Ubuntu - Apache: Passenger not launching Rails app at all - ruby-on-rails

I'm working on Ubuntu 16.04 with Apache. I try to start my rails application with Phusion Passeger. But the application is not started at all, I get HTML 403 "You don't have permission to access /kainji/ on this server" if I enter the URL: http://poyry.wo.local/kainji and the only log in other_vhosts_access.log:
poyry.wo.local:80 127.0.0.1 - - [13/Dec/2018:15:19:28 +0100] "GET /kainji/ HTTP/1.1" 403 513 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.84 Safari/537.36" 2265
I have the following file in sites-available directory linked into sites-enabled directory:
<VirtualHost *:80>
ServerName poyry.wo.local
DocumentRoot /var/www/html/dev/rails
<Directory /var/www/html/dev/rails>
Options -Indexes
Allow from all
</Directory>
PassengerBaseURI /kainji
<Directory /var/www/html/dev/rails/v2p0-kanji/public>
RailsEnv development
Options -MultiViews
</Directory>
</VirtualHost>
If I remove the link I get HTML 404: "The requested URL /kainji was not found on this server." what is correct.
In Apache error log I see, that Passenger was started:
[ 2018-12-12 14:17:41.8778 4321/7efdbb745780 age/Wat/WatchdogMain.cpp:1291 ]: Starting Passenger watchdog...
[ 2018-12-12 14:17:41.8885 4324/7f0b49b28780 age/Cor/CoreMain.cpp:982 ]: Starting Passenger core...
[ 2018-12-12 14:17:41.8886 4324/7f0b49b28780 age/Cor/CoreMain.cpp:235 ]: Passenger core running in multi-application mode.
[ 2018-12-12 14:17:41.8908 4324/7f0b49b28780 age/Cor/CoreMain.cpp:732 ]: Passenger core online, PID 4324
[ 2018-12-12 14:17:41.9045 4356/7fd543c3b780 age/Ust/UstRouterMain.cpp:529 ]: Starting Passenger UstRouter...
[ 2018-12-12 14:17:41.9051 4356/7fd543c3b780 age/Ust/UstRouterMain.cpp:342 ]: Passenger UstRouter online, PID 4356
[Wed Dec 12 14:17:42.201857 2018] [ssl:warn] [pid 4318] AH01909: centos1.tibi1959.hu:443:0 server certificate does NOT include an ID which matches the server name
[Wed Dec 12 14:17:42.209447 2018] [mpm_prefork:notice] [pid 4318] AH00163: Apache/2.4.18 (Ubuntu) Phusion_Passenger/5.0.29 OpenSSL/1.0.2g configured -- resuming normal operations
[Wed Dec 12 14:17:42.209484 2018] [core:notice] [pid 4318] AH00094: Command line: '/usr/sbin/apache2'
Also the validating of the passenger installation is OK:
$ /usr/bin/passenger-config validate-install
What would you like to validate?
Use <space> to select.
If the menu doesn't display correctly, press '!'
⬢ Passenger itself
‣ ⬢ Apache
-------------------------------------------------------------------------
Checking whether there are multiple Apache installations...
Only a single installation detected. This is good.
-------------------------------------------------------------------------
* Checking whether this Passenger install is in PATH... ✓
* Checking whether there are no other Passenger installations... ✓
* Checking whether Apache is installed... ✓
* Checking whether the Passenger module is correctly configured in Apache... ✓
Everything looks good. :-)
What is wrong?

From a first look, I would guess that the issue is caused by the static file service overriding the application.
The 403 error is due to the fact that directory listings are disabled and there's no index.html file to display.
You might want to change the way you set up the static file service, so the url requires the "public" folder name. This way, you could set the application server to route to the /kainji path.
Maybe something like:
```
ServerName poyry.wo.local
DocumentRoot /var/www/html/dev/rails/kainji/public
PassengerBaseURI /kainji
RailsEnv development
Options -MultiViews
```

