redirect uri not correct

[hmrickhoff]

i want to configure odoo 14 with npm. in this link there are the recommended nginx settings i want to map to nginx proxy manager https://www.odoo.com/documentation/14.0/setup/deploy.html

server itself runs great. but i have one small problem. im using oauth logins and the redirect url wrong. its always setting the redirect url to http and not https. my guess is that some of the needed settings cannot be set in npm, am i correct? i was swithing from apache, there everything works fine, so i dont think its an odoo problem.

the 1.conf looks like this:

# ------------------------------------------------------------
# xxx-xx.de, www.xxx-xx.de
# ------------------------------------------------------------

server {
  set $forward_scheme https;
  set $server         "xxx.xxx.xxx.xxx";
  set $port           14369;

  listen 80;
listen [::]:80;

listen 443 ssl http2;
listen [::]:443;

  server_name xxx-xx.de www.xxx-xx.de;

  # Let's Encrypt SSL
  include conf.d/include/letsencrypt-acme-challenge.conf;
  include conf.d/include/ssl-ciphers.conf;
  ssl_certificate /etc/letsencrypt/live/npm-4/fullchain.pem;
  ssl_certificate_key /etc/letsencrypt/live/npm-4/privkey.pem;

  # Block Exploits
  include conf.d/include/block-exploits.conf;

  # HSTS (ngx_http_headers_module is required) (31536000 seconds = 1 year)
  add_header Strict-Transport-Security "max-age=31536000;includeSubDomains; preload" always;

  access_log /data/logs/proxy_host-1.log proxy;

# Add Headers for odoo proxy mode
 proxy_set_header X-Forwarded-Host $host;
 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
 proxy_set_header X-Forwarded-Proto $scheme;
 proxy_set_header X-Real-IP $remote_addr;

 # common gzip
 gzip_types text/css text/scss text/plain text/xml application/xml application/json application/javascript;
 gzip on;

  location / {
    proxy_set_header Host $host;
    proxy_set_header X-Forwarded-Scheme $scheme;
    proxy_set_header X-Forwarded-Proto  $scheme;
    proxy_set_header X-Forwarded-For    $remote_addr;
    proxy_pass       http://xxx.xxx.xxx.xxx:14369;
    proxy_redirect off;
  }

  location /longpolling  {
    proxy_set_header Host $host;
    proxy_set_header X-Forwarded-Scheme $scheme;
    proxy_set_header X-Forwarded-Proto  $scheme;
    proxy_set_header X-Forwarded-For    $remote_addr;
    proxy_pass       http://xxx.xxx.xxx.xxx:14372;

  }

  # Custom
  include /data/nginx/custom/server_proxy[.]conf;
}

[hmrickhoff]

Solution:

The "proxy_set_header" variables are not working in the server{} tag. They needed to be added inside the location{} tags. i dont know if this is a bug or working as intended. in normal nginx its working inside the server{} tag.

[github-actions[bot]]

Issue is now considered stale. If you want to keep it open, please comment :+1:

[Paulius11]

I'm also trying to configure odoov17 Documentation recomends adding nginx config:

``#odoo server
upstream odoo {
  server 127.0.0.1:8069;
}
upstream odoochat {
  server 127.0.0.1:8072;
}
map $http_upgrade $connection_upgrade {
  default upgrade;
  ''      close;
}

# http -> https
server {
  listen 80;
  server_name odoo.mycompany.com;
  rewrite ^(.*) https://$host$1 permanent;
}

server {
  listen 443 ssl;
  server_name odoo.mycompany.com;
  proxy_read_timeout 720s;
  proxy_connect_timeout 720s;
  proxy_send_timeout 720s;

  # SSL parameters
  ssl_certificate /etc/ssl/nginx/server.crt;
  ssl_certificate_key /etc/ssl/nginx/server.key;
  ssl_session_timeout 30m;
  ssl_protocols TLSv1.2;
  ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
  ssl_prefer_server_ciphers off;

  # log
  access_log /var/log/nginx/odoo.access.log;
  error_log /var/log/nginx/odoo.error.log;

  # Redirect websocket requests to odoo gevent port
  location /websocket {
    proxy_pass http://odoochat;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection $connection_upgrade;
    proxy_set_header X-Forwarded-Host $http_host;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header X-Real-IP $remote_addr;

    add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";
    proxy_cookie_flags session_id samesite=lax secure;  # requires nginx 1.19.8
  }

  # Redirect requests to odoo backend server
  location / {
    # Add Headers for odoo proxy mode
    proxy_set_header X-Forwarded-Host $http_host;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_redirect off;
    proxy_pass http://odoo;

    add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";
    proxy_cookie_flags session_id samesite=lax secure;  # requires nginx 1.19.8
  }

  # common gzip
  gzip_types text/css text/scss text/plain text/xml application/xml application/json application/javascript;
  gzip on;
}

Can anyone please, guide, how to do this? Do I manually edit nginx proxy ar can this be achieved through web-interface?

[Paulius11]

Managed to fix it

Create 2 files with content:

Included at the top of the main http block

/opt/docker/nginx-proxy-manager/data/nginx/custom/http_top.conf

map $http_upgrade $connection_upgrade {
  default upgrade;
  ''      close;
}

Included at the end of every proxy server block:/opt/docker/nginx-proxy-manager/data/nginx/custom/server_proxy.conf

location /websocket {
    proxy_pass http://127.0.0.1:8072;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection $connection_upgrade;
    proxy_set_header X-Forwarded-Host $http_host;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header X-Real-IP $remote_addr;

    add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";
    proxy_cookie_flags session_id samesite=lax secure;  # requires nginx 1.19.8
}