HOW TO INSTALL SUITECRM ON UBUNTU SERVER

Suitecrm is absolutely awesome, free and open software to run your organization or business. I’ve messed around with various crm’s like Salesforce but SuiteCRM is just so flexible. Oh, and it doesn’t cost any money. Oh, and if you need help or other stuff you can just pay people to build what you need. I haven’t explored all sectors but most business owners I know have found it to be excellent.

I thought I would have to write a long, detailed tutorial on this but thankfully I landed on this really excellent step-by-step tutorial.

I think there is a better way to install PHP, though, rather than copying all those individual PHP packages, but I’m too busy to look that up now. You can try, but this tutorial works. My only concern is that these packages and requirements might change over time so the one-stop-shop for installing all php packages is probably the better way to go.

I followed all the instructions in this tutorial above and successfully ended up with SuiteCRM running on my Ubuntu server on Digital Ocean droplet platform.

However, there were two things not covered which are important:

1. It was not SSL encrypted HTTPS:// so at the end of all the installation stuff, I needed to do that and
2. There was no mention of the important step of setting up the cron jobs which is one of the life-blood features of SuiteCRM since it is very good at sending out workflow reminders and other alerts by email. Cron jobs control this. The instructions are on the install page of the last step, as you can see, but I will make it more clear with a start-to-finish tutorial as follows:

Big Step 1 – Set up the Digital Ocean Droplet

0. Make sure you already have a domain purchased and reserved for your needs. This is optional but I will assume you’re doing this for tutorial.
1. Initiate your server / droplet
   I won’t give detailed instructions here because there is lots of documentation out there. I selected one with 2GB of ram (at time of writing it’s $10.00 uSD /month for this) only because the teacher recommended it. I didn’t research hardware specs and what I should do. Your needs may be different. I know using Nextcloud Talk uses a bit of RAM but not sure how much for a large conference.. worth investigating perhaps? I might also recommend calling your subdomain ‘nc’ instead of ‘files’ like I did in my example since you might do much more than ‘files’ with NC. “office.domain” or ‘nc.domain’ or ‘cloud.domain’ might make more sense?
2. In your domain registrar, point your domain to your server’s name host. In my case it will be digital ocean’s which I will pull from the ‘networking’ section after adding the domain to Digital Ocean. In my case I already had a test domain setup, so what I did was set up a subdomain called “files.domain.com”. The reason you want to do this right away is because
3. Set up your SSH keys
   Before you install the droplet, make sure your SSH keys are set up properly because you are going to use them a lot in the terminal. Here is some ssh tutorial. Note that it’s a little hard for me to find SSH stuff in the DO backend so for the records it’s at settings / security and then a tab (I think…). If you already have a DO space and SSH keys setup, you are already ready and can use those keys again.
4. SSH into your new server
   ssh root@123.123.123.123

Note 1: Normally at this point when I install a server I do the usual sudo apt update and sudo apt upgrade but the main install script for Postal does this for you it seems.

But… you don’t have a sudo user yet so here you go:

Big Step 2 – Make a sudo (non-root super user) user

Set up a non-root user account on the server. This is to reduce your chances of typing a wrong command and killing all your hard work and data.

This is a nice detailed tutorial on this if you’d like here.

Otherwise, this summaries it:

• Log into the server as root: ssh root@123.123.123.123
• Make sysadmin user: adduser sysadmin and follow the prompts (should be password prompt and then a few questions)
• Add new user to the sudo list: sudo usermod -aG sudo sysadmin
• Switch to new sysadmin user: su sysadmin
• (Optional) Test the new-found powers by running this and then cancelling: sudo dpkg-reconfigure tzdata

Helpful note
If you find you are not getting prompted for the questions after running the adduser command, it might be because you accidentally ran useradd command like me… weird how it works both ways…

Big Step 3 – Install SuiteCRM

Installing SuiteCRM, as mentioned above, is as simple as taking the time to follow this really excellent step-by-step tutorial

Big Step 4 – Secure your Installation with LetsEncrypt

SuiteCRM is good for moving company and organizational data, so you better protect that data with encryption.

