时间:2021-07-01 10:21:17 帮助过:128人阅读
生成自签名证书,并放在指定位置
$ openssl req -x509 -days 3650 -subj '/CN=odoo.youyun.com/' -nodes -newkey rsa:2048 -keyout server.key -out server.crt
$ sudo mkdir /etc/ssl/nginx
$ sudo mv server.key server.crt /etc/ssl/nginx配置nginx
$ sudo rm /etc/nginx/sites-avaliable/default
$ sudo vim /etc/nginx/sites-avalibale/odoo.conf删除默认的nginx default文件,并新建odoo.conf文件,内容如下
server {
listen443 default;
server_name _;
access_log /var/log/nginx/odoo.access.log;
error_log /var/log/nginx/odoo.error.log;
sslon;
ssl_certificate /etc/ssl/nginx/server.crt; # 之前生成的证书和keyssl_certificate_key /etc/ssl/nginx/server.key;
ssl_ciphers HIGH:!ADH:!MD5;
ssl_protocols SSLv3 TLSv1;
ssl_prefer_server_cipherson;
location / {
proxy_passhttp://127.0.0.1:8069;
proxy_next_upstreamerror timeout invalid_header http_500 http_502 http_503 http_504;
proxy_buffer_size128k;
proxy_buffers1664k;
proxy_redirectoff;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
}
location~* /web/static/ {
proxy_cache_valid20060m;
proxy_bufferingon;
expires864000;
proxy_passhttp://127.0.0.1:8069;
}
}
server { # 将80端口转到443的https中listen80;
server_name __;
add_header Strict-Transport-Security max-age=2592000;
rewrite ^/.*$https://$host$request_uri?permanent;
}
server { # 将特定ip的8069端口转到443的https中listen192.168.1.102:8069; # 这是虚机的ipserver_name __;
add_header Strict-Transport-Security max-age=2592000;
rewrite ^/.*$https://$host$request_uri?permanent;
}配置访问源主机
192.168.1.102 odoo.youyun.com
以上就介绍了 Nginx反向代理Odoo并转为https,包括了方面的内容,希望对PHP教程有兴趣的朋友有所帮助。