Hi,
1. Technical --> Parameters --> System Parameters web.base.url to https:// and created web.base.url.freeze to True.
2. in Odoo.conf set proxy_mode = True
3. Set up nginx conf --> add correct headers
server {
listen [::]:80;
listen 80;
ssl off;
server_name odoo.implemento.sk;
return 301 https://$host$request_uri;
rewrite ^(.*) https://$host$1 permanent;
}
server {
listen [::]:443 ssl http2;
listen 443 ssl http2;
server_name odoo.implemento.sk;
# RSA certificate
ssl on;
ssl_certificate /etc/letsencrypt/live/odoo.implemento.sk/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/odoo.implemento.sk/privkey.pem; # managed by Certbot
proxy_read_timeout 600s;
client_max_body_size 512M;
access_log /var/log/nginx/odoo.odoo-access.log;
error_log /var/log/nginx/odoo.odoo-error.log;
location /longpolling {
proxy_pass http://127.0.0.1:8072;
}
location / {
proxy_pass http://127.0.0.1:8069;
proxy_cookie_path / "/; secure; HttpOnly;";
add_header Strict-Transport-Security "max-age=315360000000";
add_header X-Frame-Options "SAMEORIGIN";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_http_version 1.1;
proxy_request_buffering off;
satisfy any;
allow 127.0.0.1;
deny all;
auth_basic "Protected area";
auth_basic_user_file /etc/apache2/.htpasswd;
# common gzip
gzip_types text/css text/scss text/plain text/xml application/xml application/json application/javascript;
gzip on;
}
}