Systemd unit file for Gunicorn & WSGI with virtualenv - flask

I'm trying to run a flask app with Nginx and Gunicorn on Fedora 37. Part of this involves creating a Systemd unit file, thus:
[Unit]
Description=gunicorn daemon
After=network.target
[Service]
User=pretox
Group=pretox
WorkingDirectory=/home/pretox/ptox-metadata-manager
ExecStart=/home/pretox/ptox-metadata-manager/gunicorn_start
[Install]
WantedBy=multi-user.target
Here's the script that's called:
#!/usr/bin/env bash
. /home/pretox/ptox-metadata-manager/virtualenv/bin/activate
/home/pretox/ptox-metadata-manager/virtualenv/bin/gunicorn --timeout 120 --name ptox-metdata-manager --user pretox --group pretox --log-level debug --error-logfile /home/pretox/ptox-metadata-manager/error.log --bind unix:/home/pretox/ptox-metadata-manager/ptox-metadata-manager.socket wsgi:app
Systemd is not willing to start Gunicorn:
× gunicorn.service - gunicorn daemon
Loaded: loaded (/etc/systemd/system/gunicorn.service; enabled; preset: disabled)
Active: failed (Result: exit-code) since Wed 2023-01-25 09:51:22 GMT; 3s ago
Duration: 4ms
Process: 52572 ExecStart=/home/pretox/ptox-metadata-manager/gunicorn_start (code=exited, status=203/EXEC)
Main PID: 52572 (code=exited, status=203/EXEC)
CPU: 1ms
Jan 25 09:51:22 catoblepas systemd[1]: Started gunicorn.service - gunicorn daemon.
Jan 25 09:51:22 catoblepas systemd[52572]: gunicorn.service: Failed to locate executable /home/pretox/ptox-metadata-manager/gunicorn_start: Permission denied
Jan 25 09:51:22 catoblepas systemd[52572]: gunicorn.service: Failed at step EXEC spawning /home/pretox/ptox-metadata-manager/gunicorn_start: Permission denied
Jan 25 09:51:22 catoblepas systemd[1]: gunicorn.service: Main process exited, code=exited, status=203/EXEC
Jan 25 09:51:22 catoblepas systemd[1]: gunicorn.service: Failed with result 'exit-code'.
I'm not sure why permission should be denied here. Could it be SELinux interfering?
(virtualenv) [pretox#development ptox-metadata-manager]$ ls -Z gunicorn_start
unconfined_u:object_r:user_home_t:s0 gunicorn_start
If I run the command line from the gunicorn_start script then it starts up and Nginx is able to proxy to it.

The answer turns out to be moving the bash script to /usr/local/bin, as described here; https://unix.stackexchange.com/questions/664811/systemd-service-failing-with-exit-code-status-203-exec

Related

Sock file is not creating in my django project with gunicorn

I'm trying to deploy my django project properly with gunicorn. But i'm unable to do that. I'm doing the following process again and again...
/etc/systemd/system/gunicorn.service
[Unit]
Description=gunicorn daemon
After=network.target
[Service]
User=ubuntu
Group=www-data
WorkingDirectory=/home/ubuntu/dotescrow_main
ExecStart=/home/ubuntu/dotescrow_main/dotescrow_env/bin/gunicorn --access-logfile - --workers 3 --bind unix:/home/ubuntu/dotescro>
[Install]
WantedBy=multi-user.target
then i run following commands in a sequence.
sudo systemctl start gunicorn
sudo systemctl enable gunicorn
sudo systemctl status gunicorn
it returns :
● gunicorn.service - gunicorn daemon
Loaded: loaded (/etc/systemd/system/gunicorn.service; enabled; vendor preset: enabled)
Active: active (running) since Sat 2021-03-13 22:21:36 UTC; 15min ago
Main PID: 563946 (gunicorn)
Tasks: 4 (limit: 2372)
Memory: 100.1M
CGroup: /system.slice/gunicorn.service
├─563946 /home/ubuntu/dotescrow_main/dotescrow_env/bin/python /home/ubuntu/dotescrow_main/dotescrow_env/bin/gunicorn>
after that when i check sock like in myproject by
ls /home/ubuntu/dotescrow_main
I dont get any sock file there.
after that when i run sudo journalctl -u gunicorn i get following output:
Jan 26 18:30:55 ip-172-31-11-244 systemd[1]: Started gunicorn daemon.
Jan 26 18:30:55 ip-172-31-11-244 systemd[92397]: gunicorn.service: Failed to determine user credentials: No such process
Jan 26 18:30:55 ip-172-31-11-244 systemd[92397]: gunicorn.service: Failed at step USER spawning /home/ubuntu/dotescrow/myprojecte>
Jan 26 18:30:55 ip-172-31-11-244 systemd[1]: gunicorn.service: Main process exited, code=exited, status=217/USER
Jan 26 18:30:55 ip-172-31-11-244 systemd[1]: gunicorn.service: Failed with result 'exit-code'.

