Setting up Odoo 14 + HTTPS through nginx
I've been developing a deployed Odoo v14 instance which I used to access using the IP. My intention was to access this instance using a subdomain I own, I have registered domainname.com and created an A record called crm.domainname.com targeting the IP where my Odoo instance is. The link was working correctly but I want to hide the IP and only display crm.domainname.com when Odoo is accessed so I installed Nginx to configure the domain and use it as reverse proxy.
Here is where my problem comes, I don't have much experience configuring Nginx but after some research and experimenting I came up with this configurations (but I think they are redundant)
file /etc/nginx/nginx.conf
#user nobody;
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
server {
listen 80;
listen 443 ssl;
server_name crm.domainname.com;
ssl_certificate /etc/nginx/ssl/crm_domainname_com.crt;
ssl_certificate_key /etc/nginx/ssl/crm_domainname_com.key;
location / {
proxy_pass http://127.0.0.1:8069;
}
}
}
and for both /ect/nginx/sites-available/odoo and /ect/nginx/sites-enabled/odoo which don't seem to be loading at all
#odoo server
upstream odoo {
server 127.0.0.1:8069;
}
upstream odoochat {
server 127.0.0.1:8072;
}
# http -> https
server {
listen 80 default_server;
server_name crm.domainname.com;
# return 301 https://crm.domainname.com$request_uri;
rewrite ^(.*) https://$host$1 permanent;
}
server {
listen 443 ssl default_server;
server_name crm.domainname.com;
proxy_read_timeout 720s;
proxy_connect_timeout 720s;
proxy_send_timeout 720s;
# Add Headers for odoo proxy mode
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
# SSL parameters
ssl on;
ssl_certificate /etc/nginx/ssl/crm_domainname_com.crt;
ssl_certificate_key /etc/nginx/ssl/crm_domainname_com.key;
ssl_session_timeout 30m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM$....
ssl_prefer_server_ciphers on;
# log
access_log /var/log/nginx/odoo.access.log;
error_log /var/log/nginx/odoo.error.log;
# Redirect longpoll requests to odoo longpolling port
location /longpolling {
proxy_pass http://odoochat;
}
# Redirect requests to odoo backend server
location / {
proxy_redirect off;
proxy_pass http://odoo;
}
# location ~* /web/static/ {
# proxy_cache_valid 200 90m;
# proxy_buffering on;
# expires 864000;
# proxy_pass http://odoo;
# }
# common gzip
gzip_types text/css text/scss text/plain text/xml application/xml application/json applicat$
gzip on;
}
finally for my odoo-server.conf file
xmlrpc_interface = 127.0.0.1
db_host = False
db_maxconn = 64
db_name = False
db_password = False
db_port = False
db_sslmode = prefer
db_template = template0
db_user = odoo
dbfilter =
demo = {}
email_from = False
geoip_database = /usr/share/GeoIP/GeoLite2-City.mmdb
http_enable = True
http_interface = 127.0.0.1
http_port = 8069
import_partial =
limit_memory_hard = 2684354560
limit_memory_soft = 2147483648
limit_request = 8192
limit_time_cpu = 60
limit_time_real = 120
limit_time_real_cron = -1
list_db = True
log_db = False
log_db_level = warning
log_handler = :INFO
log_level = info
logfile = /var/log/odoo/odoo-server.log
longpolling_port = 8072
max_cron_threads = 1
osv_memory_age_limit = False
osv_memory_count_limit = False
pg_path =
pidfile =
proxy_mode = True
reportgz = False
screencasts =
screenshots = /tmp/odoo_tests
server_wide_modules = base,web
smtp_password = False
smtp_port = 25
smtp_server = localhost
smtp_ssl = False
smtp_user = False
syslog = False
test_enable = False
test_file =
test_tags = None
transient_age_limit = 1.0
translate_modules = ['all']
unaccent = False
upgrade_path =
without_demo = False
workers = 2
After running all this configurations and restarting Odoo and Nginx I can access crm.domainname.com but assets like CSS and JS are not loading. Chrome console shows the following error:
Failed to load resource: net::ERR_CONTENT_LENGTH_MISMATCH
And when I login with my username and password all I see is a blank screen. Chrome console shows the same error as in login screen but with status 200 and sometimes this error appears too:
Uncaught TypeError: odoo.define is not a function
I've tried regenerating the assets but I've been only able to delete them using
DELETE FROM ir_attachment WHERE url LIKE '/web/content/%'; but It may have worsened things.
What am I getting wrong? I can't find the solution regarding this missing assets anywhere nor the correct nginx.conf and /etc/nginx/sites-enabled configuration
I've been able to solve this problem where assets where not loading and it was almost all a misconfiguration of my Nginx!
First of all, in file /etc/nginx/nginx.conf
I've deleted the server block inside http,
I had to include the sites-enabled configuration and remove the server directives to main HTTP block.
#user nobody;
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
include /etc/nginx/sites-available/odoo;
}
My server directives inside /etc/nginx/sites-enabled/odoo now looks like this
*Old config*
. . .
#http-> https
server {
server_name crm.domainname.com;
return 301 https://crm.domainname.com$request_uri;
}
#https
server {
listen 443 ssl http2;
server_name crm.domainname.com;
. . .
*More config*
. . .
add_header Strict-Transport-Security max-age=15768000;
# Redirect requests to odoo backend server
location / {
proxy_redirect off;
proxy_pass http://odoo;
}
location /longpolling {
proxy_pass http://odoochat;
}
location ~* /web/static/ {
proxy_cache_valid 200 90m;
proxy_buffering on;
expires 864000;
proxy_pass http://odoo;
}
}
Finally I added the interfaces at the end of /etc/odoo-server.conf
xmlrpc_interface = 127.0.0.1
netrpc_interface = 127.0.0.1
Now everything is working, my subdomain is redirecting to https and correctly displaying Odoo and loading all its assets even if I'm not in debug mode!
- How to simulate DDOS/Slashdotting?
- How can I allow access to a single IP address via Nginx.conf?
- Is there a way to generate a helm install script from a ConfigMap?
- FastAPI with nginx does not serve static files in HTTPS
- NGINX reverse proxy returns HTTP 400 with a invalid header line for my flutter app.Works fine in Postman
- File copied in dockerfile: Not found if in specific location
- CentOS 7 - NGINX - DNS Load Balance
- What is the right way to declare memory resource in AWS ECS task definition for Docker Nginx?
- nginx "server_tokens off" does not remove the server header
- How to correctly run streamlit app with nginx on https?
- nginx in docker 502
- How to parse several log nginx files using goaccess
- Conditional set up of a proxy server on Server A that allows Server B to perform Docker operations through a http proxy
- HTTP to HTTPS Nginx too many redirects
- Permission Denied on Socket File - NGINX + Gunicorn + Flask
- Are location specific logfiles treated different?
- nginx the "ssl" directive is deprecated, use the "listen ... ssl"
- Run Nginx as Windows service
- Unicode special character U+FFFD returning from my Nest.JS API, but only sometimes
- SSL: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch
- fatal: repository not found, 404
- Undefined variable $form on remote server
- nginx how to check the value of optional header
- Pm2 process stops running automatically in ubuntu server
- NGINX Ingress Controller Proxying Websocket Connections
- Why is the initial connection time for a HTTP request so long?
- Nginx Error 413 Entity too large on AWS ELB
- Connection Refused Between SSR Next.js and Laravel API
- Kubernetes nginx Ingress rewrite-target results in double slash
- Configure nginx using reverse_proxy and wordgpress for subdirectory /blog