I've deployed rails app with Capistrano to VPS, and when I try to access it with "APP_NAME.com", I see standard Nginx's "It works!" page.
I've tried to remove index.html file from /var/www folder, now I see folders in it: apps, log and tmp.
In nginx.conf I have:
user nginx web;
pid /var/run/nginx.pid;
error_log /var/www/log/nginx.error.log;
events {
worker_connections 1024;
accept_mutex off;
use epoll;
}
http {
include mime.types;
types_hash_max_size 2048;
server_names_hash_bucket_size 64;
default_type application/octet-stream;
access_log /var/www/log/nginx.access.log combined;
sendfile on;
tcp_nopush on; # off may be better for *some* Comet/long-poll stuff
tcp_nodelay off; # on may be better for some Comet/long-poll stuff
gzip on;
gzip_http_version 1.0;
gzip_proxied any;
gzip_min_length 0;
gzip_vary on;
gzip_disable "MSIE [1-6]\.";
gzip_proxied expired no-cache no-store private auth;
gzip_comp_level 9;
gzip_types text/plain text/xml text/css
text/comma-separated-values
text/javascript application/x-javascript
application/atom+xml;
upstream app_server {
server unix:/var/www/apps/APP_NAME/socket/.unicorn.sock fail_timeout=0;
}
server {
pagespeed on;
pagespeed FileCachePath /var/ngx_pagespeed_cache;
location ~ "\.pagespeed\.([a-z]\.)?[a-z]{2}\.[^.]{10}\.[^.]+" {
add_header "" "";
}
location ~ "^/ngx_pagespeed_static/" { }
location ~ "^/ngx_pagespeed_beacon$" { }
location /ngx_pagespeed_statistics {
allow 127.0.0.1; allow 5.228.169.73; deny all;
}
location /ngx_pagespeed_global_statistics {
allow 127.0.0.1; allow 5.228.169.73; deny all;
}
pagespeed MessageBufferSize 100000;
location /ngx_pagespeed_message {
allow 127.0.0.1; allow 5.228.169.73; deny all;
}
location /pagespeed_console {
allow 127.0.0.1; allow 5.228.169.73; deny all;
}
charset utf-8;
listen 80 default deferred; # for Linux
client_max_body_size 4G;
server_name _;
keepalive_timeout 5;
root /var/www/apps/APP_NAME/current/public;
try_files $uri/index.html $uri.html $uri #app;
location ~ ^/(assets)/ {
root /var/www/apps/APP_NAME/current/public;
expires max;
add_header Cache-Control public;
}
location #app {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_pass http://app_server;
}
error_page 500 502 503 504 /500.html;
location = /500.html {
root /var/www/apps/APP_NAME/current/public;
}
}
}
Am I missing something in nginx.conf or in other files?
Also, when I stop nginx server, it doesn't make sense, I see the same page.
I'm not good in deploying apps to server, it's my first time without Heroku, so I don't know, what exactly you need to know, to help in my problem. So, if you need any additional info, ask, I'll add it to question.
Thanks!
So, I've found the solution from this answer. The problem was with Apache web server, which was running in background and prevent Nginx to run on 80 port.
I've stopped Apache server and restart Nginx, and everything now works ok:
sudo apachectl stop
sudo restart nginx
Your must use passenger and set in nginx config something like this:
http {
passenger_root /home/deployer/.rvm/gems/ruby-1.9.3-p327/gems/passenger-3.0.18;
passenger_ruby /home/deployer/.rvm/wrappers/ruby-1.9.3-p327/ruby;
...
or use HTTP server for Rack, as example Unicorn, and set in nginx config:
upstream app_server {
server unix:/path/to/.unicorn.sock fail_timeout=0;
...
server {
proxy_pass http://app_server;
...
Related
Nginx runs fine with an empty sites-enabled directory, but then I create the symlink with
sudo ln -s /etc/nginx/sites-available/default /etc/nginx/sites-enabled/,
and restarting nginx fails. I type nginx -T, and the culprit is
2020/06/29 20:24:19 [emerg] 4087#4087: duplicate upstream "appname" in /etc/nginx/sites-available/default:1
, which is clearly caused my symolink, so I'm not sure what I did wrong.
