I tried the solution of a similar question and many other on stackoverflow but none of them seem to solve this issue. The default niginx "Welcome" page was running even when I configured /etc/nginx/passenger.conf and /etc/nginx/passenger.conf. It was after I configured the /etc/nginx/sites-enabled/default, by changing the default path to my rails app, I started getting 403 forbidden error.
This is the error log.
2017/02/20 06:05:17 [error] 27311#27311: *2 directory index of "/home/deploy/Blog/current/public/" is forbidden, client: 111.93.247.206, server: mydomain.com, request: "GET / HTTP/1.1", host: "35.154.168.57"
My nginx files are as follows.
/etc/nginx/nginx.conf
user deploy;
worker_processes auto;
pid /run/nginx.pid;
events {
worker_connections 768;
# multi_accept on;
}
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
# server_tokens off;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# SSL Settings
##
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
##
# Gzip Settings
##
gzip on;
gzip_disable "msie6";
# gzip_vary on;
# gzip_proxied any;
# gzip_comp_level 6;
# gzip_buffers 16 8k;
# gzip_http_version 1.1;
# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
##
# Phusion Passenger config
##
# Uncomment it if you installed passenger or passenger-enterprise
##
# include /etc/nginx/passenger.conf;
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
#mail {
# # See sample authentication script at:
# # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
#
# # auth_http localhost/auth.php;
# # pop3_capabilities "TOP" "USER";
# # imap_capabilities "IMAP4rev1" "UIDPLUS";
#
# server {
# listen localhost:110;
# protocol pop3;
# proxy on;
/etc/nginx/passenger.conf
passenger_ruby /home/deploy/.rvm/wrappers/ruby-2.3.1/ruby;
passenger_root /usr/lib/ruby/vendor_ruby/phusion_passenger/locations.ini;
#passenger_ruby /usr/bin/passenger_free_ruby;
/etc/nginx/sites-enabled/default
server {
listen 80 default_server;
listen [::]:80 default_server ipv6only=on;
server_name mydomain.com;
passenger_enabled on;
rails_env production;
root /home/deploy/Blog/current/public;
# redirect server error pages to the static page /50x.html
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
The permissions are:
lrwxrwxrwx 1 root root 34 Feb 20 06:00 /etc/nginx/sites-enabled/default
-rw-r--r-- 1 root root 179 Feb 20 06:35 /etc/nginx/passenger.conf
-rw-r--r-- 1 root root 1608 Feb 20 06:34 /etc/nginx/nginx.conf
Please can somebody tell what am I doing wrong or what have I not done?
Thank You
Follow these steps:
Backup /home/deploy/Blog/current/public
chown -R <nginxuser>:<nginxuser> /home/deploy/Blog/current/public
nginxuser: the user that runs nginx, its probably one of the following: nginx, www-data, root.
Not sure what exactly you missing. Please align yourself with my setup on https://www.wiki11.com.
Your issue is coming because nginx is trying to search for index.html file into /home/deploy/apps/mll/current/public which is not present there.
In order to fix, you will need to add passenger with your nginx.
Instructions to follow.
sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 561F9B9CAC40B2F7
sudo apt-get install -y apt-transport-https ca-certificates
Add Passenger APT repository
sudo sh -c 'echo deb https://oss-binaries.phusionpassenger.com/apt/passenger xenial main > /etc/apt/sources.list.d/passenger.list'
sudo apt-get update
Install passenger and nginx
sudo apt-get install -y nginx-extras passenger
Now start nginx webserver.
sudo service nginx start
Next, we need to update the Nginx configuration to point Passenger to the version of Ruby that we're using.
sudo vim /etc/nginx/nginx.conf
And add or uncomment
include /etc/nginx/passenger.conf;
Save and close nginx.conf. Then open /etc/nginx/passenger.conf
sudo vim /etc/nginx/passenger.conf
If you are using .rbenv, then
passenger_ruby /home/deploy/.rbenv/shims/ruby;
Or if you are using rvm, then
passenger_ruby /home/deploy/.rvm/wrappers/ruby-2.5.0/ruby;
Or if you are using system ruby, then
passenger_ruby /usr/bin/ruby;
Next, restart nginx server
sudo service nginx restart
Add passenger_enabled on; into your site-enabled/centers or site-enabled/nodeapp file.
server {
listen 80;
listen [::]:80;
root /home/deploy/apps/mll/current/public;
index index.html index.htm;
server_name myrailssite.com;
passenger_enabled on;
location / {
try_files $uri $uri/ =404;
}
}
Restart nginx server again, sudo service nginx restart. Hopefully it should work.
For more details, follow,
https://www.phusionpassenger.com/library/install/nginx/install/oss/xenial/
Related
I upgrade my ruby version to 2.6.5. I deployed it to my server using capistrano.
