E2E Server creation

Overview

This guide shows how to provision, secure, and manage a Frappe v15 “demo” site using Docker, Nginx, and Let’s Encrypt on a remote host. It covers:

Prerequisites
SSH access
Docker container lifecycle
Nginx site configuration
Certbot SSL certificate installation & renewal
Verifying setup
Troubleshooting tips

You can publish this page under docs/wiki/Operations/Docker-Nginx-SSL in your Frappe Wiki.

1. Prerequisites

Before you begin, ensure the host has:

Docker (Engine & CLI) installed and running
Nginx web server installed
Certbot with the Nginx plugin (certbot-nginx)
A public DNS record for frappe-demo.extensionerp.com pointing to the host’s IP
SSH access credentials (ssh e2e-225 below as an example)

2. SSH Access

Connect to the host machine where you’ll run Docker and Nginx:

ssh e2e-225

Replace e2e-225 with your actual user@hostname or IP.

3. Docker Container Lifecycle

3.1 List All Containers

Show every container (running or stopped), displaying name and published ports in table form:

docker ps -a --format 'table {{.Names}}\t{{.Ports}}'

3.2 Remove an Existing Container

If a previous demo container exists, delete it (force-stop if necessary):

docker rm demo --force

Use case: Ensures you start from a clean slate.

3.3 Run a New Frappe v15 Container

Launch the official frappev15 image detached, mapping HTTP, API, and SSH ports:

docker run -d \
  --name GDN-DEV \
  -p 14131:80 \
  -p 14132:8000 \
  -p 14133:22 \
  -p 14134:3306 \
  -v /opt/frappe-bench:/home/extension/gdn-dev/frappe-bench \
  -v /opt/frappe-sites:/home/extension/gdn-dev/sites \
  frappev15 \
  bash -c "while true; do sleep 30; done"

-d: Run in background
--name demo: Assigns the container name
-p host:container: Publishes container port on host

Tip: For data persistence, mount volumes:
-v /opt/frappe-bench:/home/frappe/frappe-bench \
-v /opt/frappe-sites:/home/frappe/sites

3.4 Access the Container Shell

To run bench commands or inspect logs inside the container:

docker exec -it demo bash

Inside container, you might:

cd /home/frappe/frappe-bench
bench --site demo install-app erpnext
bench --site demo migrate

Exit with:
```
exit
```

4. Nginx Site Configuration

4.1 Copy & Customize Config

Duplicate an existing site config as a template:

cp \
  /etc/nginx/sites-available/ventura-dev2.extensionerp.com \
  /etc/nginx/sites-available/frappe-demo.extensionerp.com

Edit /etc/nginx/sites-available/frappe-demo.extensionerp.com to include:

upstream frappe-demo {
    server 127.0.0.1:14131;     # ERPNext desk
}

upstream frappe-demo-socket {
    server 127.0.0.1:14132;     # Gunicorn API
}

server {
    listen 80;
    server_name frappe-demo.extensionerp.com;

    location / {
        proxy_pass http://frappe-demo;
        include /etc/nginx/proxy_params;
    }

    location /api {
        proxy_pass http://frappe-demo-socket;
        include /etc/nginx/proxy_params;
    }

    # Static files, websocket, error logs, etc.
}

4.2 Enable the Site

Create a symlink so Nginx loads it:

sudo ln -s \
  /etc/nginx/sites-available/frappe-demo.extensionerp.com \
  /etc/nginx/sites-enabled/

4.3 Test & Reload Nginx

sudo nginx -t
sudo systemctl reload nginx

nginx -t checks syntax.
reload applies changes without downtime.

5. SSL Certificate with Certbot

5.1 Obtain & Install Certificate

Run Certbot’s Nginx plugin to fetch and install a Let’s Encrypt cert:

certbot --nginx -d frappe-demo.extensionerp.com

Interactive prompts will ask for email, TOS agreement, and HTTP→HTTPS redirection.

5.2 Automate Renewal

Certbot installs a daily cron job by default. To test renewal:

sudo certbot renew --dry-run

6. Verifying the Setup

Container Ports

docker ps --format 'table {{.Names}}\t{{.Ports}}'

Expect ports 14131, 14132, 14133 forwarded.

Web Access
- Open: https://frappe-demo.extensionerp.com
- Confirm ERPNext login page and valid HTTPS padlock.

Logs

Docker logs:
```
docker logs demo
```

Nginx logs:

tail -f /var/log/nginx/frappe-demo.access.log \
          /var/log/nginx/frappe-demo.error.log

7. Troubleshooting Tips

Symptom	Checks & Fixes
Container not running	`docker ps -a` → check STATUS; `docker logs demo` for startup errors
Port conflict	Ensure host ports 14131/14132/14133 are free: `lsof -i :14131`
Nginx startup failure	`nginx -t` for syntax errors in config; fix and reload
SSL renewal fails	Check DNS A record; ensure port 80 is reachable; review `/var/log/letsencrypt/letsencrypt.log`
Bench errors inside container	`docker exec -it demo bash` → inspect logs under `frappe-bench/logs`, fix site permissions

Next Steps:
- Add automated monitoring (e.g., healthcheck scripts).
- Back up database & site files regularly.
- Consider Docker Compose for multi-service orchestration.