ModuleNotFoundError: No module named 'gunicorn'

I followed a [DigitalOcean guide]((https://www.digitalocean.com/community/tutorials/how-to-set-up-django-with-postgres-nginx-and-gunicorn-on-debian-10) to set up my Django site. It usually works fine but lately I keep running into this.
root#localhost:/usr/bin# sudo systemctl status gunicorn
Jun 13 21:27:43 localhost systemd[1]: Started gunicorn daemon.
Jun 13 21:27:43 localhost gunicorn[20611]: Traceback (most recent call last):
Jun 13 21:27:43 localhost gunicorn[20611]: File "/usr/bin/gunicorn", line 6, in <module>
Jun 13 21:27:43 localhost gunicorn[20611]: from gunicorn.app.wsgiapp import run
Jun 13 21:27:43 localhost gunicorn[20611]: ModuleNotFoundError: No module named 'gunicorn'
Jun 13 21:27:43 localhost systemd[1]: gunicorn.service: Main process exited, code=exited, status=1/FAILURE
Jun 13 21:27:43 localhost systemd[1]: gunicorn.service: Failed with result 'exit-code'.
Jun 13 21:27:43 localhost systemd[1]: gunicorn.service: Start request repeated too quickly.
Jun 13 21:27:43 localhost systemd[1]: gunicorn.service: Failed with result 'exit-code'.
Jun 13 21:27:43 localhost systemd[1]: Failed to start gunicorn daemon.
root#localhost:/home/development/django# which gunicorn
/usr/bin/gunicorn
/etc/systemd/system/gunicorn.service
[Unit]
Description=gunicorn daemon
Requires=gunicorn.socket
After=network.target
[Service]
User=root
Group=www-data
WorkingDirectory=/home/development/django/
ExecStart=/usr/bin/gunicorn \
--access-logfile - \
--workers 3 \
--bind unix:/run/gunicorn.sock \
app.wsgi:application
[Install]
WantedBy=multi-user.target
I had the exact same problem and was going quite mad but here is what fixed it :
I guess systemd executes with sudo, but I did the pip install blabla without being in sudo.
Found out by doing sudo gunicorn --version and getting nothing.
So just doing sudo pip install gunicorn solved it for me !
Disclaimer : I am probably doing something not at all in the "best practices" so don't hesitate to correct me or give a more detailed response than mine : First time answering :D