But my nginx logs say this:
App 9470 output: /bin/sh: 1: exec: /home/deploy/.rvm/gems/ruby-2.3.1/wrappers/ruby: not found
[ E 2022-01-27 12:34:23.7336 9450/Tc age/Cor/App/Implementation.cpp:221 ]: Could not spawn process for application /home/deploy/taddar/current: The application process exited prematurely.
Error ID: d1f83ca0
Error details saved to: /tmp/passenger-error-0KwZUf.html
[ E 2022-01-27 12:34:23.7393 9450/T9 age/Cor/Con/CheckoutSession.cpp:276 ]: [Client 1-1] Cannot checkout session because a spawning error occurred. The identifier of the error is d1f83ca0. Please see earlier logs for details about the error.
When I run ruby -v I get 2.6.5, yet above you can see its looking for 2.3.1:
ruby -v
ruby 2.6.5p114 (2019-10-01 revision 67812) [x86_64-linux]
Any ideas on how to fix this?
In my deploy.rb I set the ruby version.
set :rvm_ruby_version, '2.6.5'
My nginx.config looks like:
user www-data;
worker_processes auto;
pid /run/nginx.pid;
events {
worker_connections 768;
# multi_accept on;
}
http {
passenger_ruby /usr/bin/ruby2.6.5;
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
underscores_in_headers on;
# server_tokens off;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# SSL Settings
##
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
##
# Gzip Settings
##
gzip on;
gzip_disable "msie6";
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_buffers 16 8k;
gzip_http_version 1.1;
gzip_min_length 256;
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/vnd.ms-fontobject application/x-font-ttf font/opentype image/svg+xml image/x-icon;
##
# Phusion Passenger config
##
# Uncomment it if you installed passenger or passenger-enterprise
##
include /etc/nginx/passenger.conf;
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
Bingo got it working. Thanks to #razvans and #engineersmnky for pointing me in the right direction.
Yes I had references to passenger_ruby but it was in the wrong place. I had to go to /etc/nginx/sites-available and add passenger_ruby /path/to/ruby
To find out what the /path/to/ruby is use passenger-config about ruby-command and use the value at Command.
passenger-config about ruby-command
passenger-config was invoked through the following Ruby interpreter:
Command: /home/deploy/.rvm/gems/ruby-2.6.5/wrappers/ruby
So mine was
server {
....
passenger_ruby /home/deploy/.rvm/gems/ruby-2.6.5/wrappers/ruby
You might want to know any other references you have to ruby so they don't conflict with each other. A useful command is: grep -rnw 'path' -e 'passenger_ruby'
This doc helped me a lot https://www.phusionpassenger.com/library/deploy/nginx/deploy/ruby/#determine_ruby_command
When i open my rails app on server i get an nginx error, in the log it says:
/home/deploy/kingdoms/current/public/index.html" is not found (2: No
such file or directory)
I think it has something to do with
passenger.conf
passenger_root /usr/lib/ruby/vendor_ruby/phusion_passenger/locations.ini;
passenger_ruby /home/deploy/.rbenv/shims/ruby;
nxing conf
user www-data;
worker_processes auto;
pid /run/nginx.pid;
events {
worker_connections 768;
# multi_accept on;
}
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
# server_tokens off;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# SSL Settings
##
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
##
# Gzip Settings
##
gzip on;
gzip_disable "msie6";
# gzip_vary on;
# gzip_proxied any;
# gzip_comp_level 6;
# gzip_buffers 16 8k;
# gzip_http_version 1.1;
# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
##
# Phusion Passenger config
##
# Uncomment it if you installed passenger or passenger-enterprise
##
include /etc/nginx/passenger.conf;
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
I figured it out, the guide on gorails had the wrong public path in the sites enabled config
Go to /etc/nginx/sites-enabled/yourApp
look for the line that starts with root and set the directory to the location of your app. e.g
root /var/www/yourApp/current/public
then restart nginx sudo service nginx restart
That will solve it
I am trying to get a passenger + nginx instance running. Passenger has been successfully installed however, when going to to http://lakemagazine.northcentralus.cloudapp.azure.com/ we are receiving a time out error. So, I looked at nginx:
garrett#lakemag:~$ sudo nginx -t
nginx: [emerg] "server" directive is not allowed here in /etc/nginx/nginx.conf:65
nginx: configuration file /etc/nginx/nginx.conf test failed
Thus, nginx is not running, which I assume is my problem.