Related

Nexus returns error 502 (Bad Gateway) when publishing artifacts

I've just completed the installation of Sonatype Nexus 3.2.1-01 and I'm trying to publish some artifacts using a Jenkins job and the Nexus Artifact Uploader 2.9 plugin.
The upload starts fine:
100 % completed (572 kB / 572 kB).
But then it throws the the error:
Return code is: 502, ReasonPhrase:Bad Gateway.
Both the Jenkins and Nexus servers run behind a reverse proxy which I believe are the source of the issue.
The Apache log seems to suggest that the request was not replied by Nexus:
[Thu Apr 06 18:50:46.128569 2017] [proxy:error] [pid 10327] (32)Broken pipe:
[client some_ip:57928] AH01084: pass request body failed to 0.0.0.0:8081 (0.0.0.0)
[Thu Apr 06 18:50:46.128649 2017] [proxy_http:error] [pid 10327] [client some_ip:57928] AH01097: pass request body failed to 0.0.0.0:8081 (0.0.0.0) from some_ip ()
This is my VirtualHost config in Apache for the Sonar server:
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin some#email.com
ServerName some.website.com
ServerAlias nsome.website.com
DocumentRoot /srv/www/nexus/public_html/
ErrorLog /srv/www/nexus/logs/error.log
CustomLog /srv/www/nexus/logs/access.log combined
ProxyPreserveHost On
ProxyPass / http://0.0.0.0:8081/
ProxyPassReverse / http://0.0.0.0:8081/
ProxyPassReverse / https://some.website.com/
SSLCertificateFile /etc/letsencrypt/live/some.website.com/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/some.website.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateChainFile /etc/letsencrypt/live/some.website.com/chain.pem
</VirtualHost>
</IfModule>
I've tried to add the following, as explained in other answers, but did not help:
1) Disabling the check on the SSL certificates (although these are valid):
SSLProxyEngine on
SSLProxyVerify none
SSLProxyCheckPeerCN off
SSLProxyCheckPeerName off
2) Forcing the requests headers:
RequestHeader set X-Forwarded-Proto "https"
RequestHeader set X-Forwarded-Port "443"
3) Settting the timeouts and keepalive options in the ProxyPass line:
ProxyPass / http://0.0.0.0:8081/ retry=1 acquire=3000 timeout=600 Keepalive=On
At the end the error 502 (bad gateway) had nothing to do with the root cause of the problem. The version listed on the artifact to be published for the snapshot version did not comply with the Nexus policy and this was triggering the error.
In my case it was an upgrade issue from Nexus2 to Nexus3: here the component URL changed from https://nexus.yourcompany.com/content/repositories/releases
to https://nexus.yourcompany.com/repository/releases.
I was having the same issue because my python script skip basic authentication. When forced, the problem was resolved.
It was weird because uploading a 'tar.gz' works fine but a 'zip' give me the 502 error.
Add this to your pom file
<distributionManagement>
<snapshotRepository>
<id>ossrh</id>
<url>https://oss.sonatype.org/content/repositories/snapshots</url>
</snapshotRepository>
<repository>
<id>ossrh</id>
<url>https://oss.sonatype.org/service/local/staging/deploy/maven2/</url>
</repository>
</distributionManagement>

