问题
I am running rails app with puma, capistrano, and nginx on a google compute engine VM with ubuntu 14.04 LTS.
I have the nginx running on the external IP. And when I visit it I get two nginx errors in the log:
2016/02/03 11:58:07 [info] 19754#0: *73 client closed connection while waiting for request, client: ###.##.##.###, server: 0.0.0.0:443
2016/02/03 11:58:07 [crit] 19754#0: *74 connect() to unix:///home/my-user-name/apps/my-web-app/shared/tmp/sockets/my-web-app-puma.sock failed (13: Permission denied) while connecting to upstream, client: ###.##.##.###, server: ,
request: "GET / HTTP/1.1", upstream: "http://unix:///home/my-user-name/apps/my-web-app/shared/tmp/sockets/my-web-app-puma.sock:/", host: "###.###.###.###"
Note: the last ###.###.###.### is the external IP of the google compute VM that the code is running on. I believe the 1st two IP's are my home IP.
I have tried: setsebool httpd_can_network_connect on
as suggested here:
(13: Permission denied) while connecting to upstream:[nginx]
And it returned: setsebool: SELinux is disabled.
But the problem persists.
I have looked at (13: Permission denied) while connecting to upstream:[nginx] as well, but it seems to be particular to uwsgi
Here is my nginx.conf
upstream puma {
server unix:///home/my-user-name/apps/my-web-app/shared/tmp/sockets/my-web-app-puma.sock;
}
server {
listen 80 default_server deferred;
listen 443 ssl;
# server_name example.com;
ssl_certificate /etc/ssl/my-web-app/my-web-app.com.chained.crt;
ssl_certificate_key /etc/ssl/my-web-app/my-web-app.key;
root /home/my-web-app/apps/my-web-app/current/public;
access_log /home/my-user-name/apps/my-web-app/current/log/nginx.access.log;
error_log /home/my-user-name/apps/my-web-app/current/log/nginx.error.log info;
location ^~ /assets/ {
gzip_static on;
expires max;
add_header Cache-Control public;
}
try_files $uri/index.html $uri @puma;
location @puma {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_pass http://puma;
}
error_page 500 502 503 504 /500.html;
client_max_body_size 10M;
keepalive_timeout 10;
}
I run nginx with sudo service nginx restart
Then I run puma with: RACK_ENV=production bundle exec puma -p 3000
and it returns:
Puma starting in single mode...
* Version 2.14.0 (ruby 2.1.7-p400), codename: Fuchsia Friday
* Min threads: 0, max threads: 16
* Environment: production
* Listening on tcp://0.0.0.0:3000
Use Ctrl-C to stop
EDIT 1
It was suggested that I run puma on unix not tcp 3000 so that it'd match nginx
I have tried running puma on unix via the command:
RACK_ENV=production bundle exec puma -d -b unix:///tmp/my-web-app.sock --pidfile /tmp/puma.pid
which gave:
Puma starting in single mode...
* Version 2.14.0 (ruby 2.1.7-p400), codename: Fuchsia Friday
* Min threads: 0, max threads: 16
* Environment: production
* Daemonizing...
It reads the above text, but it does not linger, the command prompt occurs again immediately despite the '...' at the end.
This command seemingly does not work, so if anyone can suggest how to run puma on unix and not tcp 3000, then I could complete the suggestion. (Though I suspect there is a configuring nginx issue that may be occuring before anything that has to do with puma)
EDIT 2 Attaching puma.rb
#!/usr/bin/env puma
directory '/home/my-user-name/apps/my-web-app/current'
rackup "/home/my-user-name/apps/my-web-app/current/config.ru"
environment 'production'
pidfile "/home/my-user-name/apps/my-web-app/shared/tmp/pids/puma.pid"
state_path "/home/my-user-name/apps/my-web-app/shared/tmp/pids/puma.state"
stdout_redirect '/home/my-user-name/apps/my-web-app/current/log/puma.error.log', '/home/my-user-name/apps/my-web-app/current/log/puma.access.log', true
threads 2,8
bind 'unix:///home/my-user-name/apps/my-web-app/shared/tmp/sockets/my-web-app-puma.sock'
workers 1
preload_app!
on_restart do
puts 'Refreshing Gemfile'
ENV["BUNDLE_GEMFILE"] = "/home/my-user-name/apps/my-web-app/current/Gemfile"
end
on_worker_boot do
ActiveSupport.on_load(:active_record) do
ActiveRecord::Base.establish_connection
end
end
EDIT 3
I now tried just running the rails server on port 80 directly. I typed:
rvmsudo rails server -p 80
and it returned:
=> Booting Puma
=> Rails 4.2.4 application starting in development on http://localhost:80
=> Run `rails server -h` for more startup options
=> Ctrl-C to shutdown server
Puma 2.14.0 starting...