The original problem I'm trying to fix is getting my EC2 instance to serve my API instead of the default "Welcome to nginx!" page.
Deleting the symlink lets nginx run normally. Here is a shortened version of my output of nginx -T when it works:
# configuration file /etc/nginx/nginx.conf:
user root;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
events {
worker_connections 20000;
# multi_accept on;
}
http {
disable_symlinks off;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
...
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
include /etc/nginx/sites-available/*;
...
}
# configuration file /etc/nginx/sites-available/default:
upstream appname {
# Path to Puma SOCK file, as defined previously
server unix:/home/ubuntu/appname/shared/sockets/puma.sock fail_timeout=0;
}
server {
listen 80;
listen [::]:80 ipv6only=on default_server;
# server_name domain.tld www.domain.tld;
server_name ec2...compute.amazonaws.com www.ec2...compute.amazonaws.com
root /home/ubuntu/appname/public;
try_files $uri/index.html $uri #app;
location #app {
proxy_pass http://ec2...us-east-2.compute.amazonaws.com;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
access_log /home/ubuntu/appname/log/nginx.access.log;
error_log /home/ubuntu/appname/log/nginx.error.log;
}
location ~* ^/assets/ {
# Per RFC2616 - 1 year maximum expiry
expires 1y;
add_header Cache-Control public;
# Some browsers still send conditional GET requests if there's a
# Last-Modified header or an ETag header even if they haven't
# reached the expiry date sent in the Expires header.
add_header Last-Modified "";
add_header ETag "";
break;
}
error_page 500 502 503 504 /500.html;
client_max_body_size 4G;
keepalive_timeout 10;
}
I'm pretty new to this so I assume it's something basic, but I've been on this for hours and I'm not sure what to do. Also, if it helps, I'm using puma for my application server.
I'm trying to serve my rails application using Puma and Nginx. When ever I got to the page it renders the default nginx page. I've tried with two different configurations. This first fails with "upstream" directive is not allowed here. The second warns Starting nginx: nginx: [warn] conflicting server name "localhost" on 0.0.0.0:80, ignored
(1) overwrite nginx.conf
nginx.conf
upstream puma {
server unix:///home/deploy/apps/exelon-api/shared/tmp/sockets/rails-api-puma.sock;
}
server {
listen 80 default_server deferred;
# server_name example.com;
root /home/deploy/apps/rails-api/current/public;
access_log /home/deploy/apps/rails-api/current/log/nginx.access.log;
error_log /home/deploy/apps/rails-api/current/log/nginx.error.log info;
location ^~ /assets/ {
gzip_static on;
expires max;
add_header Cache-Control public;
}
try_files $uri/index.html $uri #puma;
location #puma {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_pass http://puma;
}
error_page 500 502 503 504 /500.html;
client_max_body_size 10M;
keepalive_timeout 10;
}
(2) using sites enabled
nginx.conf
user nginx;
worker_processes 1;
error_log /var/log/nginx/error.log;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
access_log /var/log/nginx/access.log;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_requests 100;
keepalive_timeout 65;
gzip on;
gzip_http_version 1.0;
gzip_comp_level 2;
gzip_proxied any;
gzip_vary off;
gzip_types text/plain text/css application/x-javascript text/xml application/xml application/rss+xml application/atom+xml text/javascript application/javascript application/json text/mathml;
gzip_min_length 1000;
gzip_disable "MSIE [1-6]\.";
variables_hash_max_size 1024;
variables_hash_bucket_size 64;
server_names_hash_bucket_size 64;
types_hash_max_size 2048;
types_hash_bucket_size 64;
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
sites-enable/rails-api_production
upstream puma_rails-api_production {
server unix:/home/deploy/apps/rails-api/shared/tmp/sockets/rails-api-puma.sock fail_timeout=0;
}
server {
listen 80;
client_max_body_size 4G;
keepalive_timeout 10;
error_page 500 502 504 /500.html;
error_page 503 #503;
server_name localhost rails-api.local;
root /home/deploy/apps/rails-api/current/public;
try_files $uri/index.html $uri #puma_rails-api_production;
location #puma_rails-api_production {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_pass http://puma_rails-api_production;
# limit_req zone=one;
access_log /home/deploy/apps/rails-api/shared/log/nginx.access.log;
error_log /home/deploy/apps/rails-api/shared/log/nginx.error.log;
}
location ^~ /assets/ {
gzip_static on;
expires max;
add_header Cache-Control public;
}
location = /50x.html {
root html;
}
location = /404.html {
root html;
}
location #503 {
error_page 405 = /system/maintenance.html;
if (-f $document_root/system/maintenance.html) {
rewrite ^(.*)$ /system/maintenance.html break;
}
rewrite ^(.*)$ /503.html break;
}
if ($request_method !~ ^(GET|HEAD|PUT|PATCH|POST|DELETE|OPTIONS)$ ){
return 405;
}
if (-f $document_root/system/maintenance.html) {
return 503;
}
location ~ \.(php|html)$ {
return 405;
}
}
Second error practically says that you have two server sections defined with listen 80 (which practically means 0.0.0.0:80 where 0.0.0.0 is equal to "any address") and localhost in server_name.
