EDIT - 05/28/2021 - Okay. By popular request, this post has been edited to now include the fastest and easiest way to get your server not only successfully installed but to also get it setup with a URL and an auto-renewing SSL certificate. ~ BKM
I did a post like this for Ubuntu 20.04 recently and it went over very well. After a while I started noticing problems with the Ubuntu 20.04 images on several of my VPS providers so I switched to using Debian 10 (Buster) release for my production test servers.
The Debian 10 images do not contain everything that you would find already included in a Ubuntu image, so there are a few extra steps to get some of the extra prerequisites out of the way. (For instance Debian 10 did not include “sudo”) Let’s get started…
Pick your favorite VPS provider and spin up a Debian v10 image
login as ‘root’ user and perform the following commands: apt-get update apt-get upgrade
When that is finished we need to add ‘sudo’ so we can use it with regular non-root users apt-get install sudo
Now we add the new user and assign them ‘sudo’ privileges Remember to replace [USER] with your username. adduser [USER] usermod -aG sudo [USER]
Now we install all of the prerequisites for the install.py script to work properly apt install git libffi-dev python3-minimal build-essential python3-distutils python3-setuptools python3-pip python3-testresources libssl-dev wkhtmltopdf redis
Once all of that is done, we edit the redis.conf file to avoid errors during the install. nano /etc/redis/redis.conf
(search for 127.0.0.1 ::1 and change it to 127.0.0.1 then save)
Now we reboot the server to get all of the new stuff initialized and running. reboot
After reboot, login to the server as [USER] and perform the following commands: export LC_ALL=C.UTF-8 wget https://raw.githubusercontent.com/frappe/bench/develop/install.py
In this next command, remember to replace [USER] with your username. sudo python3 install.py --verbose --production --user [USER] --mariadb-version 10.5 --frappe-branch version-13 --erpnext-branch version-13
(about 1 min into install enter mariadb root password and administrator password when prompted)
After a long wait, you get “Successfully Installed” then do these commands: cd frappe-bench bench --site site1.local enable-scheduler
You can close the command line window to your server and open your favorite browser. Type the IP Address of your server into the browser address bar to access your new server for the first time.
At the ERPNext login screen use “Administrator” as the username and type in the password you selected for the Administrator during the installation process.
Answer all of the question to setup the system for your business. Once this is done we can safely start setting up URL and DNS pointers, and SSL certificates so your server will work properly in modern browsers. So, make sure you have logged int to ERPNext as Administrator and answered all the questions to complete the setup wizard, then continue here:
Chose a URL for your online presence, make sure you own it, and then use your domain name providers DNS editor to make your URL point the the IP Address of your new frappe/erpnext server. (Sorry, there are far too many different providers for me to provide any specific instructions for this. Have your domain name provider help you do this).
Now login to the server using your favorite ssh client as the [USER] you used to install ERPNext above and then perform the following commands cd frappe-bench bench config dns_multitenant on bench setup add-domain --site site1.local [your.new.URL] bench setup nginx (answer Y to the question about replacing the config file) sudo service nginx restart cd ~
Now it is time to work on the SSL certificate. First we need to make sure that ‘certbot’ is not already installed, so we will attempt to remove it just in case sudo apt-get remove certbot
Now we are going to install the package bundle provider and make sure it is all up-to-date with the latest release of ‘snapd’ and let it handle the certbot for us sudo apt install snapd sudo snap install core sudo snap refresh core
Now we use ‘snap’ service to automatically install and configure certbot to work perfectly with your new ERPNext server sudo snap install --classic certbot sudo ln -s /snap/bin/certbot /usr/bin/certbot
Now we can safely use the pre-configured certbot to install your SSL certificate sudo certbot --nginx (The system will pause at some point and ask you to select the site name you wish to install the certificate from a list of names it found. Be sure to select the URL you used and not ‘site1.local’ at this point)
Once this is done, you can close your ssh client, open a browser and type the URL of your server into the address bar and it should take you to the secured version of your ERPNext server.
