I apologize for asking what seems to be such a simple question that is asked again and again.
I built a small app using Rails 4.2.3. Everything works locally so I am trying to deploy to AWS with Elastic Beanstalk and the following setup: 64bit Amazon Linux 2016.03 v2.1.6 running Ruby 2.3 (Puma)
Before I deploy I run:
rake assets:precompile RAILS_ENV=production
I then commit those files to git and use eb deploy to push the files up the the EC2 instance.
Some things work:
When I ssh into that instance, I see all of the precompiled assets in /var/app/current/public/assets
CSS all looks correct
Coffeescripts are running properly
But, neither static images or ones that I upload via Paperclip show up as I would expect.
In production.rb I have this line:
config.serve_static_files = ENV['RAILS_SERVE_STATIC_FILES'].present?
I can confirm that key is not in my ENV variable by going into the console:
irb(main):001:0> ENV['RAILS_SERVE_STATIC_FILES']
=> nil
which leads me to believe that the serving of these files should be handled by nginx. I can confirm that nginx is running, but quite frankly I don't know how it is configured.
[ec2-user#ip-172-31-13-16 assets]$ ps waux | grep nginx
root 2800 0.0 0.4 109364 4192 ? Ss Oct08 0:00 nginx: master process /usr/sbin/nginx -c /etc/nginx/nginx.conf
nginx 2801 0.0 0.6 109820 6672 ? S Oct08 0:09 nginx: worker process
ec2-user 21321 0.0 0.2 110456 2092 pts/0 S+ 23:02 0:00 grep --color=auto nginx
I "think" I am supposed to edit my .ebextensions file to do a few things automatically when I deploy, but that's about where I got stuck. Any suggestions?
/etc/nginx/nginx.conf
# For more information on configuration, see:
# * Official English Documentation: http://nginx.org/en/docs/
# * Official Russian Documentation: http://nginx.org/ru/docs/
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
# Load modular configuration files from the /etc/nginx/conf.d directory.
# See http://nginx.org/en/docs/ngx_core_module.html#include
# for more information.
include /etc/nginx/conf.d/*.conf;
index index.html index.htm;
server {
listen 80 ;
listen [::]:80 ;
server_name localhost;
root /usr/share/nginx/html;
# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;
location / {
}
# redirect server error pages to the static page /40x.html
#
error_page 404 /404.html;
location = /40x.html {
}
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
# Settings for a TLS enabled server.
#
# server {
# listen 443 ssl;
# listen [::]:443 ssl;
# server_name localhost;
# root /usr/share/nginx/html;
#
# ssl_certificate "/etc/pki/nginx/server.crt";
# ssl_certificate_key "/etc/pki/nginx/private/server.key";
# # It is *strongly* recommended to generate unique DH parameters
# # Generate them with: openssl dhparam -out /etc/pki/nginx/dhparams.pem 2048
# #ssl_dhparam "/etc/pki/nginx/dhparams.pem";
# ssl_session_cache shared:SSL:1m;
# ssl_session_timeout 10m;
# ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
# ssl_ciphers HIGH:SEED:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!RSAPSK:!aDH:!aECDH:!EDH-DSS-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA:!SRP;
# ssl_prefer_server_ciphers on;
#
# # Load configuration files for the default server block.
# include /etc/nginx/default.d/*.conf;
#
# location / {
# }
#
# error_page 404 /404.html;
# location = /40x.html {
# }
#
# error_page 500 502 503 504 /50x.html;
# location = /50x.html {
# }
# }
}
/etc/nginx/conf.d/virtual.conf
#
# A virtual host using mix of IP-, name-, and port-based configuration
#
#server {
# listen 8000;
# listen somename:8080;
# server_name somename alias another.alias;
# location / {
# root html;
# index index.html index.htm;
# }
#}
/etc/nginx/conf.d/webapp_healthd.conf
upstream my_app {
server unix:///var/run/puma/my_app.sock;
}
log_format healthd '$msec"$uri"'
'$status"$request_time"$upstream_response_time"'
'$http_x_forwarded_for';
server {
listen 80;
server_name _ localhost; # need to listen to localhost for worker tier
if ($time_iso8601 ~ "^(\d{4})-(\d{2})-(\d{2})T(\d{2})") {
set $year $1;
set $month $2;
set $day $3;
set $hour $4;
}
access_log /var/log/nginx/access.log main;
access_log /var/log/nginx/healthd/application.log.$year-$month-$day-$hour healthd;
location / {
proxy_pass http://my_app; # match the name of upstream directive which is defined above
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location /assets {
alias /var/app/current/public/assets;
gzip_static on;
gzip on;
expires max;
add_header Cache-Control public;
}
location /public {
alias /var/app/current/public;
gzip_static on;
gzip on;
expires max;
add_header Cache-Control public;
}
}
Fix webapp_healthd.conf to make nginx to serve files in public folder and if cannot or they do not exist then proxy_pass to Your app:
upstream my_app {
server unix:///var/run/puma/my_app.sock;
}
server {
listen 80;
server_name _; # need to listen to localhost for worker tier
if ($time_iso8601 ~ "^(\d{4})-(\d{2})-(\d{2})T(\d{2})") {
set $year $1;
set $month $2;
set $day $3;
set $hour $4;
}
access_log /var/log/nginx/healthd/application.log.$year-$month-$day-$hour healthd;
index index.html index.htm;
location #app {
log_not_found off;
access_log off;
proxy_pass http://my_app; # proxy passing to upstream
proxy_http_version 1.1;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_cache_bypass $http_upgrade;
}
root /var/app/current/public;
location / {
try_files $uri $uri/ #app; # tries to serve static files if not will ask #app
}
}
Related
Fighting for months with this, another new career path blooming every week, it seems, I look down.
