Please I have been stocked for days now trying to clear the error in my browser console (403 net::ERR_ABORTED 403 (Forbidden)) and my static files is not been severed. Nginx Ubuntu
go to this directory Open nginx.conf
then change this user to value as shown in this picture
I had this issue got it fixed by this. maybe it helps. user ubuntu
cd /var/www/html/ then ls -la to see permission
total 12
drwxr-xr-x 2 root root 4096 Sep 22 23:14 .
drwxr-xr-x 3 root root 4096 Sep 22 23:14 ..
-rw-r--r-- 1 root root 612 Sep 22 23:14 index.nginx-debian.html
I noticed that .html has no -x permission I gave it a permission with this commands
find /var/www/html/ -type d -exec chmod 755 {} ;
find /var/www/html/ -type f -exec chmod 644 {} ;
then la -la
total 12
drwxr-xr-x 3 root root 4096 Sep 22 23:14 .
drwxr-xr-x 14 root root 4096 Sep 22 23:14 ..
drwxr-xr-x 2 root root 4096 Sep 22 23:14 html
now html has -x permission
sudo systemctl daemon-reload
sudo systemctl restart gunicorn
sudo systemctl restart nginx. This help fixed my problem and also big Thanks to hemal-patel changed my user too
Related
I'm trying to follow the tutorial, but facing the below error.
The error was disappeared when I changed the permissions of the parent folder and the db.sqlite3 file to 777, but that's not the good idea.
What's the alternative?
Reference:
https://docs.djangoproject.com/en/3.2/intro/tutorial02/
Error:
OperationalError at /admin/logout/
attempt to write a readonly database
Request Method: GET
Request URL: http://x.x.x.x/admin/logout/
Django Version: 3.1.6
Exception Type: OperationalError
Exception Value:
attempt to write a readonly database
Exception Location: /opt/bitnami/python/lib/python3.8/site-packages/django/db/backends/sqlite3/base.py, line 413, in execute
Python Executable: /usr/bin/python3
Python Version: 3.8.7
Python Path:
['/opt/bitnami/python/lib/python38.zip',
'/opt/bitnami/python/lib/python3.8',
'/opt/bitnami/python/lib/python3.8/lib-dynload',
'/opt/bitnami/python/lib/python3.8/site-packages',
'/opt/bitnami/python/lib/python3.8/site-packages/setuptools-46.4.0-py3.8.egg',
'/opt/bitnami/python/lib/python3.8/site-packages/pip-20.3.4-py3.8.egg',
'/opt/bitnami/python/lib/python3.8/site-packages/virtualenv-20.4.2-py3.8.egg',
'/opt/bitnami/python/lib/python3.8/site-packages/six-1.15.0-py3.8.egg',
'/opt/bitnami/python/lib/python3.8/site-packages/filelock-3.0.12-py3.8.egg',
'/opt/bitnami/python/lib/python3.8/site-packages/distlib-0.3.1-py3.8.egg',
'/opt/bitnami/python/lib/python3.8/site-packages/appdirs-1.4.4-py3.8.egg',
'/opt/bitnami/apps/django/django_projects/tutorial']
Server time: Thu, 29 Apr 2021 06:17:14 +0000
Folder and file status:
bitnami#ip---:/opt/bitnami/apps/django/django_projects$ ls -al
total 12
drwxrwxr-x 3 root root 4096 Apr 22 05:09 .
drwxr-xr-x 3 root root 4096 Apr 22 05:09 ..
drwxrwxr-x 6 www-data www-data 4096 Apr 29 06:16 tutorial
bitnami#ip---:/opt/bitnami/apps/django/django_projects$ ls -al tutorial/
total 168
drwxrwxr-x 6 www-data www-data 4096 Apr 29 06:16 .
drwxrwxr-x 3 root root 4096 Apr 22 05:09 ..
drwxr-xr-x 2 www-data www-data 4096 Apr 22 05:45 conf
-rwxrwxrwx 1 www-data www-data 143360 Apr 29 06:16 db.sqlite3
drwxr-xr-x 4 www-data www-data 4096 Apr 28 16:08 hello_world
-rwxr-xr-x 1 www-data www-data 664 Apr 22 05:08 manage.py
drwxr-xr-x 4 www-data www-data 4096 Apr 28 18:04 polls
drwxr-xr-x 3 www-data www-data 4096 Apr 28 16:12 tutorial
Updated the solution by myself :
$ sudo chown daemon:daemon /opt/bitnami/apps/django/django_projects
$ sudo chown daemon:daemon /opt/bitnami/apps/django/django_projects/db.sqlite3
$ sudo chmod 775 /opt/bitnami/apps/django/django_projects
$ sudo chown 775 /opt/bitnami/apps/django/django_projects/db.sqlite3
Platform : AWS Lightsail
Finally it works!
i'm trying to deploy my first web app.
