The current app I am running is working just fine in production on its ubuntu server. But now I've had to configure a Red Hat Enterprise Linux 5.5 server to deploy the app to and I am running into some issues. First of all some specs:
rails version: 3.2.11
ruby: 1.9.3-p194
http server nginx + unicorn
managing ruby environment with rbenv
deploy method: capistrano
My nginx.conf and unicorn config file are based on Ryan Bate's videos. So I managed to get almost everything configured. I can deploy, connect to the database, etc.. However, when I visit my app's page, all of the assets fail to load. And when I go into my console it says they failed because of a 403 Forbidden error. I checked and the assets are in the correct place: apps/my_app/shared/assets. But I keep getting this 403 error.
What I've tried so far:
checked the permissions to parent folders and the actual asset files. They all had at least read permissions for everyone
changed config.assets.compile to true
Followed instructions here rails deployment using nginx & unicorn: 403 forbidden error, which recommends removing the default files in conf.d and symlinking my custom nginx config file to /etc/nginx/conf.d as opposed to .../sites-enabled
Any thoughts or ideas why I am getting a 403?
Edit 1: add /etc/nginx/nginx.conf file
Not sure if this helps but this is what the nginx.conf file (under /etc/nginx) looks like (not my custom nginx file):
events {
worker_connections 1024;
}
#----------------------------------------------------------------------
# HTTP Core Module
#
# http://wiki.nginx.org/NginxHttpCoreModule
#
#----------------------------------------------------------------------
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
#
# The default server
#
server {
listen 80;
server_name _;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
root /usr/share/nginx/html;
index index.html index.htm;
}
error_page 404 /404.html;
location = /404.html {
root /usr/share/nginx/html;
}
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
# Load config files from the /etc/nginx/conf.d directory
include /etc/nginx/conf.d/*.conf;
}
Also, I noticed that under /etc/nginx there are nginx.conf and nginx.conf.default files, does anyone know the difference? Maybe the issue could be there?
Edit 2: Add entry from nginx log file
So I found this in the nginx log file. So maybe it is a permissions issue that could be fixed with a chmod?
2013/03/24 20:50:53 [error] 10851#0: *5 open() "/home/webapp/apps/my_app/current/public/assets/application-db22bc3811b126e586f5e82e794e7ee4.css" failed (13: Permission denied)
Edit 3: Update /etc/nginx/nginx.conf
user nginx;
worker_processes 2;
# error_log logs/error.log;
# error_log logs/error.log notice;
# error_log logs/error.log info;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log;
sendfile on;
#tcp_nopush on;
keepalive_timeout 60;
gzip on;
include /etc/nginx/conf.d/*.conf;
# INSIDE THE /etc/ngin/conf.d/*.conf FILE #
server {
listen 80 default deferred;
# server_name example.com;
root /home/webapp/apps/my_app/current/public;
location ^~ /assets/ {
gzip_static on;
expires max;
add_header Cache-Control public;
}
try_files $uri/index.html $uri #unicorn;
location #unicorn {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_pass http://unicorn;
}
error_page 500 502 503 504 /500.html;
client_max_body_size 4G;
keepalive_timeout 10;
}
}
So I managed to fix this. In part to advice in this article http://nginxlibrary.com/403-forbidden-error/
for all the directories leading up to all the asset files, I set the directory permissions to chmod 775. And then for all the assets (application.js, etc...) inside apps/my_app/shared/assets I gave the files this permission chmod 775.
And that did the trick. In the article I linked to, the author mentions the need for the asset files to have both read and execute permissions, not just read.
Related
Non www version redirect to nginx default page instead of website how can i fix this?
https://www works fine
http://www works fine
https:// works fine
But http:// don't work people get to the default nginx page instead of website
Here is my nginx config file:
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
# Load dynamic modules. See /usr/share/doc/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 1024;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
# Load modular configuration files from the /etc/nginx/conf.d directory.
# See http://nginx.org/en/docs/ngx_core_module.html#include
# for more information.
include /etc/nginx/conf.d/*.conf;
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name _;
root /var/www/html;
# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;
location / {
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
# Settings for a TLS enabled server.
#
# server {
# listen 443 ssl http2 default_server;
# listen [::]:443 ssl http2 default_server;
# server_name _;
# root /var/www/html;
#
# ssl_certificate "/etc/pki/nginx/server.crt";
# ssl_certificate_key "/etc/pki/nginx/private/server.key";
# ssl_session_cache shared:SSL:1m;
# ssl_session_timeout 10m;
# ssl_ciphers PROFILE=SYSTEM;
# ssl_prefer_server_ciphers on;
#
# # Load configuration files for the default server block.
# include /etc/nginx/default.d/*.conf;
#
# location / {
# }
#
# error_page 404 /404.html;
# location = /40x.html {
# }
#
# error_page 500 502 503 504 /50x.html;
# location = /50x.html {
# }
# }
}
My issue is I can't seem to make it redirect from http://example.com to https://www.example.com instead showing nginx standard page.
return 301 https://$host$request_uri; i tried this as well and still not working
P.S. Also I am using apache to with nginx in combination
How can I fix?
