New Appliance: Odoo

[l-arnold]

So far so good with Odoo. (not seeing how to label "new-appliance")

ISO Available (long build process) Arranged the http/https routing so that General usage defaults to HTTPS and no ports needed to be called. Overrode tendency for TKLDEV to use the main structure from LAPP. Need to define a new TKLBAM Profile.
Would like to bring in more Addons by Default Fantastic and easy Migration from other Odoo (manual built). Seemed that LAPP updated just one file which I was removed anyway to build Apache/Odoo CONF structure properly..

Issues:

• Would like the Main feed to TKLDEV to be a Package Pull for Odoo rather than Git Clone.
• get some scraps in the console when I start it up, but when I choose "Advanced" then "Back" they go away.
• ISO Size 1085 so larger than desired 1024 cylinders
• Need to update to Adminer it seems from the threads.
• SSL for Console 12325 dropped w/ hosted domain name
• some lag at startup

https://github.com/l-arnold/tkl-nomadic-odoo.git

[JedMeister]

No problem... I'll get back to it ASAP. Also FWIW if for some reason this appliance doesn't make it into the initial v14.0 release, the plan will be to release it as soon as it is ready (so it won't have to wait months for the next release...).

Historically TurnKey has not been agile enough and we are committed to changing that going forward into the future!

[l-arnold]

Lets kick it through for release. Really need it and I expect it to be a big draw for TKL. Main thing is needing the Easy Install to TKL/Amazon Cloud. I expect this is good for the operation. I think this will encourage larger installs as well.

I think we can set pw for OpenUser, that I just had some sort of permission error is all in my code.

[l-arnold]

You wrote a while back about "executables" (and below my first markdown wow)

TBH not sure if/how you do it in GitHub, but you are right above re commandline:

The easiest way to make a file executable is chmod +x path/to/file Inithooks (bash and python scripts) need to be executable or they won't work. This also applies to conf.d/ scripts too!

I think the way to do this will be off my TKLDEV machine Just need to change it in the Turnkey folder, the "re-put"... looking for the command for that next. I've done all my edits just in GitHub so far.

Looks like something like this it would seem so I'll try it on the two py files.

git commit yourfile.js -m 'chmod change' git status git push origin master

which is remarkably awkward I must say.

[JedMeister]

You are totally on the right track. Assuming that you are in the root directory of your TKL app (something like /turnkey/fab/products/odoo/) and the file you want to make executable is overlay/usr/lib/inithooks/bin/odoo.py here's how I'd do it:

chmod +x overlay/usr/lib/inithooks/bin/odoo.py
git add overlay/usr/lib/inithooks/bin/odoo.py
git commit -m "made odoo.py inithooks executable"
git push origin master

As a bonus; from the base directory of your project you can track all (new and changed) files with git with the single command git add . (note the '.' at the end). If you have only changed files (and haven't deleted any or added any new ones you can trim it down further by simply using the -a switch when commiting:

chmod +x overlay/usr/lib/inithooks/bin/odoo.py
git commit -am "made odoo.py inithooks executable"
git push origin master

Finally there is also aliases set up and gc is an alias for git commit so you could trim it down even more:

chmod +x overlay/usr/lib/inithooks/bin/odoo.py
gc -am "made odoo.py inithooks executable"
git push origin master

[l-arnold]

Sourceforge download not linking:

http://downloads.sourceforge.net/wkhtmltopdf/wkhtmltox

(researching now) Not sure why this is pulled. The full wkhtmltopdf was causing problems whil the subfile wkhtmltox was working. Need to see if extractable by itself.

Not directly linked but findable by going up a directory in the Archive link from: http://wkhtmltopdf.org/downloads.html thenhttp://download.gna.org/wkhtmltopdf/0.12/0.12.2/ then Parent Directory: http://download.gna.org/wkhtmltopdf/0.12/0.12.2.1/ gets you to http://download.gna.org/wkhtmltopdf/0.12/0.12.2.1/wkhtmltox-0.12.2.1_linux-jessie-amd64.deb (updated to 64 bit from initial post)

[l-arnold]

Installed with new Source for wkhtmltox but still Inithooks did not load.... diving in again.

[l-arnold]

Break through. I chmoded the Inithooks (notjust the py files) Will do some test/tweaks in the morning. Needed to "start" the database server in Webmin toget it to run, butupit came, Odoo incl. Took a new Odoo Admin PW too.

Testing required but getting there it seems quick now.

