The Content-Security-Policy[^1] http header was only set on the response
generated by controllers but it was missing from the `/<module>/static/`
route.
It is not strictly necessary to set that header on the responses comming
from that routes as it is not possible to add new static files or edit
existing ones via the interface (not even as admin). Only the developers
and system administrator can access those files.
It is also worth mentionning that using the Odoo internal web server to
deliver static files is suboptimal. Outside of a dev environment, those
files will typically be delivered via a web server[^2] and sysadmins
should configure their web server to set the CSP header on static images.
[^1]: https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP
[^2]: https://www.odoo.com/documentation/master/administration/install/deploy.html#serving-static-files-and-attachmentsclosesodoo/documentation#6954
X-original-commit: f3f44fe5f2
Related: odoo/odoo#146592
Signed-off-by: Julien Castiaux (juc) <juc@odoo.com>
Install nginx using the nginx configuration found in the documentation
and changes the `listen` port to 8080. Start Odoo in `--proxy-mode`.
listen 8080;
server_name mycompany.odoo.com;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
location / {
proxy_pass http://127.0.0.1:8069;
}
Inside your browser, access "http://mycompany.odoo.com:8080" you are
wrongly redirected to "http://mycompany.odoo.com:80".
Odoo uses the `X-Forwarded-Host` http header value to generate new URls,
in this configuration `$host` only contains the domain (=hostname using
the urllib terminology) instead of the domain+port (=netloc). The
variable that contains both the domain and the port is actually
`$http_host`.
closesodoo/documentation#6944Closes: odoo/odoo#64643
X-original-commit: 09c42c5896
Signed-off-by: Antoine Vandevenne (anv) <anv@odoo.com>
Signed-off-by: Julien Castiaux (juc) <juc@odoo.com>
Many users don't start odoo-bin in --workers (multi-processing) mode but
instead leave the default configuration which use the development/demo
multi-threaded server, even in production.
This commit rewords the section about the difference between the
built-in servers and highlight the many advantages of the
multi-processing on. It repeats that information when it comes to
running a dedicated cron server, that it should use the multi-processing
server instead of the default multi-threading one.
closesodoo/documentation#5934Fixes: odoo/odoo#88984Closes: odoo/odoo#128571
X-original-commit: 8e9ae99423
Signed-off-by: Jonathan Castillo (jcs) <jcs@odoo.com>
Signed-off-by: Julien Castiaux (juc) <juc@odoo.com>
It has always been the case informally but write it in the doc.
closesodoo/documentation#5835
X-original-commit: 80e1065dff
Signed-off-by: Olivier Dony (odo) <odo@odoo.com>
This PR moves the introduction about the different installation methods and editions found on the
install/install.rst page directly under the main install/ page. It creates three pages, one per
installation method documented on the install/install.rst page (Docker being documented on
docker.com and maintained by us), and moves the related content there. In addition, it fixes various
typos/grammar issues and improves the content according to the documentation guidelines. Various
references and links across the documentation had to be fixed accordingly.
task-3459070
closesodoo/documentation#5543
X-original-commit: 91c28fd433
Signed-off-by: Xavier Platteau (xpl) <xpl@odoo.com>
The deploy documentation is assuming that `/etc/odoo.conf` is the
default config file, which is not the case.
With this commit, the configuration file references the cli
documentation.
closesodoo/documentation#4808
X-original-commit: 8aed7988ba
Signed-off-by: Antoine Vandevenne (anv) <anv@odoo.com>
Signed-off-by: Christophe Monniez (moc) <moc@odoo.com>
This commit removes unnecessary `proxy_set_headers` in the serve
static config block.
Indeed, the request will either be served by Nginx in which case
the request won't go to the proxy backend or by the `@odoo` backend
which have its own `proxy_set_headers` set as the user is supposed
to copy/paste the contennt of the `location /` block.
closes odoo/documentation#3768
Closes: #3675
X-original-commit: 6129288439
Signed-off-by: Castillo Jonathan (jcs) <jcs@odoo.com>
Signed-off-by: Stockbauer Matthieu (tsm) <tsm@odoo.com>
RST cleanup to comply with the RST guidelines. This is required so we
can use "make test", as there are currently hundreds of errors. For now,
it is unusable because of the oldest code in this repo.
closesodoo/documentation#3589
X-original-commit: 7ae76bad42
Signed-off-by: Castillo Jonathan (jcs) <jcs@odoo.com>
In case of a source install the various places where static files can be
found are spread on the filesystem. The previous configuration sample
used custom internal locations but it turns out that it is only possible
to `try_files` on filesystem paths and on "named location (@ ones)".
This commit fixes the configuration sample so that it works for the
given situation where community and enterprise has been cloned from git.
task-3049538
closesodoo/documentation#2945
X-original-commit: 67cb3acd6a
Signed-off-by: Julien Castiaux <juc@odoo.com>
Signed-off-by: Antoine Vandevenne (anv) <anv@odoo.com>
Before this commit, following the install documentation to setup
the odoochat server would fail. This was due to the fact that the
documentation about how to define the `$connection_upgrade` variable
was missing.
This PR fixes this issue.
closesodoo/documentation#2829
X-original-commit: 9ed3575f19
Signed-off-by: Victor Feyens (vfe) <vfe@odoo.com>
Signed-off-by: Stockbauer Matthieu (tsm) <tsm@odoo.com>
Update the minimal version in the installation doc
Make all postgresql docs references target the v12 documentation
Fix some non http links on the way
closesodoo/documentation#2822
X-original-commit: 93b383e95d
Signed-off-by: Victor Feyens (vfe) <vfe@odoo.com>
Odoo is compatible with X-Sendfile (apache) and X-Accel (nginx). They
are web server extension that can be used by the web application (Odoo)
to delegate serving local files to the web server (apache/nginx). We use
those extension to stream attachments. The documentation now explains
what is X-Sendfile/X-Accel and how to configure each web server.
Along those changes, the few sentences about serving static files have
been reworded and now include various configuration examples.
closesodoo/documentation#2083
Task: 2801675
Related: odoo/odoo#88134
Related: odoo/enterprise#26191
Signed-off-by: Antoine Vandevenne (anv) <anv@odoo.com>
Backport of commit d227ab66b0 on #1448closesodoo/documentation#1617
X-original-commit: a80f3c3899
Signed-off-by: Castillo Jonathan (jcs) <jcs@odoo.com>
Signed-off-by: Antoine Vandevenne (anv) <anv@odoo.com>
The indentation of the provided default nginx config wasn't consistent.
This commit enforces the indentation of two spaces for the nginx config.
Also cleans a bit the .rst useless empty lines.