Thanks
The nginx redirection will looks like
server {
listen 80;
server_name yourdomain.com;
access_log off;
return 301 https://www.yourdomain.com$request_uri;
}
server {
server_name yourserveripaddress;
access_log off;
return 301 https://www.yourdomain.com$request_uri;
}
server {
listen 443 ssl;
server_name yourdomain.com;
ssl_certificate /etc/nginx/ssl/yourdomain.com.chained.crt;
ssl_certificate_key /etc/nginx/ssl/yourdomain_com.key;
access_log off;
return 301 https://www.yourdomain.com$request_uri;
}
I ve installed nginx 1.12.1 as a reverse proxy with a working Apache httpd 2.4.25 x64
I have a vmware virtual machine with centOs 6.9. I ve a working stack apache httpd 2.4.25 ---(mod_jk 1.2.42)---Tomcat 7.0.81---(jdbc)---MySQL server 5.7.19.
Now i ve installed and configure Nginx to work in front of Apache (reverse proxy).
It does not work since three days, (using curl or mozilla browser).
The error message is 400 Bad Request: Request Header Or Cookie Too Large
could someone help me?
Here is my /etc/nginx/nginx.conf
user nginx;
worker_processes 4;
error_log /var/log/nginx/error.core.log warn;
pid /var/run/nginx.pid;
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request"
' '$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.core.log main;
sendfile on;
keepalive_timeout 65;
client_max_body_size 200M;
client_body_buffer_size 32k;
client_header_buffer_size 64k;
large_client_header_buffers 4 64k;
fastcgi_buffers 16 16k;
fastcgi_buffer_size 32k;
include /etc/nginx/conf.d/*.conf;
}
my default server config:
server {
listen 80;
server_name localhost;
charset utf-8;
access_log /var/log/nginx/access.http.mydomain.log;
error_log /var/log/nginx/error.http.mydomain.log;
location / {
proxy_pass http://127.0.0.1:8080/;
root /opt/rh/httpd24/root/var/www/html/html;
index index.html index.htm;
include /etc/nginx/conf.d/proxy.inc;
client_max_body_size 10m;
client_body_buffer_size 128k;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
}
I'm running a node js application rest api service and wordpress on same nginx server. There is android application which call my node js service to get data from the server. Many times I'm getting ssl handsake failed or refused error on my android application. While surfing my server configuration file and log file I'm getting this in my logs
SSL_do_handshake() failed (SSL: error:140A1175:SSL routines:SSL_BYTES_TO_CIPHER_LIST:inappropriate fallback) while SSL handshaking, client:::::
My nginx.conf file :
user www-data;
worker_processes 4;
pid /run/nginx.pid;
events {
worker_connections 8096;
multi_accept on;
}
worker_rlimit_nofile 40000;
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 45;
types_hash_max_size 2048;
# server_tokens off;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
# buffer optimizations
client_body_buffer_size 10K;
client_header_buffer_size 1k;
client_max_body_size 8m;
large_client_header_buffers 2 1k;
access_log off;
error_log /var/log/nginx/error.log;
}
server {
listen 443 ssl;
root /var/www/html;
index index.php index.html index.htm;
ssl_certificate /etc/nginx/ssl/crtfile.crt;
ssl_certificate_key /etc/nginx/ssl/server.key;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
# try_files $uri $uri/ =404;
# Uncomment to enable naxsi on this location
# include /etc/nginx/naxsi.rules
try_files $uri $uri/ /index.php?q=$uri&$args;
#try_files $uri $uri/index.html;
}
location = /index.html {return 301 https://appyappy.com/;}
# Only for nginx-naxsi used with nginx-naxsi-ui : process denied requests
#location /RequestDenied {
# proxy_pass http://127.0.0.1:8080;
#}
error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
Also when no of users are too large around 2k-5k I'm also getting time out and connection refused error in adroid application.