Here is my nginx.conf file:
user www-data;
worker_processes auto;
pid /run/nginx.pid;
events {
worker_connections 768;
# multi_accept on;
}
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
# server_tokens off;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# SSL Settings
##
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
##
# Gzip Settings
##
gzip on;
gzip_disable "msie6";
# gzip_vary on;
# gzip_proxied any;
# gzip_comp_level 6;
# gzip_buffers 16 8k;
# gzip_http_version 1.1;
# gzip_types text/plain text/css application/json application/javascript text/xml applic$
##
# Virtual Host Configs
##
#include /etc/nginx/conf.d/*.conf;
#include /etc/nginx/sites-enabled/*;
server {
listen 80;
server name http://lakemagazine.northcentralus.cloudapp.azure.com/;
root /lakemag/public;
passenger_enabled on;
passenger_ruby /home/garrett/.rvm/gems/ruby-2.3.0/wrappers/ruby;
}
}
Line 65 is where my server {} block starts. I am at a loss to my problem - all of the blocks seem to be defined appropriately to me. am I missing something?
*EDIT:
garrett#lakemag:~$ sudo nginx -t
[sudo] password for garrett:
nginx: [warn] server name "http://lakemagazine.northcentralus.cloudapp.azure.com/" has suspicious symbols in /etc/nginx/nginx.conf:65
nginx: [emerg] unknown directive "passenger_enabled" in /etc/nginx/nginx.conf:69
nginx: configuration file /etc/nginx/nginx.conf test failed
After Jorge's solution I am now receiving the above errors.
Where says:
server name http://lakemagazine.northcentralus.cloudapp.azure.com/
should say:
server_name http://lakemagazine.northcentralus.cloudapp.azure.com/
server is a directive to define a server block and to identify what server is you should write a server_name directive into it
http://nginx.org/en/docs/http/server_names.html
To check config file syntax use:
nginx -t
I have mentioned this in my /etc/nginx/nginx.conf file
user www-data;
worker_processes 4;
pid /run/nginx.pid;
events {
worker_connections 768;
# multi_accept on;
}
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
# server_tokens off;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# SSL Settings
##
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
##
# Gzip Settings
##
gzip on;
gzip_disable "msie6";
# gzip_vary on;
# gzip_proxied any;
# gzip_comp_level 6;
# gzip_buffers 16 8k;
# gzip_http_version 1.1;
# gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
##
# nginx-naxsi config
##
# Uncomment it if you installed nginx-naxsi
##
#include /etc/nginx/naxsi_core.rules;
##
# Phusion Passenger config
##
# Uncomment it if you installed passenger or passenger-enterprise
##
passenger_root /home/dinshaw/.rvm/gems/ruby-2.1.5/gems/passenger-4.0.56;
passenger_ruby /home/dinshaw/.rvm/gems/ruby-2.1.5/wrappers/ruby;
client_max_body_size 2M;
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
server {
rails_env development;
listen 80;
server_name localhost;
root /home/dinshaw/projects/freeway/freeway-sdk-portal/public;
access_log /home/dinshaw/projects/freeway/freeway-sdk-portal/log/nginx_access.log;
error_log /home/dinshaw/projects/freeway/freeway-sdk-portal/log/nginx_error.log;
passenger_enabled on;
}
}
# mail {
# # See sample authentication script at:
# # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
#
# # auth_http localhost/auth.php;
# # pop3_capabilities "TOP" "USER";
# # imap_capabilities "IMAP4rev1" "UIDPLUS";
#
# server {
# listen localhost:110;
# protocol pop3;
# proxy on;
# }
#
# server {
# listen localhost:143;
# protocol imap;
# proxy on;
# }
# }
And there is no effect after this I had this outside the server i.e like this also :
passenger_root /home/dinshaw/.rvm/gems/ruby-2.1.5/gems/passenger-4.0.56;
passenger_ruby /home/dinshaw/.rvm/gems/ruby-2.1.5/wrappers/ruby;
server {
rails_env development;
client_max_body_size 2M;
listen 80;
server_name localhost;
root /home/dinshaw/projects/myCode/public;
access_log /home/dinshaw/projects/myCode/log/nginx_access.log;
error_log /home/dinshaw/projects/myCode/log/nginx_error.log;
passenger_enabled on;
}
But this is also not working If am uploading more than this also it is not giving error. My
nginx version: nginx/1.6.3
Please guide me its about more than 2 days am working on it and not getting what to do.
What you have done by putting the client_max_body_size inside both your http {} and server {} brackets is micro-define your client_max_body_size.
NGINX works by basically nesting control settings, the outer most shell being http {} -> server {} -> location {}. So, what this means is that if you set something in http {}, it is applied to server {} and location {}. But if you set something in server {}, it will only apply to that server {} and not to http {}.
note: always, whenever you make some changes to your nginx.conf file, you must restart your nginx server (as #ihsan suggested above):
sudo service nginx restart
What you've done here is a good try, but you've defined the same thing twice so it shouldn't make much of a difference if it didn't work the first time.