Passenger 5.0.21 error: Cannot connect to the Passenger core

I have problem with deploying RoR-app with apache2+passenger.
OS is debian-like Astra Linux.
Kerberos auth with GSSAPI is enabled.
passenger-status shows:
Version : 5.0.21
Date : 2016-04-22 12:29:13 +0300
Instance: Dt5dmAVr (Apache/2.2.22 (Debian) mod_auth_kerb/5.4 Phusion_Passenger/5.0.21)
Phusion Passenger is currently not serving any applications.
With attempt to access app page from browser I get error message in /var/log/apache2/error.log :
[ 2016-04-22 12:23:58.4672 21392/7f741705c780 age/Cor/CoreMain.cpp:234 ]: Passenger core running in multi-application mode.
[ 2016-04-22 12:23:58.4685 21392/7f741705c780 age/Cor/CoreMain.cpp:707 ]: Passenger core online, PID 21392
[ 2016-04-22 12:23:58.4897 21407/7f4819471780 age/Ust/UstRouterMain.cpp:504 ]: Starting Passenger UstRouter...
[ 2016-04-22 12:23:58.4912 21407/7f4819471780 age/Ust/UstRouterMain.cpp:317 ]: Passenger UstRouter online, PID 21407
[Fri Apr 22 12:23:58 2016] [notice] Apache/2.2.22 (Debian) mod_auth_kerb/5.4 Phusion_Passenger/5.0.21 configured -- resuming normal operations
[ 2016-04-22 12:24:18.0666 21428/7f3a64646780 apa/Hooks.cpp:703 ]: Unexpected error in mod_passenger: Cannot connect to the Passenger core at unix:/tmp/passenger.N6n3OMb/agents.s/core
Backtrace:
in 'Passenger::FileDescriptor Hooks::connectToCore()' (Hooks.cpp:305)
in 'int Hooks::handleRequest(request_rec*)' (Hooks.cpp:573)
With passenger-5.0.27 everything looks same.
Passenger was installed as gem.
/etc/apache2/mods-enabled/passenger.load:
LoadModule passenger_module /usr/local/lib/ruby/gems/2.2.0/gems/passenger-5.0.21/buildout/apache2/mod_passenger.so
/etc/apache2/mods-enabled/passenger.conf:
<IfModule mod_passenger.c>
PassengerRoot /usr/local/lib/ruby/gems/2.2.0/gems/passenger-5.0.21
PassengerDefaultRuby /usr/local/bin/ruby
</IfModule>
/etc/apache2/sites-enabled/myapp:
<VirtualHost *:80>
ServerName myapp.ru
ServerAlias www.myapp.ru
ServerAdmin webmaster#localhost
DocumentRoot /var/www/myapp/public
RailsEnv production
<Directory /var/www/myapp/public/>
AuthType Kerberos
KrbAuthRealms EXAMPLE.RU
KrbServiceName HTTP/astra-server.example.ru
Krb5Keytab /etc/apache2/keytab
KrbMethodNegotiate on
KrbMethodK5Passwd off
require valid-user
Options Indexes FollowSymLinks MultiViews
AllowOverride None
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
LogLevel warn
</VirtualHost>
Any help?
PassengerInstanceRegistryDir option helped me.
UPDATE
Whole solution for Apache+Passenger sockets processing on Astra Linux SE:
Apache user - www-data (/etc/apache2/envvars)
Passenger user switching is on (by default)
Passenger instance dir is moved to /var/passenger (PassengerInstanceRegistryDir option in /etc/apache2/mods-available/passenger.conf)
Astra Linux specific - www-data user has Linux (CAP_SETGID, CAP_SETUID) and PARSEC (PARSEC_CAP_PRIV_SOCK, PARSEC_CAP_SETMAC) priviledges. This priviledges can be set via usercaps command.
Directories /var/www, /var/passenger are owned by www-data
It could be that your /tmp dir is being cleaned by something. Check if the /tmp dir from the log actually exists or not if you see the error. You can fix that by stopping the cleaning or changing the PassengerInstanceRegistryDir to another place than /tmp.
Another possibility is that your shell is exiting somehow (Passenger uses the shell to execute commands, which will fail if the shell exits prematurely).
Either way setting the PassengerLogLevel to 7 should provide more information.

Run Rails with Passenger on Apache with Plesk

I have everything installed as per this tutorial:
https://www.digitalocean.com/community/tutorials/how-to-setup-a-rails-4-app-with-apache-and-passenger-on-centos-6
But when I go to the website, I get an error, and in the error log it shows this:
[ 2015-02-26 16:17:47.3041 28207/7f7326058780 agents/Watchdog/Main.cpp:728 ]: All Phusion Passenger agents started!
[Thu Feb 26 16:17:47.305819 2015] [mpm_prefork:notice] [pid 28184] AH00163: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 Phusion_Passenger/4.0.59 mod_perl/2.0.9-dev Perl/v5.16.3 configured -- resuming normal operations
[Thu Feb 26 16:17:47.305844 2015] [core:notice] [pid 28184] AH00094: Command line: '/usr/sbin/httpd -D FOREGROUND'
[ 2015-02-26 16:22:04.7157 28225/7f2c65840840 apache2/Hooks.cpp:151 ]: A filesystem exception occured.
Message: Cannot stat '/var/www/vhosts/blah.blah/httpdocs/config.ru
Backtrace:
in 'void Passenger::DirectoryMapper::autoDetect()' (DirectoryMapper.h:144)
in 'bool Hooks::prepareRequest(request_rec*, Passenger::DirConfig*, const char*, bool)' (Hooks.cpp:374)
Can anyone help?
The config.ru file was auto generated by rails, and it has these lines:
# This file is used by Rack-based servers to start the application.
require ::File.expand_path('../config/environment', __FILE__)
run BlahBlah::Application
Your problem can be related to the following things:
config.ru file is not exists by the specified path
Try to execute command for check this:
ls -la /var/www/vhosts/blah.blah/httpdocs/config.ru
Passenger doesn't have permissions to read this file
Try to execute command for check this:
namei -lm /var/www/vhosts/blah.blah/httpdocs/config.ru
P.S.
I noticed you are using shared hosting. Don't use them if you want to avoid a lot of different problems. Use VPS servers instead. Like Digital Ocean or Linode for Rails applications.

