Advertisement
metailmonkey_

Untitled

Nov 10th, 2023
177
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Nginx 3.66 KB | None | 0 0
  1. # Odoo servers
  2. upstream odoo {
  3.  server 127.0.0.1:8100;
  4. }
  5.  
  6. upstream odoochat {
  7.  server 127.0.0.1:8102;
  8. }
  9.  
  10. map $http_upgrade $connection_upgrade {
  11.   default upgrade;
  12.   ''      close;
  13. }
  14.  
  15. # HTTP -> HTTPS
  16. server {
  17.     listen 80;
  18.     listen [::]:80;
  19.     # server_name www.example.com example.com;
  20.     server_name odoo.domain.com;
  21.  
  22.     # divert login to ssl site
  23.     location ~ ^/ {
  24.         return 301 https://$server_name$request_uri;
  25.     }
  26.  
  27. }
  28.  
  29. server {
  30.     listen 443 ssl http2;
  31.     # server_name example.com;
  32.     server_name odoo.domain.com;
  33.  
  34.     set $app_site        http://odoo;
  35.     set $app_longpoll    http://odoochat;
  36.  
  37.     proxy_read_timeout 720s;
  38.     proxy_connect_timeout 720s;
  39.     proxy_send_timeout 720s;
  40.  
  41.     # Proxy headers
  42.     proxy_set_header Host $host;
  43.     proxy_set_header X-Forwarded-Host $host;
  44.     proxy_set_header X-Forwarded-Server $host;
  45.  
  46.     proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  47.     proxy_set_header X-Forwarded-Proto $scheme;
  48.     proxy_set_header X-Real-IP $remote_addr;
  49.  
  50.     proxy_redirect off;
  51.  
  52.     # SSL parameters
  53.     ssl_certificate "/opt/ssl/odoo.domain.com.crt";
  54.     ssl_certificate_key "/opt/ssl/odoo.domain.com.key";
  55.     # ssl_trusted_certificate /etc/letsencrypt/live/example.com/chain.pem;
  56.     include snippets/ssl.conf;
  57.     # include snippets/letsencrypt.conf;
  58.  
  59.     # log files
  60.     access_log /var/log/nginx/odoo.access.log;
  61.     error_log /var/log/nginx/odoo.error.log;
  62.  
  63.     # configures NGINX to wait no more than 10 seconds between writes
  64.     # from the client for either headers or body
  65.     client_body_timeout 10s;
  66.     client_header_timeout 10s;
  67.  
  68.     client_max_body_size 25M;
  69.  
  70.     location ~ ^/website/info {
  71.         return 301 $scheme://$server_name;
  72.     }
  73.  
  74.     # disable debug mode
  75.     if ($args ~ debug) {
  76.         return 301 $scheme://$server_name/web;
  77.     }
  78.  
  79.     # Handle longpoll requests
  80.     location /longpolling {
  81.        proxy_pass $app_longpoll;
  82.     }
  83.  
  84.     #
  85.     # https://www.odoo.com/documentation/16.0/administration/install/deploy.html#https
  86.     #
  87.     # Redirect websocket requests to odoo gevent port
  88.     location /websocket {
  89.       proxy_pass $app_longpoll;
  90.       proxy_set_header Upgrade $http_upgrade;
  91.       proxy_set_header Connection $connection_upgrade;
  92.       proxy_set_header X-Forwarded-Host $host;
  93.       proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  94.       proxy_set_header X-Forwarded-Proto $scheme;
  95.       proxy_set_header X-Real-IP $remote_addr;
  96.     }
  97.  
  98.     # Redirect requests to odoo backend server
  99.     location / {
  100.       # Add Headers for odoo proxy mode
  101.       proxy_set_header X-Forwarded-Host $host;
  102.       proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  103.       proxy_set_header X-Forwarded-Proto $scheme;
  104.       proxy_set_header X-Real-IP $remote_addr;
  105.       proxy_redirect off;
  106.       proxy_pass $app_site;
  107.  
  108.       # Enable HSTS
  109.       add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";
  110.       # requires nginx 1.19.8
  111.       #proxy_cookie_flags session_id samesite=lax secure;
  112.     }
  113.  
  114.     # Cache static files
  115.     location ~* /web/static/ {
  116.         proxy_cache_valid 200 90m;
  117.         proxy_buffering on;
  118.         expires 864000;
  119.         proxy_pass $app_site;
  120.     }
  121.  
  122.     error_page 404 /errorpages/404.html;
  123.  
  124.     error_page 500 502 503 504 /errorpages/50xnl.html;
  125.  
  126.     location /errorpages/ {
  127.         root /usr/share/nginx/html/;
  128.     }
  129.  
  130.     ## If you use https make sure you disable gzip compression
  131.     ## to be safe against BREACH attack.
  132.     # Gzip
  133.     gzip_types text/css text/less text/plain text/xml application/xml application/json application/javascript;
  134.     gzip off;
  135. }
  136.  
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement