生成证书文件
生成自签名证书,并放在指定位置
<code>$ openssl req -x509 -days <span>3650</span> -subj <span>'/CN=odoo.youyun.com/'</span> -nodes -newkey rsa:<span>2048</span> -keyout server.key -out server.crt $ <span>sudo</span> mkdir /etc/ssl/nginx $ <span>sudo</span> mv server.key server.crt /etc/ssl/nginx</code>
配置nginx
<code>$ <span>sudo</span> rm /etc/nginx/sites-avaliable/default $ <span>sudo</span> vim /etc/nginx/sites-avalibale/odoo.conf</code>
删除默认的nginx default文件,并新建odoo.conf文件,内容如下
<code><span>server</span> {
<span>listen</span><span>443</span> default;
<span>server_name</span> _;
<span>access_log</span> /var/log/nginx/odoo.access.log;
<span>error_log</span> /var/log/nginx/odoo.<span>error</span>.log;
<span>ssl</span><span>on</span>;
<span>ssl_certificate</span> /etc/ssl/nginx/server.crt; <span># 之前生成的证书和key</span><span>ssl_certificate_key</span> /etc/ssl/nginx/server.key;
<span>ssl_ciphers</span> HIGH:!ADH:!MD5;
<span>ssl_protocols</span> SSLv3 TLSv1;
<span>ssl_prefer_server_ciphers</span><span>on</span>;
<span>location</span> / {
<span>proxy_pass</span><span>http://127.0.0.1:8069</span>;
<span>proxy_next_upstream</span><span>error</span> timeout invalid_header http_500 http_502 http_503 http_504;
<span>proxy_buffer_size</span><span>128k</span>;
<span>proxy_buffers</span><span>16</span><span>64k</span>;
<span>proxy_redirect</span><span>off</span>;
<span>proxy_set_header</span> Host <span>$host</span>;
<span>proxy_set_header</span> X-Real-IP <span>$remote_addr</span>;
<span>proxy_set_header</span> X-Forwarded-For <span>$proxy_add_x_forwarded_for</span>;
<span>proxy_set_header</span> X-Forwarded-Proto https;
}
<span>location</span><span>~* /web/static/</span> {
<span>proxy_cache_valid</span><span>200</span><span>60m</span>;
<span>proxy_buffering</span><span>on</span>;
<span>expires</span><span>864000</span>;
<span>proxy_pass</span><span>http://127.0.0.1:8069</span>;
}
}
<span>server</span> { <span># 将80端口转到443的https中</span><span>listen</span><span>80</span>;
<span>server_name</span> __;
<span>add_header</span> Strict-Transport-Security max-age=<span>2592000</span>;
<span>rewrite</span><span> ^/.*$</span><span>https://$host$request_uri?</span><span>permanent</span>;
}
<span>server</span> { <span># 将特定ip的8069端口转到443的https中</span><span>listen</span><span>192.168.1.102:8069</span>; <span># 这是虚机的ip</span><span>server_name</span> __;
<span>add_header</span> Strict-Transport-Security max-age=<span>2592000</span>;
<span>rewrite</span><span> ^/.*$</span><span>https://$host$request_uri?</span><span>permanent</span>;
}</code>配置访问源主机
<br>
192.168.1.102 odoo.youyun.com <br>
以上就介绍了 Nginx反向代理Odoo并转为https,包括了方面的内容,希望对PHP教程有兴趣的朋友有所帮助。
每个人都需要一台速度更快、更稳定的 PC。随着时间的推移,垃圾文件、旧注册表数据和不必要的后台进程会占用资源并降低性能。幸运的是,许多工具可以让 Windows 保持平稳运行。
广告Copyright 2014-2025 https://www.php.cn/ All Rights Reserved | php.cn | 湘ICP备2023035733号
325
收藏