I'm using django + docker + nginx + uwsgi. Trying to deploy firstly in my laptop.
When i'm run my web application using django server everything ok, also it looks ok when i'm trying start web app with docker without nginx, but when i'm using with nginx proxy have a problem with writing data to DB (login/logout user sessions). If i go only to read pages, web app working fine with static files and crashing during user session changes (log in/log out)
Problem with rights of my default database
issue picture
app_1 | Internal Server Error: /logout/
app_1 | Traceback (most recent call last):
app_1 | File "/usr/local/lib/python3.8/site-packages/django/db/backends/utils.py", line 84, in _execute
app_1 | return self.cursor.execute(sql, params)
app_1 | File "/usr/local/lib/python3.8/site-packages/django/db/backends/sqlite3/base.py", line 413, in execute
app_1 | return Database.Cursor.execute(self, query, params)
app_1 | sqlite3.OperationalError: attempt to write a readonly database
(venv) yhobby#hp-probook-450-g5:~/PycharmProjects/web_naas$ ls -la
total 52
drwxrwsrwx 8 www-data yhobby 4096 Nov 19 15:16 .
drwsrwsrwt 9 yhobby yhobby 4096 Nov 18 16:09 ..
drwxrwsrwx 6 www-data yhobby 4096 Nov 19 13:59 app
-rwxrwxrwx 1 yhobby yhobby 293 Nov 19 14:51 docker-compose-deploy.yml
-rwxrwxrwx 1 yhobby yhobby 202 Nov 19 11:35 docker-compose.yml
-rwxrwxrwx 1 yhobby yhobby 701 Nov 19 15:16 Dockerfile
drwxrwsr-x 8 yhobby yhobby 4096 Nov 19 09:06 .git
-rw-rw-r-- 1 yhobby yhobby 100 Nov 19 08:40 .gitignore
drwxrwsr-x 3 yhobby yhobby 4096 Nov 19 15:28 .idea
drwxrwsrwx 2 yhobby yhobby 4096 Nov 19 15:11 proxy
-rwxrwxrwx 1 yhobby yhobby 29 Nov 18 16:09 README.md
drwxrwsrwx 2 yhobby yhobby 4096 Nov 18 18:40 scripts
drwxrwsrwx 6 yhobby yhobby 4096 Nov 18 16:13 venv
(venv) yhobby#hp-probook-450-g5:~/PycharmProjects/web_naas/app$ ls -la
total 17820
drwxrwsrwx 6 www-data yhobby 4096 Nov 19 13:59 .
drwxrwsrwx 8 www-data yhobby 4096 Nov 19 15:16 ..
drwxrwsrwx 7 yhobby yhobby 4096 Nov 19 12:13 dashboard
-rwxrwxrwx 1 yhobby yhobby 131072 Nov 19 13:59 db.sqlite3
drwxrwsrwx 8 yhobby yhobby 4096 Nov 19 08:43 .git
-rwxrwxrwx 1 yhobby yhobby 92 Nov 19 08:43 .gitignore
-rwxrwxrwx 1 yhobby yhobby 18075648 Oct 2 06:15 ip_core.db
-rwxrwxrwx 1 yhobby yhobby 660 Nov 19 08:43 manage.py
drwxrwsrwx 3 yhobby yhobby 4096 Nov 19 14:48 naas
-rwxrwxrwx 1 yhobby yhobby 29 Nov 19 08:43 README.md
-rwxrwxrwx 1 yhobby yhobby 187 Nov 19 08:43 requirements.txt
drwxrwsrwx 4 yhobby yhobby 4096 Nov 19 12:06 static
DATABASES = {
'default': {
'ENGINE': 'django.db.backends.sqlite3',
'NAME': BASE_DIR / 'db.sqlite3',
},
'ip_core': {
'ENGINE': 'django.db.backends.sqlite3',
'NAME': BASE_DIR / 'ip_core.db',
}
}
web_naas/Dockerfile # root folder web_naas/
# pull official base image
FROM python:3.8-alpine
# set environment variables
ENV PYTHONDONTWRITEBYTECODE=1
ENV PYTHONUNBUFFERED=1
ENV PATH="/scripts:${PATH}"
# install dependencies
COPY app/requirements.txt /requirements.txt
RUN apk add --update --no-cache --virtual .tmp gcc libc-dev linux-headers
RUN pip install -r /requirements.txt
RUN apk del .tmp
# copy directory
RUN mkdir /app
COPY ./app /app
# set work directory
WORKDIR /app
# copy directory
COPY ./scripts /scripts
RUN chmod +x /scripts/*
RUN chmod 777 /app/db.sqlite3
RUN mkdir -p /vol/web/media
RUN mkdir -p /vol/web/static
RUN adduser -D user
RUN chown -R user:user /vol
RUN chmod -R 777 /vol/web
USER user
CMD ["entrypoint.sh"]
web_naas/docker-compose.yml # root folder
version: '3.7'
services:
app:
build: .
