Client-Server Setup Guide

Overview

CNPERP is a web-based ERP system with a client-server architecture designed for multi-user environments.

Architecture:

Server: Hosts the FastAPI backend, PostgreSQL database, and serves the web interface
Clients: Access the system via web browsers (Chrome, Firefox, Edge recommended)
Network: LAN or WAN with proper firewall configuration

Architecture Diagram

┌─────────────────┐     ┌─────────────────┐     ┌─────────────────┐
│   Client PC 1   │     │   Client PC 2   │     │   Client PC N   │
│   (Browser)     │     │   (Browser)     │     │   (Browser)     │
└────────┬────────┘     └────────┬────────┘     └────────┬────────┘
         │                       │                       │
         └───────────────────────┴───────────────────────┘
                                 │
                          Network/LAN
                                 │
                    ┌────────────┴────────────┐
                    │   Server Machine        │
                    │  ┌──────────────────┐  │
                    │  │  FastAPI Backend │  │
                    │  │  (Port 8010)     │  │
                    │  └──────────────────┘  │
                    │  ┌──────────────────┐  │
                    │  │  PostgreSQL DB   │  │
                    │  │  (Port 5432)     │  │
                    │  └──────────────────┘  │
                    │  ┌──────────────────┐  │
                    │  │  Static Files    │  │
                    │  └──────────────────┘  │
                    └─────────────────────────┘

System Requirements

Server Requirements

Small Business (≤10 users)

CPU: 4 cores
RAM: 8 GB
Storage: 100 GB SSD
Network: 1 Gbps

Medium Business (10-50 users)

CPU: 8 cores
RAM: 16 GB
Storage: 250 GB SSD RAID 1
Network: 1 Gbps redundant

Enterprise (50+ users)

CPU: 16+ cores
RAM: 32 GB+
Storage: 500 GB+ SSD RAID 10
Network: 10 Gbps redundant

Client Workstation Requirements

Component	Minimum	Recommended
CPU	Dual-core	Quad-core
RAM	4 GB	8 GB
Display	1366x768	1920x1080
Network	100 Mbps	1 Gbps
Browser	Chrome 90+, Firefox 88+, Edge 90+, Safari 14+

Windows Server Installation

Step 1: Install Windows Server 2019/2022

Install Windows Server
Configure static IP address:
- IP: 192.168.1.100
- Subnet: 255.255.255.0
- Gateway: 192.168.1.1
- DNS: 8.8.8.8, 8.8.4.4
Set server name: CNPERP-SERVER

Step 2: Install Prerequisites

Python 3.11+

Download from python.org
Run installer with "Add Python to PATH" checked
Verify: python --version

PostgreSQL 15+

Download from postgresql.org
Install with default settings
Set password for postgres user (SAVE THIS!)

Step 3: Configure Windows Firewall

# Run as Administrator in PowerShell
New-NetFirewallRule -DisplayName "CNPERP Application" `
    -Direction Inbound -LocalPort 8010 -Protocol TCP -Action Allow

New-NetFirewallRule -DisplayName "PostgreSQL Database" `
    -Direction Inbound -LocalPort 5432 -Protocol TCP -Action Allow

Linux Server Installation (Ubuntu)

Step 1: Install Ubuntu Server 22.04 LTS

Install Ubuntu Server
Configure static IP:

sudo nano /etc/netplan/00-installer-config.yaml

network:
  version: 2
  ethernets:
    ens33:
      dhcp4: no
      addresses: [192.168.1.100/24]
      gateway4: 192.168.1.1
      nameservers:
        addresses: [8.8.8.8, 8.8.4.4]

sudo netplan apply

Step 2: Install Prerequisites

# Update system
sudo apt update && sudo apt upgrade -y

# Install Python 3.11
sudo apt install python3.11 python3.11-venv python3-pip -y

# Install PostgreSQL
sudo apt install postgresql postgresql-contrib -y

# Install Git and dependencies
sudo apt install git build-essential libpq-dev -y

Step 3: Configure UFW Firewall

sudo ufw allow 8010/tcp comment 'CNPERP Application'
sudo ufw allow 5432/tcp comment 'PostgreSQL Database'
sudo ufw allow 22/tcp comment 'SSH'
sudo ufw enable
sudo ufw status