I have run into this issue many times, and aside from changing your nginx.conf file to allow your max size to be 2M, you also need to change your php.ini file to allow you a certain size to upload (2M I guess?).
Inside your php.ini file you will find something that looks like:
upload_max_filesize = 10M
post_max_size = 10M
You must also change these limits to match your expected upload file size. How big you go is your choice, but remember, the bigger you set this limit, the more opportunity you are giving spammers or server bullies to upload big files to your server, thus taking up precious space and bandwidth.
Finally, if you monitor your NGINX error.log, you should be able to see the exact process that's restricting your upload. You enable your error.log within your http {} or server {} brackets, as:
error_log /var/log/nginx/error.log warn;
Reminder though, that setting your log level to warn will make very big files (especially if you have lots of virtual servers running), so it's suggested to only keep it like this when you're troubleshooting perhaps, and then turning it back to higher errors only.
For more information on how to monitor NGINX errors, read here: https://www.nginx.com/resources/admin-guide/logging-and-monitoring/
Hope this helps!
I am trying to route my subdomain to a digital ocean server running a rails app via nginx and unicorn. On some computers, the app loads fine. On others (and most) the site routes to the IP and returns nginx 403 error. It looks like this in the logs of /var/log/nginx/error.log:
[error] 1618#0: *68 directory index of "path/to/app" is forbidden, client: 24.114.44.135, server: _,
Here is my /etc/nginx/nginx.conf file:
user **user**;
worker_processes 4;
pid /run/nginx.pid;
events {
worker_connections 768;
# multi_accept on;
}
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
# server_tokens off;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
##
# Gzip Settings
##
gzip on;
gzip_disable "msie6";
# gzip_vary on;
# gzip_proxied any;
# gzip_comp_level 6;
# gzip_buffers 16 8k;
# gzip_http_version 1.1;
# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascrip$
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
Deployer is the same user I'm (successfully) deploying with capistrano
Here is the result of running ls -la at /var/www:
total 16
drwxrwx--- 4 deployer deployer 4096 Apr 23 14:40 .
drwxr-xr-x 13 775 www-data 4096 Apr 22 17:30 ..
drwxrwx--- 2 deployer deployer 4096 Apr 23 14:40 html
drwxrwxr-x 4 deployer deployer 4096 May 7 20:11 my_app_name
subfolders/files all seem to be owned by deployer and is the result of running:
chown -R deployer:deployer
I also have tried :
sudo chmod -R 755 /var/www
as suggested by some blogs/other questions..admittedly I'm sort of lost in commands and permissions now. My linux/production experience is pretty weak.
I have a bunch of answers to the similar question including changing config to nginx user www-data and various combinations. The tailing error logs are various forms of *number directory forbidden. This error only started happening after I tried to move it from IP to subdomain.
Edit for /etc/nginx/sites-enabled/appstuff:
upstream unicorn_my_app_name_production {
server unix:/tmp/unicorn.my_app_name_production.sock fail_timeout=0;
}
server {
listen 80;
client_max_body_size 4G;
keepalive_timeout 10;
error_page 500 502 504 /500.html;
error_page 503 #503;
server_name sub.domain.com;
root path/to/public/folder;
autoindex on;
try_files $uri/index.html $uri #unicorn_my_app_name_production;
index index.html index.htm;
location #unicorn_my_app_name_production {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_pass http://unicorn_my_app_name_production;
# limit_req zone=one;
access_log /var/log/nginx/my_app_name_production.access.log;
error_log /var/log/nginx/my_app_name_production.error.log;
}
location ^~ /assets/ {
gzip_static on;
expires max;
add_header Cache-Control public;
}
location = /50x.html {
root html;
}
location = /404.html {
root html;
location #503 {
error_page 405 = /system/maintenance.html;
if (-f $document_root/system/maintenance.html) {
rewrite ^(.*)$ /system/maintenance.html break;
}
rewrite ^(.*)$ /503.html break;
}
if ($request_method !~ ^(GET|HEAD|PUT|PATCH|POST|DELETE|OPTIONS)$ ){
return 405;
}
if (-f $document_root/system/maintenance.html) {
return 503;
}
}
You have posted the wrong part of your nginx config file. There are files in
/etc/nginx/sites-enabled/
that point to your individual configurations. In these files you should see server blocks. Here's a simple example:
server {
server_name sub.domain.com;
location /images {
root /var/www
default_type image/jpeg;
}
}
Of importance is to note that a specific server block's rules apply only when the server_name value matches the current request. What you need to do is find the configuration for your current site, and ensure that you have a server_name key-value correctly set-up. Then your site should work as before when you were accessing it directly via IP.