Installation and Configuration
System Requirements
BSTS is designed to run in a containerized environment. The minimum requirements to run BSTS are 4 CPU cores and 8GB of RAM, and an operating system that supports Docker.
BSTS requires Docker Compose Version 2. To install BSTS, make sure your Docker installation is updated to support Composer V2.
BSTS has been tested on Debian 11 and Ubuntu 22.04.
Installation
Prepare the server
Prepare a server with Debian 11 or Ubuntu 22.04.
Install git
devops@bsts:~$ sudo apt install git
Install the latest version of Docker.
Install Portainer
First, create the volume that Portainer Server will use to store its database:
devops@bsts:~$ docker volume create portainer_data
Then, download and install the Portainer Server container:
devops@bsts:~$ docker run -d -p 8000:8000 -p 9443:9443 --name portainer --restart=always -v /var/run/docker.sock:/var/run/docker.sock -v portainer_data:/data portainer/portainer-ce:latest
Getting the software: BSTS Stack
The BSTS Stack consists of the following services:
| Name | Container | Description |
|---|---|---|
| traefik | app-proxy | Traefik container |
| odoo | app-web | Odoo container |
| pgdb | app-db | PostgreSQL container |
| dr | app-dr | admin scripts |
| pgadmin | app-pgadmin | pgAdmin 4 container |
Login into the server as a user with sudo priviledges and run the following command at a terminal
devops@bsts:~$ git clone https://gitlab.com/genesint/bsts-prod.git
After the download completes, enter the directory bsts-prod.
devops@bsts:~$ cd bsts-prod
Add TLS Certificates
## Setting up the middleware for redirect to https ##
http:
middlewares:
redirect:
redirectScheme:
scheme: https
tls:
certificates:
- certFile: /certs/bsts.podctl.xyz.pem
keyFile: /certs/bsts.podctl.xyz-key.pem
Start the BSTS stack
Start the BSTS stack using the following Docker command:
devops@bsts:~/bsts-prod$ docker compose up -d
Configure the BSTS Stack
Create the Postgres user through which Odoo will connect to Postgresql and after that restart the app-web service.
devops@bsts:~/bsts-prod$ docker exec -it --user postgres app-db psql -f /opt/sql/create_odoo_user.sql
devops@bsts:~/bsts-prod$ docker restart app-web
Load pgAudit extension and restart Postgresql container
devops@bsts:~/bsts-prod$ docker exec -it --user postgres app-db psql -f /opt/sql/shared_preload_libraries.sql
devops@bsts:~/bsts-prod$ docker restart app-db
The pgAudit extension must be loaded in shared_preload_libraries. Otherwise, an error will be raised at load time and no audit logging will occur.
Enable Odoo addons and restart the app-web service
devops@bsts:~/bsts-prod$ docker restart app-web
Deploy BSTS database and configure pgAudit extension
Deploy BSTS database
devops@bsts:~/bsts-prod$ docker exec --user devops app-dr python /opt/scripts/restore.py bsts 32bsts1024*128 1800
Configure pgAudit extension and restart PostgreSQL container
devops@bsts:~/bsts-prod$ docker exec -it --user postgres app-db psql -f /opt/sql/config_audit.sql bsts
devops@bsts:~/bsts-prod$ docker restart app-db
Configure and start the PostgreSQL Audit Log Analyzer
devops@bsts:~/bsts-prod$ docker exec -it app-db supervisord -c /opt/pgaudit_analyze/etc/supervisord.conf
devops@bsts:~/bsts-prod$ docker exec -it app-db supervisorctl -c /opt/pgaudit_analyze/etc/supervisord.conf status
devops@bsts:~/bsts-prod$ docker exec -it app-db supervisorctl -c /opt/pgaudit_analyze/etc/supervisord.conf start pgaudit
The PostgreSQL Audit extension (pgAudit) provides detailed session and/or object audit logging via the standard PostgreSQL logging facility. However, logs are not the ideal place to store audit information. The PostgreSQL Audit Log Analyzer (pgAudit Analyze) reads audit entries from the PostgreSQL logs and loads them into a database schema to aid in analysis and auditing.