LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 08-19-2019, 09:33 AM   #1
redssr
Member
 
Registered: Oct 2013
Location: Dist Nasik MH State Country India
Distribution: Linux
Posts: 108

Rep: Reputation: Disabled
Unable to open edit image link with proxy for odoo


Unable to open edit image link with proxy for odoo

I tried using nginx as well as apache (seprately), it gives 404 page not found but its working fine when i open the image directly from odoo url

here are my both conf files (apache as well as nginx)

Code:
nginx conf

upstream odoo {
 server 127.0.0.1:8069;
}

#upstream odoo-chat {
# server 127.0.0.1:8072;
#}

server {
    server_name erp.imorosity.com;
    return 301 https://erp.imorosity.com$request_uri;
}

server {
   listen 443 ssl http2;
   server_name erp.imorosity.com;

   ssl_certificate /etc/letsencrypt/live/erp.imorosity.com/fullchain.pem;
   ssl_certificate_key /etc/letsencrypt/live/erp.imorosity.com/privkey.pem;
   ssl_session_timeout 1d;
   ssl_session_cache shared:SSL:50m;
   ssl_session_tickets off;

#   ssl_dhparam /path/to/dhparam.pem;

   ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
   ssl_ciphers 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS';
   ssl_prefer_server_ciphers on;

   add_header Strict-Transport-Security max-age=15768000;

   ssl_stapling on;
   ssl_stapling_verify on;
   ssl_trusted_certificate /etc/letsencrypt/live/erp.imorosity.com/fullchain.pem;

   access_log /var/log/nginx/odoo.access.log;
   error_log /var/log/nginx/odoo.error.log error;

   proxy_read_timeout 720s;
   proxy_connect_timeout 720s;
   proxy_send_timeout 720s;
   proxy_set_header X-Forwarded-Host $host;
   proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
   proxy_set_header X-Forwarded-Proto $scheme;
   proxy_set_header X-Real-IP $remote_addr;
   client_max_body_size 4096M;

   location / {
     proxy_redirect off;
     proxy_pass http://odoo;
   }

#   location /longpolling {
#       proxy_pass http://odoo-chat;
#   }

   location ~* /web/static/ {
       proxy_cache_valid 200000 90m;
       proxy_buffering    on;
       expires 864000;
       proxy_pass http://odoo;
   client_max_body_size 4096M;
  }

  # gzip
  gzip_types text/css text/less text/plain text/xml application/xml application/json application/javascript;
  gzip on;
}

Apache conf

<VirtualHost *:80>
     ServerName erp.imorosity.com
     ServerAlias erp.imorosity.com
     Redirect / https://erp.imorosity.com/
</VirtualHost>

<VirtualHost *:443>
     ServerName erp.imorosity.com
     ServerAlias erp.imorosity.com

     LogLevel warn
     ErrorLog /var/log/apache2/odoo-error.log
     CustomLog /var/log/apache2/odoo-access.log common

     SSLEngine on
     SSLProxyEngine on
     SSLCertificateFile /etc/letsencrypt/live/erp.imorosity.com/fullchain.pem
     SSLCertificateKeyFile /etc/letsencrypt/live/erp.imorosity.com/privkey.pem
     SSLCertificateChainFile /etc/letsencrypt/live/erp.imorosity.com/fullchain.pem
     ProxyPreserveHost On
     ProxyPass / http://localhost:8069/ retry=0
     ProxyPassReverse / http://localhost:8069/
</VirtualHost>
For reference i am attaching the screenshots
Attached Thumbnails
Click image for larger version

Name:	with_proxy.png
Views:	13
Size:	173.0 KB
ID:	31157  

Last edited by rtmistler; 08-19-2019 at 02:21 PM.
 
Old 08-19-2019, 10:10 AM   #2
TB0ne
LQ Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 22,318

Rep: Reputation: 6019Reputation: 6019Reputation: 6019Reputation: 6019Reputation: 6019Reputation: 6019Reputation: 6019Reputation: 6019Reputation: 6019Reputation: 6019Reputation: 6019
Quote:
Originally Posted by redssr View Post
Unable to open edit image link with proxy for odoo
I tried using nginx as well as apache (seprately), it gives 404 page not found but its working fine when i open the image directly from odoo url here are my both conf files (apache as well as nginx)
Code:
nginx conf

upstream odoo {
 server 127.0.0.1:8069;
}

#upstream odoo-chat {
# server 127.0.0.1:8072;
#}

server {
    server_name erp.imorosity.com;
    return 301 https://erp.imorosity.com$request_uri;
}

server {
   listen 443 ssl http2;
   server_name erp.imorosity.com;

   ssl_certificate /etc/letsencrypt/live/erp.imorosity.com/fullchain.pem;
   ssl_certificate_key /etc/letsencrypt/live/erp.imorosity.com/privkey.pem;
   ssl_session_timeout 1d;
   ssl_session_cache shared:SSL:50m;
   ssl_session_tickets off;

