nginx - 通过 nginx 设置 Odoo 14 + HTTPS
问题描述
我一直在开发一个部署的 Odoo v14 实例,我曾经使用 IP 访问它。我的意图是使用我拥有的子域访问这个实例,我已经注册了 domainname.com 并创建了一个名为 crm.domainname.com 的 A 记录,目标是我的 Odoo 实例所在的 IP。链接工作正常,但我想隐藏 IP,只在访问 Odoo 时显示 crm.domainname.com,所以我安装了 Nginx 来配置域并将其用作反向代理。
这就是我的问题所在,我没有太多配置 Nginx 的经验,但经过一些研究和试验,我想出了这个配置(但我认为它们是多余的)
文件/etc/nginx/nginx.conf
#user nobody;
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
server {
listen 80;
listen 443 ssl;
server_name crm.domainname.com;
ssl_certificate /etc/nginx/ssl/crm_domainname_com.crt;
ssl_certificate_key /etc/nginx/ssl/crm_domainname_com.key;
location / {
proxy_pass http://127.0.0.1:8069;
}
}
}
对于两者/ect/nginx/sites-available/odoo
,/ect/nginx/sites-enabled/odoo
似乎根本没有加载
#odoo server
upstream odoo {
server 127.0.0.1:8069;
}
upstream odoochat {
server 127.0.0.1:8072;
}
# http -> https
server {
listen 80 default_server;
server_name crm.domainname.com;
# return 301 https://crm.domainname.com$request_uri;
rewrite ^(.*) https://$host$1 permanent;
}
server {
listen 443 ssl default_server;
server_name crm.domainname.com;
proxy_read_timeout 720s;
proxy_connect_timeout 720s;
proxy_send_timeout 720s;
# Add Headers for odoo proxy mode
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
# SSL parameters
ssl on;
ssl_certificate /etc/nginx/ssl/crm_domainname_com.crt;
ssl_certificate_key /etc/nginx/ssl/crm_domainname_com.key;
ssl_session_timeout 30m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM$....
ssl_prefer_server_ciphers on;
# log
access_log /var/log/nginx/odoo.access.log;
error_log /var/log/nginx/odoo.error.log;
# Redirect longpoll requests to odoo longpolling port
location /longpolling {
proxy_pass http://odoochat;
}
# Redirect requests to odoo backend server
location / {
proxy_redirect off;
proxy_pass http://odoo;
}
# location ~* /web/static/ {
# proxy_cache_valid 200 90m;
# proxy_buffering on;
# expires 864000;
# proxy_pass http://odoo;
# }
# common gzip
gzip_types text/css text/scss text/plain text/xml application/xml application/json applicat$
gzip on;
}
终于为了我的odoo-server.conf
档案
xmlrpc_interface = 127.0.0.1
db_host = False
db_maxconn = 64
db_name = False
db_password = False
db_port = False
db_sslmode = prefer
db_template = template0
db_user = odoo
dbfilter =
demo = {}
email_from = False
geoip_database = /usr/share/GeoIP/GeoLite2-City.mmdb
http_enable = True
http_interface = 127.0.0.1
http_port = 8069
import_partial =
limit_memory_hard = 2684354560
limit_memory_soft = 2147483648
limit_request = 8192
limit_time_cpu = 60
limit_time_real = 120
limit_time_real_cron = -1
list_db = True
log_db = False
log_db_level = warning
log_handler = :INFO
log_level = info
logfile = /var/log/odoo/odoo-server.log
longpolling_port = 8072
max_cron_threads = 1
osv_memory_age_limit = False
osv_memory_count_limit = False
pg_path =
pidfile =
proxy_mode = True
reportgz = False
screencasts =
screenshots = /tmp/odoo_tests
server_wide_modules = base,web
smtp_password = False
smtp_port = 25
smtp_server = localhost
smtp_ssl = False
smtp_user = False
syslog = False
test_enable = False
test_file =
test_tags = None
transient_age_limit = 1.0
translate_modules = ['all']
unaccent = False
upgrade_path =
without_demo = False
workers = 2
运行所有这些配置并重新启动 Odoo 和 Nginx 后,我可以访问 crm.domainname.com 但 CSS 和 JS 等资产没有加载。Chrome 控制台显示以下错误:
加载资源失败:net::ERR_CONTENT_LENGTH_MISMATCH
当我使用我的用户名和密码登录时,我看到的只是一个空白屏幕。Chrome 控制台显示与登录屏幕相同的错误,但status 200
有时也会出现此错误:
Uncaught TypeError: odoo.define is not a function
我尝试过重新生成资产,但我只能使用删除它们,
DELETE FROM ir_attachment WHERE url LIKE '/web/content/%';
但这可能会使事情变得更糟。
我怎么了?我在任何地方都找不到有关此缺失资产的解决方案,也找不到正确的 nginx.conf 和 /etc/nginx/sites-enabled 配置
解决方案
我已经能够解决这个问题,其中资产没有加载,这几乎都是我的 Nginx 的错误配置!
首先,在文件中/etc/nginx/nginx.conf
我删除了 http 中的 server 块,我必须包含启用站点的配置并将 server 指令删除到主 HTTP 块。
#user nobody;
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
include /etc/nginx/sites-available/odoo;
}
我的服务器指令/etc/nginx/sites-enabled/odoo
现在看起来像这样
*Old config*
. . .
#http-> https
server {
server_name crm.domainname.com;
return 301 https://crm.domainname.com$request_uri;
}
#https
server {
listen 443 ssl http2;
server_name crm.domainname.com;
. . .
*More config*
. . .
add_header Strict-Transport-Security max-age=15768000;
# Redirect requests to odoo backend server
location / {
proxy_redirect off;
proxy_pass http://odoo;
}
location /longpolling {
proxy_pass http://odoochat;
}
location ~* /web/static/ {
proxy_cache_valid 200 90m;
proxy_buffering on;
expires 864000;
proxy_pass http://odoo;
}
}
最后我在末尾添加了接口/etc/odoo-server.conf
xmlrpc_interface = 127.0.0.1
netrpc_interface = 127.0.0.1
现在一切正常,我的子域正在重定向到 https 并正确显示 Odoo 并加载其所有资产,即使我没有处于调试模式!
推荐阅读
- laravel - 尝试将 vue paystack 添加到我的 vue 项目中
- php - 按帖子浏览次数排序不起作用。插件:“发布视图计数器” - Wordpress
- python - 将 torchscript 模型转换为 Core ML
- python - 如何将 gurobi 更改为 pyomo 求解器
- string - 属性需要从字符串变为实数
- python-3.x - 无法在 Python 中比较相同但重新声明的命名元组的类型
- ios - Flutter - 在 WKWebView 中阻止 Webview Cookie
- asp.net - 发送电子邮件 Asp.Net Core 3.1
- python - 如何使用部分依赖图可视化随机森林多分类结果
- javascript - 为具有自定义数量的自定义字段的元素设计 SQLite 表