[JedMeister]

Nice work :smile:

[l-arnold]

Close and.. I wish programming was second nature. I need to parse the standard and new variables that I am trying to set. Getting a dialog but no reall settings change. System is running but security not modified. One issue w/ coming and going from a project is familiarty comes and goes too.

[l-arnold]

Closer still. I was able to set the secondary (OpenErp) Linux account password in inithooks. I also did get a rewrite of the passwords assigned in openerp-server.conf for both db_password and admin_pw.

The rewrites were not really configured correctly (hashed with quotes and semicolon added). I found though that when I removed quotes and semi-colons and also redeclared the Postgreuser PW to the same, the system started up and was at Goal point.

Really thinking I don't want the whole Hash/random Passwords being applied. Not getting the call for adding a Password at the final script with SED. But oh so very close. I think I could fix the Quote-SemiColon formatting and have the system with as much security as any.

One round to go.

[l-arnold]

Doing a new build that should pull the quotes and semicolons out. May work.

Focus now is on the Openuser and AdminDB components. Really though, I am not clear on the process. I see that I have SED commands in both the CONF and the PY files. I also have clauses to "ask for" passwords. (Nothing was asked last round)

It would be very helpful to have a look with me at this. Just not seeing how the sequencing works between the conf and py files, nor am I sure why I modeled off other systems to come up with SED commands on both sides. Where is the appropriate place?

Mainly want to clean and streamline. Not sure we need any of the hash/random passwords that are landing here. It seems something is calling a password, thus there is no password being asked.

[l-arnold]

Wondering if it is not asking for a "new" PW because there are some other PW in the Config Files defined. Would like at first boot to simply overwrite whatever may be there.

My SemiColon and Quote fix did not work. Looking next for MAX simplicity in assigning the PW.

AM getting SED to drop PW'd in to openerp-server-conf (just not usable ones)

[l-arnold]

My main struggle is with the "Openuser" Postgresql user.

The User first gets defined in: CONF.d 30 / odooinstallation The Password then has the Password be defined in Which starts out in TKLDEV at: (gets moved in install) overlay/opt/openerp/odoo_tmp/openerp-server.conf

What I have been trying to do is then "Alter" the Password in a script like pgsqlconf.py (copy called openuser.py).. This Alteration needs to set a new password and change the db_password = openerp in (openerp-server.conf) via SED.

When these do not work, if I manually change the password in (openerp-server.conf) and also change the database user password in Webmin, the system will run with security that is not obvious from the outside.

---

Other points: admin_password in (openerp-server.conf) should be reset at install by user to something memorable. It gets laid in in the temp version above.

Openerp User, I believe I am changing the password for. It also gets initially defined in CONF.D / 30-odoo-installation, but then has generally been getting modified in inithooks.

I am inclined to "Go back a Day" (or better clear my Inithooks and make new ones) with all this as I have changed quite a bit without final success

[JedMeister]

Sorry I haven't read all your posts in detail, but for this last one the inithooks is easy for the DB password...

You should have the conf.d/main setting a random value (mcookie creates a random string) as both the DB password and also puts it in the odoo config file (openerp-server.conf) so it is set up initially. OTTOMH the sed command would be something like:

CONF=/etc/odoo/openerp-server.conf
DB_PASS=$(mcookie)

#code that creates pgsql user that uses password $DB_PASS

sed -i "s|db_password =.*|db_password = $DB_PASS|" $CONF

Then in your inithook (should be firstboot.d/20regen-odoo-secrets or similar) you just need to update the DB user password and put it in the odoo config file (openerp-server.conf). You don't need to create your own bin/openuser.py. You can reuse the default PostgreSQL inithook (bin/pgsqlconf.py) to reset it; just like Mahara app does. See https://github.com/turnkeylinux-apps/mahara/blob/master/overlay/usr/lib/inithooks/firstboot.d/20regen-mahara-secrets#L11-L13

[l-arnold]

Travels over. Wanting to dive in and wrap this one this week. Get out the whip. Bits all about the Adel Inithooks.

[JedMeister]

Hey Landis, Sorry for delay responding... I'd really like that too but unfortunately I'm tied up with SSL hardening stuff at the moment and haven't had a chance to get back to this... I'll try to but I can't promise anything.

However all is not lost. Even if this isn't finished by the time that we do the initial v14.0 release there will still be a couple of appliances outstanding anyway which we will need to add/release so we can add this in then.

[l-arnold]

Ok,, 2 days (more or less) plugging away.

