Đầy đủ hướng dẫn cài docker odoo có ssl và timezero trên windows 10

Nạp IP lên noip bằng DUC, SSL mua dịch vụ của noip 19,99$ (520K).

Dùng cloudflare thì tạo file bat để nó chạy

@ECHO OFF :: This batch file details networking configuration. TITLE Update IP to Cloudflare. ECHO Please wait... Update IP to Cloudflare. G:\docker\odoo14\cloudflare-sync.exe -api-token eVzLcWs3yrSF-bIaT -records-file-name odoo.json -zone-id 0c8761ac1fbd -frequency 10000 

odoo.json thì có nội dung:

[ { "type": "A", "name": "pkp.vn", "proxied": false, "ttl": 1200, "priority": 1 } ]

Còn SSL thì mua dùng, sử dụng zerossl chỉ cho 3 lần gia hạn.

Nội dung trong file docker-compose.yml: Nội dung thay đổi trong file yml, dùng câu lệnh để update: docker compose up –build Để cập nhật ver mới phải xóa image odoo rồi cho build lại. Chạy lệnh: docker compose up -d docker compose down

version: "3.9" services: db: image: postgres:13 user: root environment: - POSTGRES_PASSWORD=odoo - POSTGRES_USER=odoo - POSTGRES_DB=postgres - TZ=Asia/Ho_Chi_Minh - PGTZ=Asia/Ho_Chi_Minh - DEBIAN_FRONTEND=noninteractive restart: always # run as a service volumes: - ./postgresql:/var/lib/postgresql/data odoo14: image: odoo:14 user: root depends_on: - db ports: - 80:8069 - 8072:8072 tty: true command: -- # command: odoo scaffold /mnt/extra-addons/custom_module environment: - HOST=db - USER= - PASSWORD= - TZ=Asia/Ho_Chi_Minh - PGTZ=Asia/Ho_Chi_Minh - DEBIAN_FRONTEND=noninteractive volumes: #- /etc/timezone:/etc/timezone:ro #- /etc/localtime:/etc/localtime:ro #- ./entrypoint.sh:/entrypoint.sh # if you want to install additional Python packages, uncomment this line! - ./addons:/mnt/extra-addons - ./etc:/etc/odoo restart: always # run as a service nginx: container_name: nginx image: nginx:latest restart: always depends_on: - odoo14 ports: - 443:443 volumes: - ./nginx/conf:/etc/nginx/conf.d - ./ssl:/etc/ssl - ./nginx/site:/usr/share/nginx/html 

Các câu lệnh chạy trong Terminal:

pip3 install html2text 

Set timezore trực tiếp trong command

apt-get update && \ apt-get install -yq tzdata && \ ln -fs /usr/share/zoneinfo/Asia/Ho_Chi_Minh /etc/localtime && \ dpkg-reconfigure -f noninteractive tzdata ENV TZ="Asia/Ho_Chi_Minh"

Nội dung trong file conf của nginx:

upstream odoo {	server odoo14:8069 weight=1 fail_timeout=0; } server {	listen 443 ssl;	charset utf-8;	server_name pkp.vn www.pkp.vn;	root /usr/share/nginx/html;	index index.html index.htm; # log files access_log /usr/share/nginx/html/openerp.access.log; error_log /usr/share/nginx/html/openerp.error.log; ssl_certificate /etc/ssl/certificate.crt; ssl_certificate_key /etc/ssl/private.key;	ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers HIGH:!aNULL:!MD5;	proxy_read_timeout 3000s;	proxy_connect_timeout 3000s;	proxy_send_timeout 3000s;	# Add Headers for odoo proxy mode	proxy_set_header X-Forwarded-Host $host;	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;	proxy_set_header X-Forwarded-Proto $scheme;	proxy_set_header X-Real-IP $remote_addr; location / {	proxy_redirect off; proxy_pass http://odoo; }	location ~* /web/static/ { proxy_cache_valid 200 90m; proxy_buffering on; expires 864000; proxy_pass http://odoo; }	# common gzip	gzip_types text/css text/scss text/plain text/xml application/xml application/json applicat$	gzip on;	client_max_body_size 3G; } server {	listen 443 ssl;	charset utf-8;	server_name phankienphat.net www.phankienphat.net;	root /usr/share/nginx/html;	index index.html index.htm; # log files access_log /usr/share/nginx/html/openerp.access.log; error_log /usr/share/nginx/html/openerp.error.log;	ssl_certificate /etc/ssl/phankienphat.net.pem;	ssl_certificate_key /etc/ssl/phankienphat.net.key;	ssl_session_timeout 1d;	ssl_session_cache shared:SSL:50m;	ssl_session_tickets off; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS'; ssl_prefer_server_ciphers on; add_header Strict-Transport-Security max-age=15768000;	proxy_read_timeout 3000s;	proxy_connect_timeout 3000s;	proxy_send_timeout 3000s;	# Add Headers for odoo proxy mode	proxy_set_header X-Forwarded-Host $host;	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;	proxy_set_header X-Forwarded-Proto $scheme;	proxy_set_header X-Real-IP $remote_addr; location / {	proxy_redirect off; proxy_pass http://odoo; }	location ~* /web/static/ { proxy_cache_valid 200 90m; proxy_buffering on; expires 864000; proxy_pass http://odoo; }	# common gzip	gzip_types text/css text/scss text/plain text/xml application/xml application/json application/javascript;	gzip on;	client_max_body_size 3G; }

Do proxy cho odoo chat không mở cho phương thức http, nên cho post 8072 và 80 nên cho chạy bình thường. Để app Discuss nhận tin và chuông.

Cấu hình cho odoo

[options] addons_path = /mnt/extra-addons admin_passwd = $pbQ csv_internal_sep = , data_dir = /etc/odoo db_host = db db_maxconn = 1064 db_name = False db_password = odoo db_port = 5432 db_sslmode = prefer db_template = template0 db_user = odoo dbfilter = demo = {} email_from = False geoip_database = /usr/share/GeoIP/GeoLite2-City.mmdb http_enable = True http_interface = http_port = 8069 import_partial = limit_memory_hard = 3221225472 limit_memory_soft = 2684354560 limit_request = 8192 limit_time_cpu = 600 limit_time_real = 1200 limit_time_real_cron = -1 list_db = True log_db = False log_db_level = warning log_handler = :INFO log_level = info logfile = /etc/odoo/odoo-server.log logrotate = False longpolling_port = 8072 max_cron_threads = 1 max_connections = 800 osv_memory_age_limit = False osv_memory_count_limit = False pg_path = None pidfile = False proxy_mode = True reportgz = False screencasts = screenshots = /tmp/odoo_tests server_wide_modules = base,web smtp_password = False smtp_port = 25 smtp_server = localhost smtp_ssl = False smtp_user = False syslog = False test_enable = False test_file = False test_tags = None transient_age_limit = 1.0 translate_modules = ['all'] unaccent = False upgrade_path = without_demo = False workers = 2 timezone = Asia/Ho_Chi_Minh 

Kết nối data bị Scheduled Actions kích hoạch dưới 5s, đôi khi do workers = 2. Nên phải set timezero. workers = 0.