I am getting following error when running search feature on my site (search feature makes api request to my api server):
2022/08/31 21:01:56 [error] 726#726: *23 connect() failed (111: Connection refused) while connecting to upstream, client: 11.111.111.111, server: api.mydomain.com, request: "GET /dividends/IBM/3/5 HTTP/1.1", upstream: "http://127.0.0.1:8001/dividends/IBM/3/5", host: "api.example.com", referrer: "example.com/"
The supervisord gunicorn is up, the mongodb is up, and nginx is up
I have the following /etc/nginx/sites-available/stocks_backend:
upstream stocks_backend {
server 127.0.0.1:8001 fail_timeout=4s;
}
server {
server_name api.example.com www.api.example.com;
location = /favicon.ico { access_log off; log_not_found off; }
location /static/ {
root /root/stocks_backend;
}
location / {
include proxy_params;
proxy_pass http://unix:/etc/systemd/system/gunicorn.socket;
proxy_ssl_server_name on;
}
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/api.example.com/fullchain.pem; # managed by C>
ssl_certificate_key /etc/letsencrypt/live/api.example.com/privkey.pem; # managed by>
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = api.example.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
listen [::]:80;
server_name api.example.com www.api.example.com;
return 404; # managed by Certbot
access_log /root/stocks_backend/log/nginx-access.log;
error_log /root/stocks_backend/log/nginx-error.log;
}
I have tried things from Django gunicorn nginx (111: Connection refused) while connecting to upstream but when I remove http:// from the proxy_pass to the socket to proxy_pass unix:/etc/systemd/system/gunicorn.socket; I get
nano /etc/nginx/sites-available/stocks_backend
root#my-droplet:~/stocks_backend# sudo service nginx restart
Job for nginx.service failed because the control process exited with error code.
See "systemctl status nginx.service" and "journalctl -xe" for details.
gunicorn socket
root#-droplet:~/stocks_backend# cat /etc/systemd/system/gunicorn.socket
[Unit]
Description=gunicorn socket
[Socket]
ListenStream=/run/gunicorn.sock
[Install]
WantedBy=sockets.target
Change this line
proxy_pass http://unix:/etc/systemd/system/gunicorn.socket;
to
proxy_pass unix:/etc/systemd/system/gunicorn.socket;
Essentially removing http:// because that's not how NGINX communicates with Gunicorn.
Then, for the other problem that OP is getting, as of now OP doesn't have enough details.
How can OP get more details about the problem? OP can setup NGINX error logs, as explained here. Then OP should be able to resolve the issue with the info from the logs.
Related
nginx access logs show 502 errors
nginx error logs show: failed (111: Connection refused) while connecting to upstream, client: 127.0.0.1, server: , request: "GET /health HTTP/1.1", upstream: "http://10.0.0.2:3000/health", host: "x.x.x.x"
the drupal site is running health module that uses path /health. this container runs fine in ECS. the docker-entrypoint.sh script just executes a few drush commands.
Dockerfile:
FROM drupal:9-php7.4-apache
# code that installs soap, drush, composer etc ...
# Assign the drupal web to apache web folder
RUN rm /var/www/html
RUN ln -s /opt/website/web /var/www/html
COPY ./docker-entrypoint.sh /
RUN chmod +x /docker-entrypoint.sh
ENTRYPOINT ["/docker-entrypoint.sh"]
EXPOSE 3000
nginx.conf in .platform/nginx
events {
worker_connections 1024;
}
http {
server {
listen 443 ssl;
server_name localhost;
ssl_certificate /etc/pki/tls/certs/server.crt;
ssl_certificate_key /etc/pki/tls/certs/server.key;
ssl_prefer_server_ciphers on;
location / {
proxy_pass http://localhost;
proxy_http_version 1.1;
proxy_set_header Connection "";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
}
I have a couple of .ebextension files but those are for env variables. The container will build, start, connect to the database but then fail health check and eventually get terminated. any help or pointers would be great.
I have deployed my django app, but have a 500 error. When i type in the home url "mysite.com", it comes with the error and does not load, but when i type in "mysite.com/careers", or "mysite.com/sell", which happen to be fully static pages, it comes up beautifully. The home page, and other pages which have dynamic data do not serve.
Afer reading some related questions, it seems to be a Gunicorn issue.
What could be the issue here? Below is the error log from Nginx.
Nginx Error log:
2019/12/16 17:30:15 [error] 20605#20605: *1370 connect() to unix:/run/gunicorn.sock failed (111: Connection refused) while connecting to upstream, client: xxx.xxx.xx.xx, server: xxx.xxx.xxx.xxx, request: "GET / HTTP/1.1", upstream: "http://unix:/run/gunicorn.sock:/", host: "mysite.com"
nginx .conf file:
user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
events {
worker_connections 768;
# multi_accept on;
}
http {
##
# Basic Settings
##
client_max_body_size 0;
proxy_max_temp_file_size 0;
proxy_buffering off;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
# server_tokens off;
...