So, that said. Here's the closest I've come. I had it working several times, but it's so brittle as I'm more a developer than a devops (?) person.
I am running Ubuntu 20.04.
be puma -C config/puma.rb config.ru -e production \
--pidfile /run/puma.pid \
--control-url 'unix:///root/mysite/tmp/sockets/mysite-puma.sock' \
--control-token 'app' \
--state tmp/puma.state \
-b 'tcp://mysite.com'
I can run pumactl as so: bundle exec pumactl -T 'app' -C 'unix:///root/mysite/tmp/sockets/mysite-puma.sock' -S tmp/puma.state [pumactl switch]
My nginx config.
/etc/nginx/nginx.conf
user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
events {
worker_connections 1024;
multi_accept on;
}
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
# server_tokens off;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# SSL Settings
##
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
##
# Gzip Settings
##
gzip off;
gzip_vary off;
#gzip_proxied any;
#gzip_comp_level 6;
#gzip_buffers 16 8k;
#gzip_http_version 1.1;
#gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/mysite.com;
}
/etc/nginx/sites-enabled/mysite.com
# This configuration uses Puma. If using another rack server, substitute appropriate values throughout.
upstream puma {
server unix:///root/mysite/tmp/sockets/mysite.sock;
}
# We need to be listing for port 80 (HTTP traffic).
# The force_ssl option will redirect to port 443 (HTTPS)
server {
# Update this
server_name mysite.com www.mysite.com;
# Don't forget to update these, too.
# For help with setting this part up, see:
# http://localhost:4000/2018/09/18/deploying-ruby-on-rails-for-ubuntu-1804.html
root /root/mysite/public;
access_log /root/mysite/log/nginx.access.log;
error_log /root/mysite/log/nginx.error.log info;
location ^~ /assets/ {
gzip_static on;
expires max;
add_header Cache-Control public;
}
try_files $uri/index.html $uri #puma;
location #puma {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_pass http://puma;
}
}
# This is the configuration for port 443 (HTTPS)
server {
listen [::]:443 ssl ipv6only=on; # managed by Certbot
server_name mysite.com www.mysite.com;
ssl_certificate /etc/letsencrypt/live/mysite.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/mysite.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
# Don't forget to update these, too.
# I like to update my log files to include 'ssl' in the name.
# If there's ever any need to consult the logs, it's handy to have HTTP and HTTPS traffic separated.
root /root/mysite/public;
access_log /root/mysite/log/nginx.ssl.access.log; # Updated file name
error_log /root/mysite/log/nginx.ssl.error.log info; # Updated file name
error_page 500 502 503 504 /500.html;
client_max_body_size 10M;
location ^~ /assets/ {
gzip_static off;
expires max;
add_header Cache-Control public;
}
try_files $uri/index.html $uri #puma;
location #puma {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# This is an important line to help fix some redirect issues.
proxy_set_header X-Forwarded-Proto https;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_pass http://puma;
}
}
# If you chose Certbot to redirect all traffic to HTTPS, this will be in your current config.
# Remove it or you'll run into redirection errors:
server {
if ($host = example.com) {
return 301 https://www.example.com$request_uri;
} # managed by Certbot
listen [::]:80 default_server deferred;
server_name example.com;
return 404; # managed by Certbot
}
First thing first, in your /etc/nginx/sites-enabled/mysite.com
First step
change
upstream puma {
server unix:///root/mysite/tmp/sockets/mysite.sock;
}
to
upstream puma {
server 0.0.0.0:9838; # port number in which your puma server starts
}
After changing your /etc/nginx/sites-enabled/mysite.com It should look like the following.
