🎓

erpnext

4 notes  •  LMS & Business Apps
HomeLMS & Business Apps › erpnext

Set Up Let's Encrypt SSL for ERPNext

ERPNext can be secured with a free Let's Encrypt SSL certificate using the built-in bench command. Certificates are valid for 90 days and can be renewed automatically.

Prerequisites

  • A valid domain name pointing to the server's IP
  • Root or sudo access
  • ERPNext installed with Nginx
  • Port 80 open in the firewall

Steps

# Run the Let's Encrypt setup for a site
sudo -H bench setup lets-encrypt [site-name]

# For a custom domain
sudo -H bench setup lets-encrypt [site-name] --custom-domain [custom-domain]

Follow the interactive prompts. The command registers the site with Let's Encrypt, downloads the certificate, configures Nginx, and adds a monthly cron job for renewal.

Renew Manually

sudo bench renew-lets-encrypt

Notes

  • Certificates expire every 90 days — automatic renewal via cron is set up by the command.
  • Ensure your DNS record resolves correctly before running the command.
  • For production, always run bench as a non-root user with appropriate sudo rights.

Install ERPNext on Ubuntu 16.04/18.04 LTS with Nginx and MariaDB

ERPNext is an open-source ERP platform covering manufacturing, distribution, retail, HR, and accounting. This guide walks through installing ERPNext on Ubuntu 16.04 or 18.04 LTS using Nginx and MariaDB.

Prerequisites

  • Ubuntu 16.04 or 18.04 LTS server with at least 4 GB RAM
  • A non-root sudo user
  • A domain name (optional but recommended for SSL)

Steps

# Update system
sudo apt-get update && sudo apt-get upgrade -y

# Install dependencies
sudo apt-get install -y python3-minimal build-essential python3-setuptools \
  libffi-dev libssl-dev wkhtmltopdf git redis-server nodejs npm

# Install pip and frappe-bench
sudo pip3 install frappe-bench

# Initialize bench in a directory
bench init /home/frappe/frappe-bench --frappe-branch version-13
cd /home/frappe/frappe-bench

# Create a new site
bench new-site yoursite.example.com

# Install ERPNext app
bench get-app erpnext https://github.com/frappe/erpnext --branch version-13
bench --site yoursite.example.com install-app erpnext

# Set up for production (Nginx + Supervisor)
sudo bench setup production frappe
sudo service nginx restart

Verify

Open http://yoursite.example.com in a browser. You should see the ERPNext setup wizard.

Notes

  • Use bench version-13 or later branch for Moodle 16.04/18.04 compatibility.
  • Run ERPNext under the frappe system user for security.
  • After going to production, set up Let's Encrypt with bench setup lets-encrypt.

Configure Multitenant Setup with Frappe Bench

Frappe Bench supports hosting multiple ERPNext sites on the same server. Sites can be served on different ports or resolved by DNS hostname. This guide covers both methods.

Prerequisites

  • ERPNext already installed and running in production mode
  • Nginx configured (bench setup production completed)

Method 1: Port-Based Multitenancy

# Create a second site
bench new-site site2.local

# Assign it a different port
bench set-nginx-port site2.local 82

# Regenerate Nginx config
bench setup nginx

# Reload Nginx
sudo service nginx reload

Method 2: DNS-Based Multitenancy

# Enable multitenancy
bench config dns_multitenant on

# Create a site named as its hostname
bench new-site site2.example.com

# Regenerate config and reload
bench setup nginx
sudo service nginx reload

Switch Default Site

bench use site2.local

Notes

  • For DNS-based multitenancy, each site name must match the DNS hostname that resolves to the server.
  • After adding a new site, run bench setup lets-encrypt site2.example.com to add SSL.

Fix: bench start — Address Already in Use Error

When running bench start, you may see an error like 127.0.0.1:11000: bind: Address already in use. This happens when a Redis or other Frappe process from a previous session is still bound to the port.

Identify the Process

# Find what is using the port (e.g. 11000 or 12000)
sudo lsof -i :11000
sudo lsof -i :12000

Steps

# Kill the process using the port
sudo kill -9 <PID>

# Or kill all Redis instances
sudo pkill redis-server

# Then restart bench
bench start

Verify

bench start

Bench should start cleanly with all workers running.

Notes

  • In production mode, use sudo supervisorctl restart all instead of bench start.
  • Port numbers (11000, 12000) vary — check Procfile in the bench directory for the exact ports.
  • If running as root with sudo bench start, try switching to the frappe user: sudo su - frappe -c 'cd frappe-bench && bench start'.