* Min threads: 0, max threads: 16
* Environment: development
* Listening on tcp://localhost:80
Exiting
/home/my-user-name/apps/my-web-app/shared/bundle/ruby/2.1.0/gems/puma-2.14.0/lib/puma/binder.rb:233:in `initialize': Address already in use - bind(2) for "localhost" port 80 (Errno::EADDRINUSE)
from /home/my-user-name/apps/my-web-app/shared/bundle/ruby/2.1.0/gems/puma-2.14.0/lib/puma/binder.rb:233:in `new'
from /home/my-user-name/apps/my-web-app/shared/bundle/ruby/2.1.0/gems/puma-2.14.0/lib/puma/binder.rb:233:in `add_tcp_listener'
from (eval):2:in `add_tcp_listener'
from /home/my-user-name/apps/my-web-app/shared/bundle/ruby/2.1.0/gems/puma-2.14.0/lib/rack/handler/puma.rb:33:in `run'
from /home/my-user-name/apps/my-web-app/shared/bundle/ruby/2.1.0/gems/rack-1.6.4/lib/rack/server.rb:286:in `start'
from /home/my-user-name/apps/my-web-app/shared/bundle/ruby/2.1.0/gems/railties-4.2.4/lib/rails/commands/server.rb:80:in `start'
from /home/my-user-name/apps/my-web-app/shared/bundle/ruby/2.1.0/gems/railties-4.2.4/lib/rails/commands/commands_tasks.rb:80:in `block in server'
from /home/my-user-name/apps/my-web-app/shared/bundle/ruby/2.1.0/gems/railties-4.2.4/lib/rails/commands/commands_tasks.rb:75:in `tap'
from /home/my-user-name/apps/my-web-app/shared/bundle/ruby/2.1.0/gems/railties-4.2.4/lib/rails/commands/commands_tasks.rb:75:in `server'
from /home/my-user-name/apps/my-web-app/shared/bundle/ruby/2.1.0/gems/railties-4.2.4/lib/rails/commands/commands_tasks.rb:39:in `run_command!'
from /home/my-user-name/apps/my-web-app/shared/bundle/ruby/2.1.0/gems/railties-4.2.4/lib/rails/commands.rb:17:in `<top (required)>'
from bin/rails:4:in `require'
from bin/rails:4:in `<main>'
EDIT 4
If I run sudo service nginx stop then run rvmsudo rails server -p 80
again it returns:
=> Booting Puma
=> Rails 4.2.4 application starting in development on http://localhost:80
=> Run `rails server -h` for more startup options
=> Ctrl-C to shutdown server
Puma 2.14.0 starting...
* Min threads: 0, max threads: 16
* Environment: development
* Listening on tcp://localhost:80
That means that approach was incorrect since without nginx when I visit the external IP nothing its now returns The server refused the connection.
as opposed to the original:
We're sorry, but something went wrong.
If you are the application owner check the logs for more information.
If anyone knows how to prevent the original error, any suggestions would be much appreciated.
EDIT 5 The original question remains, but can anyone tell me if this is an https problem or an ssl problem?
EDIT 6
I have tried running puma directly on 80 and am getting a permission error on 80.
I try: RACK_ENV=production bundle exec puma -p 80
and get:
Puma starting in single mode...
* Version 2.14.0 (ruby 2.1.7-p400), codename: Fuchsia Friday
* Min threads: 0, max threads: 16
* Environment: production
* Listening on tcp://0.0.0.0:80
/home/my-user-name/apps/my-web-app/shared/bundle/ruby/2.1.0/gems/puma-2.14.0/lib/puma/binder.rb:233:in `initialize': Permission denied - bind(2) for "0.0.0.0" port 80 (Errno::EACCES)
from /home/my-user-name/apps/my-web-app/shared/bundle/ruby/2.1.0/gems/puma-2.14.0/lib/puma/binder.rb:233:in `new'
from /home/my-user-name/apps/my-web-app/shared/bundle/ruby/2.1.0/gems/puma-2.14.0/lib/puma/binder.rb:233:in `add_tcp_listener'
from /home/my-user-name/apps/my-web-app/shared/bundle/ruby/2.1.0/gems/puma-2.14.0/lib/puma/binder.rb:98:in `block in parse'
from /home/my-user-name/apps/my-web-app/shared/bundle/ruby/2.1.0/gems/puma-2.14.0/lib/puma/binder.rb:84:in `each'
from /home/my-user-name/apps/my-web-app/shared/bundle/ruby/2.1.0/gems/puma-2.14.0/lib/puma/binder.rb:84:in `parse'
from /home/my-user-name/apps/my-web-app/shared/bundle/ruby/2.1.0/gems/puma-2.14.0/lib/puma/runner.rb:119:in `load_and_bind'
from /home/my-user-name/apps/my-web-app/shared/bundle/ruby/2.1.0/gems/puma-2.14.0/lib/puma/single.rb:79:in `run'
from /home/my-user-name/apps/my-web-app/shared/bundle/ruby/2.1.0/gems/puma-2.14.0/lib/puma/cli.rb:215:in `run'
from /home/my-user-name/apps/my-web-app/shared/bundle/ruby/2.1.0/gems/puma-2.14.0/bin/puma:10:in `<top (required)>'
from /home/my-user-name/apps/my-web-app/shared/bundle/ruby/2.1.0/bin/puma:23:in `load'
from /home/my-user-name/apps/my-web-app/shared/bundle/ruby/2.1.0/bin/puma:23:in `<main>'
I believe that this is caused because port 80 has higher permissions than others. So, I ran sudo RACK_ENV=production bundle exec puma -p 80
but that just returned: Your Ruby version is 1.9.3, but your Gemfile specified 2.1.7
回答1:
I got the same error with you, I got a solution but don't know should it be right.
Change the first line of file /etc/nginx/nginx.conf
user www-data;
touser root;
Then restart the nginx using:
service nginx restart
OR systemctl restart nginx
Works well!
回答2:
Take a look at your puma.error.log file for your application.
Mine was complaining about a small syntax error in a config block on production environment.
来源:https://stackoverflow.com/questions/35177177/nginx-error-13-permission-denied-while-connecting-to-upstream