Database Installation

Create Database and User

Windows:

cd "C:\Program Files\PostgreSQL\15\bin"
psql -U postgres

Linux:

sudo -u postgres psql

SQL Commands (Both platforms):

-- Create database
CREATE DATABASE cnperp_production;

-- Create user with strong password
CREATE USER cnperp_user WITH PASSWORD 'YourStrongPassword123!';

-- Grant privileges
GRANT ALL PRIVILEGES ON DATABASE cnperp_production TO cnperp_user;

-- Connect to database
\c cnperp_production

-- Grant schema privileges
GRANT ALL ON SCHEMA public TO cnperp_user;
GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO cnperp_user;
GRANT ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA public TO cnperp_user;
ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL ON TABLES TO cnperp_user;
ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL ON SEQUENCES TO cnperp_user;

-- Exit
\q

Security Note: Replace 'YourStrongPassword123!' with a strong, unique password and store it securely!

Application Installation

Step 1: Download Application

Windows:

New-Item -ItemType Directory -Path "C:\CNPERP" -Force
cd C:\CNPERP
git clone https://github.com/yourorg/cnperp-dimensions.git .
# OR extract ZIP file to C:\CNPERP

Linux:

sudo mkdir -p /opt/cnperp
sudo chown $USER:$USER /opt/cnperp
cd /opt/cnperp
git clone https://github.com/yourorg/cnperp-dimensions.git .

Step 2: Create Virtual Environment

Windows:

cd C:\CNPERP
python -m venv .venv
.\.venv\Scripts\Activate.ps1

Linux:

cd /opt/cnperp
python3.11 -m venv .venv
source .venv/bin/activate

Step 3: Install Dependencies

pip install --upgrade pip
pip install -r requirements.txt

Step 4: Configure Environment

Create .env file:

# Database Configuration
DATABASE_URL=postgresql://cnperp_user:YourStrongPassword123!@localhost:5432/cnperp_production

# Application Settings
APP_NAME=CNPERP
ENVIRONMENT=production
DEBUG=False

# Security
SECRET_KEY=your-secret-key-here-change-this-in-production
JWT_SECRET_KEY=your-jwt-secret-key-here-change-this
ACCESS_TOKEN_EXPIRE_MINUTES=30

# Server Configuration
HOST=0.0.0.0
PORT=8010

# CORS Settings
ALLOWED_ORIGINS=http://192.168.1.100:8010,http://localhost:8010

Step 5: Initialize Database

# Run migrations
alembic upgrade head

# Create admin user
python scripts/create_admin.py

Step 6: Test Application

# Start application manually
uvicorn app.main:app --host 0.0.0.0 --port 8010

# Test in browser
# Navigate to: http://localhost:8010

Client Access Setup

Step 1: Verify Server Access

From client workstation:

# Test network connectivity
ping 192.168.1.100

# Test port accessibility
telnet 192.168.1.100 8010

# Test application
curl http://192.168.1.100:8010/api/v1/health

Step 2: Browser Access

Open web browser (Chrome, Firefox, or Edge recommended)
Navigate to: http://192.168.1.100:8010
Bookmark the page for easy access
Login with admin credentials

Step 3: Create Desktop Shortcut (Optional)

Windows:

Right-click Desktop → New → Shortcut
Location: "C:\Program Files\Google\Chrome\Application\chrome.exe" --app=http://192.168.1.100:8010
Name: CNPERP ERP

Security Configuration

Critical Security Measures:

Change all default passwords immediately
Use strong, unique passwords (minimum 12 characters)
Implement SSL/TLS for production (HTTPS)
Configure firewall to allow only necessary IPs
Regularly update system and application
Enable database SSL connections
Implement regular security audits

Firewall Hardening

Windows - Restrict to LAN:

New-NetFirewallRule -DisplayName "CNPERP - LAN Only" `
    -Direction Inbound -LocalPort 8010 -Protocol TCP `
    -Action Allow -RemoteAddress 192.168.1.0/24

Linux - Restrict to LAN:

sudo ufw delete allow 8010/tcp
sudo ufw allow from 192.168.1.0/24 to any port 8010 proto tcp

Backup and Maintenance

Automated Daily Database Backup

Windows - PowerShell Script:

$timestamp = Get-Date -Format "yyyyMMdd_HHmmss"
$backupFile = "C:\CNPERP\backups\cnperp_$timestamp.backup"
$pgDumpPath = "C:\Program Files\PostgreSQL\15\bin\pg_dump.exe"

