GabbasovDinar · April 22, 2019 10:16
diff --git a/odoo.conf b/odoo.conf
 # Author: Ryan Cole
 # Website: https://ryanc.me
 # GitHub: https://github.com/MGinshe
 # Usage: 
 #   Place this file in /etc/nginx/sites-enabled/
 #   Make sure you edit the DOMAIN_HERE and SSL_CERTIFICATE, and DB_FILTER sections
 #
 # Note: This config file is designed to be used with the Odoo dbfilter_from_header module
 #       https://apps.openerp.com/apps/modules/9.0/dbfilter_from_header/


 # upstreams
 upstream odoo {
 	server 127.0.0.1:8069 weight=1 fail_timeout=0;
 }
 upstream odoo-longpolling {
 	server 127.0.0.1:8072 weight=1 fail_timeout=0;
 }

 # main server block
 server {
 	listen 		80;
 	server_name	DOMAIN_HERE;

 	return 301 https://DOMAIN_HERE$request_uri
 	# make sure to preserve the '$request_uri' portion of the above line
 	# e.g. https://mydomain.com$request_uri
 }
 server {
 	listen          	443 ssl;
 	server_name	DOMAIN_HERE;

 	# increase maximum accepted body size
 	client_max_body_size 200m;

 	# increase proxy buffer to handle large Odoo web requests
 	proxy_buffers 16 64k;
 	proxy_buffer_size 128k;

 	# general proxy config
 	proxy_connect_timeout 600s;
 	proxy_send_timeout 600s;
 	proxy_read_timeout 600s;
 	proxy_next_upstream error timeout invalid_header http_500 http_502 http_503;

 	# proxy headers
 	proxy_set_header Host $host;
 	proxy_set_header X-Forwarded-Host $host;
 	proxy_set_header X-Real-IP $remote_addr;
 	proxy_set_header X-Forward-For $proxy_add_x_forwarded_for;
 	proxy_set_header X-Forwarded-Proto $scheme;
 	
 	# for the dbfilter_from_header module
 	# see: https://apps.openerp.com/apps/modules/9.0/dbfilter_from_header/
 	# make sure you _only_ replace the `DB_FILTER` section (leave the ^ and \Z portions)
 	#proxy_set_header X-Odoo-dbfilter ^DB_FILTER\Z
 	
 	# default settings
 	proxy_redirect off;
 	proxy_buffering off;

 	# enable ssl
 	ssl on;
 	ssl_certificate SSL_CERTIFICATE;
 	ssl_certificate_key SSL_CERTIFICATE_KEY;
 	ssl_session_timeout 30m;
 	ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
 	ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';
    	# uncomment if you're using cloudflare's "Full" SSl option
    	#ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
 	ssl_prefer_server_ciphers on;
 	
 	# log file locations
 	access_log /var/log/nginx/odoo-access.log;
 	error_log /var/log/nginx/odoo-error.log;
 	
 	# enable gzip
 	gzip_types text/css text/less text/plain text/xml application/xml application/json application/javascript;
 	gzip on;

 	
 	# proxy requests to the appropriate upstream
 	location / {
 		proxy_redirect off;
 		proxy_pass http://odoo;	
 	}
 	location /longpolling {
 		proxy_redirect off;
 		proxy_pass http://odoo-longpolling;
 	}
 }
	# Author: Ryan Cole
	# Website: https://ryanc.me
	# GitHub: https://github.com/MGinshe
	# Usage:
	# Place this file in /etc/nginx/sites-enabled/
	# Make sure you edit the DOMAIN_HERE and SSL_CERTIFICATE, and DB_FILTER sections
	#
	# Note: This config file is designed to be used with the Odoo dbfilter_from_header module
	# https://apps.openerp.com/apps/modules/9.0/dbfilter_from_header/


	# upstreams
	upstream odoo {
	server 127.0.0.1:8069 weight=1 fail_timeout=0;
	}
	upstream odoo-longpolling {
	server 127.0.0.1:8072 weight=1 fail_timeout=0;
	}

	# main server block
	server {
	listen 80;
	server_name DOMAIN_HERE;

	return 301 https://DOMAIN_HERE$request_uri
	# make sure to preserve the '$request_uri' portion of the above line
	# e.g. https://mydomain.com$request_uri
	}
	server {
	listen 443 ssl;
	server_name DOMAIN_HERE;

	# increase maximum accepted body size
	client_max_body_size 200m;

	# increase proxy buffer to handle large Odoo web requests
	proxy_buffers 16 64k;
	proxy_buffer_size 128k;

	# general proxy config
	proxy_connect_timeout 600s;
	proxy_send_timeout 600s;
	proxy_read_timeout 600s;
	proxy_next_upstream error timeout invalid_header http_500 http_502 http_503;

	# proxy headers
	proxy_set_header Host $host;
	proxy_set_header X-Forwarded-Host $host;
	proxy_set_header X-Real-IP $remote_addr;
	proxy_set_header X-Forward-For $proxy_add_x_forwarded_for;
	proxy_set_header X-Forwarded-Proto $scheme;

	# for the dbfilter_from_header module
	# see: https://apps.openerp.com/apps/modules/9.0/dbfilter_from_header/
	# make sure you _only_ replace the `DB_FILTER` section (leave the ^ and \Z portions)
	#proxy_set_header X-Odoo-dbfilter ^DB_FILTER\Z

	# default settings
	proxy_redirect off;
	proxy_buffering off;

	# enable ssl
	ssl on;
	ssl_certificate SSL_CERTIFICATE;
	ssl_certificate_key SSL_CERTIFICATE_KEY;
	ssl_session_timeout 30m;
	ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
	ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';
	# uncomment if you're using cloudflare's "Full" SSl option
	#ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
	ssl_prefer_server_ciphers on;

	# log file locations
	access_log /var/log/nginx/odoo-access.log;
	error_log /var/log/nginx/odoo-error.log;

	# enable gzip
	gzip_types text/css text/less text/plain text/xml application/xml application/json application/javascript;
	gzip on;


	# proxy requests to the appropriate upstream
	location / {
	proxy_redirect off;
	proxy_pass http://odoo;
	}
	location /longpolling {
	proxy_redirect off;
	proxy_pass http://odoo-longpolling;
	}
	}