Gunicorn gock file not appear

I have a web server created with Django, but from one moment to another my server is down and nginx return error 502, before I create my sock file, but when I try again I can't create this.
pkill gunicorn
sudo systemctl daemon-reload
sudo systemctl start gunicorn
sudo systemctl enable gunicorn
I read something about web permissions for folders but I think the folder that contains my server has all the possible permissions.
drwxrwxr-x 8 ubuntu ubuntu 4096 Sep 8 02:17 trackerServer
On the other hand this is my /etc/systemd/system/gunicorn.service file:
[Unit]
Description=gunicorn daemon
After=network.target
[Service]
User=ubuntu
Group=www-data
WorkingDirectory=/home/ubuntu/tracker-web/trackerServer
ExecStart=/home/ubuntu/tracker-web/trackerServer/env/bin/gunicorn --workers 3 --bind unix:/home/ubuntu/tracker-web/trackerServer/trackerServer.sock trackerServer.wsgi:application
[Service]
User=ubuntu
Group=www-data
WorkingDirectory=/home/ubuntu/django_joya/
ExecStart=gunicorn --workers 3 --bind unix:/home/ubuntu/django_joya/joyas.sock joyas.wsgi:application
[Install]
WantedBy=multi-user.target
In the server there are 2 projects, but only tracker-web/trackerServer are mine, django_joya is the other person.
Any help please, I can not generate my sock file
EDIT
Here is my result when I try sudo systemctl status gunicorn
● gunicorn.service - gunicorn daemon
Loaded: loaded (/etc/systemd/system/gunicorn.service; enabled; vendor preset: enabled)
Active: failed (Result: exit-code) since Fri 2017-09-08 03:00:20 UTC; 9h ago
Main PID: 11134 (code=exited, status=200/CHDIR)
Sep 08 03:00:20 ip-172-26-13-39 systemd[1]: Started gunicorn daemon.
Sep 08 03:00:20 ip-172-26-13-39 systemd[1]: gunicorn.service: Main process exited, code=exited, status=200/CHDIR
Sep 08 03:00:20 ip-172-26-13-39 systemd[1]: gunicorn.service: Unit entered failed state.
Sep 08 03:00:20 ip-172-26-13-39 systemd[1]: gunicorn.service: Failed with result 'exit-code'.
Sep 08 03:00:21 ip-172-26-13-39 systemd[1]: [/etc/systemd/system/gunicorn.service:15] Executable path is not absolute, ignoring: gunicorn --workers 3 --bind unix:/home/ubuntu/django
The problem like the log show is the execution var, also you have 2 services, delete one. The services should look like:
[Service]
User=sammy
Group=www-data
WorkingDirectory=/home/sammy/myproject
ExecStart=/home/sammy/myproject/myprojectenv/bin/gunicorn --access-logfile - --workers 3 --bind unix:/home/sammy/myproject/myproject.sock myproject.wsgi:application
Remember replace the gunicorn, sock, and wsgi root. More information https://www.digitalocean.com/community/tutorials/how-to-set-up-django-with-postgres-nginx-and-gunicorn-on-ubuntu-16-04#check-for-the-gunicorn-socket-file

Configuring gunicorn without virtualenv

I'm setting up a django site without virtualenv and I'm following digital ocean's guide to setup which has been going fine till I had to setup gunicorn service instance which has a field ExecStart which I've had to remove also while trying to test.
When I try to start gunicorn I get the following error
root#samuel-pc:~/revamp# systemctl start gunicorn
Failed to start gunicorn.service: Unit gunicorn.service is not loaded properly: Invalid argument.
See system logs and 'systemctl status gunicorn.service' for details.
root#samuel-pc:~/revamp#
My gunicorn service code is as follows:
[Unit]
Description=gunicorn daemon
After=network.target
[Service]
User=root
Group=www-data
WorkingDirectory=/root/revamp
#ExecStart=gunicorn --access-logfile - --workers 3 --bind unix:/root/revamp/rev$
[Install]
WantedBy=multi-user.target
the way I've setup the site is I login via root and I copied the folder directly into root. The django application is called revamp and if you run pwd from inside the folder you get the result /root/revamp
UPDATE
I've edited the execstart to
ExecStart=gunicorn --access-logfile - --workers 3 --bind unix:/root/revamp/revamp.sock revamp.wsgi:application
and now when I run systemctl status gunicorn.service
I get
● gunicorn.service - gunicorn daemon
Loaded: error (Reason: Invalid argument)
Active: inactive (dead)
Jun 28 21:48:16 samuel-pc systemd[1]: [/etc/systemd/system/gunicorn.service:9] Executable path is not absolute, ignoring: gunicorn --access-logfile - --workers 3 --bind unix:/root/revamp/revamp
Jun 28 21:48:16 samuel-pc systemd[1]: gunicorn.service: Service lacks both ExecStart= and ExecStop= setting. Refusing.
Jun 28 21:53:29 samuel-pc systemd[1]: gunicorn.service: Service lacks both ExecStart= and ExecStop= setting. Refusing.
Jun 29 05:05:06 samuel-pc systemd[1]: [/etc/systemd/system/gunicorn.service:9] Executable path is not absolute, ignoring: gunicorn --access-logfile - --workers 3 --bind unix:/root/revamp/revamp
Jun 29 05:05:06 samuel-pc systemd[1]: gunicorn.service: Service lacks both ExecStart= and ExecStop= setting. Refusing.
Jun 29 05:05:24 samuel-pc systemd[1]: [/etc/systemd/system/gunicorn.service:9] Executable path is not absolute, ignoring: gunicorn --access-logfile - --workers 3 --bind unix:/root/revamp/revamp
Jun 29 05:05:24 samuel-pc systemd[1]: gunicorn.service: Service lacks both ExecStart= and ExecStop= setting. Refusing.
you can find the path of your gunicorn installation by typing
which gunicorn
for me (with a regular install) this returned
/usr/local/bin/gunicorn
so in the end you will have something like this:
ExecStart=/usr/local/bin/gunicorn --access-logfile - --workers 3 [...]
It's easy to see that Gunicorn is not going to start without the ExecStart instruction, there's nothing to run, so the service simply returns.
It doesn't matter if your Gunicorn is installed inside a Virtualenv or not, the first argument to your Gunicorn call should be the route to your wsgi.py module's application variable.
Lets say the wsgy.py file is inside /root/revamp/my_project/
Your Gunicorn call should be:
gunicorn my_project.wsgi:application ...
Where my_project is the name of the module (the folder with the __init__.py file inside) that contains the wsgi.py file, and should also contain the settings.py file.
If you don't point it to a valid WSGI python application, Gunicorn is not going to start...