upstream puma {
server 0.0.0.0:9838;
}
server {
server_name mysite.com www.mysite.com;
client_max_body_size 200m;
gzip on;
gzip_comp_level 4;
gzip_min_length 1000;
gzip_proxied expired no-cache no-store private auth;
gzip_types text/plain application/javascript application/json application/x-javascript text/xml text/css application/xml text/javascript;
root /root/mysite/public;
location / {
try_files $uri/index.html $uri #app;
}
location ~* ^/assets {
root /root/mysite/public;
expires 1y;
add_header Cache-Control public;
add_header Last-Modified "";
add_header ETag "";
break;
}
error_page 500 502 503 504 /500.html;
location #app {
proxy_pass http://puma;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header Host $http_host;
proxy_redirect off;
}
location ~ /.well-known {
allow all;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/mysite.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/mysite.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = mysite.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = www.mysite.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
server_name mysite.com www.mysite.com;
listen 80;
return 404; # managed by Certbot
}
Second step
Then run gem install foreman to install foreman library. To know more about foreman click here.
Third step
Create Procfile in your project root directory and paste the below content
web: RAILS_ENV=production bundle exec puma -e production -p 9838 -d -S ~/puma -C config/puma.rb
Final step
Run foreman start to start the puma server and there you go, you will be able to see your application running.
No matter what I do, I keep running into the problem where my website publishes the default nginx website. I'm trying to dockerize my webserver such that it can point to home assistant running in another container. I've been able to get it to work when both were hosted on the same raspi, not running in containers, but not when both are running in containers.
I've attached my nginx.conf, Dockerfile and default.conf that I was using to start the environment up. I've spent the last 2 days looking for someone who was trying to do something similar, but I assume I'm making such a stupid mistake that most have been able to figure it out on their own..
nginx.conf:
user nginx;
worker_processes 1;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
include /etc/nginx/conf.d/*.conf;
}
default.conf (/etc/nginx/conf.d/hass.conf)
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
server {
# Update this line to be your domain
server_name nekohouse.ca;
# These shouldn't need to be changed
listen [::]:80 default_server ipv6only=off;
return 301 https://$host$request_uri;
}
server {
# Update this line to be your domain
server_name nekohouse.ca;
# Ensure these lines point to your SSL certificate and key
ssl_certificate fullchain.pem;
ssl_certificate_key privkey.pem;
# Use these lines instead if you created a self-signed certificate
# ssl_certificate /etc/nginx/ssl/cert.pem;
# ssl_certificate_key /etc/nginx/ssl/key.pem;
# Ensure this line points to your dhparams file
ssl_dhparam /etc/nginx/dhparams.pem;
# These shouldn't need to be changed
listen [::]:443 default_server ipv6only=off; # if your nginx version is >= 1.9.5 you can also add the "http2" flag here
add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";
ssl on;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
proxy_buffering off;
location / {
proxy_pass http://localhost:8123;
proxy_set_header Host $host;
proxy_redirect http:// https://;
proxy_http_version 1.1;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
}
}
default.conf (/etc/nginx/conf.d/default.conf)
server {
listen 8100;
server_name localhost;
#charset koi8-r;
#access_log /var/log/nginx/host.access.log main;
location / {
root /usr/share/nginx/html;
index index.html index.htm;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
The problem is because of this line
proxy_pass http://localhost:8123;
When running in containers, you should understand that localhost refers to the nginx container and not the docker host.
So, you should either change localhost to the hostname of your docker host or use docker-compose so that you can change it to the name of the container defined.
If you are just running the containers separately, you could also just use the container IP for now but note that it will change everytime the container is restarted.
I am following the step in https://www.sitepoint.com/deploy-your-rails-app-to-aws/ to deploy my ruby on rails app to AWS(Amazon Linux).
I did everything sucessfully except for the setting of nginx.