Writing a secure DB_Password to openerp_server.conf

Unfortunately, I cannot get the openuser (DB account) to update the password to follow this. Trying by moving the inithook before the SED this next time. Otherwise, I would appreciate some eyes to peek at the InitHooks. (System is otherwise running)

All I do to get the system running is "copy" the Random Password from the openerp_server.conf file, then change the DB User Password with that in Webmin. I restart the Postgres Database server and the system is running and secure.

How to automate that? Not sure why it is not sticking. (full repository at:) https://github.com/l-arnold/tkl-nomadic-odoo

We are basically running. Some Eyes on the Project would be appreciated. Thanks everyone.

Landis

[l-arnold]

Well, swapping the last two lines does not give expected results.

Very strange. All I did was swap the last two lines (in GitHub). The cookie Pass was not applied in to $CONF file. System did startup however with defaults. Seems the openuser.py file has some issues. It is identical to pgsqlconf.py except the "user" it aims at.

PASSWORD=$(mcookie) $INITHOOKS_PATH/bin/openuser.py --user=openuser --pass="$PASSWORD" sed -i "s|db_password.*|db_password = $PASSWORD|" $CONF

[l-arnold]

Well I reverted then tried putting code in the "openuser.py" file (based on pgsqlconf.py) but it seems it is written with a different basis. Couldn't get it to create a new Pass thus the same result. Some changes there should be all that is needed to fix.

Again the (cookie) based Password when applied to the "openuser" database user is all that is needed to get a full start.

Not sure how to move the Cookie into the openuser.py file is all. If I could do that then have the Password apply we would be all set. Last changes should be visible (8-24-15)

Thanks for any help.

[JedMeister]

Sorry I haven't been more responsive. I've been a bit sick the last few days. Also we are running way behind release schedule.

I really need to get this SSL stuff finalised and start the builds. Like I said though we'll get this appliance into the library ASAP. Once I have all my urgent stuff out of the way I can come back to this and/or get someone else to give you a hand.

[l-arnold]

Sounds good Jeremy.

I think really it could be 3 lines of code and likely could just skip the Py file if we updated the DB User on firstrun inithook/open user... (skipping the py file)

Travelling a bit but will have some time again Wed Thurs.

Landis

[DocCyblade]

I been following this, maybe I'll dive in and take a peak.

Some times all you need a another set of eyes!

Your issue is setting the database user correct? (I just skimmed) if you could post in bullet points what need to be done and what's not working I'll read the post history to fill in the gaps. I love a good challenge.

If you have not got the time, just tell me to RTFM and I'll just re-read everything :-) that would be fair too!

[l-arnold]

Hi Ken, That would be super.  Check Firstboot inithooks and bin around openuser.

Mainly need to write the cookie generated password to the Database user as it is being writtenvto/opt/openerp/odoo/openerp.server.conf

Openerp (user) could become a no pass user nut it wotks now hiving it a pass as root is given one.

I can get online soon again. On the phone for a few days otherwise.

Best, Landis

[DocCyblade]

I just forked your repo, and taking a look at the code. I must say I like your idea of echo comment the build code. Going to have to start that when start on RT and CodeNinjia.

I'll do some build this afternoon and report what I am seeing.

[DocCyblade]

Ok, looks like I need to brush up on, no wait learn python ;-) This looks like a killer app, something some of my small biz customers could use.

I booked mark the odoo website for viewing on my lunch break today for some research reading. Always good to understand the end product. I like to read the install document from the vendor that way I'll be able to understand why/what your conf scripts are trying to do.

Give me a day to look things over, I'll report this time tomorrow (my time EDT)

[l-arnold]

After install I like to start with either

Https://myip:12324 or Http://myip:12325 (my web consoles w/ and e/out ssl.

Then everything is available. Use explorer if you want to use webmin file manager which I like to quickly view the entire codebase post install.

Thinking now would peel the update password line out of bin/openuser.py and put it into firstboot inithooks/secrets.

Have the m.cookie be the value given to the password there.  Remove the call then to openuser.py at the same time.

Can bypass Python that way too.

