Merge pull request #73 from OpenSPP/refactor-structure-michael

[IMP] getting started deb installation and move the other section

Author: emjay0921

docs/getting_started/installation_deb.md

@@ -0,0 +1,69 @@
+---
+review-status: needs-review
+review-date: 2025-06-04
+reviewer: migration-script
+migration-notes: "Added during 2025 documentation reorganization"
+---
+
+# Database Management
+
+This section explains how to manage your OpenSPP database, including how to reset the database, and how to back up your data before making major changes. Proper database management helps ensure data integrity and system reliability.
+
+## Reset Database
+
+If you need to reset your OpenSPP database (e.g., for testing or to start fresh):
+
+### Option A: Via Web Interface (if list_db = True)
+
+1. Navigate to `http://your-server-ip:8069/web/database/manager`
+3. Click the "Delete" from the right side of the Database you wanted to Delete.
+4. Enter the Master Password then Click the "Delete".
+5. Create a new database with the same name or different name
+
+### Option B: Via Command Line
+
+```bash
+# Stop OpenSPP service
+sudo systemctl stop openspp
+
+# Drop the existing database
+sudo -u postgres dropdb openspp_prod
+
+# Create a new empty database
+sudo -u postgres createdb openspp_prod
+
+# Start OpenSPP service
+sudo systemctl start openspp
+
+# Initialize the database with base modules
+sudo -u openspp openspp-server \
+    --database=openspp_prod \
+    --init=base \
+    --stop-after-init
+
+# Restart service
+sudo systemctl restart openspp
+```
+
+**Warning**: Resetting the database will permanently delete all data, including:
+- All registrant records
+- Program configurations
+- Entitlements and payments
+- Uploaded documents
+- User accounts and settings
+- Custom configurations
+
+## Backup Before Reset
+
+Always create a backup before resetting:
+
+```bash
+# Create backup directory
+sudo mkdir -p /var/backups/openspp
+
+# Backup database
+sudo -u postgres pg_dump openspp_prod | gzip > /var/backups/openspp/db_backup_$(date +%Y%m%d_%H%M%S).sql.gz
+
+# Backup filestore
+sudo tar -czf /var/backups/openspp/filestore_backup_$(date +%Y%m%d_%H%M%S).tar.gz /var/lib/openspp/filestore/openspp_prod
+```

