تخطي للذهاب إلى المحتوى
القائمة
لقد تم الإبلاغ عن هذا السؤال
4 الردود
11408 أدوات العرض

When deploying odoo behind Amazon's Elastic Load Balancers with SSL termination only... odoo redirects some requests to http. For example, logging out is always redirected to http instead of https.

I've tried everything from passing in --proxy-mode to the daemon, to hardcoding the web.base.url parameter to use https as well as setting the web.base.url.freeze parameter.

Is there anything I can do to deploy odoo behind Amazon's ELBs without having to use nginx or open it up over http?


الصورة الرمزية
إهمال
أفضل إجابة

When deploying Odoo behind a reverse proxy there are some headers that you need to pass to your Odoo instance from the reverse proxy itself. This works for me on nginx:

        proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forward-For $proxy_add_x_forwarded_for;
# Let the OpenERP web service know that we're using HTTPS, otherwise
# it will generate URL using http:// and not https://
proxy_set_header X-Forwarded-Proto https;
# by default, do not forward anything
proxy_redirect http:// https://;

This settings on nginx location made Odoo behave ok behind a reverse proxy, in your case the last two are very important, find what nginx is doing with those settings and replicate to Amazon ELB

الصورة الرمزية
إهمال

can you post the complete sites-aviable/default file ?

أفضل إجابة

Given the design architecture of the Odoo web app, you cannot efficiently rely on AWS ELB to handle SSL certificate nor does the Odoo uWSGi service serve you well in this regard, run it on a Nginx and save your mind.

الصورة الرمزية
إهمال
أفضل إجابة

Does anyone have a way to do it, im trying to mount odoo 15 behind a load balancer but I wont pass the login page

الصورة الرمزية
إهمال
الكاتب أفضل إجابة

According to Amazon's documentation:

http://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/x-forwarded-headers.html

They do send the X-Forwarded-For, and X-Forwarded-Proto headers through.

Host should be passed through with the request automatically, and I'm not sure what X-Real-IP does.

I think the part that works for you, but I can't get to work for me because AWS ELB doesn't support it is the redirect of http to https. There are only a few places that don't support the automatic changing of the URL.. such as logging out, and the mass mailing campaign email editor.

I would think that these should be updated so that they work regardless of what type of load balancer the system is behind.

Alternatively I could setup an nginx docker image to simply redirect http to https, but this seems like a workaround and not a very good use of resources.

Does anyone else have any additional thoughts?

الصورة الرمزية
إهمال

Stuck on this as well. Did you manage to set up Nginx behind ELB?

المنشورات ذات الصلة الردود أدوات العرض النشاط
0
يونيو 15
4556
0
أغسطس 22
1809
3
يونيو 25
1752
2
سبتمبر 23
7032
1
فبراير 25
3475