1. Add the PPA: sudo add-apt-repository ppa:certbot/certbot
2. Install the certbot: sudo apt install python-certbot-apache
   Note: on Ubuntu 20, it seems to be this one now, so check if you hit any snags: sudo apt install certbot python3-certbot-apache
3. Test the syntax of, what I believe, are the conf files and apache conf files: sudo apache2ctl configtest. If you get an ‘OK’ message, continue. If you change anything in your conf files, don’t forget to reload Apache after sudo systemctl reload apache2
4. Enable the firewall: sudo ufw enable
5. MISSION CRITICAL Right here and right now, be sure you allow the ssh rule in the firewall rules, otherwise, you’ll get locked out of your server like I did. Thankfully with DO if you do get locked out you can go in through their virtual console, but still…So, simply run this line of code to open up SSH in the firewall: sudo ufw allow ssh
6. Let https traffic through so that Letsencrypt can do its thing: sudo ufw allow 'Apache Full'
7. Check the firewall status which should show active, as well as show BOTH 22/tcp and Apache Full enabled for both ipv4 and ipv6. Don’t continue until these are both present: sudo ufw status
8. RUN IT sudo certbot --apache -d your_domain -d www.your_domain
9. Most questions are easy to answer. choose option 2 forcing redirects to https
   Note! It seems after you choose this it’s forever impossible to connect with regular http:// on port 80. This may be important? Not sure…
10. Test your domains here to make sure https:// is working. Try going to them in a browser to see if you can still reach the SuiteCRM pages and then the lock icon is on. If not, make sure you’ve typed in https:// before URL. In the future, if you chose ‘redirect all’ in steap 9 above it should not require typing the https:// unless there is a problem.
11. Repeat steps 8-10 for other domains (ie. domain2.com) if required adjusting as appropriate
12. When done all your domains, do a dry run renewal to make sure renewal process is working well too: sudo certbot renew --dry-run

Bonus SubSection! How to get rid of Letsencrypt Stuff When everything goes sideways
Sometimes we make mistakes and things go wrong with SSL certificates. If you want to rule out Letsencrypt and your certs from the equation, it’s not entirely simple to get it out of your system, as I thought it was. So, here is your bonus section in case you need it nearby:

1. Disable the letsencrypt conf file: sudo a2dissite prestashop-le-ssl.conf
2. Totally uninstall letsencrypt (‘certbot’) sudo apt remove --purge python-certbot-apache
3. Purge these dirs of their certs:

rm -rf /etc/letsencrypt
rm -rf /var/log/letsencrypt
rm -rf /var/lib/letsencrypt
rm -rf /path/to/your/git/clone/directory (seemed not applicable)
rm -rf ~/.local/share/letsencrypt (seemed not applicable)

BONUS SECTION – Little Tips on Install Page

From the SuiteCRM install page, a few things I had to spend time learning that I think are worth sharing are:

• the ‘upload’ button on the logo in the ‘branding’ section doesn’t seem to work at that stage. Does it work if you point the file to directory and then not push upload? to confirm…
• If you have an email setup that will send emails from the system, then you can have that ready. If you are just doing some testing you can use some fake gmail account if you want, I suppose. Otherwise, if you don’t fill anything in it doesn’t hinder your installation, but you will not have the important email notification functionality.
• The default install script automatically auto-filled my host field as my website domain. Then I got this error message in red: “The provided database host, username, and/or password is invalid, and a connection to the database could not be established. Please enter a valid host, username and passwordThe provided database host, username, and/or password is invalid, and a connection to the database could not be established. Please enter a valid host, username and password”
  After I changed this auto-filled domain back to localhost (like in the tutorial screenshot) in the host field and pressed ‘next’ everything rolled ahead smoothly again.

Now that you are set up with SuiteCRM, there are a few ‘housekeeping setup things’ I do right after installation, such as cron jobs, setting up your email, etc. You can check that out on my SuiteCRM Post-Installation Housekeeping

I hope this helps you get started with the best CRM around!