#   ssl_dhparam /path/to/dhparam.pem;

   ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
   ssl_ciphers 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS';
   ssl_prefer_server_ciphers on;

   add_header Strict-Transport-Security max-age=15768000;

   ssl_stapling on;
   ssl_stapling_verify on;
   ssl_trusted_certificate /etc/letsencrypt/live/erp.imorosity.com/fullchain.pem;

   access_log /var/log/nginx/odoo.access.log;
   error_log /var/log/nginx/odoo.error.log error;

   proxy_read_timeout 720s;
   proxy_connect_timeout 720s;
   proxy_send_timeout 720s;
   proxy_set_header X-Forwarded-Host $host;
   proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
   proxy_set_header X-Forwarded-Proto $scheme;
   proxy_set_header X-Real-IP $remote_addr;
   client_max_body_size 4096M;

   location / {
     proxy_redirect off;
     proxy_pass http://odoo;
   }

#   location /longpolling {
#       proxy_pass http://odoo-chat;
#   }

   location ~* /web/static/ {
       proxy_cache_valid 200000 90m;
       proxy_buffering    on;
       expires 864000;
       proxy_pass http://odoo;
   client_max_body_size 4096M;
  }

  # gzip
  gzip_types text/css text/less text/plain text/xml application/xml application/json application/javascript;
  gzip on;
}
Code:
Apache conf
<VirtualHost *:80>
     ServerName erp.imorosity.com
     ServerAlias erp.imorosity.com
     Redirect / https://erp.imorosity.com/
</VirtualHost>

<VirtualHost *:443>
     ServerName erp.imorosity.com
     ServerAlias erp.imorosity.com

     LogLevel warn
     ErrorLog /var/log/apache2/odoo-error.log
     CustomLog /var/log/apache2/odoo-access.log common

     SSLEngine on
     SSLProxyEngine on
     SSLCertificateFile /etc/letsencrypt/live/erp.imorosity.com/fullchain.pem
     SSLCertificateKeyFile /etc/letsencrypt/live/erp.imorosity.com/privkey.pem
     SSLCertificateChainFile /etc/letsencrypt/live/erp.imorosity.com/fullchain.pem
     ProxyPreserveHost On
     ProxyPass / http://localhost:8069/ retry=0
     ProxyPassReverse / http://localhost:8069/
</VirtualHost>
So since this isn't working with either proxy, wouldn't that then point to a misconfiguration in odoo??
Quote:
For reference i am attaching the screenshots
And I'm sure the guy from Spain will be THRILLED that you posted their identification card and numbers to the Internet. Your previous thread about your 'bulk email server' with ten IP addresses (so you wouldn't get blacklisted....odd that a legitimate business would need that) working with your proxy, is highly suspicious. Even more so after visiting the web link you posted here.

Good luck.
 
Old 08-19-2019, 10:33 AM   #3
redssr
Member
 
Registered: Oct 2013
Location: Dist Nasik MH State Country India
Distribution: Linux
Posts: 108

Original Poster
Rep: Reputation: Disabled
Hello
TB0ne
Once again thanks for the reply,

Regarding my previous bulk email thread, that project is already completed and it has nothing to do with this its completely new

Regards,
Redssr
 
Old 08-19-2019, 10:44 AM   #4
TB0ne
LQ Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 22,318

Rep: Reputation: 6019Reputation: 6019Reputation: 6019Reputation: 6019Reputation: 6019Reputation: 6019Reputation: 6019Reputation: 6019Reputation: 6019Reputation: 6019Reputation: 6019
Quote:
Originally Posted by redssr View Post
Hello
TB0ne
Once again thanks for the reply,

Regarding my previous bulk email thread, that project is already completed and it has nothing to do with this its completely new
Sorry, just don't believe you. If someone else wants to help you with your (again) HIGHLY suspicious web site, that's up to them. But I'd strongly suggest they look at your previous posts first.

Again: you have something misconfigured.
 
Old 08-19-2019, 12:22 PM   #5
rtmistler
Moderator
 
Registered: Mar 2011
Location: USA
Distribution: MINT Debian, Angstrom, SUSE, Ubuntu, Debian
Posts: 8,430
Blog Entries: 13

Rep: Reputation: 3744Reputation: 3744Reputation: 3744Reputation: 3744Reputation: 3744Reputation: 3744Reputation: 3744Reputation: 3744Reputation: 3744Reputation: 3744Reputation: 3744
@redssr,

This appears to be a fairly complicated question. Do you feel it may be better in a different forum? Such as Linux-Server? If so, please click the Report button on your original post and ask in the dialog for your thread to be moved. I feel it may be more suitable for that forum. While I see that you've edited your attached thumbnail, I do wonder if that image is required to be shown at all, or perhaps a far better redacting could be performed, such as large, dark rectangles versus a drawing pen. Not saying it isn't effective, but also personally not trying to decipher the details. Someone may and may be successful given the not complete redaction of all information.

@TB0ne,

Are your comments about a suspect website relevant to this thread? If yes, then what exactly is the concern, such as whether or not this thread contains any violations of the LQ rules, or instead if details posted are inadvisable? (example, the personal details you mentioned earlier)

Let's stay on topic for this thread. If there are concerns about forum violations, let's report those.
 