docs/user_guide/administration/database_management.md

@@ -38,4 +38,9 @@ import_areas
 inventory_configuration
 email_gateway
 hardware_integration
+database_management
+monitoring_maintenance
+security_tuning
+troubleshooting
+uninstalling
 ```

docs/user_guide/administration/index.md

@@ -0,0 +1,86 @@
+---
+review-status: needs-review
+review-date: 2025-06-04
+reviewer: migration-script
+migration-notes: "Added during 2025 documentation reorganization"
+---
+
+# Monitoring and Maintenance
+
+This section provides basic instructions for monitoring your OpenSPP system, viewing logs, managing services, and performing updates. Regular monitoring and maintenance help keep your system running smoothly and securely.
+
+## View Logs
+
+```bash
+# Real-time service logs
+sudo journalctl -u openspp -f
+
+# Application logs
+sudo tail -f /var/log/openspp/openspp.log
+
+# PostgreSQL logs
+sudo tail -f /var/log/postgresql/postgresql-*.log
+```
+
+## Service Management
+
+```bash
+# Restart service
+sudo systemctl restart openspp
+
+# Stop service
+sudo systemctl stop openspp
+
+# Start service
+sudo systemctl start openspp
+
+# Reload configuration without restart
+sudo systemctl reload openspp
+```
+
+## Update OpenSPP
+
+When a new version is available:
+
+```bash
+# Update package list
+sudo apt-get update
+
+# Check for OpenSPP updates
+apt list --upgradable | grep openspp
+
+# Stop service before upgrade
+sudo systemctl stop openspp
+
+# Backup current installation
+sudo tar -czf /var/backups/openspp-backup-$(date +%Y%m%d).tar.gz /opt/openspp /etc/openspp
+
+# Upgrade OpenSPP
+sudo apt-get upgrade openspp
+
+# Start service
+sudo systemctl start openspp
+
+# Update modules via web interface
+```
+
+## Alternative: Manual Update
+
+If updating manually:
+
+```bash
+# Download new package from Nexus
+wget https://builds.acn.fr/repository/apt-openspp/pool/main/o/openspp/openspp_X.X.X_amd64.deb
+
+# Stop service
+sudo systemctl stop openspp
+
+# Backup current installation
+sudo tar -czf /var/backups/openspp-backup-$(date +%Y%m%d).tar.gz /opt/openspp /etc/openspp
+
+# Install new version
+sudo dpkg -i openspp_X.X.X_amd64.deb
+
+# Start service
+sudo systemctl start openspp
+```

docs/user_guide/administration/monitoring_maintenance.md

@@ -0,0 +1,206 @@
+---
+review-status: needs-review
+review-date: 2025-06-04
+reviewer: migration-script
+migration-notes: "Added during 2025 documentation reorganization"
+---
+
+# Security Recommendations and Performance Tuning
+
+This guide provides essential recommendations for securing your OpenSPP instance and tuning its performance for production environments. It covers database security, firewall setup, SSL/TLS configuration with Nginx, and implementing regular backups. Additionally, it offers tips on performance tuning, including adjusting worker processes, memory limits, and PostgreSQL settings to handle high-load scenarios.
+
+## Security Recommendations
+
+### 1. Database Security Configuration
+
+After initial setup and database creation, it's strongly recommended to:
+
+```bash
+# Edit the configuration
+sudo nano /etc/openspp/odoo.conf
+
+# Set list_db to False for production
+list_db = False
+
+# Restart the service
+sudo systemctl restart openspp
+```
+
+**Why disable list_db in production:**
+- Prevents unauthorized users from seeing database names
+- Disables database creation/deletion via web interface
+- Reduces attack surface by hiding database management interface
+- Forces direct database URL access (e.g., `http://server:8069/web?db=openspp_prod`)
+
+**When to keep list_db = True:**
+- Development environments
+- Testing environments
+- Initial setup phase
+- When multiple databases need frequent management
+
+### 2. Firewall Configuration
+
+```bash
+# Install UFW firewall
+sudo apt-get install -y ufw
+
+# Allow SSH (adjust port if needed)
+sudo ufw allow 22/tcp
+
+# Allow OpenSPP web interface
+sudo ufw allow 8069/tcp
+
+# Allow OpenSPP longpolling (if using real-time features)
+sudo ufw allow 8072/tcp
+
+# Enable firewall
+sudo ufw enable
+```
+
+### 3. SSL/TLS with Nginx (Recommended for Production)
+
+```bash
+# Install Nginx
+sudo apt-get install -y nginx certbot python3-certbot-nginx
+
+# Create Nginx configuration
+sudo nano /etc/nginx/sites-available/openspp
+```
+
+Add this configuration:
+```nginx
+server {
+    listen 80;
+    server_name your-domain.com;
+
+    # Redirect HTTP to HTTPS
+    return 301 https://$server_name$request_uri;
+}
+
+server {
+    listen 443 ssl http2;
+    server_name your-domain.com;
+
+    # SSL certificates (will be added by certbot)
+    # ssl_certificate /etc/letsencrypt/live/your-domain.com/fullchain.pem;
+    # ssl_certificate_key /etc/letsencrypt/live/your-domain.com/privkey.pem;
+
+    # Proxy settings
+    proxy_read_timeout 720s;
+    proxy_connect_timeout 720s;
+    proxy_send_timeout 720s;
+
+    # Add headers
+    proxy_set_header Host $host;
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header X-Forwarded-Proto $scheme;
+    proxy_set_header X-Real-IP $remote_addr;
+
+    # Redirect requests to OpenSPP
+    location / {
+        proxy_redirect off;
+        proxy_pass http://127.0.0.1:8069;
+    }
+
+    # Longpolling
+    location /longpolling {
+        proxy_pass http://127.0.0.1:8072;
+    }
+
+    # Static files
+    location ~* /web/static/ {
+        proxy_cache_valid 200 90m;
+        proxy_buffering on;
+        expires 864000;
+        proxy_pass http://127.0.0.1:8069;
+    }
+}
+```
+
+Enable the site and get SSL certificate:
+```bash
+# Enable the site
+sudo ln -s /etc/nginx/sites-available/openspp /etc/nginx/sites-enabled/
+sudo nginx -t
+sudo systemctl reload nginx
+
+# Get SSL certificate
+sudo certbot --nginx -d your-domain.com
+```
+
+### 4. Regular Backups
+
+Create a backup script:
+
+```bash
+sudo nano /usr/local/bin/openspp-backup.sh
+```
+
+```bash
+#!/bin/bash
+BACKUP_DIR="/var/backups/openspp"
+DATE=$(date +%Y%m%d_%H%M%S)
+DB_NAME="openspp_prod"
+
+# Create backup directory
+mkdir -p $BACKUP_DIR
+
+# Backup database
+sudo -u postgres pg_dump $DB_NAME | gzip > $BACKUP_DIR/db_${DB_NAME}_${DATE}.sql.gz
+
+# Backup filestore
+tar -czf $BACKUP_DIR/filestore_${DATE}.tar.gz /var/lib/openspp/
+
+# Keep only last 30 days of backups
+find $BACKUP_DIR -type f -mtime +30 -delete
+
+echo "Backup completed: $DATE"
+```
+
+Make it executable and schedule:
+```bash
+sudo chmod +x /usr/local/bin/openspp-backup.sh
+
+# Add to crontab (daily at 2 AM)
+echo "0 2 * * * /usr/local/bin/openspp-backup.sh" | sudo crontab -
+```
+
+## Performance Tuning
+
+For production environments with high load:
+
+1. **Increase workers** (1 worker per CPU core, minimum 2 for queue_job):
+   ```ini
+   workers = 8  # For 8-core server
+   server_wide_modules = base,web,queue_job  # Required
+   ```
+   
+   **Note**: Never set `workers = 0` in production as this disables queue_job async processing.
+
+2. **Adjust memory limits** based on available RAM:
+   ```ini
+   limit_memory_hard = 8589934592  # 8GB
+   limit_memory_soft = 6442450944  # 6GB
+   ```
+
+3. **PostgreSQL tuning**:
+   ```bash
+   sudo nano /etc/postgresql/16/main/postgresql.conf
+   ```
+   
+   Adjust:
+   ```ini
+   shared_buffers = 2GB
+   effective_cache_size = 6GB
+   maintenance_work_mem = 512MB
+   checkpoint_completion_target = 0.9
+   wal_buffers = 16MB
+   default_statistics_target = 100
+   random_page_cost = 1.1
+   ```
+
+4. **Enable caching** with Redis (optional):
+   ```bash
+   sudo apt-get install -y redis-server
+   # Configure in odoo.conf if your OpenSPP version supports it
+   ```