I put a port forward on my Comcast xfinity gateway to my Ubuntu host PC.
The Ubuntu host runs VirtualBox where I defined a forward port from the one from the gateway to an Ubuntu VM which hosts my Odoo app.

Odoo has a builtin web server (Werkzueg or something like that) that does not support HTTPS, so I installed nginx on the VM to proxy/reverse proxy Odoo using HTTPS.

Internet --> modem port forward --> Ubuntu host --> virtualbox port forward --> Ubuntu vm --> nginx --> Odoo

One thing: without nginx installed, and using plain HTTP, I can connect to my Odoo app from my tablet at the restaurant no problem. Only I don't want to do that.

Modem is TECHNICOLOR CGM4140COM which does support port forward.

nginx.conf:

user www-data;
worker_processes auto;
pid /run/nginx.pid;

events {
    worker_connections 768;
    # multi_accept on;
}

http {

##
# Basic Settings
##

sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;

include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}

default.conf:

deleted

odoo10.conf

#odoo server
upstream odoo {
server 127.0.0.1:8069;
}

# http -> https
server {
listen 80;
server_name odoo.mycompany.com;
rewrite ^(.*) https://$host$1 permanent;
}

server {
listen 443 ssl;
server_name odoo.mycompany.com;
proxy_read_timeout 720s;
proxy_connect_timeout 720s;
proxy_send_timeout 720s;

# Add Headers for odoo proxy mode
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;

# SSL parameters
ssl on;
ssl_certificate /etc/nginx/ssl/odoo10.cert;
ssl_certificate_key /etc/nginx/ssl/odoo10.key;
ssl_session_timeout 30m;
ssl_protocols TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;

# log
access_log /etc/nginx/odoo10.access.log;
error_log /etc/nginx/odoo10.error.log debug;

# Redirect requests to odoo backend server
location / {
proxy_redirect off;
proxy_pass http://odoo;
}

# common gzip
gzip_types text/css text/less text/plain text/xml application/xml 
application/json application/javascript;
gzip on;
}

From the internet I can connect to my Odoo app with https and it works to some extent. But there are some problems I'd like to solve.

When I enter https://my-modem-IP:port I will receive my modem admin login page. So I need to enter https://my-modem-IP:port/web/login. When I do this I receive the Odoo login page. And the URL that is returned back is the same as I sent: https://my-modem-IP:port/web/login.

When I click on that I again receive the modem admin login page with https://my-modem-IP/web -- no port#.

If I manually enter the port# to that URL -- https://my-modem-IP:port/web -- I am logged into the Odoo app. I have not tested the complete app, but so far there is no problem navigating through it, except for the logout page which again drops the port# and sends me the modem admin logon page.

I have two debug logs: one that gives me the login problem and another that shows it works when I manually enter the port#. They are quite large and maybe this is not the place to include them. I hope someone will let me know a way I can post the logs.