I followed this tutorial : http://michal.karzynski.pl/blog/2013/06/09/django-nginx-gunicorn-virtualenv-supervisor/
My directory structure is quite the same:
-rw-r--r-- 1 django webapps 0 Nov 30 15:58 access.log
drwxr-xr-x 3 django webapps 4096 Nov 30 17:27 bin
-rw-r--r-- 1 django webapps 6450 Nov 30 15:58 error.log
drwxr-xr-x 2 django webapps 4096 Nov 30 15:58 gunicorn
drwxr-xr-x 2 django webapps 4096 Nov 30 16:10 include
drwxr-xr-x 3 django webapps 4096 Nov 30 16:10 lib
lrwxrwxrwx 1 django webapps 3 Nov 30 16:10 lib64 -> lib
drwxr-xr-x 2 django webapps 4096 Nov 30 17:12 logs
drwxr-xr-x 5 django webapps 4096 Nov 30 13:36 narcisse
-rw-r--r-- 1 django webapps 59 Nov 30 16:11 pip-selfcheck.json
-rw-r--r-- 1 django webapps 75 Nov 30 16:10 pyvenv.cfg
-rw-r--r-- 1 django webapps 85 Nov 30 15:50 README.md
drwxrwxrwx 2 django webapps 4096 Nov 30 17:51 run
I have a /etc/supervisor/conf.d/filename that looks like this:
[program:site]
command = /var/www/site/bin/gunicorn_start -user=django
user = django
stdout_logfile = /var/www/site/logs/gunicorn_supervisor.log
redirect_stderr = true
My gunicorn_start is located inside /var/www/site/bin ()and looks like this:
NAME="api"
DJANGODIR=/var/www/site/site
SOCKFILE=/var/www/site/run/gunicorn.sock
USER=django
GROUP=webapps
NUM_WORKERS=3
DJANGO_SETTINGS_MODULE=api.settings
DJANGO_WSGI_MODULE=api.wsgi
echo "Starting $NAME as `whoami`"
# Activate the virtual environment
cd $DJANGODIR
source ../bin/activate
export DJANGO_SETTINGS_MODULE=$DJANGO_SETTINGS_MODULE
export PYTHONPATH=$DJANGODIR:$PYTHONPATH
# Create the run directory if it doesn't exist
RUNDIR=$(dirname $SOCKFILE)
test -d $RUNDIR || mkdir -p $RUNDIR
# Start your Django Unicorn
exec ../bin/gunicorn ${DJANGO_WSGI_MODULE}:application \
--name $NAME \
--workers $NUM_WORKERS \
--user=$USER --group=$GROUP \
--bind=unix:$SOCKFILE \
--log-level=debug \
--log-file=-
And finally the nginx conf file:
upstream your-gunicorn {
server unix:/var/www/site/run/gunicorn.sock fail_timeout=0;
}
server {
listen 80 default;
client_max_body_size 4G;
server_name <ip_address>;
keepalive_timeout 70;
access_log /var/log/nginx/site.access_log;
error_log /var/log/nginx/site.error_log;
root /var/www/site/;
location /static/ {
autoindex on;
alias /var/www/site/site/static/;
expires 1M;
access_log off;
add_header Cache-Control "public";
proxy_ignore_headers "Set-Cookie";
}
location #proxy_to_app {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_pass http://127.0.0.1;
}
location / {
try_files $uri #proxy_to_app;
}
}
I have the feeling I have tried every keyboard combinations. Cannot find what is wrong.
I keep getting this Operation Not permitted error inside gunicorn logs right after it starts.
Here is the full output:
[2018-11-30 17:49:28 +0000] [13849] [INFO] Starting gunicorn 19.9.0
[2018-11-30 17:49:28 +0000] [13849] [DEBUG] Arbiter booted
[2018-11-30 17:49:28 +0000] [13849] [INFO] Listening at: unix:/var/www/site/run/gunicorn.sock (13849)
[2018-11-30 17:49:28 +0000] [13849] [INFO] Using worker: sync
[2018-11-30 17:49:28 +0000] [13923] [INFO] Booting worker with pid: 13923
[2018-11-30 17:49:28 +0000] [13923] [ERROR] Exception in worker process
Traceback (most recent call last):
File "/var/www/site/lib/python3.6/site-packages/gunicorn/arbiter.py", line 583, in spawn_worker
worker.init_process()
File "/var/www/site/lib/python3.6/site-packages/gunicorn/workers/base.py", line 93, in init_process
initgroups=self.cfg.initgroups)
File "/var/www/site/lib/python3.6/site-packages/gunicorn/util.py", line 165, in set_owner_process
os.setgid(gid)
PermissionError: [Errno 1] Operation not permitted
Thank you for your help.