So, action you have to take depends on what you want to achieve:
Have some other app as default
If you want to have your app to be accessible alongside some other apps you have (or want to have in future) on server by some hostname, let's say example.com, you have to simply remove localhost from server_name in the entry you added.
In this case, you will have to access your app by one of the names you have specified for it in server_name ( example.com), neither localhost nor server IP.
Note that if you still have to make sure domain you've specified resolves to the server address.
If it is on your own local machine and you want to be able to access your app for development purposes (testing how it works with nginx, for example) you can
add row 127.0.0.1 name.here (for example, 127.0.0.1 example.com).
If it is on some server you own and you want others to be able to access app by the same domain, you have to buy/register it (if it has not been registered by someone else yet, it happens) and create the A DNS record pointing to your app server IP.
Make your app default
If you want this app to be default on the server, you can:
Find other server sections defined with listen 80 default; (so, if they don't have default or listen any other port like 8080 or 443 you can safely leave them) and remove the default from there - there can be only one default server section per port and IP combination.
Change listen 80; in your server section to listen 80 default;. This will tell nginx that you want this server section to handle all requests not catched by other section.
This will allow you to access app by IP and point any domain to it without specifying it in server_name section. You still need to register or buy domain to be able to point it to app.
I apologize if this seems like a deja vu. There are plenty of posts about similar issues, and I read them all (and tried them out unsuccessfully).
My setup: Rails 4, Puma, Nginx, SSL Cert for both https://www and https://
I am using a combined block so I get a redirect to SSL. However, I would like to redirect https://www.domain.com to https://domain.com
Everything works fine with the setup you will see below until I add the redirect rule (return 301 https://$host$request_uri;), then I get a redirect loop.
I added "proxy_set_header X-Forwarded-Proto $scheme;" to my #app location for force_ssl (which is set to true in the Rails config file), but that did not solve the issue.
I would really appreciate expert advise here, and please, if you see any points of improvement in my setup, beyond just fixing the redirect loop, please let me know.
nginx.conf:
user root;
worker_processes 4;
pid /var/run/nginx.pid;
#setup where nginx will log errors to
# and where the nginx process id resides
error_log /var/log/nginx/error.log error;
#pid /var/run/nginx.pid;
events {
worker_connections 1024;
accept_mutex off;
use epoll;
}
http {
include /etc/nginx/mime.types;
types_hash_max_size 2048;
default_type application/octet-stream;
#access_log /tmp/nginx.access.log combined;
# use the kernel sendfile
sendfile on;
# prepend http headers before sendfile()
tcp_nopush on;
keepalive_timeout 25;
tcp_nodelay on;
gzip on;
gzip_http_version 1.0;
gzip_proxied any;
gzip_min_length 500;
gzip_disable "MSIE [1-6]\.";
gzip_types text/plain text/html text/xml text/css
text/comma-separated-values
text/javascript application/x-javascript
application/atom+xml;
#Hide server info
server_tokens off;
upstream app_server {
server unix:/root/sites/mina_deploy/shared/tmp/sockets/puma.sock
fail_timeout=0;
}
# configure the virtual host
server {
server_name domain.com www.domain.com 162.555.555.162;
root /root/sites/mina_deploy/current/public;
# port to listen for requests on
listen 80 default deferred;
listen 443 ssl;
####### THIS REDIRECT CAUSES A LOOP ########
#return 301 https://$host$request_uri;
ssl_certificate /etc/ssl/ssl-bundle.crt;
ssl_certificate_key /etc/ssl/myserver.key;
#enables all versions of TLS, but not SSLv2 or 3 which are weak and now deprecated.
