Setup https pada Odoo 17 Community Edition

Setelah kita menginstal Odoo 17 untuk development tampak bahwa  aplikasi Odoo 17 ini masih http belum https.

Setup https pada Odoo 17 Community Edition adalah seperti langkah-langkah berikut ini

1. Menggunakan certbot

   # apt install certbot
   # certbot certonly --standalone -d rnd.suatu.co.id --preferred-challenges http --agree-tos -n -m aris@emailku.co.id --keep-until-expiring
   
   Successfully received certificate.
   Certificate is saved at: /etc/letsencrypt/live/rnd.suatu.co.id/fullchain.pem
   Key is saved at:         /etc/letsencrypt/live/rnd.suatu.co.id/privkey.pem
   

2. Install Nginx

   # apt install nginx
   

3. Update proxy_mode pada odoo.conf

   # pwd
   /home/apku/odoo/config
   # cat odoo.conf
   [options]
   addons_path = /mnt/extra-addons
   data_dir = /var/lib/odoo
   dbfilter = ^%h$
   admin_passwd = $suaturahasiabaruditahun2024
   proxy_mode = True
   
   

4. Restart Odoo

   # docker stop odoo-web-1
   # docker start odoo-web-1
   

5. Update konfigurasi Nginx

   # cat /etc/nginx/sites-enabled/rnd-suatu-co-id.conf
   #odoo server
   upstream odoo-rnd {
     server 127.0.0.1:9070;
   }
   
   upstream odoochat-rnd {
     server 127.0.0.1:8072;
   }
   
   map $http_upgrade $connection_upgrade {
     default upgrade;
     ''      close;
   }
   
   # http -> https
   server {
     listen 80;
     server_name rnd.suatu.co.id;
     rewrite ^(.*) https://$host$1 permanent;
   }
   
   server {
     listen 443 ssl;
     server_name rnd.suatu.co.id;
     proxy_read_timeout 720s;
     proxy_connect_timeout 720s;
     proxy_send_timeout 720s;
   
     # SSL parameters
     ssl_certificate /etc/letsencrypt/live/rnd.suatu.co.id/fullchain.pem;
     ssl_certificate_key /etc/letsencrypt/live/rnd.suatu.co.id/privkey.pem;
     ssl_session_timeout 30m;
     ssl_protocols TLSv1.2;
     ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
     ssl_prefer_server_ciphers off;
   
     # log
     access_log /var/log/nginx/odoo-rnd.access.log;
     error_log /var/log/nginx/odoo-rnd.error.log;
   
     # Redirect websocket requests to odoo gevent port
     location /websocket {
       proxy_pass http://odoochat-rnd;
       proxy_set_header Upgrade $http_upgrade;
       proxy_set_header Connection $connection_upgrade;
       proxy_set_header X-Forwarded-Host $http_host;
       proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
       proxy_set_header X-Forwarded-Proto $scheme;
       proxy_set_header X-Real-IP $remote_addr;
   
       add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";
       proxy_cookie_flags session_id samesite=lax secure;  # requires nginx 1.19.8
     }
   
     # Redirect requests to odoo backend server
     location / {
       # Add Headers for odoo proxy mode
       proxy_set_header X-Forwarded-Host $http_host;
       proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
       proxy_set_header X-Forwarded-Proto $scheme;
       proxy_set_header X-Real-IP $remote_addr;
       proxy_redirect off;
       proxy_pass http://odoo-rnd;
   
       add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";
       proxy_cookie_flags session_id samesite=lax secure;  # requires nginx 1.19.8
     }
   
     # common gzip
     gzip_types text/css text/scss text/plain text/xml application/xml application/json application/javascript;
     gzip on;
   }
   
   

6. Start Nginx

   # systemctl start nginx
   

7. Tampilan hasil
   

Informasi lebih lanjut silahkan mengunjungi
1. https://www.odoo.com/documentation/17.0/administration/on_premise/deploy.html .
2. https://www.proweb.co.id/articles/odoo-addons/portainer-docker.html .

Kunjungi www.proweb.co.id/implementasi-odoo/ untuk menambah wawasan implementasi Odoo ERP.