Thanks Ken

Landis

[DocCyblade]

@l-arnold sorry my friend I did not get s chance today. Turned out to be a 14 hour day! I did however try to build your app however I am getting build errors. It looks like it's an issue with the change log file. I had this issue before, but really did not understand it. In my search I found the below helpful, as I am sure you will too. It out lines the format of the changeling file

https://www.debian.org/doc/debian-policy/ch-source.html#s-dpkgchangelog

According to the above needs to be like this

     package (version) distribution(s); urgency=urgency
            [optional blank line(s), stripped]
       * change details
         more change details
            [blank line(s), included in output of dpkg-parsechangelog]
       * even more change details
            [optional blank line(s), stripped]
      -- maintainer name <email address>[two spaces]  date

Now take a look at a turn key header

turnkey-lapp-13.0 (1) turnkey; urgency=low

  * Latest Debian Wheezy package versions of all components.

  * PostgreSQL: Removed connections over local unix sockets trust (security).

  * Note: Please refer to turnkey-core's changelog for changes common to all
    appliances. Here we only describe changes specific to this appliance.

 -- Alon Swartz <alon@turnkeylinux.org>  Thu, 10 Oct 2013 18:11:50 +0300

Also, something in your script not sure what at the moment started to change my TKLDev host name. I am guessing that some how it was executed out off the CHROOT. I did not take a snap shot so I'll need to rebuild my TKLDev... Teach me to not snap shot before I start playing around :-)

Also, so I can understand the logic of your config scripts, I assume you have built Odoo servers from scratch? If so, can you walk me through in bullet points what you would need to do to build one from scratch. Lets for the sake of time, figure we will start with a great foundation, turnkeys LAPP appliance. Step me through not too much details but the general steps that your would take.

I did find the time to check out Odoo's install documentation at https://www.odoo.com/documentation/8.0/setup/install.html#setup-install-source, but seeing how you may have set these up in the past, maybe there is something you know that I may be missing.

Thanks

[l-arnold]

The changr log filr mine is skipping past. I see an alert abouy iy but never paid it much attention. Are you getting a complete build?

I am using tkldev 14 which I expect is a gew months old now. Running with Bitvise Ssh/ftp client.

Builds product.iso quite reliably for me. Let me know if a product.iso iis coming out the end on your side.

Thanks for trying.

Landis

[DocCyblade]

@l-arnold, Hope things are going well with you! I just rebuilt my tkldev box, this time made some snap shots before I started working.

So did a make CHROOT_ONLY=y I got the below error

# apply the product-local removelist
fab-apply-removelist removelist build/root.patched
warning: entry does not exist: var/www/index.html
# update initramfs (handle reconfigured initramfs scripts)
fab-chroot build/root.patched "update-initramfs -u"
fab-chroot build/root.patched "rm -rf /boot/*.bak"
# 
# tagging package management system with release package
# setting /etc/turnkey_version and apt user-agent
#
/usr/share/fab/make-release-deb.py ./changelog build/root.patched
Traceback (most recent call last):
  File "/usr/share/fab/make-release-deb.py", line 124, in <module>
    main()
  File "/usr/share/fab/make-release-deb.py", line 121, in main
    make_release_deb(path_changelog, path_output, depends)
  File "/usr/share/fab/make-release-deb.py", line 85, in make_release_deb
    name, version, maintainer = parse_changelog(path_changelog)
  File "/usr/share/fab/make-release-deb.py", line 67, in parse_changelog
    raise Error("can't parse first line of changelog:\n" + firstline)
__main__.Error: can't parse first line of changelog:
* As of v10 TKL-Nomadic-Connector  (known also as TKL-Nomadic-Odoo)  Will become RC3

error: couldn't parse changelog './changelog'
fab-chroot build/root.patched "dpkg -i *.deb && rm *.deb && rm -f /var/log/dpkg.log"
dpkg: error processing archive *.deb (--install):
 cannot access archive: No such file or directory
Errors were encountered while processing:
 *.deb
/usr/share/fab/product.mk:476: recipe for target 'build/stamps/root.patched' failed
make: *** [build/stamps/root.patched] Error 1

Again this looks like it's due to a changelog file thats malformed.

I am using your repo master branch.

Going to fix the change log and see if I can get it to a sandbox state

[DocCyblade]

@l-arnold I was able to get it to build by changing the changelog

If I may make a suggestion on your changelogs. Change log should be any changes from the last release. If you look at one you can see it only highlights the changes from last version. If you want to keep a running dialog of what you were doing (I like to do that as well) I do it two ways.

1, use an issue on your own github repo ( check this one of mine out ) it is of my WIP notes on RT I did. 2, Use git commit comments. I have been known to really comment my commits, like if it works, what still needs to be done, etc. This way you know exactly where you were and what you were doing. Plus if some one else wants to work on your code, it would help them too as they have your notes!

