Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # Odoo servers
- upstream odoo {
- server 127.0.0.1:8100;
- }
- upstream odoochat {
- server 127.0.0.1:8102;
- }
- map $http_upgrade $connection_upgrade {
- default upgrade;
- '' close;
- }
- # HTTP -> HTTPS
- server {
- listen 80;
- listen [::]:80;
- # server_name www.example.com example.com;
- server_name odoo.domain.com;
- # divert login to ssl site
- location ~ ^/ {
- return 301 https://$server_name$request_uri;
- }
- }
- server {
- listen 443 ssl http2;
- # server_name example.com;
- server_name odoo.domain.com;
- set $app_site http://odoo;
- set $app_longpoll http://odoochat;
- proxy_read_timeout 720s;
- proxy_connect_timeout 720s;
- proxy_send_timeout 720s;
- # Proxy headers
- proxy_set_header Host $host;
- proxy_set_header X-Forwarded-Host $host;
- proxy_set_header X-Forwarded-Server $host;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- proxy_set_header X-Forwarded-Proto $scheme;
- proxy_set_header X-Real-IP $remote_addr;
- proxy_redirect off;
- # SSL parameters
- ssl_certificate "/opt/ssl/odoo.domain.com.crt";
- ssl_certificate_key "/opt/ssl/odoo.domain.com.key";
- # ssl_trusted_certificate /etc/letsencrypt/live/example.com/chain.pem;
- include snippets/ssl.conf;
- # include snippets/letsencrypt.conf;
- # log files
- access_log /var/log/nginx/odoo.access.log;
- error_log /var/log/nginx/odoo.error.log;
- # configures NGINX to wait no more than 10 seconds between writes
- # from the client for either headers or body
- client_body_timeout 10s;
- client_header_timeout 10s;
- client_max_body_size 25M;
- location ~ ^/website/info {
- return 301 $scheme://$server_name;
- }
- # disable debug mode
- if ($args ~ debug) {
- return 301 $scheme://$server_name/web;
- }
- # Handle longpoll requests
- location /longpolling {
- proxy_pass $app_longpoll;
- }
- #
- # https://www.odoo.com/documentation/16.0/administration/install/deploy.html#https
- #
- # Redirect websocket requests to odoo gevent port
- location /websocket {
- proxy_pass $app_longpoll;
- proxy_set_header Upgrade $http_upgrade;
- proxy_set_header Connection $connection_upgrade;
- proxy_set_header X-Forwarded-Host $host;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- proxy_set_header X-Forwarded-Proto $scheme;
- proxy_set_header X-Real-IP $remote_addr;
- }
- # Redirect requests to odoo backend server
- location / {
- # Add Headers for odoo proxy mode
- proxy_set_header X-Forwarded-Host $host;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- proxy_set_header X-Forwarded-Proto $scheme;
- proxy_set_header X-Real-IP $remote_addr;
- proxy_redirect off;
- proxy_pass $app_site;
- # Enable HSTS
- add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";
- # requires nginx 1.19.8
- #proxy_cookie_flags session_id samesite=lax secure;
- }
- # Cache static files
- location ~* /web/static/ {
- proxy_cache_valid 200 90m;
- proxy_buffering on;
- expires 864000;
- proxy_pass $app_site;
- }
- error_page 404 /errorpages/404.html;
- error_page 500 502 503 504 /errorpages/50xnl.html;
- location /errorpages/ {
- root /usr/share/nginx/html/;
- }
- ## If you use https make sure you disable gzip compression
- ## to be safe against BREACH attack.
- # Gzip
- gzip_types text/css text/less text/plain text/xml application/xml application/json application/javascript;
- gzip off;
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
