]' Searching for conf file...' From b777de70e780bd22ed39866f78a913b31323f766 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Maillard?= Date: Wed, 23 Aug 2017 20:12:20 +0800 Subject: [PATCH 24/60] Address comments from CR and keep improving doc --- README.md | 153 +++++++++++++++++++++++++++++++++++++++++++----------- 1 file changed, 123 insertions(+), 30 deletions(-) diff --git a/README.md b/README.md index a37efb0c..1e0a6f3f 100644 --- a/README.md +++ b/README.md @@ -50,11 +50,11 @@ For more information about Docker Compose, see the [documentation][dc-doc]. image: elicocorp/odoo:10.0 command: start ports: - - 127.0.0.1:8069:8069 + - 127.0.0.1:8069:8069 links: - - postgres:db + - postgres:db environment: - - ODOO_DB_USER=odoo + - ODOO_DB_USER=odoo network_mode: bridge **Note 1:** With this configuration, Odoo will be accessible at the following @@ -63,22 +63,26 @@ URL *only* from the local host: It is possible to publish it following one of these options: 1. map a reverse-proxy to `127.0.0.1:8069` -2. remove `127.0.0.1:` in order to publish the port `8069` +2. remove the `127.0.0.1:` prefix in order to publish the port `8069` outside +the local host **Note 2:** With this configuration: 1. Odoo is running without master password 2. `odoo` PostgreSQL user is a superuser who doesn't require any password -See [Security] section for more info. +See Security section for more info. **Note 3:** With this configuration, all the data will be lost once the -containers are stopped. +[containers][dk-con] are stopped. -See [Data persistency] section for more info. + [dk-con]: https://www.docker.com/what-container + "What is a Container | Docker" + +See Data persistency section for more info. ## Security -It is recommended to: +In order to improve the security, it is recommended to: 1. set a master password for Odoo using `ODOO_ADMIN_PASSWD` 2. start PostgreSQL with a different superuser (e.g. `postgres`) @@ -86,6 +90,12 @@ It is recommended to: 4. create a separate PostgreSQL user for Odoo (e.g. `odoo`) with his own password and specify it using `ODOO_DB_PASSWORD` +**Note:** Run below SQL queries with PostgreSQL superuser to create the `odoo` +user: + + CREATE user odoo WITH password 'strong_pg_odoo_password'; + ALTER user odoo WITH createdb; + The `docker-compose.yml` should look like: version: '3.3' @@ -102,22 +112,27 @@ The `docker-compose.yml` should look like: image: elicocorp/odoo:10.0 command: start ports: - - 127.0.0.1:8069:8069 + - 127.0.0.1:8069:8069 links: - - postgres:db + - postgres:db environment: - - ODOO_ADMIN_PASSWD=strong_odoo_master_password - - ODOO_DB_USER=odoo - - ODOO_DB_PASSWORD=strong_pg_odoo_password + - ODOO_ADMIN_PASSWD=strong_odoo_master_password + - ODOO_DB_USER=odoo + - ODOO_DB_PASSWORD=strong_pg_odoo_password network_mode: bridge +**Note:** If Odoo is behind a reverse proxy, it is also suggested to change the +port published by the container (though this port is actually not opened to the +outside). For instance: + + ports: + - 127.0.0.1:12345:8069 + ## Data persistency -As soon as the [containers][dk-con] are removed, all modifications made in Odoo -will be lost. There are 2 main [volumes][dk-vol] that must be made persistent -in order to preserve the data: +As soon as the containers are removed, all the modifications (e.g. database, +attachments, etc.) will be lost. There are 2 main [volumes][dk-vol] that must +be made persistent in order to preserve the data: - [dk-con]: https://www.docker.com/what-container - "What is a Container | Docker" [dk-vol]: https://docs.docker.com/engine/admin/volumes/volumes/ "Use volumes | Docker Documentation" @@ -151,20 +166,102 @@ The `docker-compose.yml` should look like: image: elicocorp/odoo:10.0 command: start ports: - - 127.0.0.1:8069:8069 + - 127.0.0.1:8069:8069 links: - - postgres:db + - postgres:db environment: - - ODOO_ADMIN_PASSWD=strong_odoo_master_password - - ODOO_DB_USER=odoo - - ODOO_DB_PASSWORD=strong_pg_odoo_password + - ODOO_ADMIN_PASSWD=strong_odoo_master_password + - ODOO_DB_USER=odoo + - ODOO_DB_PASSWORD=strong_pg_odoo_password volumes: - - ./volumes/odoo/filestore:/opt/odoo/data/filestore - - ./volumes/odoo/sessions:/opt/odoo/data/sessions + - ./volumes/odoo/filestore:/opt/odoo/data/filestore + - ./volumes/odoo/sessions:/opt/odoo/data/sessions network_mode: bridge +**Note:** With this configuration, all the data created in the volumes will +belong to the user whose UID matches the user running inside the container. + +See Host user mapping section for more info. + ## Host user mapping +## Default host user mapping in Docker +Each Docker image defines its own [users][dk-user]. + + [dk-user]: https://docs.docker.com/engine/userguide/eng-image/dockerfile_best-practices/#user + +For instance: + +* in `elicocorp/odoo` image, the default user that will run the Odoo process is +`odoo` with UID `1000` +* in `postgres` image, the default user that will run the PostgreSQL process is +`postgres` with UID `999` + +Whenever those users are used inside the container, Docker will actually use +the corresponding user on the host running Docker. The mapping is made on the +UID, not on the user name. + +For instance, if the user `elico` with UID `1000` exists on the host, when +running the Odoo image with the default user, the Odoo process executed by the +`odoo` user inside the container will actually be executed by the host user +`elico`. + +**Note:** The users don't have to actually exist on the host for the container +to use them. Anonymous users with the corresponding UID will be created +automatically. + +For instance, if the with UID `999` doesn't exist on the host, when running the +PostgreSQL image with the default user, the PostgreSQL process executed by the +`postgres` user inside the container will actually be executed by the anonymous +host user with UID `999`. + +### Host user mapping and volumes +When the user inside the container owns files that belong to a volume, the +corresponding files in the folder mapped to the volume on the host will +actually belong to the corresponding user on the host. + +For instance, in the previous example: + +* in the Odoo container, the files created by the `odoo` user in the folder +`/opt/odoo/data/filestore` will be stored on the host in the folder +`./volumes/odoo/filestore` and belong to the host user `elico` +* in the PostgreSQL container, the files created by the `postgres` user in the +folder `/var/lib/postgresql/data` will be stored on the host in the folder +`./volumes/postgres` and belong to the anonymous host user with UID `999` + +### Impact +When having `root` privileges on the host, the default host user mapping +behavior is usually not a big issue. The main impact is that the files mapped +with a volume might belong to users that don't have anything to do with the +corresponding Docker services. + +For instance, in the previous example: + +* the host user `elico` will be able to read the content of the Odoo filestore +* the anonymous host user with UID `999` will be able to read the PostgreSQL +database files + +It is possible to avoid this by creating host users with the corresponding UIDs +in order to control which host user owns the files in a volume. + +However, a user with limited system privileges (e.g. no `sudo`) will have a +bigger issue. The typical use case is a developer with limited system +privileges that maps a volume inside his home folder. He would expect to own +all the files under his home folder, which won't be the case. + +For instance, following the previous example, if the host user `seb` with UID +`1001` starts the image from his home folder: + +* the files in `./volumes/odoo/filestore` will belong to the host user `elico` +* the files in `./volumes/postgres` will belong to the anonymous host user with +UID `999` + +The host user `seb` will not be able to access those files even though they are +located under his own home folder. This can lead to very annoying situations +where a developer would require the system administrator to delete files under +his own home folder. + +### Solution TODO ## Odoo configuration file @@ -187,7 +284,7 @@ For a complete list of Odoo parameters, see the [documentation][od-par]. [od-par]: https://www.odoo.com/documentation/10.0/reference/cmdline.html It is also possible to use a custom Odoo configuration file. The most common -way are: +ways are: 1. `ADD` the configuration file in `/opt/odoo/etc/odoo.conf` using a [Dockerfile][dkf] @@ -197,7 +294,6 @@ way are: "Dockerfile reference | Docker Documentation" ## Additionnal addons - TODO ### Automatically pull Git repositories @@ -205,13 +301,10 @@ TODO Based on [`oca_dependencies.txt`][oca-dep] [oca-dep]: https://github.com/OCA/maintainer-quality-tools/blob/master/sample_files/oca_dependencies.txt - TODO ### GitHub SSH authentication - TODO ## Customize this image - TODO From 4df3d1dd39040fccfb5b91bf161a391d14e6e9b6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Maillard?= Date: Wed, 23 Aug 2017 20:17:02 +0800 Subject: [PATCH 25/60] Wrong title level --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 1e0a6f3f..6f65a053 100644 --- a/README.md +++ b/README.md @@ -185,7 +185,7 @@ See Host user mapping section for more info. ## Host user mapping -## Default host user mapping in Docker +### Default host user mapping in Docker Each Docker image defines its own [users][dk-user]. [dk-user]: https://docs.docker.com/engine/userguide/eng-image/dockerfile_best-practices/#user From 413395dfcb696eaca8e43c6a78d402b8271011a0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Maillard?