New-Item -ItemType Directory -Path "C:\CNPERP\backups" -Force

& $pgDumpPath -h localhost -U cnperp_user -F c -b -v `
    -f $backupFile cnperp_production

# Delete backups older than 30 days
Get-ChildItem "C:\CNPERP\backups" -Filter "*.backup" |
    Where-Object { $_.LastWriteTime -lt (Get-Date).AddDays(-30) } |
    Remove-Item

Write-Host "Backup completed: $backupFile"

Linux - Bash Script:

#!/bin/bash
TIMESTAMP=$(date +%Y%m%d_%H%M%S)
BACKUP_DIR="/opt/cnperp/backups"
BACKUP_FILE="$BACKUP_DIR/cnperp_$TIMESTAMP.backup"

mkdir -p $BACKUP_DIR

pg_dump -h localhost -U cnperp_user -F c -b -v \
    -f $BACKUP_FILE cnperp_production

# Delete backups older than 30 days
find $BACKUP_DIR -name "*.backup" -mtime +30 -delete

echo "Backup completed: $BACKUP_FILE"

Schedule Backup

Windows - Task Scheduler: Schedule the PowerShell script to run daily at 2 AM

Linux - Crontab:

crontab -e
# Add this line:
0 2 * * * /opt/cnperp/backup_database.sh >> /opt/cnperp/logs/backup.log 2>&1

Troubleshooting

Common Issues

Symptoms: Clients cannot reach http://192.168.1.100:8010

Solutions:

# Check if service is running (Windows)
Get-Service CNPERP

# Check if service is running (Linux)
sudo systemctl status cnperp

# Check if port is listening
netstat -an | findstr "8010"  # Windows
sudo netstat -tlnp | grep 8010  # Linux

# Test from server
curl http://localhost:8010/api/v1/health

# Test network from client
ping 192.168.1.100
telnet 192.168.1.100 8010

Symptoms: "Could not connect to database" errors

Solutions:

Check PostgreSQL is running
Test connection: psql -h localhost -U cnperp_user -d cnperp_production
Verify DATABASE_URL in .env file
Check password is correct
Review pg_hba.conf for access rules

Symptoms: Pages load slowly, timeouts

Solutions:

Check server CPU and memory usage
Run database VACUUM ANALYZE
Check for slow queries in PostgreSQL logs
Increase uvicorn workers if CPU allows
Consider adding more RAM or upgrading server
Review and optimize database indexes

Need Help?

For additional support:

Email: support@cnperp.com
Documentation: Help Center
Check application logs for detailed error messages

Quick Start Checklist

Pre-Installation

Server hardware meets requirements
Operating system installed
Static IP configured
Network connectivity verified

Installation

PostgreSQL installed and configured
Database created with user permissions
Application files deployed
Virtual environment created
Dependencies installed
.env file configured

Configuration

Database initialized
Admin user created
Service installed and running
Firewall configured
Client access tested

Post-Installation

Backup system configured
SSL/TLS configured (production)
Users created and trained
Company settings configured
Documentation reviewed

Client-Server Setup Guide

Overview

Architecture Diagram

System Requirements

Server Requirements

Small Business (≤10 users)

Medium Business (10-50 users)

Enterprise (50+ users)

Client Workstation Requirements

Server Setup

Windows Server Installation

Step 1: Install Windows Server 2019/2022

Step 2: Install Prerequisites

Step 3: Configure Windows Firewall

Linux Server Installation (Ubuntu)

Step 1: Install Ubuntu Server 22.04 LTS

Step 2: Install Prerequisites

Step 3: Configure UFW Firewall

Database Installation

Create Database and User

Application Installation

Step 1: Download Application

Step 2: Create Virtual Environment

Step 3: Install Dependencies

Step 4: Configure Environment

Step 5: Initialize Database

Step 6: Test Application

Client Access Setup

Step 1: Verify Server Access

Step 2: Browser Access

Step 3: Create Desktop Shortcut (Optional)

Security Configuration

Firewall Hardening

Backup and Maintenance

Automated Daily Database Backup

Schedule Backup

Troubleshooting

Common Issues

Cannot Access Application from Clients

Database Connection Errors

Slow Performance

Quick Start Checklist

Pre-Installation

Installation

Configuration

Post-Installation