Loading…
Loading…
The official NonaGuard Odoo connector is a native module that pushes module inventory, permission audits, PostgreSQL health metrics, and security signals to your dashboard every 2 minutes — no inbound ports, no XML-RPC credentials in the cloud.
Push-based architecture: Odoo sends data outward only. No open inbound ports. Get your token from nonaguard.com/dashboard/settings → Connector Tokens.
Free browser extension
Detect Odoo automatically, run a one-click TLS & security header check, and unlock the full report — without leaving the page. Built for Odoo partners researching client instances.
How the connector works
Data flows Odoo → NonaGuard only. No inbound connections needed. Works behind any firewall or NAT.
NonaGuard works both ways. The connector adds always-on monitoring and works inside firewalls.
Direct XML-RPC
NonaGuard connects to your Odoo instance via XML-RPC using admin credentials. Requires network access from our servers to reach your Odoo URL.
Native Odoo module · Free
Install the NonaGuard connector module on your Odoo instance. The connector pushes data securely to NonaGuard. Works behind firewalls — no inbound ports needed.
Select your Odoo version and follow the steps. Install in under 60 seconds.
Download the NonaGuard Connector from hexalian.com/store. One universal module supports Odoo 15–19 — no version-specific builds needed. Copy it to your addons directory, then install from the Odoo Apps menu.
# 1. Download from hexalian.com/store # 2. Copy to your addons path cp -r nonaguard_connector/ /opt/odoo/addons/ # 3. In Odoo (v17): Apps → Update Module List → Search "NonaGuard" → Install
Log in to nonaguard.com → Settings → Connector Tokens → New Token. Give it a descriptive name and copy the token — it is shown only once.
nonaguard.com → Settings → Connector Tokens → New Token → Name it → Copy the token value
In Odoo go to Settings → General Settings → NonaGuard. Paste your API token and click Save, then click Test Connection. You should see a green success banner confirming your Odoo version.
Odoo: Settings → General Settings → NonaGuard → Paste API Token → Save → Test Connection (should show green ✓)
Enable Automatic Sync in the NonaGuard settings section and save. Your first Pulse Score will appear in the NonaGuard dashboard within minutes. From there you can track health, security, and performance metrics.
Odoo: Settings → General Settings → NonaGuard → Enable Automatic Sync → Save Dashboard: nonaguard.com → Instances → Your Instance
The connector uses a push-based architecture — your Odoo server sends data outbound. No open ports, no inbound firewall rules, no public endpoints.
A scheduled action fires at your configured frequency (hourly, every 6h, 12h, or daily). You can also trigger scans manually from Settings → NonaGuard or remotely via the dashboard.
The collector gathers 90+ metrics in a single transaction: module inventory, user permissions, security groups, cron health, DB stats, performance counters, custom module analysis, deprecation warnings, and compliance checks.
Your API token (stored encrypted with Fernet AES-256 in ir.config_parameter) is used to sign the request. The token never leaves your server in plaintext — only the bearer header is sent over TLS.
A single POST request sends the encrypted JSON payload to api.nonaguard.com over TLS 1.3. Automatic retry with exponential back-off (up to 3 attempts) if the first request fails.
NonaGuard processes the payload: calculates your Pulse Score (0–100), assigns a grade (A+ to F), identifies risks and recommendations, and stores a historical snapshot for trend analysis.
A lightweight heartbeat ping runs every 2 minutes. The SaaS response can include queued actions (trigger scan, run diagnostics, clear cache) — executed immediately, no inbound webhook needed.
Connector scans are push-based. When you click "Scan Now", NonaGuard queues a request and waits for your Odoo module to deliver the data — here is exactly what happens, step by step.
Click "Scan Now" in the dashboard. NonaGuard marks the scan as "waiting for connector" and signals your Odoo connector module.
On its next heartbeat (typically under 1 minute), the NonaGuard module inside Odoo securely pushes the scan payload to our servers.
The scan page polls in real time and updates instantly once the connector delivers. No refresh needed.
If your connector is slow or busy, you can click "Re-trigger sync now" on the scan page to send a new request immediately. The connector will pick it up on its next heartbeat. The scan page polls for up to 30 minutes automatically.
Everything included. Free module. LGPL-3 license.
Install the module, generate a connector token in your dashboard, paste it into Odoo Settings → NonaGuard. Done. No code changes required.
Sends complete module list with versions, authors, installation states, and automatic custom vs standard module detection.