= Date: Thu, 24 Aug 2017 11:07:37 +0800 Subject: [PATCH 26/60] Table of Contents --- README.md | 61 +++++++++++++++++++++++++++++++++++++++++-------------- 1 file changed, 46 insertions(+), 15 deletions(-) diff --git a/README.md b/README.md index 6f65a053..71e1b934 100644 --- a/README.md +++ b/README.md @@ -11,7 +11,26 @@ This image is a fork of [XCG Consulting][xcg] Odoo Docker image available [xcg]: https://www.xcg-consulting.fr/ [xcgd]: https://hub.docker.com/r/xcgd/odoo/ -## Usage + +## Table of Contents +- [Usage](#usage) +- [Security](#security) +- [Data persistency](#data_persistency) +- [Host user mapping](#host_user_mapping) + - [Default host user mapping in Docker](#default_hum) + - [Host user mapping and volumes](#hum_and_volumes) + - [Impact](#hum_impact) + - [Solution](#hum_solution) +- [Odoo configuration file](#odoo_conf) +- [Additionnal addons](#additional_addons) + - [Automatically pull Git repositories](#aa_git_pull) + - [GitHub SSH authentication](#aa_git_ssh) +- [Customize this image](#customize_image) + + [toc]: #toc "Table of Contents" + + +## Usage [^][toc] In order to use this image, a recent version of [Docker][dk] must be installed on the target host. For more information about Docker Engine, see the [documentation][dk-doc]. @@ -71,7 +90,7 @@ the local host 1. Odoo is running without master password 2. `odoo` PostgreSQL user is a superuser who doesn't require any password -See Security section for more info. +See [Security](#security) section for more info. **Note 3:** With this configuration, all the data will be lost once the [containers][dk-con] are stopped. @@ -79,9 +98,10 @@ See Security section for more info. [dk-con]: https://www.docker.com/what-container "What is a Container | Docker" -See Data persistency section for more info. +See [Data persistency](#data_persistency) section for more info. -## Security + +## Security [^][toc] In order to improve the security, it is recommended to: 1. set a master password for Odoo using `ODOO_ADMIN_PASSWD` @@ -128,7 +148,8 @@ outside). For instance: ports: - 127.0.0.1:12345:8069 -## Data persistency + +## Data persistency [^][toc] As soon as the containers are removed, all the modifications (e.g. database, attachments, etc.) will be lost. There are 2 main [volumes][dk-vol] that must be made persistent in order to preserve the data: @@ -183,9 +204,11 @@ belong to the user whose UID matches the user running inside the container. See Host user mapping section for more info. -## Host user mapping + +## Host user mapping [^][toc] -### Default host user mapping in Docker + +### Default host user mapping in Docker [^][toc] Each Docker image defines its own [users][dk-user]. [dk-user]: https://docs.docker.com/engine/userguide/eng-image/dockerfile_best-practices/#user @@ -215,7 +238,8 @@ PostgreSQL image with the default user, the PostgreSQL process executed by the `postgres` user inside the container will actually be executed by the anonymous host user with UID `999`. -### Host user mapping and volumes + +### Host user mapping and volumes [^][toc] When the user inside the container owns files that belong to a volume, the corresponding files in the folder mapped to the volume on the host will actually belong to the corresponding user on the host. @@ -229,7 +253,8 @@ For instance, in the previous example: folder `/var/lib/postgresql/data` will be stored on the host in the folder `./volumes/postgres` and belong to the anonymous host user with UID `999` -### Impact + +### Impact [^][toc] When having `root` privileges on the host, the default host user mapping behavior is usually not a big issue. The main impact is that the files mapped with a volume might belong to users that don't have anything to do with the @@ -261,10 +286,12 @@ located under his own home folder. This can lead to very annoying situations where a developer would require the system administrator to delete files under his own home folder. -### Solution + +### Solution [^][toc] TODO -## Odoo configuration file + +## Odoo configuration file [^][toc] The configuration file is generated automatically at startup. Any available Odoo parameter can be provided as an environment variable, prefixed by `ODOO_`. @@ -293,18 +320,22 @@ ways are: [dkf]: https://docs.docker.com/engine/reference/builder/ "Dockerfile reference | Docker Documentation" -## Additionnal addons + +## Additionnal addons [^][toc] TODO -### Automatically pull Git repositories + +### Automatically pull Git repositories [^][toc] Based on [`oca_dependencies.txt`][oca-dep] [oca-dep]: https://github.com/OCA/maintainer-quality-tools/blob/master/sample_files/oca_dependencies.txt TODO -### GitHub SSH authentication + +### GitHub SSH authentication [^][toc] TODO -## Customize this image + +## Customize this image [^][toc] TODO From 97869d33e963c1fdbb20d87066e5b11e0b844618 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Maillard?= Date: Thu, 24 Aug 2017 12:14:44 +0800 Subject: [PATCH 27/60] Finish to document host user mapping + small improvements - refactor user creation in Dockerfile and boot following Docker best practices: https://docs.docker.com/engine/userguide/eng-image/dockerfile_best-practices/#user - add more details on how to run the image --- Dockerfile | 8 +-- README.md | 145 +++++++++++++++++++++++++++++++++------------ bin/target_user.sh | 16 ++--- 3 files changed, 120 insertions(+), 49 deletions(-) diff --git a/Dockerfile b/Dockerfile index 10c49c02..69c1dcb1 100644 --- a/Dockerfile +++ b/Dockerfile @@ -74,11 +74,11 @@ RUN dpkg -i /opt/sources/wkhtmltox.deb # Startup script for custom setup ADD sources/startup.sh /opt/scripts/startup.sh -# create the odoo user -RUN adduser --home=/opt/odoo --disabled-password --gecos "" --shell=/bin/bash odoo +# Create the odoo user +RUN useradd --home=/opt/odoo --no-log-init -r odoo -# Switch to user odoo to create the folders mapped with volumes, else the corresponding -# folders will be created by root on the host +# Switch to user odoo to create the folders mapped with volumes, else the +# corresponding folders will be created by root on the host USER odoo # If the folders are created with "RUN mkdir" command, they will belong to root diff --git a/README.md b/README.md index 71e1b934..4f07bc04 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,9 @@ # elicocorp/odoo -Simple yet powerful Odoo image for Docker based on [OCB][ocb] code and -maintained by [Elico Corp][ec]. +Simple yet powerful [Odoo][odoo] image for [Docker][dk] based on [OCB][ocb] +code and maintained by [Elico Corp][ec]. + [odoo]: https://www.odoo.com/ + [dk]: https://www.docker.com/ [ocb]: https://github.com/OCA/OCB "Odoo Community Backports" [ec]: https://www.elico-corp.com/ @@ -14,6 +16,9 @@ This image is a fork of [XCG Consulting][xcg] Odoo Docker image available ## Table of Contents - [Usage](#usage) + - [Install Docker](#install_docker) + - [Run the image](#run_image) + - [Compose example](#compose_example) - [Security](#security) - [Data persistency](#data_persistency) - [Host user mapping](#host_user_mapping) @@ -23,27 +28,36 @@ This image is a fork of [XCG Consulting][xcg] Odoo Docker image available - [Solution](#hum_solution) - [Odoo configuration file](#odoo_conf) - [Additionnal addons](#additional_addons) - - [Automatically pull Git repositories](#aa_git_pull) + - [Automatically fetch Git repositories](#aa_git_fetch) - [GitHub SSH authentication](#aa_git_ssh) -- [Customize this image](#customize_image) +- [How to extend this image](#extend_image) [toc]: #toc "Table of Contents" ## Usage [^][toc] -In order to use this image, a recent version of [Docker][dk] must be installed -on the target host. For more information about Docker Engine, see the -[documentation][dk-doc]. - [dk]: https://www.docker.com/ + +### Install Docker [^][toc] +In order to use this image, a recent version of Docker must be installed on the +host. For more information about Docker Engine, see the +[official documentation][dk-doc]. + [dk-doc]: https://docs.docker.com/engine/ + +### Run the image [^][toc] Running this image without specifying a command will display this help message: - docker run elicocorp/odoo:10.0 + $ docker run elicocorp/odoo:10.0 + +To start Odoo, run the image with the command `start`: + + $ docker run elicocorp/odoo:10.0 start The easiest way to use this image is to run it along with a [PostgreSQL][pg] -image. +image. By default, Odoo is configured to connect with a PostgreSQL host named +`db`. [pg]: https://hub.docker.com/_/postgres/ @@ -51,8 +65,10 @@ image. [ec-pg]: https://hub.docker.com/r/elicocorp/postgres/ -Below is an example of a simple `docker-compose.yml` to use this image. -For more information about Docker Compose, see the [documentation][dc-doc]. + +### Compose example [^][toc] +Below is an example of a simple `docker-compose.yml` to use this image. For +more information about Compose, see the [official documentation][dc-doc]. [dc-doc]: https://docs.docker.com/compose/ @@ -76,6 +92,11 @@ For more information about Docker Compose, see the [documentation][dc-doc]. - ODOO_DB_USER=odoo network_mode: bridge +Once this file is created, simply move to the corresponding folder and run the +following command to start Odoo: + + $ docker-compose up + **Note 1:** With this configuration, Odoo will be accessible at the following URL *only* from the local host: @@ -209,7 +230,8 @@ See Host user mapping section for more info. ### Default host user mapping in Docker [^][toc] -Each Docker image defines its own [users][dk-user]. +Each Docker image defines its own [users][dk-user]. Users only exist inside the +running container. [dk-user]: https://docs.docker.com/engine/userguide/eng-image/dockerfile_best-practices/#user @@ -224,19 +246,18 @@ Whenever those users are used inside the container, Docker will actually