ports:
- "8000:8000"
volumes:
- ./app:/app
command: sh -c "python manage.py runserver 0.0.0.0:8000"
environment:
- DEBUG=1
docker-compose-deploy.yml
version: '3.7'
services:
app:
build: .
volumes:
- static_data:/vol/web
environment:
- DEBUG=1
proxy:
build:
context: ./proxy
volumes:
- static_data:/vol/static
ports:
- "8080:8080"
depends_on:
- app
volumes:
static_data:
web_naas/proxy/Dockerfile
FROM nginxinc/nginx-unprivileged:1-alpine
COPY ./default.conf /etc/nginx/conf.d/default.conf
COPY ./uwsgi_params /etc/nginx/uwsgi_params
USER root
RUN mkdir -p /vol/static
RUN chmod 777 /vol/static
USER nginx
web_naas/proxy/default.conf
server {
listen 8080;
location /static {
alias /vol/static;
}
location / {
uwsgi_pass app:8000;
include /etc/nginx/uwsgi_params;
}
}
web_naas/scripts/entrypoint.sh
#!/bin/sh
set -e
python manage.py collectstatic --noinput
uwsgi --socket :8000 --master --enable-threads --module naas.wsgi
The problem was a lack of rights inside the docker container
Added the following line inside the file
web_naas/Dockerfile # root folder
RUN chown -R user:user /app
I am trying to deploy my Django website to a Ubuntu server. I am following this tutorial: linuxhint.com/create_django_app_ubuntu/. However, the Gunicorn service doesn't work.
I have my site at /home/django/blog.
My Python 3.6 virtualenv is activated at /home/django/.venv/bin/activate (-rwxr-xr-x 1 django root 2207 Sep 21 14:07 activate).
The script for starting the server is at /home/django/bin/start-server.sh (-rwxr-xr-x 1 django root 69 Sep 21 15:50 start-server.sh), with the following content:
cd /home/django
source .venv/bin/activate
cd blog
gunicorn blog.wsgi
Running this script manually works just fine.
The Gunicorn service is at /etc/systemd/system/gunicorn.service, with this content:
[Unit]
Description=Gunicorn
After=network.target
[Service]
Type=simple
User=django
ExecStart=/home/django/bin/start-server.sh
Restart=on-failure
[Install]
WantedBy=multi-user.target
Running systemctl status gunicorn.service gives this:
● gunicorn.service - Gunicorn
Loaded: loaded (/etc/systemd/system/gunicorn.service; enabled; vendor preset: enabled)
Active: failed (Result: exit-code) since Mon 2020-09-21 16:15:17 UTC; 6s ago
Process: 1114 ExecStart=/home/django/bin/start-server.sh (code=exited, status=203/EXEC)
Main PID: 1114 (code=exited, status=203/EXEC)
Sep 21 16:15:17 example.com systemd[1]: gunicorn.service: Failed with result 'exit-code'.
Sep 21 16:15:17 example.com systemd[1]: gunicorn.service: Service hold-off time over, scheduling restart.
Sep 21 16:15:17 example.com systemd[1]: gunicorn.service: Scheduled restart job, restart counter is at 5.
Sep 21 16:15:17 example.com systemd[1]: Stopped Gunicorn.
Sep 21 16:15:17 example.com systemd[1]: gunicorn.service: Start request repeated too quickly.
Sep 21 16:15:17 example.com systemd[1]: gunicorn.service: Failed with result 'exit-code'.
Sep 21 16:15:17 example.com systemd[1]: Failed to start Gunicorn.
Sep 21 16:15:18 example.com systemd[1]: gunicorn.service: Start request repeated too quickly.
Sep 21 16:15:18 example.com systemd[1]: gunicorn.service: Failed with result 'exit-code'.
Sep 21 16:15:18 example.com systemd[1]: Failed to start Gunicorn.