As another tip (and my the way I am in no way a pro, just a guy like your self that likes to dabble in open source software and linux) that I found to be helpful, was document your code, commits, and your work like you are working with a team of hundreds of people. Some times it seems like your talking to no one, but it is helpful when someone does come along.

One last suggestion and request, in the spirit of my suggestion, why not create a WIP issue on your github repo and list what needs to be done. This can act as your own check list, plus the community members like my self can know where you stand. Also you could commentary your findings and work on that issue. You could use this issue, but since you don't own the repo you could end up spamming people with all the good updates.

Thanks again for your work! Looking forward to get this app up and running! Feel free to post your thoughts about my suggestions. Like to get your take on it.

I did get it to build to CHROOT sandbox and iso, just need to know what needs to be fixed looked at. I think you said you want the database user password to change on first boot correct?

[l-arnold]

Ken

Easiest is to open /opt/openerp/odoo/openerp-server,conf.  Then find db_password =

Copy the password. Go to postgresql server sbd change to password for °openuser"  with Paste (you just copied in)

Restart postgteql sever

Should start from there.  Could restart all yo be sure.

I do like to reatart once at least after install.  Sometimes twice for hood measure.

Back to some access 10 min ago.

Landis

[DocCyblade]

@l-arnold I think (and @JedMeister correct me if I am wrong) when I create the database user password during the build make it a mcookie() then during first boot init hook change it again with the mcookie. I think lapp and lamp uses the py script to so this. I think I have even seem a password would be "password" and we just change it during first boot. I think however this is not a good practice as if for some reason the inithook did not run, the password would be very easy. @JedMeister again correct me if I am talking out of head!

I am firing up the VM now, i'll let you know what I find

[DocCyblade]

Looks like the ISO did not build all the way, not sure why. Something in your config files is changing my host name on the TKLDev box, this might be why I am having issues with builds. I am looking over your conf files and keeping my changes in branch called kens-changes (https://github.com/DocCyblade/tkl-nomadic-odoo/tree/kens-changes)

Error building ISO

Creating 4.0 filesystem on build/cdroot/casper/10root.squashfs, block size 131072.
[============================================================================================================-] 69616/69616 100%

Exportable Squashfs 4.0 filesystem, gzip compressed, data block size 131072
    compressed data, compressed metadata, compressed fragments, compressed xattrs
    duplicates are removed
Filesystem size 669393.93 Kbytes (653.71 Mbytes)
    40.52% of uncompressed filesystem size (1651942.14 Kbytes)
Inode table size 733570 bytes (716.38 Kbytes)
    29.23% of uncompressed inode table size (2509456 bytes)
Directory table size 672956 bytes (657.18 Kbytes)
    41.18% of uncompressed directory table size (1634220 bytes)
Number of duplicate files found 5624
Number of inodes 74832
Number of files 61816
Number of fragments 4389
Number of symbolic links  5005
Number of device nodes 40
Number of fifo nodes 0
Number of socket nodes 29
Number of directories 7942
Number of ids (unique uids + gids) 26
Number of uids 10
    root (0)
    man (6)
    ntp (104)
    unknown (1000)
    www-data (33)
    systemd-network (101)
    systemd-timesync (100)
    systemd-bus-proxy (103)
    proxy (13)
    stunnel4 (105)
Number of gids 25
    root (0)
    tty (5)
    kmem (15)
    disk (6)
    shadow (42)
    systemd-network (104)
    uuidd (111)
    crontab (108)
    bin (2)
    unknown (1000)
    www-data (33)
    systemd-journal (102)
    utmp (43)
    systemd-bus-proxy (106)
    users (100)
    systemd-timesync (103)
    mail (8)
    netdev (107)
    staff (50)
    stunnel4 (110)
    proxy (13)
    ntp (109)
    systemd-resolve (105)
    ssh (112)
    adm (4)
touch build/stamps/cdroot
basename: missing operand
Try 'basename --help' for more information.
basename: missing operand
Try 'basename --help' for more information.
cp build/root.sandbox/usr/lib/ISOLINUX/isolinux.bin build/cdroot/isolinux
cp: cannot stat 'build/root.sandbox/usr/lib/ISOLINUX/isolinux.bin': No such file or directory
/usr/share/fab/product.mk:408: recipe for target 'cdroot-dynamic' failed
make: *** [cdroot-dynamic] Error 1
root@tkldev-local products/tkl-nomadic-odoo#

After I logged out and back in, my host name has changed.