use the corresponding user on the host running Docker. The mapping is made on the UID, not on the user name. -For instance, if the user `elico` with UID `1000` exists on the host, when -running the Odoo image with the default user, the Odoo process executed by the -`odoo` user inside the container will actually be executed by the host user -`elico`. +If the user `elico` with UID `1000` exists on the host, when running the Odoo +image with the default user, the Odoo process executed by the `odoo` user +inside the container will actually be executed by the host user `elico`. **Note:** The users don't have to actually exist on the host for the container to use them. Anonymous users with the corresponding UID will be created automatically. -For instance, if the with UID `999` doesn't exist on the host, when running the -PostgreSQL image with the default user, the PostgreSQL process executed by the -`postgres` user inside the container will actually be executed by the anonymous -host user with UID `999`. +If the with UID `999` doesn't exist on the host, when running the PostgreSQL +image with the default user, the PostgreSQL process executed by the `postgres` +user inside the container will actually be executed by the anonymous host user +with UID `999`. ### Host user mapping and volumes [^][toc] @@ -244,7 +265,7 @@ When the user inside the container owns files that belong to a volume, the corresponding files in the folder mapped to the volume on the host will actually belong to the corresponding user on the host. -For instance, in the previous example: +Following the previous example: * in the Odoo container, the files created by the `odoo` user in the folder `/opt/odoo/data/filestore` will be stored on the host in the folder @@ -260,7 +281,7 @@ behavior is usually not a big issue. The main impact is that the files mapped with a volume might belong to users that don't have anything to do with the corresponding Docker services. -For instance, in the previous example: +In the previous example: * the host user `elico` will be able to read the content of the Odoo filestore * the anonymous host user with UID `999` will be able to read the PostgreSQL @@ -270,12 +291,12 @@ It is possible to avoid this by creating host users with the corresponding UIDs in order to control which host user owns the files in a volume. However, a user with limited system privileges (e.g. no `sudo`) will have a -bigger issue. The typical use case is a developer with limited system -privileges that maps a volume inside his home folder. He would expect to own -all the files under his home folder, which won't be the case. +bigger issue. The typical use case is a user with limited system privileges +that maps a volume inside his home folder. He would expect to own all the files +under his home folder, which won't be the case. -For instance, following the previous example, if the host user `seb` with UID -`1001` starts the image from his home folder: +Following the previous example, if the host user `seb` with UID `1001` starts +the image from his home folder: * the files in `./volumes/odoo/filestore` will belong to the host user `elico` * the files in `./volumes/postgres` will belong to the anonymous host user with @@ -283,12 +304,60 @@ UID `999` The host user `seb` will not be able to access those files even though they are located under his own home folder. This can lead to very annoying situations -where a developer would require the system administrator to delete files under -his own home folder. +where a user would require the system administrator to help him delete files +under his own home folder. ### Solution [^][toc] -TODO +Each Docker image has its own way to deal with host user mapping: + +* for PostgreSQL, see the [official documentation][pg] (section "Arbitrary +--user Notes") +* for this image, use the environment variable `TARGET_UID` as described below + +First, the host user needs to find out his UID: + + $ echo $UID + +Then, simply assign this UID to the environment variable `TARGET_UID`. + +After starting the Docker containers, all the files created in the volumes will +belong to the corresponding host user. + +The `docker-compose.yml` should look like: + + version: '3.3' + services: + + postgres: + image: postgres:9.5 + environment: + - POSTGRES_USER=postgres + - POSTGRES_PASSWORD=strong_pg_superuser_password + - /etc/passwd:/etc/passwd:ro + user: 1001:1001 + network_mode: bridge + + odoo: + image: elicocorp/odoo:10.0 + command: start + ports: + - 127.0.0.1:8069:8069 + links: + - postgres:db + environment: + - TARGET_UID=1001 + - ODOO_ADMIN_PASSWD=strong_odoo_master_password + - ODOO_DB_USER=odoo + - ODOO_DB_PASSWORD=strong_pg_odoo_password + network_mode: bridge + +**Note:** For a more dynamic UID mapping, you can use Compose +[variable substitution][dk-var]. Simply export the environment variable `UID` +before starting the container and replace the `UID` with `$UID` in the +`docker-compose.yml` file. + + [dk-var]: https://docs.docker.com/compose/compose-file/#variable-substitution ## Odoo configuration file [^][toc] @@ -302,9 +371,9 @@ configuration file. In the previous `docker-compose.yml` examples, the following Odoo parameters have already been defined: -* `admin_passwd` (environment variable `ODOO_ADMIN_PASSWD`) -* `db_user` (environment variable `ODOO_DB_USER`) -* `db_password` (environment variable `ODOO_DB_PASSWORD`) +* `admin_passwd`: environment variable `ODOO_ADMIN_PASSWD` +* `db_user`: environment variable `ODOO_DB_USER` +* `db_password`: environment variable `ODOO_DB_PASSWORD` For a complete list of Odoo parameters, see the [documentation][od-par]. @@ -324,8 +393,8 @@ ways are: ## Additionnal addons [^][toc] TODO - -### Automatically pull Git repositories [^][toc] + +### Automatically fetch Git repositories [^][toc] Based on [`oca_dependencies.txt`][oca-dep] @@ -336,6 +405,6 @@ TODO ### GitHub SSH authentication [^][toc] TODO - -## Customize this image [^][toc] + +## How to extend this image [^][toc] TODO diff --git a/bin/target_user.sh b/bin/target_user.sh index 8232c782..2e1a5260 100644 --- a/bin/target_user.sh +++ b/bin/target_user.sh @@ -11,17 +11,18 @@ log_src='['${0##*/}']' odoo_user='odoo' # Check if there's a target user to run Odoo -if [ "$TARGET_ID" ]; then +if [ "$TARGET_UID" ]; then # Check whether target user exists or not - exists=$( getent passwd $TARGET_ID | wc -l ) + exists=$( getent passwd $TARGET_UID | wc -l ) # Create target user if [ $exists == "0" ]; then echo $log_src[`date +%F.%H:%M:%S`]' Creating target Odoo user...' odoo_user='target-odoo-user' - adduser --uid $TARGET_ID --disabled-password --gecos "" --shell=/bin/bash $odoo_user + useradd --uid $TARGET_UID --no-log-init -r $odoo_user - # Add target user to odoo group so that he can read/write the content of /opt/odoo + # Add target user to odoo group so that he can read/write the content + # of /opt/odoo echo $log_src[`date +%F.%H:%M:%S`]' Adding user to `odoo` group...' usermod -a -G odoo $odoo_user else @@ -29,9 +30,10 @@ if [ "$TARGET_ID" ]; then odoo_user_id=$( id -u $odoo_user ) # If the user already exists, check if it's the same as odoo - if [ $TARGET_ID -ne $odoo_user_id ]; then - echo $log_src[`date +%F.%H:%M:%S`]' ERROR: The ID of the target user already' \ - 'exists but it is not the same as the ID of `odoo` user' + if [ $TARGET_UID -ne $odoo_user_id ]; then + echo $log_src[`date +%F.%H:%M:%S`]' ERROR: The UID of the target' \ + 'user already exists but it is not the same as the ID of' \ + '`odoo` user' exit 1 fi fi From 33322971748ea9e836a6f6f89b32d31fe0413f96 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Maillard?= Date: Thu, 24 Aug 2017 14:00:56 +0800 Subject: [PATCH 28/60] Fix bugs after switching to useradd - home directory syntax was wrong - users were created as system users --- Dockerfile | 2 +- bin/target_user.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index 69c1dcb1..e727104d 100644 --- a/Dockerfile +++ b/Dockerfile @@ -75,7 +75,7 @@ RUN dpkg -i /opt/sources/wkhtmltox.deb ADD sources/startup.sh /opt/scripts/startup.sh # Create the odoo user -RUN useradd --home=/opt/odoo --no-log-init -r odoo +RUN useradd --create-home --home-dir /opt/odoo --no-log-init odoo # Switch to user odoo to create the folders mapped with volumes, else the # corresponding folders will be created by root on the host diff --git a/bin/target_user.sh b/bin/target_user.sh index 2e1a5260..c41ae290 100644 --- a/bin/target_user.sh +++ b/bin/target_user.sh @@ -19,7 +19,7 @@ if [ "$TARGET_UID" ]; then if [ $exists == "0" ]; then echo $log_src[`date +%F.%H:%M:%S`]' Creating target Odoo user...' odoo_user='target-odoo-user' - useradd --uid $TARGET_UID --no-log-init -r $odoo_user + useradd --uid $TARGET_UID --no-log-init $odoo_user # Add target user to odoo group so that he can read/write the content # of /opt/odoo From 863a9540b36cc0012cc05b8c3ad2c2f3498a623e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Maillard?