Hello,
we are using the official Odoo 12 Docker image. The Docker host already has Apache2 and serves another web application. The host can be reached via a FQDN and IP address for example master.ucs.demo and 10.200.2.20. We'd like to reach the Odoo 12 webinterface via https://10.200.2.20/odoo and https://master.ucs.demo/odoo.
I'd like to know two things:
What needs to be done with the Apache2 webserver proxy configuration or the Odoo Docker container so that requests to the above URLs with subfolder are correctly processed by Odoo?
What needs to be done so that the reverse proxy can work as HTTPS endpoint and forward the requests to the Odoo container?
Currently we have setup a separate Apache2 Virtual Host with a dedicated different FQDN:
<VirtualHost *:443>
ServerName odoo.master.ucs.demo
# we would *love* to get rid of this
RewriteEngine on
RewriteOptions Inherit
ProxyPreserveHost on
ProxyTimeout 600
RequestHeader set "X-Forwarded-Proto" expr=%{REQUEST_SCHEME}
RequestHeader set "X-Forwarded-SSL" expr=%{HTTPS}
SSLEngine on
SSLProxyEngine on
SSLProxyCheckPeerCN off
SSLProxyCheckPeerName off
SSLProxyCheckPeerExpire off
SSLCertificateFile /etc/univention/ssl/odoo.master.ucs.demo/cert.pem
SSLCertificateKeyFile /etc/univention/ssl/odoo.master.ucs.demo/private.key
SSLCACertificateFile /etc/univention/ssl/ucsCA/CAcert.pem
ProxyPass / http://127.0.0.1:8069/ retry=0
ProxyPassReverse / http://127.0.0.1:8069/
# we would *love* to have this:
#ProxyPass /odoo http://127.0.0.1:8069/odoo retry=0
#ProxyPassReverse /odoo http://127.0.0.1:8069/odoo
ProxyPassReverse https://odoo.master.ucs.demo/ /
# we would *love* to get rid of this
</VirtualHost>
This configuration provides access Odoo via https://odoo.master.ucs.demo/. This is a separate Apache2 Virtual Host configuration without a subfolder.
We'd like to use the already present Virtual Host configuration for ucs.master.demo and 10.200.2.20 and add a reverse proxy setting for /odoo. One problem we observed, initial HTTPS requests always redirected back to HTTP. For security reasons we cannot deploy it with the HTTP setup. And we also don't want to add another subdomain, because this makes evaluation more complicated due to additional DNS setups.
I'm looking forward to responses.
Best regards
Nico