Installation & Setup
This article provides you step by step server setup instructions for Ubuntu 18.04 or higher version.
- SSH into your Ubuntu user using “root” credentials.
- Install core packages including Docker:
- As described on https://docs.docker.com/compose/install/, install Docker Composer. Download the latest stable version of Docker Composer by running this command:
- Make sure that you have Docker Compose v1.25 or higher version installed:
- Make sure that your server timezone is UTC:
- Move the Oempro ZIP file to the Oempro direcotry:
apt install -y software-properties-common sharutils apt-utils iputils-ping telnet git unzip zip openssl vim wget debconf-utils cron supervisor mysql-client docker.io ufw
sudo curl -L "https://github.com/docker/compose/releases/download/1.25.0/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose chmod +x /usr/local/bin/docker-compose
timedatectl set-ntp FALSE timedatectl set-ntp TRUE timedatectl set-timezone UTC timedatectl set-local-rtc 0 timedatectl status
mv oemprovXXX.zip /opt/oempro/
XXX in the Oempro ZIP file name represents the version of the Oempro package. Example: oempro500.zip
The server setup is completed. The next step is to prepare Oempro directory, execute the install utility and make the system up and running.
Securing The Server
Oempro is a Docker containerized software that runs on your server and it has own private network. It includes many components including MySQL database server, Elasticsearch, Kibana, Redis, RabbitMQ, etc.
We strongly recommend you to secure your server by placing it behind a firewall or simply activating UFW (Ubuntu Firewall) on the server.
If you are running your server on Google Cloud, Amazon SES or similar services, you can enable Firewall and enable public access to the following ports:
- Port 80
- Port 443
- Port 25
- Port 587
- Port 2465
- Port 2525
If you don’t have a Firewall, you can enable Ubuntu’s UFW to restrict public access to your server. Follow these steps:
- SSH to the server with root credentials
- Download the following ufw-docker tool:
- Make it executable:
- Run following commands to setup public access:
- Test your public ports using the following tool → https://www.yougetsignal.com/tools/open-ports/
wget -O /usr/local/bin/ufw-docker https://github.com/octeth/ufw-docker/raw/master/ufw-docker
chmod +x /usr/local/bin/ufw-docker
ufw-docker delete allow oempro_haproxy 80 ufw-docker delete allow oempro_haproxy 81 ufw-docker delete allow oempro_mysql 3306 ufw-docker delete allow oempro_haproxy 2465 ufw-docker delete allow oempro_haproxy 2525 ufw-docker delete allow oempro_haproxy 2587 ufw-docker delete allow oempro_haproxy 5601 ufw-docker delete allow oempro_haproxy 11111 ufw-docker delete allow oempro_haproxy 8025 ufw-docker delete allow oempro_haproxy 15672 ufw-docker delete allow oempro_haproxy 2465 ufw-docker allow oempro_haproxy 25 ufw-docker allow oempro_haproxy 587 ufw-docker allow oempro_haproxy 80 ufw-docker allow oempro_haproxy 443 ufw route allow proto tcp from xxx.xxx.xxx.xxx to any # xxx.xxx.xxx.xxx is your static VPN IP address for full access (optional) ufw route allow proto tcp from 192.168.99.0/24 to any ufw allow out from any to any port 123 # timesync ufw allow from xxx.xxx.xxx.xxx to any # xxx.xxx.xxx.xxx is your static VPN IP address for full access (optional) ufw enable
WARNING: Please be careful when setting up firewall rules. You may lose your connection to the server due to incorrect firewall rules.