Last login: Wed Aug 26 19:11:03 2015 from 192.168.111.1
root@nomadic-odoo ~# exit

I'll post again if I find something.

[l-arnold]

Ok,

Wull try to get access and also upload my last aiso to SoutceForge.

Back soon.

Landis

[l-arnold]

On The mcookie it gets taken in once in openuser-secrets.  Password=mcookie or something like that.  From there it just needs to be used yo reset the openuser password, and Ithink now iy should bypass any py file and just get applied in the openuser-secrets file.

User never needs access to it so generally don't need to reset or even know it per say.  Critical is that folks on the outside don't know a default password is all..

Still on my phone. So haven't logged in yet.

Landis

[l-arnold]

Going reverse order here. Will work on the Changelog approach.  Have really skipped past that.  Some changes in Readme is all.

Correct at the end about database user "openuser".  See my last note.

Please excuse my mobile phone typos

From: Ken Robinson notifications@github.com Sent: Aug 26, 2015 6:19 PM To: turnkeylinux/tracker Cc: L. Arnold Subject: Re: [tracker] New Appliance: Odoo (#374)

@l-arnold I was able to get it to build by changing the changelog

If I may make a suggestion on your changelogs. Change log should be any changes from the last release. If you look at one you can see it only highlights the changes from last version. If you want to keep a running dialog of what you were doing (I like to do that as well) I do it two ways.

1, use an issue on your own github repo ( check this one of mine out ) it is of my WIP notes on RT I did. 2, Use git commit comments. I have been known to really comment my commits, like if it works, what still needs to be done, etc. This way you know exactly where you were and what you were doing. Plus if some one else wants to work on your code, it would help them too as they have your notes!

As another tip (and my the way I am in no way a pro, just a guy like your self that likes to dabble in open source software and linux) that I found to be helpful, was document your code, commits, and your work like you are working with a team of hundreds of people. Some times it seems like your talking to no one, but it is helpful when someone does come along.

One last suggestion and request, in the spirit of my suggestion, why not create a WIP issue on your github repo and list what needs to be done. This can act as your own check list, plus the community members like my self can know where you stand. Also you could commentary your findings and work on that issue. You could use this issue, but since you don't own the repo you could end up spamming people with all the good updates.

Thanks again for your work! Looking forward to get this app up and running! Feel free to post your thoughts about my suggestions. Like to get your take on it.

I did get it to build to CHROOT sandbox and iso, just need to know what needs to be fixed looked at. I think you said you want the database user password to change on first boot correct?

---

Reply to this email directly or view it on GitHub: https://github.com/turnkeylinux/tracker/issues/374#issuecomment-135215510

[DocCyblade]

The host name issue is due to

# file 
#!/bin/sh -ex

HOSTNAME=nomadic-odoo
echo "$HOSTNAME" > /etc/hostname
sed -i "s|127.0.1.1 \(.*\)|127.0.1.1 $HOSTNAME|" /etc/hosts
/etc/init.d/hostname.sh start

Issue is with this line

/etc/init.d/hostname.sh start

When this is running it is changing the running kernel value (since the kernel is the TKLDev box, it updates the host file on the TKLDev even though it's running the fab-chroot.

You should not need that command, since when fab builds iso as long as the hostname is change via an overlay or an echo to hostname it should be good.

[l-arnold]

Ok good to know.  I have not used Chroot but did see Tkldev rename itself sometime ago.  Makes sense.

I need to explore chroot TbH.  Likely would save me some time.

Thanks, Landis

ub.com/turnkeylinux/tracker/issues/374#issuecomment-135221776

[DocCyblade]

You can save a lot of time using a CHROOT, to use it just

make clean
make CHROOT_ONLY=y

Once it is done building you will have basically what will be installed on ISO. To start using it type

fab-choot build/root.sandbox

You will be then in a new shell, and your root file system will be changed or chrooted to the sandbox. You can then start services and try out your build.

To exit, just type exit You will them want to make sure there are no processes still running by issuing the command fuser -k build/root.sandbox If you don't know, the fuser command will list what files are being used by processes. the -k will kill them. This is always good to do if you made changes in your conf files and want to rebuild.

