#----------------------------------------------------------------- # nginx configuration for serving local data and proxying Odoo # # This file should be installed as /usr/local/etc/nginx/nginx.conf # # Compiled from numerous sources including the nginx documentation. # Doug Vetter, Version 2, 11/3/2015 # # Revision History # # version 2: 11/03/2015 - Added client_max_body_size # Removed stuff leftover from debuggin # Updated comments throughout # # Version 1: 10/30/2015 - Initial Release #----------------------------------------------------------------- # The nginx package installed by FreeBSD creates a user and group # called www. We choose to run the server as this user. user www; # By default worker_processes is set to 1, which means one worker # process will be created to handle requests. This is dependent on # a number of factors but setting it to the number of CPU cores is # a good start. "auto" will try to detect the number of cores. # FYI: A i5-5250U has 2 physical cores and 2 virtual (hyperthreaded) # In this case "auto" creates 4 worker processes. worker_processes auto; events { # default number of connections is 1024. worker_connections 2048; } http { include mime.types; default_type application/octet-stream; index index.html # sendfile is useful only for serving static pages. # when proxying an application server like odoo it should be OFF sendfile off; # tcp_nodelay sends data from the server when it's ready (i.e. # without delay). Unless you're serving data over a modem and # it's 1995, this needs to be ON. tcp_nodelay on; # tcp_nopush activates TCP_CORK which fills a packet buffer up to # the MSS (MTU - IP header) before sending. It's the opposite of # tcp_nodelay and is required when sendfile is ON. Therefore, we # turn it OFF. tcp_nopush off; # closes connections with clients after this time in seconds. # in conjunction with worker_connections this ultimately determines # the maximum number of requests the server can handle. set # carefully. Too high a number may result in refused requests. keepalive_timeout 60; access_log /var/log/nginx/access.log; # Set the extent of error messages sent to the logs. Info will show # every URI request, which can be quite verbose with odoo. Production # servers should probably have this set to notice or maybe warn. # Valid Values: # [ debug | info | notice | warn | error | crit ] error_log /var/log/nginx/error.log notice; server { # my server is behind a firewall and will not be accessed over # insecure networks so I use standard http. # # I don't bother setting any error pages as all http errors are # hard coded and I don't need anything fancy -- just the error code. # # My LAN is on the 10.10.20.x network. listen 80; server_name 10.10.20.40; # I serve content unrelated to odoo in this directory, which is # equivalent to Apache's DocumentRoot directive. DO NOT EVER set # the root directive to "/" because that would expose your entire # filesystem and don't use the root directive in a location block. root /usr/local/www/nginx; index index.html; # prevents 413 "Request Entity Too Large" errors when uploading # data that exceeds the nginx default maximum size of 1MB (1m). # # Note 1: nginx docs suggest this directive can be used in the "http" # context but it didn't work there. It did work in the server and # location contexts, but as I wanted it to apply to all locations # I placed it here in the server context. # # Note 2: An essential test case for this error is an odoo database # restore. A virgin database with a few modules installed will # likely exceed 1MB, so after initial installation is complete, # backup the virgin database, check that the zip filesize exceeds # 1MB, and then attempt to restore that. Consider the test a PASS # if the 413 error does NOT occur and odoo responds in some way. client_max_body_size 512m; # I want to use the server for other things that have nothing to do # with odoo, so I instruct the server to try to locate the content # first. Failing that it will go to the proxy configured below. location /test { try_files $uri $uri/ /index.html; } # Users have to navigate to http://10.10.20.40/ to get to odoo. # Testing with "/" works along with "/web/static" below. location / { # the ip / port on which odoo listens for connections proxy_pass http://10.10.20.40:8069; # we don't rewrite any of the odoo server responses proxy_redirect off; # force timeouts if the odoo server stops responding proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; # increase the size of the buffers to handle odoo data proxy_buffers 16 64k; proxy_buffer_size 128k; # tell odoo about the real IP of the request. Typically 10.10.20.40 # but it could also be 127.0.0.1 if running the browser on the same # host as odoo runs. proxy_set_header Host $host; # tell odoo the real client side address (something on 10.10.20.x) # so odoo doesn't think every request is coming from localhost. proxy_set_header X-Real-IP $remote_addr; } # .../web/static is a directory in the addons directory located in the # source tree that contains static files provided by various odoo modules. # I don't bother to buffer these but larger organizations with multiple # users should probably consider doing so to improve performance. # In that case, change proxy_buffering to "on" and uncomment the bottom # two lines to enable caching of data for 60min. # Testing with "/web/static" works along with location "/" above. location ~* /web/static/ { proxy_buffering off; proxy_pass http://127.0.0.1:8069; # proxy_cache_valid 200 60m; # expires 864000; } } }