Sep 21 14:22:36 example.com systemd[7906]: gunicorn.service: Failed to execute command: Permission denied
Sep 21 14:22:36 example.com systemd[7906]: gunicorn.service: Failed at step EXEC spawning /home/django/bin/start-server.sh: Permission denied
Sep 21 14:23:40 example.com systemd[7940]: gunicorn.service: Failed to execute command: Permission denied
Sep 21 14:23:40 example.com systemd[7940]: gunicorn.service: Failed at step EXEC spawning /home/django/bin/start-server.sh: Permission denied
Sep 21 14:24:47 example.com systemd[7958]: gunicorn.service: Failed to execute command: Permission denied
Sep 21 14:24:47 example.com systemd[7958]: gunicorn.service: Failed at step EXEC spawning /home/django/bin/start-server.sh: Permission denied
Permission denied
.
.
.
I ran chown -R django:django /home/django. Now, the output of ls -lah /home/django is:
total 32K
drwxr-xr-x 5 django django 4.0K Sep 21 14:19 .
drwxr-xr-x 3 root root 4.0K Sep 21 14:04 ..
-rw-r--r-- 1 django django 220 Apr 4 2018 .bash_logout
-rw-r--r-- 1 django django 3.7K Apr 4 2018 .bashrc
-rw-r--r-- 1 django django 807 Apr 4 2018 .profile
drwxr-xr-x 4 django django 4.0K Sep 21 14:07 .venv
drwxr-xr-x 2 django django 4.0K Sep 21 15:58 bin
drwxr-xr-x 3 django django 4.0K Sep 21 14:08 blog
Solution
Thanks to Dmitry Belaventsev, the solution to this is to change
ExecStart=/home/django/bin/start-server.sh
to
ExecStart=/bin/bash /home/django/bin/start-server.sh
In the file /etc/systemd/system/gunicorn.service.
Your systemd service is setup to execute the script from behalf of django user. In the meantime:
ls -lah /home/django
total 32K
drwxr-xr-x 5 django django 4.0K Sep 21 14:19 .
drwxr-xr-x 3 root root 4.0K Sep 21 14:04 ..
-rw-r--r-- 1 django django 220 Apr 4 2018 .bash_logout
-rw-r--r-- 1 django django 3.7K Apr 4 2018 .bashrc
-rw-r--r-- 1 django django 807 Apr 4 2018 .profile
drwxr-xr-x 4 django root 4.0K Sep 21 14:07 .venv
drwxr-xr-x 2 root root 4.0K Sep 21 15:58 bin
drwxr-xr-x 3 root root 4.0K Sep 21 14:08 blog
As you can see:
drwxr-xr-x 3 root root 4.0K Sep 21 14:04 ..
and
drwxr-xr-x 2 root root 4.0K Sep 21 15:58 bin
which means:
/home directory belongs to root:root
/home/django/bin belongs to root:root
To let systemd execute a bash script from behalf of django user:
That script should be executable
All parent directories should have execution rights
All those directories and the script should be available for django user
The quickest solution:
chown -R /home/django django:django
Also you could play with group and group rights as well.
I'm setting up a django, gunicorn and nginx and when I visit the homepage I get a 502 gateway error.
The logs shows it's related to the permissions of the sock file
2017/07/01 09:59:18 [crit] 12237#12237: *23 connect() to unix:/home/sammy/revamp/revamp/revamp.sock failed (13: Permission denied) while connecting to upstream, client: 105.49.30.134, server: $
And the permissions are
srwxrwxrwx 1 sammy www-data 0 Jul 1 05:29 revamp.sock
gunicorn service is setup like so
[Service]
User=sammy
Group=www-data
WorkingDirectory=/home/sammy/revamp
ExecStart=/home/sammy/revamp/revampenv/bin/gunicorn --access-logfile - --workers 3 --bind unix:/home/sammy/revamp/revamp.sock revamp.wsgi:application
[Install]
WantedBy=multi-user.target
the permissions look okay and systemctl status gunicorn is active.