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
#Disables all weak ciphers
ssl_ciphers 'AES128+EECDH:AES128+EDH';
ssl_session_cache shared:SSL:10m;
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/ssl/dhparam.pem;
# maximum accepted body size of client request
client_max_body_size 4G;
# the server will close connections after this time
keepalive_timeout 5;
add_header Strict-Transport-Security max-age=63072000;
#add_header X-Frame-Options DENY;
add_header Access-Control-Allow-Origin '*';
add_header X-Content-Type-Options nosniff;
ssl_stapling on;
ssl_stapling_verify on;
resolver 8.8.8.8 8.8.4.4 valid=300s;
resolver_timeout 5s;
location ~ ^/(system|assets)/ {
gzip_static on;
error_page 405 = $uri;
expires max;
add_header Cache-Control public;
break;
}
try_files $uri/index.html $uri #app;
location #app {
# pass to the upstream unicorn server mentioned above
proxy_pass http://app_server;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_read_timeout 300;
}
}
}
The thing I did was have multiple server blocks. You mentioned that you want www.domain.com to redirect to domain.com. In this case I would do
server {
listen 80;
server_name www.domain.com;
return 301 https://domain.com$request_uri;
}
Then remove your www.domain.com from your server_name in your original block. Also I would break up your redirects from 80 to 443 in separate blocks as well. So you would repeat this process if a user tried to go to https://www.domain.com you would have a server that says similar things.
server {
listen 443;
server_name www.domain.com;
return 301 https://domain.com$request_uri;
}
And one to listen for http traffic on the domain you want, but redirected to https traffic.
server {
listen 80;
server_name domain.com;
return 301 https://domain.com$request_uri;
}
Then you can listen to just port 443 in your server block where you want everyone to go and no redirects are in that block.
You can view documentation for nginx here which will show you that this is the proper way to rewrite
Replying to your comment, Use the three blocks that I have written, and in your original server block, you will need to remove
server_name domain.com www.domain.com 162.555.555.162;
and also remove
listen 80 deferred;
and add
server_name domain.com;
Also, just making sure you know that for this to work, you will have to have your domain and www subdomain pointing at your server
I know this is a very common issue, but I've been struggling days with a strange one this time:
I want to serve two Rails 4 apps on the same VPS (ubuntu 14.04). I followed this guide for one app with success. My app1 is working fine. But not app2.
The error is this one (/var/log/nginx/error.log):
directory index of "/srv/app1/public/app2/" is forbidden
General nginx.conf
# Run nginx as www-data.
user www-data;
# One worker process per CPU core is a good guideline.
worker_processes 1;
# The pidfile location.
pid /var/run/nginx.pid;
# For a single core server, 1024 is a good starting point. Use `ulimit -n` to
# determine if your server can handle more.
events {
worker_connections 1024;
}
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay off;
keepalive_timeout 65;
types_hash_max_size 2048;
server_tokens off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
##
# Gzip Settings
##
gzip on;
gzip_disable "msie6";
gzip_http_version 1.1;
gzip_proxied any;
gzip_min_length 500;
gzip_types text/plain text/xml text/css
text/comma-separated-values text/javascript
application/x-javascript application/atom+xml;
##
# Unicorn Rails
##
# The socket here must match the socket path that you set up in unicorn.rb.
upstream unicorn_app2 {
server unix:/srv/app2/tmp/unicorn.app2.sock fail_timeout=0;
}
upstream unicorn_app1 {
server unix:/srv/app1/tmp/unicorn.app1.sock fail_timeout=0;
}
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
sites-available/app1
server {
listen 80;
server_name _
public.ip.of.vps; # Replace this with your site's domain.