= Date: Thu, 24 Aug 2017 14:23:05 +0800 Subject: [PATCH 29/60] Almost finished to document Additional Odoo modules section --- README.md | 201 ++++++++++++++++++++++++++++++++++++++++++++++-------- 1 file changed, 173 insertions(+), 28 deletions(-) diff --git a/README.md b/README.md index 4f07bc04..70ab6f7e 100644 --- a/README.md +++ b/README.md @@ -16,7 +16,6 @@ This image is a fork of [XCG Consulting][xcg] Odoo Docker image available ## Table of Contents - [Usage](#usage) - - [Install Docker](#install_docker) - [Run the image](#run_image) - [Compose example](#compose_example) - [Security](#security) @@ -24,21 +23,20 @@ This image is a fork of [XCG Consulting][xcg] Odoo Docker image available - [Host user mapping](#host_user_mapping) - [Default host user mapping in Docker](#default_hum) - [Host user mapping and volumes](#hum_and_volumes) - - [Impact](#hum_impact) - - [Solution](#hum_solution) + - [Impact](#impact) + - [Solution](#solution) - [Odoo configuration file](#odoo_conf) -- [Additionnal addons](#additional_addons) - - [Automatically fetch Git repositories](#aa_git_fetch) - - [GitHub SSH authentication](#aa_git_ssh) +- [Additional Odoo modules](#additional_addons) + - [Automatically fetch Git repositories](#git_fetch) + - [Fetch multiple independent repositories](#fetch_multiple_repos) + - [Fetch private GitHub repositories](#git_ssh) + - [Advanced `oca_dependencies.txt` syntax](#oca_dependencies) - [How to extend this image](#extend_image) [toc]: #toc "Table of Contents" ## Usage [^][toc] - - -### Install Docker [^][toc] In order to use this image, a recent version of Docker must be installed on the host. For more information about Docker Engine, see the [official documentation][dk-doc]. @@ -197,11 +195,11 @@ The `docker-compose.yml` should look like: postgres: image: postgres:9.5 + volumes: + - ./volumes/postgres:/var/lib/postgresql/data environment: - POSTGRES_USER=postgres - POSTGRES_PASSWORD=strong_pg_superuser_password - volumes: - - ./volumes/postgres:/var/lib/postgresql/data network_mode: bridge odoo: @@ -211,13 +209,13 @@ The `docker-compose.yml` should look like: - 127.0.0.1:8069:8069 links: - postgres:db - environment: - - ODOO_ADMIN_PASSWD=strong_odoo_master_password - - ODOO_DB_USER=odoo - - ODOO_DB_PASSWORD=strong_pg_odoo_password volumes: - - ./volumes/odoo/filestore:/opt/odoo/data/filestore - - ./volumes/odoo/sessions:/opt/odoo/data/sessions + - ./volumes/odoo/filestore:/opt/odoo/data/filestore + - ./volumes/odoo/sessions:/opt/odoo/data/sessions + environment: + - ODOO_ADMIN_PASSWD=strong_odoo_master_password + - ODOO_DB_USER=odoo + - ODOO_DB_PASSWORD=strong_pg_odoo_password network_mode: bridge **Note:** With this configuration, all the data created in the volumes will @@ -274,7 +272,7 @@ Following the previous example: folder `/var/lib/postgresql/data` will be stored on the host in the folder `./volumes/postgres` and belong to the anonymous host user with UID `999` - + ### Impact [^][toc] When having `root` privileges on the host, the default host user mapping behavior is usually not a big issue. The main impact is that the files mapped @@ -307,7 +305,7 @@ located under his own home folder. This can lead to very annoying situations where a user would require the system administrator to help him delete files under his own home folder. - + ### Solution [^][toc] Each Docker image has its own way to deal with host user mapping: @@ -331,6 +329,8 @@ The `docker-compose.yml` should look like: postgres: image: postgres:9.5 + volumes: + - ./volumes/postgres:/var/lib/postgresql/data environment: - POSTGRES_USER=postgres - POSTGRES_PASSWORD=strong_pg_superuser_password @@ -345,6 +345,9 @@ The `docker-compose.yml` should look like: - 127.0.0.1:8069:8069 links: - postgres:db + volumes: + - ./volumes/odoo/filestore:/opt/odoo/data/filestore + - ./volumes/odoo/sessions:/opt/odoo/data/sessions environment: - TARGET_UID=1001 - ODOO_ADMIN_PASSWD=strong_odoo_master_password @@ -355,7 +358,7 @@ The `docker-compose.yml` should look like: **Note:** For a more dynamic UID mapping, you can use Compose [variable substitution][dk-var]. Simply export the environment variable `UID` before starting the container and replace the `UID` with `$UID` in the -`docker-compose.yml` file. +`docker-compose.yml`. [dk-var]: https://docs.docker.com/compose/compose-file/#variable-substitution @@ -384,25 +387,167 @@ ways are: 1. `ADD` the configuration file in `/opt/odoo/etc/odoo.conf` using a [Dockerfile][dkf] -2. Map the `/opt/odoo/etc/odoo.conf` using a [volume][dk-vol] +2. Map the `/opt/odoo/etc/odoo.conf` using a volume [dkf]: https://docs.docker.com/engine/reference/builder/ "Dockerfile reference | Docker Documentation" -## Additionnal addons [^][toc] -TODO +## Additional Odoo modules [^][toc] +This image allows to load additional Odoo modules through the volume +`/opt/odoo/additional_addons`. When adding modules manually in that folder, the +Odoo parameter `addons_path` must be defined accordingly: + + addons_path = /opt/odoo/additional_addons,/opt/odoo/sources/odoo/addons - +**Note:** The previous configuration assumes that all the modules are at the +root of the folder `/opt/odoo/additional_addons`. Depending on the folder +structure, the parameter might need to be adapted. + + ### Automatically fetch Git repositories [^][toc] -Based on [`oca_dependencies.txt`][oca-dep] +This image is able to automatically fetch (e.g. `git clone`) a [Git][git] +repository containing a set of modules. It is based on the +[cross repository dependency management][cross-repo-dep] system introduced by +the [OCA][oca]. For more information about the + + [git]: https://git-scm.com + [cross-repo-dep]: https://github.com/OCA/maintainer-quality-tools/pull/159 + [oca]: https://github.com/OCA/ "Odoo Community Association" + +Basically, this image is able to recursively fetch Git repositories in the +`/opt/odoo/additional_addons` volume. Once all the repositories have been +fetched, the `addons_path` parameter will be generated automatically. + +The cross repository dependency is based on the +[`oca_dependencies.txt`][oca-dep] syntax. [oca-dep]: https://github.com/OCA/maintainer-quality-tools/blob/master/sample_files/oca_dependencies.txt -TODO - -### GitHub SSH authentication [^][toc] +**Note:** This image integrates a Git repositories cache system. If some of the +repositories already exist in the volume (e.g. when restarting the container), +the container will pull (e.g. `git pull`) them instead of cloning them, which +allows for much faster boot. + +The easiest way to clone a Git repository is to set the environment variable +`ADDONS_REPO` with the URL of the repository. + +For instance, in order to fetch the [OCA Project][oca-project] Git repository, +as well as all the Git repositories it depends on, you can use the following +`docker-compose.yml`: + + [oca-project]: https://github.com/OCA/project + "Odoo Project Management and Services Company Addons" + + version: '3.3' + services: + + postgres: + image: postgres:9.5 + volumes: + - ./volumes/postgres:/var/lib/postgresql/data + environment: + - POSTGRES_USER=postgres + - POSTGRES_PASSWORD=strong_pg_superuser_password + - /etc/passwd:/etc/passwd:ro + user: 1001:1001 + network_mode: bridge + + odoo: + image: elicocorp/odoo:10.0 + command: start + ports: + - 127.0.0.1:8069:8069 + links: + - postgres:db + volumes: + - ./volumes/odoo/addons:/opt/odoo/additional_addons + - ./volumes/odoo/filestore:/opt/odoo/data/filestore + - ./volumes/odoo/sessions:/opt/odoo/data/sessions + environment: + - ADDONS_REPO=https://github.com/OCA/project.git + - TARGET_UID=1001 + - ODOO_ADMIN_PASSWD=strong_odoo_master_password + - ODOO_DB_USER=odoo + - ODOO_DB_PASSWORD=strong_pg_odoo_password + network_mode: bridge + + +### Fetch multiple independent repositories [^][toc] +It might be necessary to fetch more than one Git repository (and the +repositories it depends on). In that case, instead of using the `ADDONS_REPO` +environment variable, simply create one `oca_dependencies.txt` file and put it +at the root of the `/opt/odoo/additional_addons` volume. + +For instance, if you want to fetch the +[OCA account payment modules][oca-account-payment] repository along with the +OCA project repository, put the following `oca_dependencies.txt` in the +`/opt/odoo/additional_addons` volume: + + [oca-account-payment]: https://github.com/OCA/account-payment + + # list the OCA project dependencies, one per line + # add a github url if you need a forked version + project https://github.com/OCA/project.git + account-payment https://github.com/OCA/account-payment.git + + +### Fetch private GitHub repositories [^][toc] +This image is able to pull multiple private GitHub repositories when provided a +valid SSH key that has read access to these repositories. The URL for GitHub +SSH authentication is available under the "Clone with SSH" option. + +Simply put the SSH private key whose name must be `id_rsa` in the volume +`/opt/odoo/ssh`. Since Odoo doesn't need to write in that volume, you can use +the `ro` option to mount a [read-only volume][dk-ro-vol]. + + [dk-ro-vol]: https://docs.docker.com/engine/admin/volumes/volumes/#use-a-read-only-volume + +The `docker-compose.yml` should look like: + + version: '3.3' + services: + + postgres: + image: postgres:9.5 + volumes: + - ./volumes/postgres:/var/lib/postgresql/data + environment: + - POSTGRES_USER=postgres + - POSTGRES_PASSWORD=strong_pg_superuser_password + - /etc/passwd:/etc/passwd:ro + user: 1001:1001 + network_mode: bridge + + odoo: + image: elicocorp/odoo:10.0 + command: start + ports: + - 127.0.0.1:8069:8069 + links: + - postgres:db + volumes: + - ./volumes/odoo/addons:/opt/odoo/additional_addons + - ./volumes/odoo/filestore:/opt/odoo/data/filestore + - ./volumes/odoo/sessions:/opt/odoo/data/sessions + - ./volumes/odoo/ssh:/opt/odoo/ssh:ro + environment: + - ADDONS_REPO=git@github.com:Elico-Corp/odoo-private-addons.git + - TARGET_UID=1001 + - ODOO_ADMIN_PASSWD=strong_odoo_master_password + - ODOO_DB_USER=odoo + - ODOO_DB_PASSWORD=strong_pg_odoo_password + network_mode: bridge + +**Note:** If the host user has a valid SSH key under the `.ssh` folder of his +home folder, he can map his `.ssh` folder instead, e.g.: + + volumes: + - ~/.ssh:/opt/odoo/ssh:ro + + +### Advanced `oca_dependencies.txt` syntax [^][toc] TODO From 9dec1116c01402a7cd1d0eb6fbea57b99c851a26 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Maillard?