Old 08-19-2019, 12:44 PM   #6
TB0ne
LQ Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 22,318

Rep: Reputation: 6019Reputation: 6019Reputation: 6019Reputation: 6019Reputation: 6019Reputation: 6019Reputation: 6019Reputation: 6019Reputation: 6019Reputation: 6019Reputation: 6019
Quote:
Originally Posted by rtmistler View Post
@redssr,
This appears to be a fairly complicated question. Do you feel it may be better in a different forum? Such as Linux-Server? If so, please click the Report button on your original post and ask in the dialog for your thread to be moved. I feel it may be more suitable for that forum. While I see that you've edited your attached thumbnail, I do wonder if that image is required to be shown at all, or perhaps a far better redacting could be performed, such as large, dark rectangles versus a drawing pen. Not saying it isn't effective, but also personally not trying to decipher the details. Someone may and may be successful given the not complete redaction of all information.
It is, sort of. While the moving parts are involved, the actual problem here is the oodo service not being configured correctly. The fact that the OP gets identical results no matter WHAT proxy is used, indicates the problem is further upstream. The oodo configuration isn't posted.
Quote:
@TB0ne,

Are your comments about a suspect website relevant to this thread? If yes, then what exactly is the concern, such as whether or not this thread contains any violations of the LQ rules, or instead if details posted are inadvisable? (example, the personal details you mentioned earlier)

Let's stay on topic for this thread. If there are concerns about forum violations, let's report those.
The personal details would be the ID card from someone from Spain; the OP has since gone in and EDITED the original post, to redact the information that was 100% publicly visible for some time. The website mentioned in their configs is a pretty sketchy site (in my opinion), about how to 'remove' your name from delinquent bill lists, and credit-report listings (all for a hefty fee, too). From there, this 'secondary' site (not mentioned on their main page), has no contact information past a web form, no addresses, and a generic email box. And given the fact that the OP has posted before about bulk email servers with ten (!!) IP addresses, so they can avoid being blacklisted...nothing about this seems legitimate.

I cannot come up with a scenario where a legitimate credit-reporting company would be trying to host websites on the side, or need to worry about being blacklisted.
 
Old 08-19-2019, 02:18 PM   #7
rtmistler
Moderator
 
Registered: Mar 2011
Location: USA
Distribution: MINT Debian, Angstrom, SUSE, Ubuntu, Debian
Posts: 8,430
Blog Entries: 13

Rep: Reputation: 3744Reputation: 3744Reputation: 3744Reputation: 3744Reputation: 3744Reputation: 3744Reputation: 3744Reputation: 3744Reputation: 3744Reputation: 3744Reputation: 3744
Quote:
Originally Posted by TB0ne View Post
The personal details would be the ID card from someone from Spain; the OP has since gone in and EDITED the original post, to redact the information that was 100% publicly visible for some time. The website mentioned in their configs is a pretty sketchy site (in my opinion), about how to 'remove' your name from delinquent bill lists, and credit-report listings (all for a hefty fee, too). From there, this 'secondary' site (not mentioned on their main page), has no contact information past a web form, no addresses, and a generic email box. And given the fact that the OP has posted before about bulk email servers with ten (!!) IP addresses, so they can avoid being blacklisted...nothing about this seems legitimate.

I cannot come up with a scenario where a legitimate credit-reporting company would be trying to host websites on the side, or need to worry about being blacklisted.
If you specifically feel that the website is advertising, please generate a report. Already evaluating that, but additional comments are helpful.

Regarding other threads, please report on those as necessary, if you already haven't, and once again if you feel that there are any rules violations.

I will remove the second image, because it contains non-English information, and ID numbers. I realize it has already been posted for some time, I cannot control that.
 
1 members found this post helpful.
Old 08-19-2019, 03:16 PM   #8
TB0ne
LQ Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 22,318

Rep: Reputation: 6019Reputation: 6019Reputation: 6019Reputation: 6019Reputation: 6019Reputation: 6019Reputation: 6019Reputation: 6019Reputation: 6019Reputation: 6019Reputation: 6019
Quote:
Originally Posted by rtmistler View Post
If you specifically feel that the website is advertising, please generate a report. Already evaluating that, but additional comments are helpful.

Regarding other threads, please report on those as necessary, if you already haven't, and once again if you feel that there are any rules violations. I will remove the second image, because it contains non-English information, and ID numbers. I realize it has already been posted for some time, I cannot control that.
Understand, and thanks. Just taking things as a whole, given several factors. Hesitant to offer assistance...just seems shady.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: How to install Odoo 10 on Ubuntu 16.04 with Apache as a reverse proxy LXer Syndicated Linux News 0 08-02-2017 11:36 AM
LXer: Install Odoo 10 on CentOS 7 with Apache as a reverse proxy LXer Syndicated Linux News 0 11-21-2016 05:03 PM
LXer: Install Odoo on a Debian 8 VPS with Nginx as a reverse proxy LXer Syndicated Linux News 0 08-30-2015 10:21 AM
LXer: Odoo 8 with SSL Reverse Proxy using Apache LXer Syndicated Linux News 0 11-26-2014 07:36 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 12:18 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration