跳至内容
菜单
此问题已终结
4 回复
12285 查看

When deploying odoo behind Amazon's Elastic Load Balancers with SSL termination only... odoo redirects some requests to http. For example, logging out is always redirected to http instead of https.

I've tried everything from passing in --proxy-mode to the daemon, to hardcoding the web.base.url parameter to use https as well as setting the web.base.url.freeze parameter.

Is there anything I can do to deploy odoo behind Amazon's ELBs without having to use nginx or open it up over http?


形象
丢弃
最佳答案

When deploying Odoo behind a reverse proxy there are some headers that you need to pass to your Odoo instance from the reverse proxy itself. This works for me on nginx:

        proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forward-For $proxy_add_x_forwarded_for;
# Let the OpenERP web service know that we're using HTTPS, otherwise
# it will generate URL using http:// and not https://
proxy_set_header X-Forwarded-Proto https;
# by default, do not forward anything
proxy_redirect http:// https://;

This settings on nginx location made Odoo behave ok behind a reverse proxy, in your case the last two are very important, find what nginx is doing with those settings and replicate to Amazon ELB

形象
丢弃

can you post the complete sites-aviable/default file ?

最佳答案

Given the design architecture of the Odoo web app, you cannot efficiently rely on AWS ELB to handle SSL certificate nor does the Odoo uWSGi service serve you well in this regard, run it on a Nginx and save your mind.

形象
丢弃
最佳答案

Does anyone have a way to do it, im trying to mount odoo 15 behind a load balancer but I wont pass the login page

形象
丢弃
编写者 最佳答案

According to Amazon's documentation:

http://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/x-forwarded-headers.html

They do send the X-Forwarded-For, and X-Forwarded-Proto headers through.

Host should be passed through with the request automatically, and I'm not sure what X-Real-IP does.

I think the part that works for you, but I can't get to work for me because AWS ELB doesn't support it is the redirect of http to https. There are only a few places that don't support the automatic changing of the URL.. such as logging out, and the mass mailing campaign email editor.

I would think that these should be updated so that they work regardless of what type of load balancer the system is behind.

Alternatively I could setup an nginx docker image to simply redirect http to https, but this seems like a workaround and not a very good use of resources.

Does anyone else have any additional thoughts?

形象
丢弃

Stuck on this as well. Did you manage to set up Nginx behind ELB?

相关帖文 回复 查看 活动
0
6月 15
5141
0
8月 22
2345
3
6月 25
2627
2
9月 23
7819
1
2月 25
4227