At this point if you try and do a make clean command it yells at you because you dirtied the sandbox. You can remove your changes from the sandbox by using the deck command deck -D build/root.sandbox and make clean should then work

make clean
deck -D build/root.sandbox
deck -D build/root.patched
deck -D build/root.build
deck -D build/bootstrap

If you notices the deck commands on a make clean all it does is remove the overlays and clears the stamps. (files make creates so it knows what process of the build is done, this is how it can pickup where it left off if the build failed and you changed a config file)

From how I understand it is, during the build the following happens

• 1. an overlay is created at build/bootstrap
• 2. a base linux system is unzipped (I think)
• 3. another overlay based off of bootstrap overlay at build/root.build
• 4. Using fab-choot commands, runs all the "plan" or packages are installed
• 5. another overlay based off of root.build overlay at build/root.patched
• 6 Using fab-choot commands, now overlays and conf scripts are run on root.patched
• 7 If you included CHROOT_ONLY=y it will create another overlay based off of root.patched overlay at build/root.sandbox and then exit.
• 8 If you did not give that, it will start making the ISO based on the root.sandbox

I have been in talks with @JedMeister about doing some blog posts and maybe a write up on TKLDev best practices from a "newbie" perspective. Maybe I should get on that huh? :-)

[l-arnold]

Awesome Ken! Will study and test Chroot very soon. Right now Remote Access on a new computer is my next task.

Lets see how that goes. Landis

[DocCyblade]

Well heading in for the night, I submitted my changes to my branch https://github.com/DocCyblade/tkl-nomadic-odoo/tree/kens-changes

[JedMeister]

Great work guys! :smile: Thanks @l-arnold for having a red hot go with this and pushing on even when you got stuck and I wasn't around to help out. Special thanks to @DocCyblade for jumping in and helping out! :+1: Odoo is a great app and I would love to see it in the library.

Down to specifics:

changlog It needs to be in the specific Debian package format. If not the build will fail as the appliance checks it very early on. As a general rule TurnKey app changlogs are really only a brief overview rather than a detailed log. Although bottom line is that there is nothing stopping you from adding tons of info if you choose; but it NEEDS to be in the right format. Also the version number must be 14.0 (until we do v14.1 that is)! So it is probably not the best place to track changes that you are making while your app is still in development.

Seeing as this will be a first release, please delete all the previous (to v14.0) entires, although you can mention that it is "built on top of LAPP" if you want. Really the changelog only needs to mention that it's the "initial Odoo appliance release" (or similar) and perhaps how/from where it is installed e.g. "installed latest version from github repo".

@l-arnold I think (and @JedMeister correct me if I am wrong) when I create the database user password during the build make it a mcookie() ...

Using the Mahara app as an example (as it's currently the only LAPP based app):

You can see at the top of conf.d/main the db username and password being set.

... then during first boot init hook change it again with the mcookie. I think lapp and lamp uses the py script to so this. ...

Again using Mahara:

Have a look at 20regen-mahara-secrets. As you suggest Ken it leverages the shared postgres.py. I reckon you could almost just recycle 20-regen-mahara-secrets although obviously you'll need to make some Odoo specific adjustments. E.g. changing the conf file and also I'm not sure if Odoo salts passwords or not...

... I think I have even seem a password would be "password" and we just change it during first boot. I think however this is not a good practice as if for some reason the inithook did not run, the password would be very easy. @JedMeister again correct me if I am talking out of head!

Totally on the money...!

Although from Landis' replies it sounds like he has it pretty much worked out...?!

cp build/root.sandbox/usr/lib/ISOLINUX/isolinux.bin build/cdroot/isolinux
cp: cannot stat 'build/root.sandbox/usr/lib/ISOLINUX/isolinux.bin': No such file or directory
/usr/share/fab/product.mk:408: recipe for target 'cdroot-dynamic' failed
make: *** [cdroot-dynamic] Error 1

That error is usually caused by using CHROOT_ONLY=y on an initial build then trying to build all the way to ISO later. You either need to remove the root.build & root.patched stamps (rm build/stamps/root.{build,patched}) or just make clean && make.

hostname TBH I don't recall where TKLDev pulls the hostname from by default; although I think it gets that from the changelog. So IIRC if the changelog is configured right it should just work (i.e. any conf script stuff to with hostname can be removed)

make CHROOT_ONLY=y FWIW if you intend to build to ISO at some point you are possibly better off building to your required target deck and omitting the CHROOT_ONLY=y. E.g.: make root.patched. It will be a bit slower to build root.build (because it includes the kernel and other packages that are left out when you set CHROOT_ONLY; but you won't need to rebuild root.build again later. Your root.build will include all the required packages for building all the way to iso. TKLDev is smart enough that if you make root.patched dirty (i.e. make any changes) then run make it will redo the root.patched; but if root.patched is clean it will just build straight to iso. However it doesn't handle stuff running within the chroot nicely (yet). IMO fuser is your friend there. To kill everything after being in root.patched: fuser -k build/root.patched. Sometimes you need to use the c switch too but be aware that on occasion that will also boot you out of your SSH session (assuming you're using one)...