In the artcile, it asks me to comment out the existing content and paste the following into /etc/nginx/sites-available/default.
upstream app {
# Path to Puma SOCK file, as defined previously
server unix:/home/deploy/contactbook/shared/tmp/sockets/puma.sock fail_timeout=0;
}
server {
listen 80;
server_name localhost;
root /home/deploy/contactbook/public;
try_files $uri/index.html $uri #app;
location / {
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_redirect off;
proxy_http_version 1.1;
proxy_set_header Connection '';
proxy_pass http://app;
}
location ~ ^/(assets|fonts|system)/|favicon.ico|robots.txt {
gzip_static on;
expires max;
add_header Cache-Control public;
}
error_page 500 502 503 504 /500.html;
client_max_body_size 4G;
keepalive_timeout 10;
}
But after I installed nginx on Amazon Linux, there is no folder /etc/nginx/sites-available
So I created this folder and file default.
But I got 404 error when I try to access my home page.
Then, I found I have /etc/nginx/nginx.conf, so I updated this file. But when I did sudo service nginx restart, I got error msg as:
nginx: [emerg] "upstream" directive is not allowed here in /etc/nginx/nginx.conf:1
nginx: configuration file /etc/nginx/nginx.conf test failed
Does anyone know how should I do this correctly?
FYI, the content of /etc/nginx/nginx.conf before I broke it:
# For more information on configuration, see:
# * Official English Documentation: http://nginx.org/en/docs/
# * Official Russian Documentation: http://nginx.org/ru/docs/
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
# Load modular configuration files from the /etc/nginx/conf.d directory.
# See http://nginx.org/en/docs/ngx_core_module.html#include
# for more information.
include /etc/nginx/conf.d/*.conf;
index index.html index.htm;
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name localhost;
root /usr/share/nginx/html;
# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;
location / {
}
# redirect server error pages to the static page /40x.html
#
error_page 404 /404.html;
location = /40x.html {
}
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
# Settings for a TLS enabled server.
#
# server {
listen 443 ssl;
# listen [::]:443 ssl;
# server_name localhost;
# root /usr/share/nginx/html;
#
# ssl_certificate "/etc/pki/nginx/server.crt";
# ssl_certificate_key "/etc/pki/nginx/private/server.key";
# # It is *strongly* recommended to generate unique DH parameters
# # Generate them with: openssl dhparam -out /etc/pki/nginx/dhparams.pem 2048
# #ssl_dhparam "/etc/pki/nginx/dhparams.pem";
# ssl_session_cache shared:SSL:1m;
# ssl_session_timeout 10m;
# ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
# ssl_ciphers HIGH:SEED:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!RSAPSK:!aDH:!aECDH:$
# ssl_prefer_server_ciphers on;
#
# # Load configuration files for the default server block.
# include /etc/nginx/default.d/*.conf;
#
# location / {
# }
error_page 404 /404.html;
# location = /40x.html {
# }
#
# error_page 500 502 503 504 /50x.html;
# location = /50x.html {
# }
# }
}
I know this is a very common issue, but I've been struggling days with a strange one this time:
I want to serve two Rails 4 apps on the same VPS (ubuntu 14.04). I followed this guide for one app with success. My app1 is working fine. But not app2.
The error is this one (/var/log/nginx/error.log):
directory index of "/srv/app1/public/app2/" is forbidden
General nginx.conf
# Run nginx as www-data.
user www-data;
# One worker process per CPU core is a good guideline.
worker_processes 1;
# The pidfile location.
pid /var/run/nginx.pid;
# For a single core server, 1024 is a good starting point. Use `ulimit -n` to
# determine if your server can handle more.
events {
worker_connections 1024;
}
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay off;
keepalive_timeout 65;
types_hash_max_size 2048;
server_tokens off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
##
# Gzip Settings
##
gzip on;
gzip_disable "msie6";
gzip_http_version 1.1;
gzip_proxied any;
gzip_min_length 500;
gzip_types text/plain text/xml text/css
text/comma-separated-values text/javascript
application/x-javascript application/atom+xml;
##
# Unicorn Rails
##
# The socket here must match the socket path that you set up in unicorn.rb.
upstream unicorn_app2 {
server unix:/srv/app2/tmp/unicorn.app2.sock fail_timeout=0;
}
upstream unicorn_app1 {
server unix:/srv/app1/tmp/unicorn.app1.sock fail_timeout=0;
}
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
sites-available/app1
server {
listen 80;
server_name _
public.ip.of.vps; # Replace this with your site's domain.
keepalive_timeout 300;
client_max_body_size 4G;
root /srv/app1/public; # Set this to the public folder location of your Rails application.
