Odoo Help

Welcome!

This community is for beginners and experts willing to share their Odoo knowledge. It's not a forum to discuss ideas, but a knowledge base of questions and their answers.

0

[v8] how to access a local installed odoo through the internet with NGINX reverse proxy?

By
gunnar
on 1/28/15, 7:33 PM 8,480 views

rephrasing an earlier post here:

we have a locally installed odoo 8.0 server which I am accessing through our local network via 192.168.1.5:8069.

I have setup a port forwarding in my router:

  • Service: HTTP
  • port range: 80:443
  • local IP: 192.168.1.5
  • local port: 80
  • protocol: TCP

and a DDNS with noip.com

I want to continue serving odoo in my local network but at the same time also be able to acces this server from out side using this URL: https://qf-erp.ddns.net

I set up nginx following this howto www.schenkels.nl/2014/12/reverse-proxy-with-odoo-8-nginx-ubuntu-14-04-lts

now ... how do I have to setup my nginx config file in order to achieve the above (serving odoo locally & serving odoo to qf-erp.ddns.net)

 

###########  /etc/nginx/sites-available/openerp   #################### upstream webserver {

    server 127.0.0.1:8069 weight=1 fail_timeout=0;
    #here add more servers if you need to load-balance
}

server {
    listen   80; ## listen for ipv4; this line is default and implied
    access_log    /var/log/nginx/openerp-access.log;
    error_log    /var/log/nginx/openerp-error.log;
        #gzip             off;
    keepalive_timeout    20;
    proxy_buffers 16 64k;
    proxy_buffer_size 128k;
    location / {
            proxy_pass    http://webserver;
            # force timeouts if the backend dies
            proxy_next_upstream error timeout invalid_header http_500 http_502 http_503;
            # This is where the magic happens for OpenERP to understand that we are performing reverse proxy
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forward-For $proxy_add_x_forwarded_for;
            # Let the OpenERP web service know which type of access we are using
            # so it will generate URL using http:// and not https://
            proxy_set_header X-Forwarded-Proto http;
            # by default, do not forward anything
            proxy_redirect off;
        }
    location ~* /web/static/ {
            proxy_cache_valid 200 60m;
            proxy_buffering    on;
            expires 864000;
            proxy_pass http://webserver;
        }
}

#####################################

#######   /etc/nginx/nginx.conf   ############################################

user www-data;
worker_processes 4;
pid /run/nginx.pid;

events {
        worker_connections 768;
        # multi_accept on;
}

http {

        ##
        # Basic Settings
        ##

        sendfile on;
        tcp_nopush on;
        tcp_nodelay on;
        keepalive_timeout 65;
        types_hash_max_size 2048;
        # server_tokens off;

        server_names_hash_bucket_size 64;
        # server_name_in_redirect off;

        include /etc/nginx/mime.types;
        default_type application/octet-stream;

        ##
        # Logging Settings
        ##

        access_log /var/log/nginx/access.log;
        error_log /var/log/nginx/error.log;

        ##
        # Gzip Settings
        ##

        gzip on;
        gzip_disable "msie6";

        # gzip_vary on;

#############################################################################

### /var/log/nginx/openerp-access.log##############################################

192.168.1.1 - - [01/Mar/2015:11:07:53 +0800] "\x16\x03\x01\x00\xAA\x01\x00\x00\xA6\x03\x03\xD6\xE8\x82jc]\xCBJz\xA9\x8Fo\xAF\xCA\xBFA*^G\xFB\xE6N%>\x04\xFA\xB3\x19\xF7\xD1\xF9v\x00\x00\x18\xC0+\xC0/\xC0" 400 181 "-" "-"

192.168.1.1 - - [01/Mar/2015:11:07:57 +0800] "\x16\x03\x01\x00\xAA\x01\x00\x00\xA6\x03\x03\x84j\x9Dg\xAC\xCF\xCA\xA9\x9Aw\x8D$\xF7\x01\xF1\x948\x16\x19\x1A\x17\x0FG\xBB\x9C\x0E\xE0n" 400 181 "-" "-"

192.168.1.1 - - [01/Mar/2015:11:07:58 +0800] "\x16\x03\x01\x00\xAA\x01\x00\x00\xA6\x03\x03\x1A\xDB\xFC\xA3s\x1F\xA2[\x07\xF1\xBCO\xFA\xD4\x84" 400 181 "-" "-"