Julien
So, with the help of Haken Lid, I managed to fix my architecture.
Here is what I did:
Fixed nginx configuration file
upstream your-gunicorn {
server unix:/var/www/site/run/gunicorn.sock fail_timeout=0;
}
Changed to:
upstream gunicorn_upstream {
server unix:/var/www/site/run/gunicorn.sock fail_timeout=0;
}
And:
proxy_pass http://127.0.0.1;
Changed to:
proxy_pass http://gunicorn_upstream;
Fixed gunistart_start file
Last line changed from:
exec ../bin/gunicorn ${DJANGO_WSGI_MODULE}:application \
--name $NAME \
--workers $NUM_WORKERS \
--user=$USER --group=$GROUP \
--bind=unix:$SOCKFILE \
--log-level=debug \
--log-file=-
To:
exec ../bin/gunicorn ${DJANGO_WSGI_MODULE}:application \
--name $NAME \
--workers $NUM_WORKERS \
--bind=unix:$SOCKFILE \
--log-level=debug \
--log-file=-
One of the error I made was actually quite silly because I commented the:
--user=$USER --group=$GROUP
of the line and this behave like the rest of the line was commented also. So basically, everything was in nginx configuration file.
Now fixed. Thanks
Julien
Related
I'm trying to set up a VPS Django server with nginx, however, I'm running into a 502 Bad Gateway error when I reload the nginx server with the following settings:
sudo nano /etc/nginx/sites-available/project
server {
listen 80;
server_name domainname.com;
location = /favicon.ico {
access_log off;
log_not_found off;
}
location /static/ {
root /home/ubuntu/Slide-Hackers-Web/src/static;
}
location /media/ {
root /home/ubuntu/Slide-Hackers-Web/src/static;
}
location / {
include proxy_params;
proxy_pass http://unix:/home/ubuntu/Slide-Hackers-Web/src/project.sock;
}
}
I execute the commands in this order
sudo nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
sudo ln -sf /etc/nginx/sites-available/project /etc/nginx/sites-enabled
sudo systemctl restart nginx
sudo ufw allow 'Nginx Full'
If I exclude domainname.com from the server_name, then it responds with the classic "Welcome to nginx!" page, however, if I leave it, it responds with "502 Bad Gateway
nginx/1.18.0 (Ubuntu)".
I'm clueless as to what I'm supposed to do, any help?
sudo tail -f /var/log/nginx/error.log
2021/08/17 14:44:42 [crit] 45521#45521: *4 connect() to unix:/home/ubuntu/Slide-Hackers-Web/src/project.sock failed (13: Permission denied) while connecting to upstream, client: (CLIENTHOST), server: (SERVERHOST), request: "GET / HTTP/1.1", upstream: "http://unix:/home/ubuntu/Slide-Hackers-Web/src/project.sock:/", host: "(DOMAINNAME).com"
EDIT
gunicorn.service
[Unit]
Description=gunicorn daemon
After=network.target
[Service]
User=ubuntu
Group=www-data
WorkingDirectory=/home/ubuntu/Slide-Hackers-Web/src
ExecStart=/home/ubuntu/Slide-Hackers-Web/env/bin/gunicorn --access-logfile - --workers 3 --bind unix:/home/ubuntu/Slide-Hackers-Web/src/project.sock project.wsgi:application
[Install]
WantedBy=multi-user.target
Status of both active services:
nginx:
ubuntu#vps-bdd44ecc:~$ sudo systemctl status nginx
● nginx.service - A high performance web server and a reverse proxy server
Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: enabled)
Active: active (running) since Tue 2021-08-17 14:13:08 UTC; 9s ago
Docs: man:nginx(8)
Process: 44170 ExecStartPre=/usr/sbin/nginx -t -q -g daemon on; master_process on; (code=exited, status=0/SUCCESS)