One final note here. This method specifically does NOT rename bench or the site directories in order to provide flexibility later in the event you need to have multiple URL’s pointing to the same instance of ERPNext or if you need to change your URL for some reason in the future. Using the bench setup add-domain command makes this much simpler. The SSL certificate instructions I provided above are tailored to support this configuration.
As for SSL certificates, there are several ways to install them. At this point I was only concerned about getting a successful and clean install of the core system. On the 4 installs I did today I ended up with
I just install a virtual machine using Debian 10.9 image
I have to install yum as well
sudo apt install yum
But still have some errors running the install.py script
There are no enabled repos.
Run "yum repolist all" to see the repos you have.
You can enable repos with yum-config-manager --enable <repo>
Traceback (most recent call last):
File "install.py", line 495, in <module>
File "install.py", line 158, in install_prerequisites
'sudo yum install -y epel-release redhat-lsb-core git python-setuptools python-devel openssl-devel libffi-devel'
File "install.py", line 143, in run_os_command
returncode = subprocess.check_call(command, shell=True, stdout=log_stream, stderr=sys.stderr)
File "/usr/lib/python3.7/subprocess.py", line 347, in check_call
raise CalledProcessError(retcode, cmd)
subprocess.CalledProcessError: Command 'sudo yum groupinstall -y "Development tools"' returned non-zero exit status 1.
In order to use this “add-domain” approach, do we need to name the site using .local?
Or can it be anything (include no extension at all)? For example name it site1.myerp or site1.client or just site1, or even a random hash?
There is no real requirement that I know of in frappe for what you name your site.
The bench setup add-domain command works (I believe) on any site name. You should be able to use it to point 2 different URLs to the same site as long as the the “currentsite.txt” contains the same name as the site directory name your are using in /home/[USER]/frappe-bench/sites
In my limited experiments I have always used “site1.local” because it was the first site I ever encountered in my experiments with ERPNext several years ago and I continue to use it out of nostalgia I think. Plus, it is still the default site name that the easy install script method creates. So by always talking about it I never say anything confusing (I hope) to the new users that are trying their first server configuration.
So, as far as I know and based on my own experiments, it does not matter what the site folder is named as long as that name appears in the currentsite.txt file. Then any usage of the bench setup add-domain command will just add more available domains to the site_config.json file and tie them into the nginx configuration. That way what ever DNS pointer you have for alternate URL’s as long as they point to the ip address and the URL is listed in the site_config.json properly, etc. then you should have no trouble adding multiple names to the same site.
The bench add-domain command places the URL into the site_config.json and if you use it multiple times, then you will have multiple valid URLs available to the outside world (provided of course that you have setup up the DNS pointers).
I figured all of this out by building many different servers and experimenting with the configurations. While there was some documentation around back then, it was not always easy to find. So quite honestly, I encourage you to just try it out for yourself. Spin up a few servers and run the installs. Reconfigure them with your different ideas. It is easy to buy a URL for a few dollars and then make as many sub domains from it as you want to experiment on. The servers make a great sandbox for trying out the stuff you find on the forum. You may even still be able to get a bunch of free trial server time on Google Cloud Platform. If not, you can go to lowendbox.com and look for deals on cheap VPS. I have several of them right now that give me 4gb memory with 2 or 4 cpu KVM servers for less than $39US per year. I consider that my investment in learning more about how this all works.
You can read stuff on the forums or in old documentation for days on end, but actually trying it out is where the real learning happens.
I would certainly try it becasue this scenario will probably solve a problem for me in setting up a new client site. A too-eager client can open the site before it’s ready. So by assigning non-domain name to the site, it can’t be accessed until it’s ready and a bench add-domain is done to it.
Yep, works like a charm… thank you for the steps… however, i run into hurdles if I want to upgrade the version of ERPNext from say 13.4 to the latest 13.5… Bench update runs with the Pip warning, but when I login to the application, it is still on 13.4… Any tips? Pointers?