I struggled for few hours to fix this issue but still it doesn't work. The error I see in my browser is:
POST /users 502 (Bad Gateway)
I know that it's the problem of setting nginx and unicorn, but I can't solve it. By the way, I deployed my code using digital ocean. Here is my config file
Unicorn config (nginx.conf):
user nginx;
worker_processes 1;
error_log /var/log/nginx/error.log;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
server_names_hash_bucket_size 64;
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
# Load config files from the /etc/nginx/conf.d directory
# The default server is in conf.d/default.conf
include /etc/nginx/conf.d/*.conf;
fastcgi_buffers 8 16k;
fastcgi_buffer_size 32k;
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
}
Unicorn config file (/var/nginx/unicorn.conf):
upstream unicorn {
server unix:/tmp/unicorn.sock fail_timeout=0;
}
server {
listen 80;
listen 443 ssl;
ssl_certificate /root/certs/server.crt;
ssl_certificate_key /root/certs/server.key;
client_max_body_size 4G;
keepalive_timeout 15;
root /var/www/quoine/current/public;
try_files $uri #unicorn;
location ~ ^/assets|app/ {
gzip_static on;
expires max;
add_header Cache-Control public;
}
location = /app/ {
rewrite $uri $uri/index.html;
}
location = /app/index.html {
add_header Pragma "no-cache";
add_header Cache-Control "no-cache, no-store, max-age=0, must-revalidate";
add_header Expires "Fri, 01 Jan 1990 00:00:00 GMT";
}
location #unicorn {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_redirect off;
proxy_pass http://unicorn;
}
if (-f $document_root/system/maintenance.html) {
return 503;
}
error_page 500 502 504 /500.html;
location = /500.html {
root /var/www/quoine/current/public;
}
error_page 503 #maintenance;
location #maintenance {
rewrite ^(.*)$ /system/maintenance.html break;
}
}
I'm using Rails 3. If any one got any idea about this problem, please tell me. It takes me 3 hours without any progress. Thanks
Can you provide the config you've got for unicorn too (the files you've provided are both for nginx). An example of what it should look like is in the first part of the "Configuring Servers" entry here: https://www.digitalocean.com/community/tutorials/how-to-deploy-rails-apps-using-unicorn-and-nginx-on-centos-6-5
I ran across this trying to figure out why I was getting 502 errors after using the 1-click install for Digital Ocean - and using a different version of Ruby.
I found my answer by looking at this guide: https://www.digitalocean.com/community/tutorials/how-to-use-the-1-click-ruby-on-rails-on-ubuntu-14-04-image
My issue was the following from the guide:
Once you have the location of Ruby that you are using by default,
change /etc/default/unicorn pathnames to include /usr/local/rvm/rubies
subfolder and /usr/local/rvm/gems subfolders for the newly installed
version as well as location of unicorn
Hope this helps helps someone
I have a rails app using Rails 3.2.3, Ruby 1.9.3, and Phusion Passenger with the Nginx module. App users need to upload large files. I added the directive client_max_body_size 500M; to the location block in the nginx.conf (below) and stopped and started nginx through using Ctrl-C to stop nginx and passenger start to restart nginx. However, when I try to upload a file that is 127 mb, I get the error "413 Request Entity Too Large". Can someone let me know what I am overlooking?
Thanks,
My nginx.conf
#user nobody;
worker_processes 1;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
passenger_root /Users/mcmahling/.rvm/gems/ruby-1.9.3-p125/gems/passenger-3.0.12;
passenger_ruby /Users/mcmahling/.rvm/wrappers/ruby-1.9.3-p125/ruby;
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 165;
#gzip on;
server {
listen 80;
server_name localhost;
client_max_body_size 4G;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
root html;
index index.html index.htm;
client_max_body_size 4G;
client_body_buffer_size 128k;
client_body_temp_path /usr/local/nginx/client_body_temp;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
# another virtual host using mix of IP-, name-, and port-based configuration
#
#server {
# listen 8000;
# listen somename:8080;
# server_name somename alias another.alias;
# location / {
# root html;
# index index.html index.htm;
# }
#}
# HTTPS server
#
#server {
# listen 443;
# server_name localhost;
# ssl on;
# ssl_certificate cert.pem;
# ssl_certificate_key cert.key;
# ssl_session_timeout 5m;
# ssl_protocols SSLv2 SSLv3 TLSv1;
# ssl_ciphers HIGH:!aNULL:!MD5;
# ssl_prefer_server_ciphers on;
# location / {
# root html;
# index index.html index.htm;
# }
#}
}
Change client_max_body_size 4G; to 4g; or 500m; insde the server block
Judging from Nginx Error 413 and http://forum.slicehost.com/index.php?p=/discussion/1714/nginx-413-when-uploading-file-1mb-or-larger/p1, you might try having client_max_body_size specified just a single time, possibly only in the server section, although that seems dubious.
Also, as mentioned in another response, I think you want '4g' as the value.
This is just a wild guess, and since I know neither Rails, Ruby nor nginx, I can not really find out if my idea applies, but here is it anyway, maybe it helps...
Did you check by what method the files are transfered? Your problem reminds me of a situation where my Ajax-requests failed mystically. After some research, I found out all requests where sent via GET (which was the wrong way to do it in the first place). Changing it to POST solved my problem then.
Since you are sending files there, it might be a totally different thing (I had data about 2KiB in size or so).
client_max_body_size 10m;
works for me, with ';' at the and, and restart Nginx and Unicorn, or apache...etc
Like #MaffooClock says, inside the http block.