odoo nginx反向代理后获取真实IP

odoo官方对nginx代理的设置方式如下:

Configuration sample

Redirect requests to https Proxy requests to odoo in /etc/odoo.conf set:

proxy_mode = True

in /etc/nginx/sites-enabled/odoo.conf set:

#odoo serverupstream odoo { server 127.0.0.1:8069;}upstream odoochat { server 127.0.0.1:8072;}# -> { listen 80; server_name odoo.mycompany.com; rewrite ^(.*) permanent;}server { listen 443; server_name odoo.mycompany.com; proxy_read_timeout 720s; proxy_connect_timeout 720s; proxy_send_timeout 720s; # Add Headers for odoo proxy mode proxy_set_header X-Forwarded-Host $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Real-IP $remote_addr; # SSL parameters ssl on; ssl_certificate /etc/ssl/nginx/server.crt; ssl_certificate_key /etc/ssl/nginx/server.key; ssl_session_timeout 30m; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA'; ssl_prefer_server_ciphers on; # log access_log /var/log/nginx/odoo.access.log; error_log /var/log/nginx/odoo.error.log; # Redirect longpoll requests to odoo longpolling port location /longpolling { proxy_pass } # Redirect requests to odoo backend server location / { proxy_redirect off; proxy_pass } # common gzip gzip_types text/css text/scss text/plain text/xml application/xml application/json application/javascript; gzip on;}

个人说明:

按照上述配置完成后可以测试一下:

from odoo.addons.web.controllers import mainfrom odoo.import requestfrom odoo.exceptions import Warningimport odooimport odoo.modules.registryfrom odoo.tools.translate import _from odoo import logginglogging.basicConfig(level=logging.INFO)class Home(main.Home): @type='auth="public") def web_login(self, redirect=None, **kw): #该方法可以在用户登录时抓取用户的IP地址 ip_address = request. logging.info('ip_address:{}'.format(ip_address))

nginx配置补充:

在nginx中配置的表头信息,都可以在request.X-Forwarded-Host $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Real-IP $remote_addr;

另外在服务端的打印日志,仍然不会显示真实的IP地址，可以参考下方链接修改：

​​http://blog.sina.com.cn/s/blog_53d318170102wxou.html​​

懂得,原来世界如此简单!

版权声明：本文内容由网络用户投稿，版权归原作者所有，本站不拥有其著作权，亦不承担相应法律责任。如果您发现本站中有涉嫌抄袭或描述失实的内容，请联系我们jiasou666@gmail.com 处理，核实后本网站将在24小时内删除侵权内容。