= Date: Thu, 24 Aug 2017 15:30:17 +0800 Subject: [PATCH 30/60] The current syntax of oca_dependencies.txt is now the same as ours! --- README.md | 5 ----- 1 file changed, 5 deletions(-) diff --git a/README.md b/README.md index 70ab6f7e..1cb2368a 100644 --- a/README.md +++ b/README.md @@ -30,7 +30,6 @@ This image is a fork of [XCG Consulting][xcg] Odoo Docker image available - [Automatically fetch Git repositories](#git_fetch) - [Fetch multiple independent repositories](#fetch_multiple_repos) - [Fetch private GitHub repositories](#git_ssh) - - [Advanced `oca_dependencies.txt` syntax](#oca_dependencies) - [How to extend this image](#extend_image) [toc]: #toc "Table of Contents" @@ -546,10 +545,6 @@ home folder, he can map his `.ssh` folder instead, e.g.: volumes: - ~/.ssh:/opt/odoo/ssh:ro - -### Advanced `oca_dependencies.txt` syntax [^][toc] -TODO - ## How to extend this image [^][toc] TODO From bea8f9131ba628553dc513ce158ae6919e66fbc1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Maillard?= Date: Thu, 24 Aug 2017 15:36:07 +0800 Subject: [PATCH 31/60] Doc for FETCH_OCA_DEPENDENCIES --- README.md | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/README.md b/README.md index 1cb2368a..c8a25d47 100644 --- a/README.md +++ b/README.md @@ -472,6 +472,17 @@ as well as all the Git repositories it depends on, you can use the following - ODOO_DB_PASSWORD=strong_pg_odoo_password network_mode: bridge +**Note:** After the repositories have been fetched, it might not be required to +pull them every time the container is restarted. In that case, simply set the +environment variable `FETCH_OCA_DEPENDENCIES` to `False` in order to boot much +faster, e.g.: + + environment: + - FETCH_OCA_DEPENDENCIES=False + +In order to update the code of the Git repositories, set this variable to +`True` or just remove it. + ### Fetch multiple independent repositories [^][toc] It might be necessary to fetch more than one Git repository (and the From 31910bd785db2c289f6fdd078d235c89ba5149a2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Maillard?= Date: Thu, 24 Aug 2017 15:46:26 +0800 Subject: [PATCH 32/60] Update docstring --- auto_addons/addons.py | 23 +++++------------------ 1 file changed, 5 insertions(+), 18 deletions(-) diff --git a/auto_addons/addons.py b/auto_addons/addons.py index ca43b2d5..cbf8f31d 100644 --- a/auto_addons/addons.py +++ b/auto_addons/addons.py @@ -23,26 +23,13 @@ class Repo(object): """ - oca_dependencies.txt + Fetch Git repositories recursively. - For public repo: - - oca-repo -> https://github.com/OCA/oca-repo (default branch) - oca-repo 8.0 -> https://github.com/OCA/oca-repo (branch: 8.0) - organization/public-repo -> https://github.com/organization/public-repo (default branch) - organization/public-repo 8.0 -> https://github.com/organization/public-repo (branch: 8.0) - https://github.com/organization/public-repo -> https://github.com/organization/public-repo (default branch) - https://github.com/organization/public-repo 8.0 -> https://github.com/organization/public-repo (branch: 8.0) - public_repo_rename https://github.com/organization/public-repo -> https://github.com/organization/public-repo (default branch) - public_repo_rename https://github.com/organization/public-repo 8.0 -> https://github.com/organization/public-repo (branch: 8.0) - - For private repo: - - git@github.com:Elico-Corp/private-repo - git@github.com:Elico-Corp/private-repo 8.0 - private_repo_rename git@github.com:Elico-Corp/private-repo - private_repo_rename git@github.com:Elico-Corp/private-repo 8.0 + Based on the OCA cross repository dependency management system: + https://github.com/OCA/maintainer-quality-tools/pull/159 + Following the oca_dependencies.txt syntax: + https://github.com/OCA/maintainer-quality-tools/blob/master/sample_files/oca_dependencies.txt """ def __init__(self, remote_url, parent=None): if parent: From 27636fddfb6e4f8c79af2f59a70dad16de501f23 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Maillard?= Date: Thu, 24 Aug 2017 16:39:40 +0800 Subject: [PATCH 33/60] Change Elico Corp email address --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index e727104d..83659f23 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,5 +1,5 @@ FROM ubuntu:14.04 -MAINTAINER Elico Corp +MAINTAINER Elico Corp # Set timezone to UTC RUN ln -sf /usr/share/zoneinfo/Etc/UTC /etc/localtime From b2a67e9d08908969c98ef7f349c3000abbf54231 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Maillard?= Date: Thu, 24 Aug 2017 16:41:05 +0800 Subject: [PATCH 34/60] Wheels is not used anymore --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 83659f23..1dc2bd9b 100644 --- a/Dockerfile +++ b/Dockerfile @@ -17,7 +17,7 @@ RUN apt-key adv --keyserver keyserver.ubuntu.com \ # of PostgreSQL, ``9.5``. # install dependencies as distrib packages when system bindings are required # some of them extend the basic odoo requirements for a better "apps" compatibility -# most dependencies are distributed as wheel packages at the next step +# most dependencies are distributed as PIP packages at the next step RUN echo "deb http://apt.postgresql.org/pub/repos/apt/ trusty-pgdg main" > \ /etc/apt/sources.list.d/pgdg.list && \ apt-get update && \ From f6f104e531b12eb68ba9c1c0fe769cae13e12898 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Maillard?= Date: Thu, 24 Aug 2017 16:56:23 +0800 Subject: [PATCH 35/60] Use constants for Odoo and PostgreSQL versions --- Dockerfile | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) diff --git a/Dockerfile b/Dockerfile index 1dc2bd9b..b8e0df9b 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,6 +1,10 @@ FROM ubuntu:14.04 MAINTAINER Elico Corp +# Define build constants +ENV ODOO_VERSION=7.0 \ + PG_VERSION=9.5 + # Set timezone to UTC RUN ln -sf /usr/share/zoneinfo/Etc/UTC /etc/localtime @@ -14,17 +18,17 @@ RUN apt-key adv --keyserver keyserver.ubuntu.com \ --recv-keys B97B0AFCAA1A47F044F244A07FCC7D46ACCC4CF8 # Add PostgreSQL's repository. It contains the most recent stable release -# of PostgreSQL, ``9.5``. -# install dependencies as distrib packages when system bindings are required -# some of them extend the basic odoo requirements for a better "apps" compatibility -# most dependencies are distributed as PIP packages at the next step +# of PostgreSQL. +# Install dependencies as distrib packages when system bindings are required. +# Some of them extend the basic Odoo requirements for a better "apps" +# compatibility. +# Most dependencies are distributed as PIP packages at the next step RUN echo "deb http://apt.postgresql.org/pub/repos/apt/ trusty-pgdg main" > \ /etc/apt/sources.list.d/pgdg.list && \ apt-get update && \ apt-get -yq install \ - adduser \ ghostscript \ - postgresql-client-9.5 \ + postgresql-client-$PG_VERSION \ python \ python-pip \ python-imaging \ @@ -88,7 +92,7 @@ RUN /bin/bash -c "mkdir -p /opt/odoo/var/{run,log,egg-cache}" # Add Odoo OCB sources and remove .git folder in order to reduce image size WORKDIR /opt/odoo/sources -RUN git clone https://github.com/OCA/OCB.git -b 8.0 odoo && \ +RUN git clone https://github.com/OCA/OCB.git -b $ODOO_VERSION odoo && \ rm -rf odoo/.git ADD sources/odoo.conf /opt/odoo/etc/odoo.conf From e249c55be0135a97a2ce2e49b5f9fe23a858babf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Maillard?= Date: Thu, 24 Aug 2017 17:25:05 +0800 Subject: [PATCH 36/60] Finish doc --- README.md | 65 +++++++++++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 63 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index c8a25d47..bfd1e667 100644 --- a/README.md +++ b/README.md @@ -30,7 +30,9 @@ This image is a fork of [XCG Consulting][xcg] Odoo Docker image available - [Automatically fetch Git repositories](#git_fetch) - [Fetch multiple independent repositories](#fetch_multiple_repos) - [Fetch private GitHub repositories](#git_ssh) +- [Run a bash script at startup](#startup_script) - [How to extend this image](#extend_image) +- [Roadmap](#roadmap) [toc]: #toc "Table of Contents" @@ -385,7 +387,7 @@ It is also possible to use a custom Odoo configuration file. The most common ways are: 1. `ADD` the configuration file in `/opt/odoo/etc/odoo.conf` using a -[Dockerfile][dkf] +[`Dockerfile`][dkf] 2. Map the `/opt/odoo/etc/odoo.conf` using a volume [dkf]: https://docs.docker.com/engine/reference/builder/ @@ -556,6 +558,65 @@ home folder, he can map his `.ssh` folder instead, e.g.: volumes: - ~/.ssh:/opt/odoo/ssh:ro + +## Run a bash script at startup [^][toc] +In some cases, it might be useful to run some commands in the container before +starting Odoo. After the Odoo target user has been created, the container will +execute a [bash][bash] script with the container user `root`. + + [bash]: https://www.gnu.org/software/bash/ "GNU Bash" + +The script is located at `/opt/scripts/startup.sh` and can be mapped with a +volume or added via a `Dockerfile`. + ## How to extend this image [^][toc] -TODO +This image comes with all the dependencies required to run the standard version +of Odoo. However, some additionnal modules might require an extra setup. + +While the startup script is a way to achieve this, the changes it operates in +the OS of the container are not persistent. Such setup would be performed every +time the container is restarted, which could induce long delay in the boot +process. + +In order to make those changes persistent, simply create a child Docker image +by extending this image. + +The below example shows how to install the dependencies `captcha` and +`simplecrypt` for the Odoo v8 module [`website_captcha_nogoogle`][wcn]. + + [wcn]: https://github.com/Elico-Corp/odoo-addons/tree/8.0/website_captcha_nogoogle + +This is how the `Dockerfile` would look like: + + FROM elicocorp/odoo:8.0 + MAINTAINER Elico Corp + RUN pip install --upgrade cffi + RUN pip install captcha simple-crypt recaptcha-client + RUN pip install --upgrade pillow + +Save it as `./build/odoo/Dockerfile`. Then, in `docker-compose.yml`, replace +the `image` instruction with a `build` instruction, e.g.: + + odoo: + build: ./build/odoo + +When starting the container with `docker-compose up`, Docker will first build +the image. In order to re-build the `odoo` image, use: + + $ docker-compose build odoo + +**Note:** Extend an image is an extremely versatile feature of Docker. The only +limit is your imagination! For instance, check out the Elico Corp Odoo Docker +image [localized for China][odoo-china]. + + [odoo-china]: https://github.com/Elico-Corp/odoo-docker-china + + +## Roadmap [^][toc] + +* Current list of PIP requirements is maintenained in this repository. It +should use the `https://github.com/OCA/OCB/blob/10.0/requirements.txt` instead. +To be noted that this file is not available in v7. +* Use the standard Odoo code rather than the OCB +* Use the code of `maintainer-quality-tools` to pull the `oca_dependencies.txt` From ad4552f0f8c6fba9ccda9c9a79146f27eca36696 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Maillard?