9

/etc/nginx/sites-available/default

server {
    listen 80 default_server;
    listen [::]:80 default_server ipv6only=on;

    root /usr/share/nginx/html;
    index index.html index.htm;

    # Make site accessible from http://localhost/
    server_name mywebsite.net;
    return 301 https://$host$request_uri;
}
server {
    listen 443;
    server_name localhost mywebsite.net;
    ssl on;
    ssl_certificate /etc/ssl/certs/odoo.crt;
    ssl_certificate_key /etc/ssl/private/odoo.key;

    ssl_session_timeout 5m;

    ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers "HIGH:!aNULL:!MD5 or HIGH:!aNULL:!MD5:!3DES";
    ssl_prefer_server_ciphers on;

    location / {
      #     try_files $uri $uri/ =404;
             proxy_pass http://127.0.0.1:8069;
            include proxy_params;
    }
    location ~ \.(css|js|png|gif|jpeg|jpg|swf|ico|woff){
        root /usr/lib/python2.7/dist-packages/openerp/addons;
        expires 360d;
    }

}

/etc/nginx/proxy_params

proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Frame-Options "deny";

When I run "curl -I -k https://mywebsite.net" ,I get the following headers,

HTTP/1.1 200 OK
Date: Fri, 14 Oct 2016 06:43:46 GMT
Content-Type: text/html; charset=utf-8
Connection: keep-alive
Set-Cookie: __cfduid=ddf89f52ff3c396f0a6c10af34a65d4281476427426;     expires=Sat, 14-Oct-17 06:43:46 GMT; path=/; domain=mywebsite.net; HttpOnly
Set-Cookie: session_id=b9bf4dc131a232eb2417eaa4a9fbe0e7f51a96f0; Expires=Thu, 12-Jan-2017 06:43:45 GMT; Max-Age=7776000; Path=/
Server: cloudflare-nginx
CF-RAY: 2f190f162b2a2dc7-BOM

I don't get the headers included in proxy_params. I think proxy_set_header not working. What is the issue ?

Thanks

linux404
  • 133
  • 1
  • 2
  • 8

1 Answers1

17

You've got it wrong.

proxy_set_header directive sets headers that nginx sends to backend (127.0.0.1:8069 in your case).

What you need is add_header directive.

Alexey Ten
  • 7,922
  • 31
  • 35
  • It works. Can you tell me difference between proxy_set_header and add_header ? – linux404 Oct 14 '16 at 08:00
  • 11
    @linux404 `add_header` sends headers to client (browser), `proxy_set_header` sends headers to backend server (the one you `proxy_pass` to) – Alexey Ten Oct 14 '16 at 08:44
  • 2
    It's also important to distinguish between "Request Headers" and "Response Headers". Request headers are for traffic inbound to the webserver (or backend app at 127.0.0.1:8069). Response headers are going the other way (in the HTTP response you get back using curl). – Excalibur Aug 17 '17 at 18:40