192.168.1.1 - - [01/Mar/2015:11:07:58 +0800] "\x16\x03\x01\x00\xAA\x01\x00\x00\xA6\x03\x03\xB4\x8AY\xCDMO\xC6" 400 181 "-" "-",/p>

192.168.1.1 - - [01/Mar/2015:11:08:01 +0800] "\x16\x03\x01\x00\xC2\x01\x00\x00\xBE\x03\x03\x08e \xDA,\xD6C]4\x17c\x91w\xC4\xB9\x8D\xE7\x96\xD0uw*\xD5'\xB4\xF8=3\xB9\xD2\x13|\x00\x00\x18\xC0+\xC0/\xC0" 400 181 "-" "-"

192.168.1.1 - - [01/Mar/2015:11:09:36 +0800] "\x16\x03\x01\x00\xC2\x01\x00\x00\xBE\x03\x03\xF1\x8A\x95#X2z\xF3Gp\x91(\x1EgVZ\x06'\xF7\xD0" 400 181 "-" "-"

192.168.1.1 - - [01/Mar/2015:11:10:01 +0800] "\x16\x03\x01\x00\xAA\x01\x00\x00\xA6\x03\x03\xDA\xE1\xC3\xAE\xC7\xBE$\xD65\x90I\xFA\x80\x0CSn\xE9\xC4\xE5\xBEQ\x05\xC1\xD20/I` \xDD\xB6\x00\x00\x18\xC0+\xC0/\xC0" 400 181 "-" "-"

@gunnar,
have you enabled virtual server/port forwarding in your router to create a pathway between your local odoo instance running on:
192.168.1.5:8069

and your router IP and public port?
Once this is done the nginx configuration should be relatively simple. If you think it's something to do with your nginx config please post all config files to a gist and link back to it here so that I can take a look.

I'm currently running a few test/dev instances on a similar setup to what you have described so I may be able to offer some basic advice.

Luke Branch
on 1/28/15, 7:57 PM

No port forwarding so far. Tried that once but didn't exactly know how to set that up and so it did not really work yet. Also I don't exactly understand what you mean by "Router IP" & "public port". Seems I go to rephrase my question to something much more basic ...

gunnar
on 1/28/15, 8:33 PM

rephrased my question

gunnar
on 2/12/15, 3:18 AM
1

aneesh ATEES Infomedia Pvt Ltd

--aneesh ATEES Infomedia Pvt Ltd--
765
| 5 1 6
Thrissur, India
--aneesh ATEES Infomedia Pvt Ltd--

9995074692

aneesh ATEES Infomedia Pvt Ltd
On 2/12/15, 8:29 PM

Nginx is running on port 80, and I'm using it to reverse proxy URLs with path /foo to port 3200 this way: location /foo { proxy_pass http://localhost:3200; proxy_redirect off; proxy_set_header Host $host; } This works fine, but I have an application on port 3200, for which I don't want the initial /foo to be sent to. That is - when I access http://localhost/foo/bar, I want only /bar to be the path as received by the app. So I tried adding this line to the location block above: rewrite ^(.*)foo(.*)$ http://localhost:3200/$2 permanent; This causes 302 redirect (change in URL), but I want 301. What should I do? ans: Any redirect to localhost doesn't make sense from a remote system (e.g. client's Web browser). So the rewrite flags [1] permanent (301) or redirect (302) are not usable in your case. Please try following setup: location /foo { rewrite /foo/(.*) /$1 break; proxy_pass http://localhost:3200; proxy_redirect off; proxy_set_header Host $host; Hope this will be ghelpfull to u [1] http://wiki.nginx.org/HttpRewriteModule#rewrite

not working yet. Added config file and error message to my question above

gunnar
on 2/12/15, 8:30 PM
0
Jordan Vrtanoski
On 2/12/15, 6:03 AM

To use the "/odoo" on your front website you need to perform "rewritting" and "reverse proxy" of the URLs passed from and to the back-end server in order to change the "/odoo" to "/" before sending it to the odoo server.

Same is true for changing the port from 8069 to 80. I suggest that you install NGINX on the same server where you have the odoo server and forward the port 80 (only port 80, not the range from 80 to 443) to the NGINX port 80, than do the rewriting and pass the request to odoo.