[l-arnold]

Doc, I will review thoroughly in the AM. Did just tried a test and it didn't "achieve". Likely wrong syntax in Alter User. (Jumping from PY to I am not sure which format)

I applied the following change to "openuser-db-secrets: (basically added "Alter User Line" and removed: $INITHOOKS line

DB_PASS=$(mcookie) DB_PASS=$(mcookie) sed -i "s|dbpassword.|db_password = $DB_PASS|" $CONF sed -i "s|dbpassword.|db_password = $DB_PASS|" $CONF -$INITHOOKS_PATH/bin/openuser.py --user=openuser --pass="$DB_PASS"

+ALTER USER openuser WITH PASSWORD "$DB_PASS"

Didn't take.

Re Jeremy's comments, thank you for those.

As noted somewhat previously, my process has been to

1: Make Changes to the Repository in GitHub 2: In SSH/Bitvise on the Directory: Git Pull 3: Make Clean && Make

so, the whole process of CHROOT etc, though faster etc, has not been in my purview. lets get the DB Password working then fix Changelog, CHROOT and related issues. At least my desired path. I understand if being built in CHROOOT that needs to be first and assuming Doc you have that in the changes.

I expect it is a Pull Request. Let me work on that process as well. Should I pull as a 'Branch?"

back in the AM (mountain USA time) Best to all and mostly THANK YOU Both!

[DocCyblade]

I don't have too much time this AM, will have some time this evening (EDT) maybe on my lunch break as well. I'd be happy to share how I go about with GIT.

i would add my forked repo as a remote and then you could create a test branch and mannually merge my branch to the test branch for quick testing win out a GIthub PR. In fact you would be mannually doing the pull your self.

I'll post more later and look at the code J said to as well. If you make any progress post it. Thanks

[l-arnold]

I manually pulled the code into 10_Hostname Changelog

Need to try the Branch and Pull method. I've made various branches in the past but never really stuck with the process. Mainly used as snap shot.

Focusing mainly on how to "alter user" effectively in the build. Directions above about modeling after Mahara I have attempted I don't know how many times. Seeing if I can get some traction on this subject. On my side it is all that is stopping a clean build (again, no Chroot yet)

Back soon with reports.

[l-arnold]

Issues with Package Pull> Failed to fetch http://http.debian.net/debian/pool/main/libx/libxml2/python-libxml2_2.9.1+dfsg1-5_amd64.deb 504 Host httpredir.debian.org lookup failed: Timeout

ran an apt-get update. Trying again.

[l-arnold]

Build worked. Brought in manual changes. Tried another round on DB user Pass update. Not yet. Cookie is hitting SED. Cookie Password when updated in Postgre Server (Webmin) starts full system.

Seems that we could "manually" run some tests in SSH to see if we can update.

What is the command in SSH to update a Postgre USER Pass. I have been trying in the script:

ALTER USER openuser WITH PASSWORD $DB_PASS

[l-arnold]

Getting Closer. Working on a SSH Command: Some Errors but narrowing.

psql: FATAL: Peer authentication failed for user "ed23fe1fb6b12ff2003e5c27f6803cc4"
root@nomadic-odoo inithooks/bin# psql 'ALTER USER openuser WITH PASSWORD 'ed23fe1fb6b12ff2003e5c27f 6803cc4''
psql: FATAL: database "ALTER USER openuser WITH PASSWORD ed23fe1fb6b12ff2003e5c27f6803" does not e xist

Seems I need to address the USER Database with the psql command first.

[l-arnold]

Narrowing. Following is not giving errors in SSH but also not actually updating the user., Seems also that the "#" will conflict with standard 'comments" vernacular if built directly into inithooks.

root@nomadic-odoo inithooks/bin# "# ALTER USER openuser WITH PASSWORD 'ed23fe1fb6b12ff2003e5c27f680 3cc4'; "

[l-arnold]

Trying the Mahara Method again.

Should be able to apply a simple "ALTER USER Command" since we don't need to check for anything that I can see. Perhaps a stop/start to the postgresql server is required. Lets see if the Mahara method works (I know I have tried this before however. It seems some code in the pgsqlconf.py file is stopping the update.

Lets see what builds