= Date: Thu, 24 Aug 2017 19:04:30 +0800 Subject: [PATCH 37/60] Target user needs a home folder to store its Git credentials --- bin/target_user.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bin/target_user.sh b/bin/target_user.sh index c41ae290..f9f61c3b 100644 --- a/bin/target_user.sh +++ b/bin/target_user.sh @@ -19,7 +19,7 @@ if [ "$TARGET_UID" ]; then if [ $exists == "0" ]; then echo $log_src[`date +%F.%H:%M:%S`]' Creating target Odoo user...' odoo_user='target-odoo-user' - useradd --uid $TARGET_UID --no-log-init $odoo_user + adduser --uid $TARGET_UID --disabled-login --gecos "" $odoo_user # Add target user to odoo group so that he can read/write the content # of /opt/odoo From e5bee02cfc0483a5ac6f3cc62ffdddea53fd6dc1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Maillard?= Date: Thu, 24 Aug 2017 19:05:29 +0800 Subject: [PATCH 38/60] Add constant for Odoo binary so that boot file can remain the same Also, check the folders exist before changing the owner --- Dockerfile | 3 ++- bin/boot | 20 +++++++++++++------- 2 files changed, 15 insertions(+), 8 deletions(-) diff --git a/Dockerfile b/Dockerfile index b8e0df9b..ac8a4965 100644 --- a/Dockerfile +++ b/Dockerfile @@ -3,7 +3,8 @@ MAINTAINER Elico Corp # Define build constants ENV ODOO_VERSION=7.0 \ - PG_VERSION=9.5 + PG_VERSION=9.5 \ + BINARY_NAME=openerp-server # Set timezone to UTC RUN ln -sf /usr/share/zoneinfo/Etc/UTC /etc/localtime diff --git a/bin/boot b/bin/boot index 1c9c4d7f..b98a1a15 100755 --- a/bin/boot +++ b/bin/boot @@ -14,6 +14,12 @@ function help { set -e } +function _ensure_odoo_user_owns_folder_if_exists { + if [ -d $1 ]; then + chown $odoo_user:$odoo_user $1 + fi +} + function _update_odoo_conf_params { # Loop over all the "ODOO_" ENV variables (see `<<<` after `done`) while read -r env_var; do @@ -93,18 +99,18 @@ function start { # them with root instead of the target Odoo user. Making sure to give back # the ownership to the corresponding host user. chown $odoo_user:$odoo_user /opt/odoo/{etc,additional_addons,data,var} \ - /opt/odoo/data/{filestore,sessions} \ /opt/odoo/var/{run,log,egg-cache} - echo $log_src[`date +%F.%H:%M:%S`]' Searching for conf file...' - if [[ -z "$odoo_conf_file" ]]; then - odoo_conf_file="/opt/odoo/etc/odoo.conf" - fi + # The following folders might not exist + _ensure_odoo_user_owns_folder_if_exists /opt/odoo/data/filestore + _ensure_odoo_user_owns_folder_if_exists /opt/odoo/data/sessions + _ensure_odoo_user_owns_folder_if_exists /opt/odoo/data/addons echo $log_src[`date +%F.%H:%M:%S`]' Checking special requirements...' bash /opt/scripts/startup.sh echo $log_src[`date +%F.%H:%M:%S`]' Updating Odoo conf...' + odoo_conf_file="/opt/odoo/etc/odoo.conf" _update_odoo_conf_params # Check if need to download addons repo @@ -116,7 +122,7 @@ function start { echo $log_src[`date +%F.%H:%M:%S`]' ...with additional args: ' $* fi sudo -i -u $odoo_user /usr/bin/python \ - /opt/odoo/sources/odoo/openerp-server \ + /opt/odoo/sources/odoo/$BINARY_NAME \ -c $odoo_conf_file \ $* @@ -138,4 +144,4 @@ do $arg done -wait \ No newline at end of file +wait From b28bfca32fa88fe6918dcf8774287bc167d15135 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Maillard?= Date: Thu, 24 Aug 2017 19:07:56 +0800 Subject: [PATCH 39/60] Make log less verbose --- bin/target_user.sh | 1 - 1 file changed, 1 deletion(-) diff --git a/bin/target_user.sh b/bin/target_user.sh index f9f61c3b..5578d2f0 100644 --- a/bin/target_user.sh +++ b/bin/target_user.sh @@ -23,7 +23,6 @@ if [ "$TARGET_UID" ]; then # Add target user to odoo group so that he can read/write the content # of /opt/odoo - echo $log_src[`date +%F.%H:%M:%S`]' Adding user to `odoo` group...' usermod -a -G odoo $odoo_user else # Target user already exists, make sure it's odoo From a9dafb92bda3676e1edbce658ceb935890acb963 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Maillard?= Date: Thu, 24 Aug 2017 19:14:23 +0800 Subject: [PATCH 40/60] Make log less verbose when creating Odoo target user --- bin/target_user.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bin/target_user.sh b/bin/target_user.sh index 5578d2f0..364ab205 100644 --- a/bin/target_user.sh +++ b/bin/target_user.sh @@ -19,7 +19,7 @@ if [ "$TARGET_UID" ]; then if [ $exists == "0" ]; then echo $log_src[`date +%F.%H:%M:%S`]' Creating target Odoo user...' odoo_user='target-odoo-user' - adduser --uid $TARGET_UID --disabled-login --gecos "" $odoo_user + adduser --uid $TARGET_UID --disabled-login --gecos "" --quiet $odoo_user # Add target user to odoo group so that he can read/write the content # of /opt/odoo From e214c0c2ee41638d0e65ab1d83f8f6dfea6e1755 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Maillard?= Date: Thu, 24 Aug 2017 19:42:47 +0800 Subject: [PATCH 41/60] Git setup is done by the target user itself --- bin/boot | 21 +++++++++++---------- 1 file changed, 11 insertions(+), 10 deletions(-) diff --git a/bin/boot b/bin/boot index b98a1a15..d27849e0 100755 --- a/bin/boot +++ b/bin/boot @@ -42,22 +42,23 @@ function _update_odoo_conf_params { function _setup_ssh_key { # Create SSH config folder in $HOME folder of Odoo target user ssh_folder=$( getent passwd $odoo_user | cut -d: -f6 )/.ssh - mkdir $ssh_folder + sudo -i -u $odoo_user mkdir $ssh_folder # Copy SSH private key from /opt/odoo/ssh - cp /opt/odoo/ssh/id_rsa $ssh_folder + sudo -i -u $odoo_user cp /opt/odoo/ssh/id_rsa $ssh_folder echo $log_src[`date +%F.%H:%M:%S`]' Scanning GitHub key...' - ssh-keyscan github.com > $ssh_folder/known_hosts + ssh-keyscan github.com | \ + sudo -i -u $odoo_user tee $ssh_folder/known_hosts &> /dev/null - # Setup SSH config - echo "host github.com" > $ssh_folder/config - echo " HostName github.com" >> $ssh_folder/config - echo " User git" >> $ssh_folder/config - echo " IdentityFile $ssh_folder/id_rsa" >> $ssh_folder/config + # Bind SSH key to GitHub host + echo "host github.com + HostName github.com + User git + IdentityFile $ssh_folder/id_rsa" | \ + sudo -i -u $odoo_user tee $ssh_folder/config &> /dev/null - # Secure SSH folder - chown -R $odoo_user:$odoo_user $ssh_folder + # Secure SSH key chmod 400 $ssh_folder/id_rsa } From a0c014547e23f0932e976bcc602d672562aab89a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Maillard?= Date: Thu, 24 Aug 2017 19:53:43 +0800 Subject: [PATCH 42/60] Hide ssh-keyscan stderr output since it's actually log message --- bin/boot | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/bin/boot b/bin/boot index d27849e0..b7cead76 100755 --- a/bin/boot +++ b/bin/boot @@ -48,15 +48,16 @@ function _setup_ssh_key { sudo -i -u $odoo_user cp /opt/odoo/ssh/id_rsa $ssh_folder echo $log_src[`date +%F.%H:%M:%S`]' Scanning GitHub key...' - ssh-keyscan github.com | \ - sudo -i -u $odoo_user tee $ssh_folder/known_hosts &> /dev/null + # Hide ssh-keyscan stderr output since it's actually log message + ssh-keyscan github.com 2> /dev/null | \ + sudo -i -u $odoo_user tee $ssh_folder/known_hosts > /dev/null # Bind SSH key to GitHub host echo "host github.com HostName github.com User git IdentityFile $ssh_folder/id_rsa" | \ - sudo -i -u $odoo_user tee $ssh_folder/config &> /dev/null + sudo -i -u $odoo_user tee $ssh_folder/config > /dev/null # Secure SSH key chmod 400 $ssh_folder/id_rsa @@ -134,7 +135,7 @@ function start { # smart shutdown on SIGINT and SIGTERM function on_exit() { kill -TERM $SERVICE_PID - wait $SERVICE_PID 2>/dev/null + wait $SERVICE_PID 2> /dev/null exit 0 } trap on_exit INT TERM From b0b2945139dc4fc0c866bf7c6173f35868478d82 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Maillard?= Date: Thu, 24 Aug 2017 20:11:30 +0800 Subject: [PATCH 43/60] Specify default value to avoid redundancy --- README.md | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index bfd1e667..1b5d04eb 100644 --- a/README.md +++ b/README.md @@ -476,15 +476,12 @@ as well as all the Git repositories it depends on, you can use the following **Note:** After the repositories have been fetched, it might not be required to pull them every time the container is restarted. In that case, simply set the -environment variable `FETCH_OCA_DEPENDENCIES` to `False` in order to boot much -faster, e.g.: +environment variable `FETCH_OCA_DEPENDENCIES` to `False` (default value is +`True`) in order to boot much faster, e.g.: environment: - FETCH_OCA_DEPENDENCIES=False -In order to update the code of the Git repositories, set this variable to -`True` or just remove it. - ### Fetch multiple independent repositories [^][toc] It might be necessary to fetch more than one Git repository (and the From 85000ad7c9a83a694ca53f5699b4bd99ebe72b38 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Maillard?