Following short explanation should help you to create the NGINX configuration: http://serverfault.com/questions/379675/nginx-reverse-proxy-url-rewrite

Update:

Following is my configuration for NGINX. The configuraion allows controlled access to the server on port 80 with ability to load-balance the local instances running on multiple ports/servers.

upstream webserver {

    server 127.0.0.1:8069 weight=1 fail_timeout=0;
    #here add more servers if you need to load-balance
}

server {
    listen   80; ## listen for ipv4; this line is default and implied
    access_log    /var/log/nginx/openerp-access.log;
    error_log    /var/log/nginx/openerp-error.log;
        #gzip             off;
    keepalive_timeout    20;
    proxy_buffers 16 64k;
    proxy_buffer_size 128k;
    location / {
            proxy_pass    http://webserver;
            # force timeouts if the backend dies
            proxy_next_upstream error timeout invalid_header http_500 http_502 http_503;
            # This is where the magic happens for OpenERP to understand that we are performing reverse proxy
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            
proxy_set_header X-Forward-For $proxy_add_x_forwarded_for;
            # Let the OpenERP web service know which type of access we are using
            # so it will generate URL using http:// and not https://
            proxy_set_header X-Forwarded-Proto http;
            # by default, do not forward anything
            proxy_redirect off;
        }
    location ~* /web/static/ {
            proxy_cache_valid 200 60m;
            proxy_buffering    on;
            expires 864000;
            proxy_pass http://webserver;
        }
}

not working yet. Added my config file and error message to my question above

gunnar
on 2/12/15, 8:31 PM

I don't see the "upstream" and "location" in your configuration. I am updating my previous answer with my nginX configuration for exactly the same use case

Jordan Vrtanoski
on 2/26/15, 5:59 AM

@Jordan: I tried the configuration file you posted as /etc/neginx/sites-available/openerp ... I got a "Welcome to NginX" when I addressed my odoo using the IP address. That is gone now and it returns "Connection timed out" error. That looks worse to me because apparently there is not even an nginx server there now with the new config file

gunnar
on 2/27/15, 3:34 AM

Make sure that there is odoo server on the same server (IP 127.0.0.1:8096) running. If the server is running, can you share with me: 1) The error log from NGINX 2) The exact URL you are trying to access

Jordan Vrtanoski
on 2/27/15, 3:48 AM

@Jordan: yes my odoo-server is running on the same machine then my nginx. The IP (on my internal network is 192.168.1.5:8069 though and not 127.0.0.1) the 127 ... is the local host of my actual server so I guess from inside of it it might be that IP address. the /var/log/nginx/openerp-error.log is empty the openerp-acces.log I posted in my question

gunnar
on 2/28/15, 10:17 PM

Your server is returning response code "400" which means Invalid Request. In addition, the text in the quote, should be the URL request, however the text looks very strange, like it has some encoding (UTF8, or similar). Here is example of how a log file will look like in normal conditions from one of my cloud servers, running the confirmation I had posted: 186.92.202.118 - - [28/Feb/2015:11:36:42 -0500] "POST /xmlrpc/common HTTP/1.0" 200 122 "-" "XML-RPC for PHP 2.2.2" 186.92.202.118 - - [28/Feb/2015:11:36:42 -0500] "POST /xmlrpc/object HTTP/1.0" 200 1398 "-" "XML-RPC for PHP 2.2.2" Moving forward, can you try to use the "curl" or "wget" to connect to 192.168.1.5:8069 with a computer that is in the 192.168.1.x network. Next try to connect to 192.168.1.5:80 and verify that you nave NGINX running. This will verify that the server is running properly so the problem could be in some settings for the Unicode support on NGINX (since I see some strange requests in the log), or in the browser itself.

Jordan Vrtanoski
on 3/1/15, 1:34 AM

Your Answer

Please try to give a substantial answer. If you wanted to comment on the question or answer, just use the commenting tool. Please remember that you can always revise your answers - no need to answer the same question twice. Also, please don't forget to vote - it really helps to select the best questions and answers!

About This Community

This community is for professionals and enthusiasts of our products and services. Read Guidelines

Question tools

4 follower(s)

Stats

Asked: 1/28/15, 7:33 PM
Seen: 8480 times
Last updated: 3/16/15, 8:10 AM