Passenger does not start Rails application

I am not sure if this is the correct part of the log
[ 2013-06-27 08:00:08.2593 16832/7fcf8d7a4740 agents/HelperAgent/Main.cpp:555 ]: PassengerHelperAgent online, listening at unix:/tmp/passenger.1.0.7663/generation-0/request
[Thu Jun 27 08:00:08 2013] [notice] Apache/2.2.22 (Ubuntu) Phusion_Passenger/4.0.5 configured -- resuming normal operations
[ 2013-06-27 08:00:08.2793 16829/7fc55d714740 agents/Watchdog/Main.cpp:564 ]: All Phusion Passenger agents started!
[ 2013-06-27 08:00:08.2794 16837/7fbb5e4c7740 agents/LoggingAgent/Main.cpp:271 ]: PassengerLoggingAgent online, listening at unix:/tmp/passenger.1.0.7663/generation-0/logging
[ 2013-06-27 08:00:14.7386 16832/7fcf8d6ee700 Pool2/Spawner.h:739 ]: [App 16906 stdout]
[ 2013-06-27 08:01:44.5986 16832/7fcf8d6ee700 Pool2/Implementation.cpp:774 ]: Could not spawn process for group /home/ubuntu/my_app/current#default: An error occurred while starting up the preloader: it did not write a startup response in time.
in 'void Passenger::ApplicationPool2::SmartSpawner::throwPreloaderSpawnException(const string&, Passenger::SpawnException::ErrorKind, Passenger::ApplicationPool2::Spawner::BackgroundIOCapturerPtr&, const DebugDirPtr&)' (SmartSpawner.h:150)
in 'std::string Passenger::ApplicationPool2::SmartSpawner::negotiatePreloaderStartup(Passenger::ApplicationPool2::SmartSpawner::StartupDetails&)' (SmartSpawner.h:558)
in 'void Passenger::ApplicationPool2::SmartSpawner::startPreloader()' (SmartSpawner.h:206)
in 'virtual Passenger::ApplicationPool2::ProcessPtr Passenger::ApplicationPool2::SmartSpawner::spawn(const Passenger::ApplicationPool2::Options&)' (SmartSpawner.h:744)
in 'void Passenger::ApplicationPool2::Group::spawnThreadRealMain(const SpawnerPtr&, const Passenger::ApplicationPool2::Options&, unsigned int)' (Implementation.cpp:707)
I read redirecting STDOUT could cause the problem, I searched STDOUT in all my config directory, but I am not using it.
In apache config file I have:
LoadModule passenger_module /home/ubuntu/.rbenv/versions/1.9.3-p429/lib/ruby/gems/1.9.1/gems/passenger-4.0.5/libout/apache2/mod_passenger.so
PassengerRoot /home/ubuntu/.rbenv/versions/1.9.3-p429/lib/ruby/gems/1.9.1/gems/passenger-4.0.5
PassengerDefaultRuby /home/ubuntu/.rbenv/versions/1.9.3-p429/bin/ruby
<VirtualHost *:80>
ServerName ip_with_numbers
# !!! Be sure to point DocumentRoot to 'public'!
DocumentRoot /home/ubuntu/my_app/current/public
<Directory /home/ubuntu/my_app/current/public>
# This relaxes Apache security settings.
AllowOverride all
# MultiViews must be turned off.
Options -MultiViews
</Directory>
</VirtualHost>
And I have also these outputs:
With sudo:
sudo passenger-memory-stats
command not found
W/o sudo:
passenger-memory-stats
...
17671 216.1 MB ? PassengerWatchdog
17674 562.6 MB ? PassengerHelperAgent
17679 165.7 MB ? PassengerLoggingAgent
And here is an image of page I am getting:
What am I missing?