= Date: Thu, 24 Aug 2017 20:38:59 +0800 Subject: [PATCH 44/60] Only display the "Usage" section in the help --- Dockerfile | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index ac8a4965..255923e6 100644 --- a/Dockerfile +++ b/Dockerfile @@ -115,8 +115,13 @@ VOLUME [ \ "/opt/scripts" \ ] -# Use README for the help command +# Use README for the help command and only keep the "Usage" section ADD README.md /usr/share/man/help.txt +RUN from=$( awk '/^## Usage/{ print NR; exit }' /usr/share/man/help.txt ) && \ + to=$( awk '/^ \$ docker-compose up/{ print NR; exit }' /usr/share/man/help.txt ) && \ + head -n $to /usr/share/man/help.txt | \ + tail -n +$from | \ + tee /usr/share/man/help.txt > /dev/null # Set the default entrypoint (non overridable) to run when starting the container ADD bin /app/bin/ From cd7fef1d5b8875e0d14d72b557b1974d7c63b9d8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Maillard?= Date: Thu, 24 Aug 2017 20:52:04 +0800 Subject: [PATCH 45/60] Add comman `man` to read the display the user manual --- Dockerfile | 8 ++++---- README.md | 8 +++++++- bin/boot | 6 ++++++ 3 files changed, 17 insertions(+), 5 deletions(-) diff --git a/Dockerfile b/Dockerfile index 255923e6..439b5837 100644 --- a/Dockerfile +++ b/Dockerfile @@ -116,10 +116,10 @@ VOLUME [ \ ] # Use README for the help command and only keep the "Usage" section -ADD README.md /usr/share/man/help.txt -RUN from=$( awk '/^## Usage/{ print NR; exit }' /usr/share/man/help.txt ) && \ - to=$( awk '/^ \$ docker-compose up/{ print NR; exit }' /usr/share/man/help.txt ) && \ - head -n $to /usr/share/man/help.txt | \ +ADD README.md /usr/share/man/man.txt +RUN from=$( awk '/^## Usage/{ print NR; exit }' /usr/share/man/man.txt ) && \ + to=$( awk '/^ \$ docker-compose up/{ print NR; exit }' /usr/share/man/man.txt ) && \ + head -n $to /usr/share/man/man.txt | \ tail -n +$from | \ tee /usr/share/man/help.txt > /dev/null diff --git a/README.md b/README.md index 1b5d04eb..267d2105 100644 --- a/README.md +++ b/README.md @@ -46,10 +46,16 @@ host. For more information about Docker Engine, see the ### Run the image [^][toc] -Running this image without specifying a command will display this help message: +Running this image without specifying any command will display this help +message: $ docker run elicocorp/odoo:10.0 +To display the user manual, run the image with the command `man`. Redirecting +`stdout` to `less` is highly recommended: + + $ docker run elicocorp/odoo:10.0 man | less + To start Odoo, run the image with the command `start`: $ docker run elicocorp/odoo:10.0 start diff --git a/bin/boot b/bin/boot index b7cead76..9b25992a 100755 --- a/bin/boot +++ b/bin/boot @@ -14,6 +14,12 @@ function help { set -e } +function man { + set +e + cat /usr/share/man/man.txt + set -e +} + function _ensure_odoo_user_owns_folder_if_exists { if [ -d $1 ]; then chown $odoo_user:$odoo_user $1 From bf89a9129a1d30fa08681eca4c0d1fc239666428 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Maillard?= Date: Thu, 24 Aug 2017 21:28:53 +0800 Subject: [PATCH 46/60] Remove anchors and links to anchors to improve readability --- Dockerfile | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 439b5837..bde4688a 100644 --- a/Dockerfile +++ b/Dockerfile @@ -115,9 +115,15 @@ VOLUME [ \ "/opt/scripts" \ ] -# Use README for the help command and only keep the "Usage" section +# Use README for the help & man commands ADD README.md /usr/share/man/man.txt +# Remove anchors and links to anchors to improve readability +RUN sed -i '/^ Date: Thu, 24 Aug 2017 21:31:06 +0800 Subject: [PATCH 47/60] Fix issue during previous merge --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index bde4688a..87ecbe10 100644 --- a/Dockerfile +++ b/Dockerfile @@ -2,7 +2,7 @@ FROM ubuntu:14.04 MAINTAINER Elico Corp # Define build constants -ENV ODOO_VERSION=7.0 \ +ENV ODOO_VERSION=8.0 \ PG_VERSION=9.5 \ BINARY_NAME=openerp-server From 47d61ab397f9292d487efec71e7652ad9cf0bd05 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Maillard?= Date: Fri, 25 Aug 2017 12:21:45 +0800 Subject: [PATCH 48/60] Install ERPPeek in the image --- sources/pip-req.txt | 1 + 1 file changed, 1 insertion(+) diff --git a/sources/pip-req.txt b/sources/pip-req.txt index 717bfe41..2260370b 100644 --- a/sources/pip-req.txt +++ b/sources/pip-req.txt @@ -4,6 +4,7 @@ cffi==0.8.6 cryptography==0.6.1 decorator==3.4.0 docutils==0.12 +erppeek feedparser==5.1.3 gdata==2.0.18 Genshi==0.7 From 160e4a1b238454ede81920b0dd21265df5ee50dd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Maillard?= Date: Fri, 25 Aug 2017 12:49:11 +0800 Subject: [PATCH 49/60] Create separate section for contributors and bug-tracking --- Dockerfile | 2 +- README.md | 99 ++++++++++++++++++++++++++++++++++++++++-------------- 2 files changed, 75 insertions(+), 26 deletions(-) diff --git a/Dockerfile b/Dockerfile index 87ecbe10..2310255e 100644 --- a/Dockerfile +++ b/Dockerfile @@ -119,7 +119,7 @@ VOLUME [ \ ADD README.md /usr/share/man/man.txt # Remove anchors and links to anchors to improve readability RUN sed -i '/^ ## Table of Contents - [Usage](#usage) @@ -33,11 +27,15 @@ This image is a fork of [XCG Consulting][xcg] Odoo Docker image available - [Run a bash script at startup](#startup_script) - [How to extend this image](#extend_image) - [Roadmap](#roadmap) +- [Bug Tracker](#bug_tracker) +- [Credits](#credits) + - [Contributors](#contributors) + - [Maintainer](#maintainer) [toc]: #toc "Table of Contents" -## Usage [^][toc] +## Usage[^][toc] In order to use this image, a recent version of Docker must be installed on the host. For more information about Docker Engine, see the [official documentation][dk-doc]. @@ -45,7 +43,7 @@ host. For more information about Docker Engine, see the [dk-doc]: https://docs.docker.com/engine/ -### Run the image [^][toc] +### Run the image[^][toc] Running this image without specifying any command will display this help message: @@ -71,7 +69,7 @@ image. By default, Odoo is configured to connect with a PostgreSQL host named [ec-pg]: https://hub.docker.com/r/elicocorp/postgres/ -### Compose example [^][toc] +### Compose example[^][toc] Below is an example of a simple `docker-compose.yml` to use this image. For more information about Compose, see the [official documentation][dc-doc]. @@ -127,7 +125,7 @@ See [Security](#security) section for more info. See [Data persistency](#data_persistency) section for more info. -## Security [^][toc] +## Security[^][toc] In order to improve the security, it is recommended to: 1. set a master password for Odoo using `ODOO_ADMIN_PASSWD` @@ -175,7 +173,7 @@ outside). For instance: - 127.0.0.1:12345:8069 -## Data persistency [^][toc] +## Data persistency[^][toc] As soon as the containers are removed, all the modifications (e.g. database, attachments, etc.) will be lost. There are 2 main [volumes][dk-vol] that must be made persistent in order to preserve the data: @@ -231,10 +229,10 @@ belong to the user whose UID matches the user running inside the container. See Host user mapping section for more info. -## Host user mapping [^][toc] +## Host user mapping[^][toc] -### Default host user mapping in Docker [^][toc] +### Default host user mapping in Docker[^][toc] Each Docker image defines its own [users][dk-user]. Users only exist inside the running container. @@ -265,7 +263,7 @@ user inside the container will actually be executed by the anonymous host user with UID `999`. -### Host user mapping and volumes [^][toc] +### Host user mapping and volumes[^][toc] When the user inside the container owns files that belong to a volume, the corresponding files in the folder mapped to the volume on the host will actually belong to the corresponding user on the host. @@ -280,7 +278,7 @@ folder `/var/lib/postgresql/data` will be stored on the host in the folder `./volumes/postgres` and belong to the anonymous host user with UID `999` -### Impact [^][toc] +### Impact[^][toc] When having `root` privileges on the host, the default host user mapping behavior is usually not a big issue. The main impact is that the files mapped with a volume might belong to users that don't have anything to do with the @@ -313,7 +311,7 @@ where a user would require the system administrator to help him delete files under his own home folder. -### Solution [^][toc] +### Solution[^][toc] Each Docker image has its own way to deal with host user mapping: * for PostgreSQL, see the [official documentation][pg] (section "Arbitrary @@ -370,7 +368,7 @@ before starting the container and replace the `UID` with `$UID` in the [dk-var]: https://docs.docker.com/compose/compose-file/#variable-substitution -## Odoo configuration file [^][toc] +## Odoo configuration file[^][toc] The configuration file is generated automatically at startup. Any available Odoo parameter can be provided as an environment variable, prefixed by `ODOO_`. @@ -400,7 +398,7 @@ ways are: "Dockerfile reference | Docker Documentation" -## Additional Odoo modules [^][toc] +## Additional Odoo modules[^][toc] This image allows to load additional Odoo modules through the volume `/opt/odoo/additional_addons`. When adding modules manually in that folder, the Odoo parameter `addons_path` must be defined accordingly: @@ -412,7 +410,7 @@ root of the folder `/opt/odoo/additional_addons`. Depending on the folder structure, the parameter might need to be adapted. -### Automatically fetch Git repositories [^][toc] +### Automatically fetch Git repositories[^][toc] This