setup gunicorn to run with systemd

Trying to set up gunicorn to run with systemd. The control file is /etc/systemd/system/gunicorn.service and the output for testing is
root#samuel-pc:~# systemctl start gunicorn
Failed to start gunicorn.service: Unit gunicorn.service is not loaded properly: Invalid argument.
See system logs and 'systemctl status gunicorn.service' for details.
root#samuel-pc:~# systemctl status gunicorn.service
● gunicorn.service - gunicorn daemon
Loaded: error (Reason: Invalid argument)
Active: inactive (dead)
Jun 29 05:13:17 samuel-pc systemd[1]: [/etc/systemd/system/gunicorn.service:9] Executable path is not absolute, ignoring: gunicorn --access-logfile - --workers 3 --bind unix:/root/revamp/revamp
Jun 29 05:13:17 samuel-pc systemd[1]: gunicorn.service: Service lacks both ExecStart= and ExecStop= setting. Refusing.
Jun 29 05:13:29 samuel-pc systemd[1]: [/etc/systemd/system/gunicorn.service:9] Executable path is not absolute, ignoring: gunicorn --access-logfile - --workers 3 --bind unix:/root/revamp/revamp
Jun 29 05:13:29 samuel-pc systemd[1]: gunicorn.service: Service lacks both ExecStart= and ExecStop= setting. Refusing.
Jun 29 05:15:45 samuel-pc systemd[1]: [/etc/systemd/system/gunicorn.service:9] Executable path is not absolute, ignoring: gunicorn --access-logfile - --workers 3 --bind unix:/root/revamp/revamp
Jun 29 05:15:45 samuel-pc systemd[1]: gunicorn.service: Service lacks both ExecStart= and ExecStop= setting. Refusing.
Jun 29 07:01:10 samuel-pc systemd[1]: [/etc/systemd/system/gunicorn.service:9] Executable path is not absolute, ignoring: gunicorn --access-logfile - --workers 3 --bind unix:/root/revamp/revamp
Jun 29 07:01:10 samuel-pc systemd[1]: gunicorn.service: Service lacks both ExecStart= and ExecStop= setting. Refusing.
Jun 29 07:01:55 samuel-pc systemd[1]: [/etc/systemd/system/gunicorn.service:9] Executable path is not absolute, ignoring: gunicorn --access-logfile - --workers 3 --bind unix:/root/revamp/revamp
Jun 29 07:01:55 samuel-pc systemd[1]: gunicorn.service: Service lacks both ExecStart= and ExecStop= setting. Refusing.
which shows the error starts in line 9 of the gunicorn service because of the ExecStart
[Unit]
Description=gunicorn daemon
After=network.target
[Service]
User=root
Group=www-data
WorkingDirectory=/root/revamp
ExecStart=gunicorn --access-logfile - --workers 3 --bind unix:/root/revamp/revamp.sock revamp.wsgi:application
[Install]
WantedBy=multi-user.target
It's telling you that it doesn't want a relative path for the gunicorn executable:
Executable path is not absolute, ignoring.
You need to change it to the absolute path of your gunicorn executable, either:
System's executable: ExecStart=/usr/local/bin/gunicorn
Your virtual environment's executable: ExecStart=/path/to/venv/bin/gunicorn
You can check this gist: Using Systemd to Make Sure Gunicorn Starts on Boot, for a minimal gunicorn systemd service config file.
Hope this helps!