}
nginx sites available file:
server {
listen 80;
server_name xxx.xxx.xxx.xxx mysite.com www.mysite.com;
location = /favicon.ico { access_log off; log_not_found off; }
location /static/ {
root /home/djangoadmin/pyapps/MySite;
}
location /media/ {
root /home/djangoadmin/pyapps/MySite;
}
location / {
include proxy_params;
proxy_pass http://unix:/run/gunicorn.sock;
}
}
Would appreciate any help in figuring this out. I'm almost there!
I believe that you have something from this list of possible troubles:
you don't have gunicorn running because of any error or it was not just started yet.
You have your gunicorn process listening on another unix socket path or ip port.
your socket has incorrect permissions and nginx can't connect to it because of permissions issues
The root of my issue was a failure to run new migrations on my server.
All of the pages that were effected were those which displayed data associated with those models, or for which they were a foreign key.
In finding the answer, I committed a grave production sin, which was to briefly turn Debug:On. I hope the programming gods forgive. Thanks guys.
I am trying to launch a django website and I want to install and make sure https connection works with let's encrypt for my site.
I followed DigitalOcean "How To Secure Nginx with Let's Encrypt on Ubuntu 18.04" tutorial on https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-18-04. When my site works with http connection, after the installation of let's encrypt, neither http nor https connection works now.
My nginx/sites-available/mysite.com file code is shown below:
server {
server_name mysite.com www.mysite.com;
location = /favicon.ico { access_log off; log_not_found off; }
location /static/ {
root /root/project/app/;
}
location / {
include proxy_params;
proxy_pass http://unix:/run/gunicorn.sock;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/mysite.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/mysite.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = www.mysite.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = mysite.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name mysite.com www.mysite.com;
return 404; # managed by Certbot
}
Normally, my website with http works fine, yet when I follow the tutorial and try to connect my site, it does not load on browser. If I try with curl, I get response: curl: (7) Failed to connect to mysite.com port 443: Connection refused.
I am pretty new to NGINX, GUNICORN, DJANGO setup. I am using supervisor between nginx, gunicorn. Without NGINX, setup works well with supervisor and gunicorn and I can see the result through my server IP. But when i am using nginx to serve the requests, the error "upstream prematurely closed connection while reading response header from upstream" occurs. please anyone help me in this?
Supervisor command I am using:
sudo /path/to/gunicorn/gunicorn -k gevent --workers 4 --bind unix:/tmp/gunicorn.sock --chdir /path/to/application wsgi:application --timeout 120
below is the nginx.conf i am currently using and it is working as expected. but i am not sure it is up to the mark. Please look into this. Thanks.
==============Update=============
upstream xxxx {
server unix:/tmp/gunicorn.sock;
}
server{
listen 80;
listen [::]:80;
server_name xxx.in www.xxx.in;
return 301 https://$host$request_uri;
}
server{
listen 443 ssl;
ssl_certificate /etc/letsencrypt/live/xxx.in/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/xxx.in/privkey.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx';
location = /favicon.ico { access_log off; log_not_found off; }
location /static/ {
root path/to/project;
}
location / {
include uwsgi_params;
proxy_pass http://unix:/tmp/gunicorn.sock;
}
}
Please check this steps:
First of all be sure that gunicorn is creating .sock file running with supervisor. You can ensure it with
$sudo supervisorctl status <name-of-supervisor-task-for-it>
(check if service is RUNNING)
$ls /tmp
(There should be a gunicorn.sock file existing there)
Also be aware of user that you are assigning to supervisor config. In this case you don't need to set root before command, just give privilege of root user to config file. like this:
[program:myprogram]
command=/path/to/gunicorn/gunicorn -k gevent --workers 4 --bind unix:/tmp/gunicorn.sock --chdir /path/to/application wsgi:application --timeout 120
<other commands>
user=root
And you nginx config should should look like this:
upstream django {
server unix://tmp/gunicorn.sock;
}
server {
listen 80;
server_name <your_app_domain_here>;
location / {
include uwsgi_params;
proxy_pass http://django/;
}
I have faced with strange issue. My API has endpoint on which i am using PATCH(tried also PUT and POST - same result) to send json with jsonarray(request body size typically is 40KB) from mobile phone. When i am doing this using Wi-Fi - all works fine. But if i am using mobile network, i am facing with SocketConnection Timeout(in Retrofit/Kotlin) with some phones(iOS works perfect).
From nginx access.log :
domain - - [21/Nov/2017:16:33:01 +0000] "PATCH /endpoint/ HTTP/1.1" 408 0 "-" "Dalvik/2.1.0 (Linux; U; Android 6.0.1; Nexus 5 Build/M4B30Z)"
Nginx config :
server {
listen port;
server_name domain;
client_max_body_size 32m;
proxy_connect_timeout 75s;
proxy_read_timeout 300s;
location = /favicon.ico { access_log off; log_not_found off; }
location /static/ {
root /home/user/apps/api;
}
location / {
include proxy_params;
proxy_pass http://unix:/home/user/apps/api/api.sock;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/domain/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/domain.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
Gunicorn config :
respawn
setuid root
setgid www-data
chdir /home/user/apps/api
exec /home/user/virtualenvs/apienv/bin/gunicorn --workers 3 --timeout=90 --bind unix://api.sock api.wsgi:application
The problem was in network connection. We changed location of our clouds from Frankfurt to Amsterdam and now all works perfect