amanjuman · September 23, 2020 16:20
diff --git a/Complete Odoo installation on Ubuntu 18.04 Nginx b/Complete Odoo installation on Ubuntu 18.04 Nginx
 hostnamectl set-hostname yourdomain.tld
 wget -O - https://nightly.odoo.com/odoo.key | sudo apt-key add -
 echo "deb http://nightly.odoo.com/13.0/nightly/deb/ ./" | sudo tee /etc/apt/sources.list.d/odoo.list

 sudo apt update
 sudo apt -y upgrade
 sudo apt-get install software-properties-common && sudo add-apt-repository ppa:certbot/certbot -y
 sudo apt install nginx nano postgresql postgresql-client odoo python3-certbot-nginx -y

 sudo certbot --nginx --agree-tos --register-unsafely-without-email -d yourdomain.tld -d www.yourdomain.tld

 sudo systemctl enable --now odoo
 ss -tunelp | grep 8069


 ## Odoo Nginx Config

 sudo nano /etc/nginx/conf.d/yourdomain.tld.conf
 # Odoo Upstreams
 upstream odooserver
 {
 	server 127.0.0.1:8069;
 }

 server 
 {
 	# Listen
 	listen 80;
 	listen [::]:80;
 	listen 443 ssl http2;
 	listen [::]:443 ssl http2;
 	
 	# Directory & Server Naming
 	server_name yourdomain.tld www.yourdomain.tld;

 	# HTTP to HTTPS redirection
 	if ($scheme != "https")
 	{
 		return 301 https://$host$request_uri;
 	}
 	
 	# SSL
 	ssl_certificate /etc/letsencrypt/live/yourdomain.tld/fullchain.pem;
 	ssl_certificate_key /etc/letsencrypt/live/yourdomain.tld/privkey.pem;
 	ssl_trusted_certificate /etc/letsencrypt/live/yourdomain.tld/fullchain.pem;
 	

 	# Nginx Logging
 	access_log /var/log/nginx/yourdomain.tld-access.log;
 	error_log /var/log/nginx/yourdomain.tld-error.log warn;

 	# Proxy settings
 	proxy_read_timeout 720s;
 	proxy_connect_timeout 720s;
 	proxy_send_timeout 720s;
 	proxy_set_header X-Forwarded-Host $host;
 	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
 	proxy_set_header X-Forwarded-Proto $scheme;
 	proxy_set_header X-Real-IP $remote_addr;

 	# Request for root domain
 	location / 
 	{
 		proxy_redirect off;
 		proxy_pass http://odooserver;
 	}

 	# Cache static files
 	location ~* /web/static/ 
 	{
 		proxy_cache_valid 200 90m;
 		proxy_buffering on;
 		expires 864000;
 		proxy_pass http://odooserver;
 	}

 	# Gzip Compression
 	gzip_types text/css text/less text/plain text/xml application/xml application/json application/javascript;
 	gzip on;
 }

 ## Nginx Default Config Edit
 sudo nano /etc/nginx/sites-available/default

 server
 {
 	server_name "";
 	listen 80 default_server;
 	listen [::]:80 default_server;
 	listen 443 ssl http2 default_server;
 	listen [::]:443 ssl http2 default_server;

 	# Generate Self-Signed-SSL
 	# sudo mkdir /etc/nginx/ssl && sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/nginx/ssl/privkey.key -out /etc/nginx/ssl/fullchain.crt
 		
 	#ssl_certificate		/etc/nginx/ssl/fullchain.crt;
 	#ssl_certificate_key	/etc/nginx/ssl/privkey.key;		

 	location ~ /\.well-known/acme-challenge/ 
 	{
 		allow all;
 		root /var/www/html;
 		try_files $uri =404;
 		break;
 	}
 	
 	return 444;
 }

 sudo systemctl restart nginx
 sudo certbot renew --dry-run
	hostnamectl set-hostname yourdomain.tld
	wget -O - https://nightly.odoo.com/odoo.key \| sudo apt-key add -
	echo "deb http://nightly.odoo.com/13.0/nightly/deb/ ./" \| sudo tee /etc/apt/sources.list.d/odoo.list

	sudo apt update
	sudo apt -y upgrade
	sudo apt-get install software-properties-common && sudo add-apt-repository ppa:certbot/certbot -y
	sudo apt install nginx nano postgresql postgresql-client odoo python3-certbot-nginx -y

	sudo certbot --nginx --agree-tos --register-unsafely-without-email -d yourdomain.tld -d www.yourdomain.tld

	sudo systemctl enable --now odoo
	ss -tunelp \| grep 8069


	## Odoo Nginx Config

	sudo nano /etc/nginx/conf.d/yourdomain.tld.conf
	# Odoo Upstreams
	upstream odooserver
	{
	server 127.0.0.1:8069;
	}

	server
	{
	# Listen
	listen 80;
	listen [::]:80;
	listen 443 ssl http2;
	listen [::]:443 ssl http2;

	# Directory & Server Naming
	server_name yourdomain.tld www.yourdomain.tld;

	# HTTP to HTTPS redirection
	if ($scheme != "https")
	{
	return 301 https://$host$request_uri;
	}

	# SSL
	ssl_certificate /etc/letsencrypt/live/yourdomain.tld/fullchain.pem;
	ssl_certificate_key /etc/letsencrypt/live/yourdomain.tld/privkey.pem;
	ssl_trusted_certificate /etc/letsencrypt/live/yourdomain.tld/fullchain.pem;


	# Nginx Logging
	access_log /var/log/nginx/yourdomain.tld-access.log;
	error_log /var/log/nginx/yourdomain.tld-error.log warn;

	# Proxy settings
	proxy_read_timeout 720s;
	proxy_connect_timeout 720s;
	proxy_send_timeout 720s;
	proxy_set_header X-Forwarded-Host $host;
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	proxy_set_header X-Forwarded-Proto $scheme;
	proxy_set_header X-Real-IP $remote_addr;

	# Request for root domain
	location /
	{
	proxy_redirect off;
	proxy_pass http://odooserver;
	}

	# Cache static files
	location ~* /web/static/
	{
	proxy_cache_valid 200 90m;
	proxy_buffering on;
	expires 864000;
	proxy_pass http://odooserver;
	}

	# Gzip Compression
	gzip_types text/css text/less text/plain text/xml application/xml application/json application/javascript;
	gzip on;
	}

	## Nginx Default Config Edit
	sudo nano /etc/nginx/sites-available/default

	server
	{
	server_name "";
	listen 80 default_server;
	listen [::]:80 default_server;
	listen 443 ssl http2 default_server;
	listen [::]:443 ssl http2 default_server;

	# Generate Self-Signed-SSL
	# sudo mkdir /etc/nginx/ssl && sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/nginx/ssl/privkey.key -out /etc/nginx/ssl/fullchain.crt

	#ssl_certificate /etc/nginx/ssl/fullchain.crt;
	#ssl_certificate_key /etc/nginx/ssl/privkey.key;

	location ~ /\.well-known/acme-challenge/
	{
	allow all;
	root /var/www/html;
	try_files $uri =404;
	break;
	}

	return 444;
	}

	sudo systemctl restart nginx
	sudo certbot renew --dry-run