Process: 44181 ExecStart=/usr/sbin/nginx -g daemon on; master_process on; (code=exited, status=0/SUCCESS)
Main PID: 44186 (nginx)
Tasks: 2 (limit: 2272)
Memory: 4.2M
CGroup: /system.slice/nginx.service
├─44186 nginx: master process /usr/sbin/nginx -g daemon on; master_process on;
└─44187 nginx: worker process
gunicorn:
ubuntu#vps-bdd44ecc:~$ sudo systemctl status gunicorn
● gunicorn.service - gunicorn daemon
Loaded: loaded (/etc/systemd/system/gunicorn.service; enabled; vendor preset: enabled)
Active: active (running) since Tue 2021-08-17 14:13:08 UTC; 16s ago
Main PID: 44192 (gunicorn)
Tasks: 4 (limit: 2272)
Memory: 91.7M
CGroup: /system.slice/gunicorn.service
├─44192 /home/ubuntu/Slide-Hackers-Web/env/bin/python /home/ubuntu/Slide-Hackers-Web/env/bin/gunicorn --access-logfile - --workers 3 --bind unix:/home/ubuntu/Slide-Hackers-Web/src/project.sock project.wsgi:application
├─44221 /home/ubuntu/Slide-Hackers-Web/env/bin/python /home/ubuntu/Slide-Hackers-Web/env/bin/gunicorn --access-logfile - --workers 3 --bind unix:/home/ubuntu/Slide-Hackers-Web/src/project.sock project.wsgi:application
├─44225 /home/ubuntu/Slide-Hackers-Web/env/bin/python /home/ubuntu/Slide-Hackers-Web/env/bin/gunicorn --access-logfile - --workers 3 --bind unix:/home/ubuntu/Slide-Hackers-Web/src/project.sock project.wsgi:application
└─44231 /home/ubuntu/Slide-Hackers-Web/env/bin/python /home/ubuntu/Slide-Hackers-Web/env/bin/gunicorn --access-logfile - --workers 3 --bind unix:/home/ubuntu/Slide-Hackers-Web/src/project.sock project.wsgi:application
Aug 17 14:13:08 vps-bdd44ecc gunicorn[31290]: [2021-08-17 14:13:08 +0000] [31290] [INFO] Shutting down: Master
Aug 17 14:13:08 vps-bdd44ecc systemd[1]: gunicorn.service: Succeeded.
Aug 17 14:13:08 vps-bdd44ecc systemd[1]: Stopped gunicorn daemon.
Aug 17 14:13:08 vps-bdd44ecc systemd[1]: Started gunicorn daemon.
Aug 17 14:13:08 vps-bdd44ecc gunicorn[44192]: [2021-08-17 14:13:08 +0000] [44192] [INFO] Starting gunicorn 20.1.0
Aug 17 14:13:08 vps-bdd44ecc gunicorn[44192]: [2021-08-17 14:13:08 +0000] [44192] [INFO] Listening at: unix:/home/ubuntu/Slide-Hackers-Web/src/project.sock (44192)
Aug 17 14:13:08 vps-bdd44ecc gunicorn[44192]: [2021-08-17 14:13:08 +0000] [44192] [INFO] Using worker: sync
Aug 17 14:13:08 vps-bdd44ecc gunicorn[44221]: [2021-08-17 14:13:08 +0000] [44221] [INFO] Booting worker with pid: 44221
Aug 17 14:13:08 vps-bdd44ecc gunicorn[44225]: [2021-08-17 14:13:08 +0000] [44225] [INFO] Booting worker with pid: 44225
Aug 17 14:13:09 vps-bdd44ecc gunicorn[44231]: [2021-08-17 14:13:09 +0000] [44231] [INFO] Booting worker with pid: 44231
etc/nginx/nginx.conf
user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
events {
worker_connections 768;
# multi_accept on;
}
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
types_hash_max_size 2048;
# server_tokens off;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# SSL Settings
##
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
##
# Gzip Settings
##
gzip on;
# gzip_vary on;
# gzip_proxied any;
# gzip_comp_level 6;
# gzip_buffers 16 8k;
# gzip_http_version 1.1;
# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
I am not good in English. I hope you understand.