UPDATE
The permissions for the folder are as follows
total 2128
drwxr-xr-x 3 sammy root 4096 Jun 28 05:21 account
-rw-r--r-- 1 sammy root 48 Jun 27 09:34 brain
-rw-r--r-- 1 sammy root 1037922 Jun 28 11:34 data.json
-rwxr-xr-x 1 sammy root 1087488 Jun 27 09:35 db.sqlite3
drwxr-xr-x 4 sammy root 4096 Jun 28 05:21 gallery
-rw-r--r-- 1 sammy root 1326 Jun 27 09:34 hip-hop.txt
-rwxr-xr-x 1 sammy root 0 Jun 27 09:34 lUhbv4PA5t.jpg
-rwxr-xr-x 1 sammy root 249 Jun 27 09:34 manage.py
-rwxr-xr-x 1 sammy root 473 Jun 27 09:34 names.txt
-rw-r--r-- 1 sammy root 211 Jun 27 09:34 nsfw
-rw-r--r-- 1 sammy root 417 Jun 27 09:34 obsene.txt
-rwxr-xr-x 1 sammy root 1803 Jun 27 09:34 phrases.txt
drwxr-xr-x 5 sammy root 4096 Jul 1 07:59 revamp
drwxrwxr-x 6 sammy sammy 4096 Jul 1 05:14 revampenv
srwxrwxrwx 1 sammy www-data 0 Jul 1 05:29 revamp.sock
-rw-r--r-- 1 sammy root 97 Jun 27 09:33 to do
Not only the file itself, but directories that lead to the file should be also accessible by the nginx process.
Check /home/sammy, /home/sammy/revamp directories' permissions.
Hi~ I'm deploying a website in CentOS 6.5. The framework is django1.7. I use nginx and uwsgi.
The website is now available except 403 Forbidden for all static files.
I have googled a few hours, and have changed the whole site folder as chmod 777. The owner of folder is kltc, and user in nginx.conf is also kltc.
I have no idea why the problem is still Permission denied.
nginx.conf
user kltc;
worker_processes 1;
kuaileticao.miyayx.me
server {
# the port your site will be served on
listen 80;
# the domain name it will serve for
server_name kuaileticao.miyayx.me; # substitute your machine's IP address or FQDN
charset utf-8;
access_log /srv/www/nginx/kuaileticao.miyayx.me/access.log;
error_log /srv/www/nginx/kuaileticao.miyayx.me/error.log;
location /static {
autoindex on;
alias /home/kltc/Project/sunny_sports/sunny_sports/static;
}
# Finally, send all non-media requests to the Django server.
location / {
uwsgi_pass 127.0.0.1:8001;
include uwsgi_params; # the uwsgi_params file you installed
}
}
uwsgi.ini
[uwsgi]
# the base directory (full path)
chdir=/home/kltc/Project/sunny_sports
# Django's wsgi file
module=sunny_sports.wsgi:application
master=true
# maximum number of worker processes
processes=10
# the socket (use the full path to be safe
socket=127.0.0.1:8001
chmod-socket=664
chown-socket=kltc:kltc
pidfile=/tmp/project-master.pid
# clear environment on exit
vacuum=true
max-requests=5000
daemonize=sunny_sports.uwsgi.log
error.log
[error] 34335#0: *73 open() "/home/kltc/Project/sunny_sports/sunny_sports/static/css/font-awesome.min.css" failed (13: Permission denied), client: 157.7.154.194, server: kuaileticao.miyayx.me, request: "GET /static/css/font-awesome.min.css HTTP/1.1", host: "kuaileticao.miyayx.me", referrer: "http://kuaileticao.miyayx.me/"
[kltc#localhost static]$ pwd
/home/kltc/Project/sunny_sports/sunny_sports/static
[kltc#localhost static]$ ls -l
total 32
4 drwxrwxrwx. 2 kltc kltc 4096 Feb 25 18:51 avatars
4 drwxrwxrwx. 7 kltc kltc 4096 Feb 25 18:51 css
4 drwxrwxrwx. 2 kltc kltc 4096 Feb 25 18:51 custom
4 drwxrwxrwx. 2 kltc kltc 4096 Feb 25 18:51 font
4 drwxrwxrwx. 2 kltc kltc 4096 Feb 25 18:51 fonts
4 drwxrwxrwx. 3 kltc kltc 4096 Feb 25 18:51 images
4 drwxrwxrwx. 2 kltc kltc 4096 Feb 25 18:51 img
4 drwxrwxrwx. 10 kltc kltc 4096 Feb 26 08:18 js
>
[kltc#localhost static]$ ps -aux | grep nginx
root 37444 0.0 0.0 110008 2048 ? Ss 09:02 0:00 nginx: master process /usr/sbin/nginx
kltc 37445 0.0 0.0 112548 3700 ? S 09:02 0:00 nginx: worker process
I have tried several methods. Such as, change the nginx.conf user to root. But none of them worked.
Hope for your help. Thank you!
Make sure that you chown parent directory of your project (/home) to be readable by the nginx worker.
chown -R kltc:kltc /home
chmod -R ug+r /home
Make sure that you have the STATIC_ROOT declared in your settings file.
Also, try running python manage.py collectstatic --noinputbefore running the server.
Hope that works!