keepalive_timeout 300;
client_max_body_size 4G;
root /srv/app1/public; # Set this to the public folder location of your Rails application.
location /app1 {
try_files $uri #unicorn_app1;
}
location #unicorn_app1 {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded_Proto $scheme;
proxy_redirect off;
# This passes requests to unicorn, as defined in /etc/nginx/nginx.conf
proxy_pass http://unicorn_app1;
proxy_read_timeout 300s;
proxy_send_timeout 300s;
auth_basic "Restricted"; #For Basic Auth
auth_basic_user_file /etc/nginx/.htpasswd; #For Basic Auth
}
location ~ ^/assets/ {
#gzip_static on; # to serve pre-gzipped version
expires max;
add_header Cache-Control public;
}
# You can override error pages by redirecting the requests to a file in your
# application's public folder, if you so desire:
error_page 500 502 503 504 /500.html;
location = /500.html {
root /srv/app1/public;
}
}
sites-available/app2
server {
listen 80;
server_name __
public.ip.of.vps; # Replace this with your site's domain.
keepalive_timeout 300;
client_max_body_size 4G;
root /srv/app2/public; # Set this to the public folder location of your Rails application.
location /app2 {
try_files $uri #unicorn_app2;
}
location #unicorn_app2 {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded_Proto $scheme;
proxy_redirect off;
# This passes requests to unicorn, as defined in /etc/nginx/nginx.conf
proxy_pass http://unicorn_app2;
proxy_read_timeout 300s;
proxy_send_timeout 300s;
auth_basic "Restricted"; #For Basic Auth
auth_basic_user_file /etc/nginx/.htpasswd; #For Basic Auth
}
location ~ ^/assets/ {
#gzip_static on; # to serve pre-gzipped version
expires max;
add_header Cache-Control public;
}
# You can override error pages by redirecting the requests to a file in your
# application's public folder, if you so desire:
error_page 500 502 503 504 /500.html;
location = /500.html {
root /srv/app2/public;
}
}
Why is that nginx is looking for app2 in the public folder of app1?
The problem is that your 2 nginx server blocks are listening to the same domain name.
Move the location blocks /app2 and unicorn_app2 into site-available/app1
And delete site-available/app2
This answer shows an example.
I'm hosting an API for a mobile app developed in Rails 4 on DigitalOcean using the One-Click Ubuntu 12.10 Installation droplet. Therefore nginx and Unicorn are preconfigured and running. When I try to open a file from Rails public folder on my web browser, it works.
But when I try to use any of the other paths defined in the routes.rb file I don't get any answer. My requests are loading until they time out. This changes when I type rails s -e production on the server – then everything works as expected. Therefore it must be a problem with nginx or something. What am I missing?
Here's my nginx sites-enabled/default file content (I don't know if that's the thing to look for, but maybe):
server {
listen 80;
root /home/rails/public;
server_name _;
index index.htm index.html;
location / {
try_files $uri/index.html $uri.html $uri #app;
}
#location ~* ^.+\.(jpg|jpeg|gif|png|ico|css|zip|tgz|gz|rar|bz2|doc|xls|exe|pdf|ppt|txt|tar|mid|mid$
location ~* ^.+\.(jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|pdf|ppt|txt|tar|mid|midi|wav|bmp|rt$
try_files $uri #app;
}
location #app {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_pass http://app_server;
}
}
UPDATE: Here is my nginx.conf file in case this helps:
user www-data;
worker_processes 4;
pid /var/run/nginx.pid;
events { worker_connections 1024; }
http {
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
server_tokens off;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
gzip on;
gzip_disable "msie6";
gzip_types text/plain text/xml text/css text/comma-separated-values;
upstream app_server { server 127.0.0.1:8080 fail_timeout=0; }
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
UPDATE 2: And here my unicorn.conf file:
listen "127.0.0.1:8080"
worker_processes 2
user "rails"
working_directory "/home/rails"
pid "/home/unicorn/pids/unicorn.pid"
stderr_path "/home/unicorn/log/unicorn.log"
stdout_path "/home/unicorn/log/unicorn.log"
I had the same issue and running bundle install on the root of my app (on digitalocean droplet) resolved my issue. I think I have to build that into my capistrano script