location /app1 {
try_files $uri #unicorn_app1;
}
location #unicorn_app1 {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded_Proto $scheme;
proxy_redirect off;
# This passes requests to unicorn, as defined in /etc/nginx/nginx.conf
proxy_pass http://unicorn_app1;
proxy_read_timeout 300s;
proxy_send_timeout 300s;
auth_basic "Restricted"; #For Basic Auth
auth_basic_user_file /etc/nginx/.htpasswd; #For Basic Auth
}
location ~ ^/assets/ {
#gzip_static on; # to serve pre-gzipped version
expires max;
add_header Cache-Control public;
}
# You can override error pages by redirecting the requests to a file in your
# application's public folder, if you so desire:
error_page 500 502 503 504 /500.html;
location = /500.html {
root /srv/app1/public;
}
}
sites-available/app2
server {
listen 80;
server_name __
public.ip.of.vps; # Replace this with your site's domain.
keepalive_timeout 300;
client_max_body_size 4G;
root /srv/app2/public; # Set this to the public folder location of your Rails application.
location /app2 {
try_files $uri #unicorn_app2;
}
location #unicorn_app2 {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded_Proto $scheme;
proxy_redirect off;
# This passes requests to unicorn, as defined in /etc/nginx/nginx.conf
proxy_pass http://unicorn_app2;
proxy_read_timeout 300s;
proxy_send_timeout 300s;
auth_basic "Restricted"; #For Basic Auth
auth_basic_user_file /etc/nginx/.htpasswd; #For Basic Auth
}
location ~ ^/assets/ {
#gzip_static on; # to serve pre-gzipped version
expires max;
add_header Cache-Control public;
}
# You can override error pages by redirecting the requests to a file in your
# application's public folder, if you so desire:
error_page 500 502 503 504 /500.html;
location = /500.html {
root /srv/app2/public;
}
}
Why is that nginx is looking for app2 in the public folder of app1?
The problem is that your 2 nginx server blocks are listening to the same domain name.
Move the location blocks /app2 and unicorn_app2 into site-available/app1
And delete site-available/app2
This answer shows an example.
So I just installed nginx and everything works well for a start and I get the default nginx welcome message on my vps running fedora 21. Then when I try adding virtual hosts for my rails application, for some reason nginx is unable to load my virtual host file. It throws a permission denied error which I can't trace why its thrown. Tried everything possible but nothing seems to change.
nginx.conf
# For more information on configuration, see:
# * Official English Documentation: http://nginx.org/en/docs/
# * Official Russian Documentation: http://nginx.org/ru/docs/
user nginx;
worker_processes 1;
error_log /var/log/nginx/error.log;
#error_log /var/log/nginx/error.log notice;
#error_log /var/log/nginx/error.log info;
pid /run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
index index.html index.htm;
# Load modular configuration files from the /etc/nginx/conf.d directory.
# See http://nginx.org/en/docs/ngx_core_module.html#include
# for more information.
include /etc/nginx/conf.d/*.conf;
# Load virtual host conf files. (line 44 below)
include /etc/nginx/sites-enabled/*;
server {
listen 80 default_server;
server_name localhost;
root /usr/share/nginx/html;
#charset koi8-r;
#access_log /var/log/nginx/host.access.log main;
# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;
location / {
}
# redirect server error pages to the static page /40x.html
#
error_page 404 /404.html;
location = /40x.html {
}
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
}
myblog(/etc/nginx/sites-available/myblog)
upstream thin{
server 127.0.0.1:3000;
server 127.0.0.1:3001;
}
server {
listen 80;
# server_name www.sitename.com;
# rewrite ^/(.*) http://sitename.com/$1 permanent;
}
server {
listen 80;
# server_name sitename.com;
access_log /home/deployer/nginx-access.log;
error_log /home/deployer/nginx-error.log;
root /home/deployer/apps/myblog/current/public/;
index index.html;
location ^~ /assets/ {
gzip_static on;
expires max;
add_header Cache-Control public;
}
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
if (-f $request_filename/index.html) {
rewrite (.*) $1/index.html break;
}
if (-f $request_filename.html) {
rewrite (.*) $1.html break;
}
if (!-f $request_filename) {
proxy_pass http://thin;
break;
}
}
}
The sites-enabled folder is symliked to the sites-available folder. On restarting nginx, I get this error
nginx: [emerg] open() "/etc/nginx/sites-enabled/myblog" failed (13: Permission denied) in /etc/nginx/nginx.conf:44
Permissions of the myblog virtual host file
-rw-r--r--. 1 root root 1112 Jun 1 10:58 /etc/nginx/sites-available/myblog
Is there something i'm missing? I'm not sure why nginx cannot load my file. Thanks!