Apache shutting down unexpectedly

I have a mongrel server running behind Apache. It works fine; however, every now and then the Apache server shuts downs seemingly by itself. I'm not sure if there is configuration issue or if it's an attack. Here is Apache error log:
[Thu Apr 30 02:15:07 2009] [notice] SIGHUP received. Attempting to restart
[Thu Apr 30 02:15:07 2009] [warn] NameVirtualHost *:0 has no VirtualHosts
[Thu Apr 30 02:15:07 2009] [notice] Apache/2.2.3 (Debian) PHP/5.2.0-8+etch13 configured -- resuming normal operations
[Thu Apr 30 02:17:13 2009] [error] [client 61.139.105.163] File does not exist: /var/www/fastenv
[Thu Apr 30 02:24:06 2009] [error] [client 61.139.105.163] File does not exist: /var/www/fastenv
[Thu Apr 30 10:49:18 2009] [warn] pid file /var/run/apache2.pid overwritten -- Unclean shutdown of previous Apache run?
[Thu Apr 30 10:49:18 2009] [notice] Apache/2.2.3 (Debian) PHP/5.2.0-8+etch13 configured -- resuming normal operations
[Thu Apr 30 12:53:08 2009] [notice] SIGHUP received. Attempting to restart
[Thu Apr 30 12:53:08 2009] [warn] NameVirtualHost *:0 has no VirtualHosts
[Thu Apr 30 12:53:08 2009] [notice] Apache/2.2.3 (Debian) PHP/5.2.0-8+etch13 configured -- resuming normal operations
[Thu Apr 30 12:59:15 2009] [notice] SIGHUP received. Attempting to restart
[Thu Apr 30 12:59:15 2009] [warn] NameVirtualHost *:0 has no VirtualHosts
[Thu Apr 30 12:59:15 2009] [notice] Apache/2.2.3 (Debian) PHP/5.2.0-8+etch13 configured -- resuming normal operations
[Thu Apr 30 13:58:49 2009] [notice] SIGHUP received. Attempting to restart
[Thu Apr 30 13:58:49 2009] [warn] NameVirtualHost *:0 has no VirtualHosts
[Thu Apr 30 13:58:49 2009] [notice] Apache/2.2.3 (Debian) PHP/5.2.0-8+etch13 configured -- resuming normal operations
[Fri May 01 10:59:07 2009] [warn] pid file /var/run/apache2.pid overwritten -- Unclean shutdown of previous Apache run?
[Fri May 01 10:59:07 2009] [notice] Apache/2.2.3 (Debian) PHP/5.2.0-8+etch13 configured -- resuming normal operations
[Fri May 01 17:51:15 2009] [warn] pid file /var/run/apache2.pid overwritten -- Unclean shutdown of previous Apache run?
[Fri May 01 17:51:15 2009] [notice] Apache/2.2.3 (Debian) PHP/5.2.0-8+etch13 configured -- resuming normal operations
Not quite sure what is /var/www/fastenv but I don't think there is anything in my application that calls that. Also, website is still in Beta mode with few users and I don't think any have 61.139.105.163 IP address but it's possible that they might have it.
Any ideas? It would be good if you can give me hints where to look or how to go about anaysing this problem
I have the exact same log from the same IP. Looking it up shows it to belong to the Chinese government. It appears to be a scan using server side includes to find out as much as they can about your server. I banned the IP.
Not sure this is entirely programming-related, but anyway... none of those look like serious errors to me. The accesses to /var/www/fastenv just mean that the computer at IP address 61.139.105.163 sent a request for http://www.example.com/fastenv or something like that (it depends on exactly how you've configured your virtual hosts); I'd look at the access log for more information, to see what other requests have been coming from that IP address. It's probably not anything to worry about.
The line about NameVirtualHost *:0 means that somewhere in your configuration file you have an incorrect NameVirtualHost directive, maybe with no arguments. You should probably look for that and remove it, but if the server is running fine anyway, it's not a big deal.
The reason your server is terminating (restarting, actually) appears to be a SIGHUP - that is, something on the system is sending Apache a signal telling it to restart. It's basically the same thing that happens if you run apache2 restart, I think. Without knowing what's sending that signal, there's not more I can say.
61.139.105.163 is known for doing all kinds of hacking type things, just google the IP address. You should definitly ban this IP address.
Click on Apache Config --> Apache(httpd.conf)
Search for #Listen 12.34.56.78:80 and replace it with #Listen 12.34.56.78:8081.
Search for Listen 80 and replace it with Listen 8081.
Now you can start Apache now, and can run it with this URL: localhost:8081/xampp/

Resources