All remote commands are signed with HMAC-SHA256 using your API token. The connector rejects any unsigned or tampered request.
Automated cron job sends a lightweight health ping every 2 minutes with exponential back-off retry and circuit breaker (10 failures → 1/hour throttle). No missed beats.
Collects cron job health, database record counts, query timing data, and system resource metrics for trend analysis.
Detects over-privileged security groups, public access on sensitive models, admin users without 2FA, and misconfigured RBAC.
Full audit trail of all syncs, webhook events, errors, and diagnostics stored natively in Odoo's logging system.
Sync logs automatically purged after 90 days. Historical scan records kept for trend analysis. Zero database bloat.
Automatically collects lock dates, draft invoice aging, bank reconciliation status, inventory valuation methods, and accounting user privileges.
NonaGuard can send signed commands to your Odoo connector. Every request is verified with HMAC-SHA256.
pingVerify the connector is online. Returns Odoo version and connector version.
{ "status": "pong", "odoo_version": "17.0", "connector_version": "17.0.2.0.0" }trigger_scanForce an immediate data sync instead of waiting for the next scheduled sync.
{ "status": "scan_triggered" }get_statusReturn current configuration state: token set, sync enabled, instance ID, last sync time and score.
{ "enabled": true, "instance_id": "...", "last_sync": "...", "last_pulse_score": "82" }run_diagnosticsExecute self-tests on the Odoo side: API token, sync status, cron jobs, internet connectivity, DB health.
{ "checks": [{ "name": "API Token", "status": "ok", "message": "Configured" }] }clear_cacheClear ORM and asset bundle caches remotely without shell access.
{ "status": "cache_cleared", "orm": true, "assets": true }get_logsReturn recent connector activity logs (up to 200 entries) for incident triage.
{ "logs": [{ "level": "warning", "category": "sync", "message": "timeout", "ts": "..." }] }list_modulesReturn a full installed module inventory snapshot with versions and states.
{ "modules": [{ "name": "sale", "version": "17.0", "state": "installed" }] }module_upgradeUpgrade selected installed modules remotely (requires explicit confirmation).
{ "status": "upgrade_started", "modules": ["stock", "account"], "dry_run": false }apply_fix:*Track remediation status per finding with notes and progress (status tracking only — no automatic fixes).
{ "status": "fix_applied", "fix": "disable_list_db", "before": {"list_db": true}, "after": {"list_db": false} }POST /nonaguard/webhookX-NonaGuard-SignatureHMAC-SHA256The connector verifies every incoming request by computing HMAC-SHA256 of the sorted JSON body using your stored API token as the signing key. Rejected requests return a 200 + error body — no 4xx — to avoid leaking configuration details.
We're building more ways to monitor and manage your Odoo instances.
Compare risk scores, configurations, and module sets across all your instances.
Define thresholds for score drops, new admin users, and permission changes.
Track backup history, verify restore readiness, and alert on failed backups.
Block deployments in GitHub or GitLab when Pulse Score falls below a threshold.
No business data is ever sent. No invoices, contacts, products, orders, or any transactional records. Only structural and configuration metadata.
No. NonaGuard works without the connector using direct XML-RPC. However, the connector enables 2-minute heartbeat monitoring, richer data, and remote commands that aren't possible with direct connection.
No. The connector only sends structural metadata: module names, versions, permission rules, cron job states, and system configuration. It never reads invoices, contacts, sales orders, or any transactional records.
It retries 3 times with exponential back-off (2s, 4s, 8s delays). Each attempt is logged. The next scheduled sync will try again automatically. You'll see the error in Odoo's NonaGuard logs.
Yes. Since the connector pushes data outward (Odoo → NonaGuard), you only need outbound HTTPS on port 443 to nonaguard.com. No inbound ports need to be opened. This is the primary advantage over direct XML-RPC.
In Odoo: Settings → General Settings → NonaGuard → Test Connection. You should see a green success message. In the NonaGuard dashboard: Settings → Connector Tokens — check the Last Used time for your token.
Yes. It's licensed under LGPL-3. You can inspect, fork, and modify it freely. The source is available in OCA-compatible format. The manifest is transparent about all dependencies and permissions used.
Install the new version via the Odoo App Store or replace the folder in your addons path. Run Update Module List → Upgrade NonaGuard Connector. No configuration changes required — your existing API token remains valid.
Free connector module. 7-day free trial. Install in 60 seconds. First Pulse Score in under a minute.