image is able to automatically fetch (e.g. `git clone`) a [Git][git] repository containing a set of modules. It is based on the @@ -489,7 +487,7 @@ environment variable `FETCH_OCA_DEPENDENCIES` to `False` (default value is - FETCH_OCA_DEPENDENCIES=False -### Fetch multiple independent repositories [^][toc] +### Fetch multiple independent repositories[^][toc] It might be necessary to fetch more than one Git repository (and the repositories it depends on). In that case, instead of using the `ADDONS_REPO` environment variable, simply create one `oca_dependencies.txt` file and put it @@ -508,7 +506,7 @@ OCA project repository, put the following `oca_dependencies.txt` in the account-payment https://github.com/OCA/account-payment.git -### Fetch private GitHub repositories [^][toc] +### Fetch private GitHub repositories[^][toc] This image is able to pull multiple private GitHub repositories when provided a valid SSH key that has read access to these repositories. The URL for GitHub SSH authentication is available under the "Clone with SSH" option. @@ -562,7 +560,7 @@ home folder, he can map his `.ssh` folder instead, e.g.: - ~/.ssh:/opt/odoo/ssh:ro -## Run a bash script at startup [^][toc] +## Run a bash script at startup[^][toc] In some cases, it might be useful to run some commands in the container before starting Odoo. After the Odoo target user has been created, the container will execute a [bash][bash] script with the container user `root`. @@ -573,7 +571,7 @@ The script is located at `/opt/scripts/startup.sh` and can be mapped with a volume or added via a `Dockerfile`. -## How to extend this image [^][toc] +## How to extend this image[^][toc] This image comes with all the dependencies required to run the standard version of Odoo. However, some additionnal modules might require an extra setup. @@ -616,10 +614,61 @@ image [localized for China][odoo-china]. [odoo-china]: https://github.com/Elico-Corp/odoo-docker-china -## Roadmap [^][toc] +## Roadmap[^][toc] * Current list of PIP requirements is maintenained in this repository. It should use the `https://github.com/OCA/OCB/blob/10.0/requirements.txt` instead. To be noted that this file is not available in v7. * Use the standard Odoo code rather than the OCB * Use the code of `maintainer-quality-tools` to pull the `oca_dependencies.txt` + + +## Bug Tracker[^][toc] +Bugs are tracked on [GitHub Issues][gh-issues]. In case of trouble, please +check there if your issue has already been reported. If you spotted it first, +help us smash it by providing detailed and welcomed feedback. + + [gh-issues]: https://github.com/Elico-Corp/elico_odoo/issues + + +## Credits[^][toc] + + +### Contributors[^][toc] + +* Sebastien Maillard +* Eric Caudal +* Noah Wang + +This image is a fork of [XCG Consulting][xcg] Odoo Docker image available +[here][xcgd]. + + [xcg]: https://www.xcg-consulting.fr/ + [xcgd]: https://hub.docker.com/r/xcgd/odoo/ + + +### Maintainer[^][toc] + +![https://www.elico-corp.com][ec-logo] + + [ec-logo]: https://www.elico-corp.com/logo.png "Elico Corp" + +This project is maintained by Elico Corporation. + +Elico Corp is an innovative actor in China, Hong-Kong and Singapore servicing +well known international companies and as well as local mid-sized businesses. +Since 2010, our seasoned Sino-European consultants have been providing full +range Odoo services: + +* Business consultancy for Gap analysis, BPM, operational work-flows review. +* Ready-to-use ERP packages aimed at starting businesses. +* Odoo implementation for manufacturing, international trading, service industry + and e-commerce. +* Connectors and integration with 3rd party software (Magento, Taobao, Coswin, + Joomla, Prestashop, Tradevine etc...). +* Odoo Support services such as developments, training, maintenance and hosting. + +Our headquarters are located in Shanghai with branch in Singapore servicing +customers from all over Asia Pacific. + +Contact information: Sales From 473950dc7169d19425ec357197a2d4fec97a4ea4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Maillard?= Date: Fri, 25 Aug 2017 12:55:31 +0800 Subject: [PATCH 50/60] Link on image was not working --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 01abcf53..7aede9a8 100644 --- a/README.md +++ b/README.md @@ -649,9 +649,9 @@ This image is a fork of [XCG Consulting][xcg] Odoo Docker image available ### Maintainer[^][toc] -![https://www.elico-corp.com][ec-logo] +[![Elico Corp][ec-logo]][ec] - [ec-logo]: https://www.elico-corp.com/logo.png "Elico Corp" + [ec-logo]: https://www.elico-corp.com/logo.png This project is maintained by Elico Corporation. From ca8ac53d3f64c78046f8f7f9bedea3ac66f2a6f5 Mon Sep 17 00:00:00 2001 From: Elico Corp Date: Sun, 3 Sep 2017 00:00:27 +0800 Subject: [PATCH 51/60] Update OCB 8.0 commit ID: 01668ae8f924cce5e3c6078c4def4fb67e85a0ec --- OCB_COMMIT_ID | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/OCB_COMMIT_ID b/OCB_COMMIT_ID index 37d74f3f..5a1fa427 100644 --- a/OCB_COMMIT_ID +++ b/OCB_COMMIT_ID @@ -1 +1 @@ -f998ddf09545a5946ed4fac57e8c6afcf208da7d +01668ae8f924cce5e3c6078c4def4fb67e85a0ec From 3175e26211869897dee1e157a599d3d4de1529f1 Mon Sep 17 00:00:00 2001 From: Elico Corp Date: Thu, 7 Sep 2017 00:00:31 +0800 Subject: [PATCH 52/60] Update OCB 8.0 commit ID: c6adec48f1d43e450a037e2733ca2ee01b05d32c --- OCB_COMMIT_ID | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/OCB_COMMIT_ID b/OCB_COMMIT_ID index 5a1fa427..2f6a31f3 100644 --- a/OCB_COMMIT_ID +++ b/OCB_COMMIT_ID @@ -1 +1 @@ -01668ae8f924cce5e3c6078c4def4fb67e85a0ec +c6adec48f1d43e450a037e2733ca2ee01b05d32c From f8f4898375a72982e572a148b12c3fade55395f9 Mon Sep 17 00:00:00 2001 From: Elico Corp Date: Fri, 8 Sep 2017 00:00:28 +0800 Subject: [PATCH 53/60] Update OCB 8.0 commit ID: ff587488ceb5b8d44a8cd5052a790db545a2714b --- OCB_COMMIT_ID | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/OCB_COMMIT_ID b/OCB_COMMIT_ID index 2f6a31f3..38eeec21 100644 --- a/OCB_COMMIT_ID +++ b/OCB_COMMIT_ID @@ -1 +1 @@ -c6adec48f1d43e450a037e2733ca2ee01b05d32c +ff587488ceb5b8d44a8cd5052a790db545a2714b From f8b7f2a296a77cdb6781dc963c6013c4235b9d74 Mon Sep 17 00:00:00 2001 From: Elico Corp Date: Sun, 10 Sep 2017 00:00:28 +0800 Subject: [PATCH 54/60] Update OCB 8.0 commit ID: a728c6a64d8137c1ff8f006ab06266e646b8d63c --- OCB_COMMIT_ID | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/OCB_COMMIT_ID b/OCB_COMMIT_ID index 38eeec21..43f1387e 100644 --- a/OCB_COMMIT_ID +++ b/OCB_COMMIT_ID @@ -1 +1 @@ -ff587488ceb5b8d44a8cd5052a790db545a2714b +a728c6a64d8137c1ff8f006ab06266e646b8d63c From 7fe911a34e47d4b753b06dcba0a19044126e9bb9 Mon Sep 17 00:00:00 2001 From: Elico Corp Date: Thu, 21 Sep 2017 00:00:32 +0800 Subject: [PATCH 55/60] Update OCB 8.0 commit ID: eea9908b10330b369fdb18ca01ff335fafcb1b62 --- OCB_COMMIT_ID | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/OCB_COMMIT_ID b/OCB_COMMIT_ID index 43f1387e..7b04e47d 100644 --- a/OCB_COMMIT_ID +++ b/OCB_COMMIT_ID @@ -1 +1 @@ -a728c6a64d8137c1ff8f006ab06266e646b8d63c +eea9908b10330b369fdb18ca01ff335fafcb1b62 From d40ec027a0b33f04d247ddfeedfa2d52e6cc95ff Mon Sep 17 00:00:00 2001 From: Elico Corp Date: Wed, 27 Sep 2017 00:00:33 +0800 Subject: [PATCH 56/60] Update OCB 8.0 commit ID: 6f2bc93d766073bc034a6bd2bdd2cec3f66869f6 --- OCB_COMMIT_ID | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/OCB_COMMIT_ID b/OCB_COMMIT_ID index 7b04e47d..600e40fa 100644 --- a/OCB_COMMIT_ID +++ b/OCB_COMMIT_ID @@ -1 +1 @@ -eea9908b10330b369fdb18ca01ff335fafcb1b62 +6f2bc93d766073bc034a6bd2bdd2cec3f66869f6 From 2575c01b901e1183784d4a1d1d0064592d509ecf Mon Sep 17 00:00:00 2001 From: Elico Corp Date: Thu, 28 Sep 2017 00:00:36 +0800 Subject: [PATCH 57/60] Update OCB 8.0 commit ID: 94203ed28bd86c9f9b0f67bb3cb8272e9854c101 --- OCB_COMMIT_ID | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/OCB_COMMIT_ID b/OCB_COMMIT_ID index 600e40fa..22c7e300 100644 --- a/OCB_COMMIT_ID +++ b/OCB_COMMIT_ID @@ -1 +1 @@ -6f2bc93d766073bc034a6bd2bdd2cec3f66869f6 +94203ed28bd86c9f9b0f67bb3cb8272e9854c101 From 44afbf7b4c69a3fc84dfab9884fe3e5b086f4c5c Mon Sep 17 00:00:00 2001 From: Elico Corp Date: Fri, 29 Sep 2017 00:00:41 +0800 Subject: [PATCH 58/60] Update OCB 8.0 commit ID: d297a5a0f316b73454d5337aec7389b74eacd83a --- OCB_COMMIT_ID | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/OCB_COMMIT_ID b/OCB_COMMIT_ID index 22c7e300..a65388d1 100644 --- a/OCB_COMMIT_ID +++ b/OCB_COMMIT_ID @@ -1 +1 @@ -94203ed28bd86c9f9b0f67bb3cb8272e9854c101 +d297a5a0f316b73454d5337aec7389b74eacd83a From 3e6f94678787700ce8e266288549cbb77c466aa3 Mon Sep 17 00:00:00 2001 From: Elico Corp Date: Thu, 19 Oct 2017 00:00:37 +0800 Subject: [PATCH 59/60] Update OCB 8.0 commit ID: 70e35cb40c578e0a4c0879495e932da6fd2a9829 --- OCB_COMMIT_ID | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/OCB_COMMIT_ID b/OCB_COMMIT_ID index a65388d1..0537ebb7 100644 --- a/OCB_COMMIT_ID +++ b/OCB_COMMIT_ID @@ -1 +1 @@ -d297a5a0f316b73454d5337aec7389b74eacd83a +70e35cb40c578e0a4c0879495e932da6fd2a9829 From 8ccd454605671b6110b6f0ea081708e1ba0d68b7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Maillard?= Date: Mon, 23 Oct 2017 17:23:56 +0800 Subject: [PATCH 60/60] Latest version of LESS is not compatible with Odoo --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 557cc035..5569cc5e 100644 --- a/Dockerfile +++ b/Dockerfile @@ -62,7 +62,7 @@ ADD sources/pip-req.txt /opt/sources/pip-req.txt RUN pip install -r /opt/sources/pip-req.txt # Install LESS -RUN npm install -g less less-plugin-clean-css && \ +RUN npm install -g less@2.7.2 less-plugin-clean-css@1.5.1 && \ ln -s /usr/bin/nodejs /usr/bin/node # must unzip this package to make it visible as an odoo external dependency