Skip to Content
This question has been flagged
httpsawsdocker
4 Replies
11299 Views
Avatar
Jason Kirk

When deploying odoo behind Amazon's Elastic Load Balancers with SSL termination only... odoo redirects some requests to http. For example, logging out is always redirected to http instead of https.

I've tried everything from passing in --proxy-mode to the daemon, to hardcoding the web.base.url parameter to use https as well as setting the web.base.url.freeze parameter.

Is there anything I can do to deploy odoo behind Amazon's ELBs without having to use nginx or open it up over http?


Avatar
Discard
Avatar
Axel Mendoza
Best Answer

When deploying Odoo behind a reverse proxy there are some headers that you need to pass to your Odoo instance from the reverse proxy itself. This works for me on nginx:

        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forward-For $proxy_add_x_forwarded_for;
        # Let the OpenERP web service know that we're using HTTPS, otherwise
        # it will generate URL using http:// and not https://
        proxy_set_header X-Forwarded-Proto https;
        # by default, do not forward anything
        proxy_redirect http:// https://;

This settings on nginx location made Odoo behave ok behind a reverse proxy, in your case the last two are very important, find what nginx is doing with those settings and replicate to Amazon ELB

Avatar
Discard
wizardz

can you post the complete sites-aviable/default file ?

Avatar
Nabil Ragab
Best Answer

Given the design architecture of the Odoo web app, you cannot efficiently rely on AWS ELB to handle SSL certificate nor does the Odoo uWSGi service serve you well in this regard, run it on a Nginx and save your mind.

Avatar
Discard
Avatar
Pablo Arriola
Best Answer

Does anyone have a way to do it, im trying to mount odoo 15 behind a load balancer but I wont pass the login page

Avatar
Discard
Avatar
Jason Kirk
Author Best Answer

According to Amazon's documentation:

http://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/x-forwarded-headers.html

They do send the X-Forwarded-For, and X-Forwarded-Proto headers through.

Host should be passed through with the request automatically, and I'm not sure what X-Real-IP does.

I think the part that works for you, but I can't get to work for me because AWS ELB doesn't support it is the redirect of http to https. There are only a few places that don't support the automatic changing of the URL.. such as logging out, and the mass mailing campaign email editor.

I would think that these should be updated so that they work regardless of what type of load balancer the system is behind.

Alternatively I could setup an nginx docker image to simply redirect http to https, but this seems like a workaround and not a very good use of resources.

Does anyone else have any additional thoughts?

Avatar
Discard
Helmut Drewes

Stuck on this as well. Did you manage to set up Nginx behind ELB?

Related Posts Replies Views Activity
Problems Ubuntu 14.04 AWS and Docker install
aws docker
Avatar
0
Jun 15
4496
Why does my Odoo wait for more than 2 minutes after clicking on pay now? [eCommerce]
ecommerce aws docker kubernetes
Avatar
0
Aug 22
1751
Mixed Content error on website module
https
Avatar
Avatar
Avatar
Avatar
3
Jun 25
1637
docker-compose resulted in The connection was reset (from firefox) or Empty reply from server (from curl)? Solved
docker
Avatar
Avatar
2
Sep 23
6924
how to make my website https? Solved
https
Avatar
Avatar
1
Feb 25
3382