I want to deploy the django project using AWS EC2.
(instance settings: Ubuntu Server 18.04 LTS ... , t2 micro) + RDS + Gunicorn + Nginx
I finished all the setup of ec2.
Python manage.py runserver 0.0.0.0:8000 works fine.
gunicorn --bind 0.0.0.0:8000 Backend.wsgi:application works fine too.
But when sudo systemctl gunicorn start, when I connect to http://{mypublic IPv4}, the site cannot be connected.
my /etc/systemd/system/gunicorn.service
(venv) ubuntu#ip-172-31-32-142:~/diary-with-pet/Backend$ cat /etc/systemd/system/gunicorn.service
[Unit]
Description=gunicorn daemon
After=network.target
[Service]
User=ubuntu
Group=www-data
WorkingDirectory=/home/ubuntu/diary-with-pet/Backend/Backend
ExecStart=/home/ubuntu/diary-with-pet/Backend/venv/bin/gunicorn \
--workers 3 \
--bind unix:/home/ubuntu/diary-with-pet/Backend/run/gunicorn.sock \
--workers 3 --bind 0.0.0.0:8000 Backend.wsgi:application
[Install]
WantedBy=multi-user.target
when I start gunicorn,
(venv) ubuntu#ip-172-31-32-142:~/diary-with-pet/Backend$ sudo systemctl start gunicorn
(venv) ubuntu#ip-172-31-32-142:~/diary-with-pet/Backend$ sudo systemctl enable gunicorn
(venv) ubuntu#ip-172-31-32-142:~/diary-with-pet/Backend$ sudo systemctl status gunicorn
● gunicorn.service - gunicorn daemon
Loaded: loaded (/etc/systemd/system/gunicorn.service; enabled; vendor preset:
Active: active (running) since Mon 2021-04-19 05:15:22 UTC; 1 day 5h ago
Main PID: 9679 (gunicorn)
Tasks: 4 (limit: 1140)
CGroup: /system.slice/gunicorn.service
├─9679 /home/ubuntu/diary-with-pet/Backend/venv/bin/python3 /home/ubu
├─9700 /home/ubuntu/diary-with-pet/Backend/venv/bin/python3 /home/ubu
├─9702 /home/ubuntu/diary-with-pet/Backend/venv/bin/python3 /home/ubu
└─9703 /home/ubuntu/diary-with-pet/Backend/venv/bin/python3 /home/ubu
Apr 19 05:15:22 ip-172-31-32-142 systemd[1]: Started gunicorn daemon.
Apr 19 05:15:22 ip-172-31-32-142 gunicorn[9679]: [2021-04-19 05:15:22 +0000] [96
Apr 19 05:15:22 ip-172-31-32-142 gunicorn[9679]: [2021-04-19 05:15:22 +0000] [96
Apr 19 05:15:22 ip-172-31-32-142 gunicorn[9679]: [2021-04-19 05:15:22 +0000] [96
Apr 19 05:15:22 ip-172-31-32-142 gunicorn[9679]: [2021-04-19 05:15:22 +0000] [97
Apr 19 05:15:22 ip-172-31-32-142 gunicorn[9679]: [2021-04-19 05:15:22 +0000] [97
Apr 19 05:15:23 ip-172-31-32-142 gunicorn[9679]: [2021-04-19 05:15:23 +0000] [97
lines 1-18/18 (END)
nginx work fine too
(venv) ubuntu#ip-172-31-32-142:~/diary-with-pet/Backend$ sudo rm -f /etc/nginx/sites-enabled/default
(venv) ubuntu#ip-172-31-32-142:~/diary-with-pet/Backend$ sudo rm -f /etc/nginx/sites-available/default
(venv) ubuntu#ip-172-31-32-142:~/diary-with-pet/Backend$ sudo service nginx restart
(venv) ubuntu#ip-172-31-32-142:~/diary-with-pet/Backend$ sudo service nginx status
● nginx.service - A high performance web server and a reverse proxy server
Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: en
Active: active (running) since Tue 2021-04-20 10:41:41 UTC; 6s ago
Docs: man:nginx(8)
Process: 19581 ExecStop=/sbin/start-stop-daemon --quiet --stop --retry QUIT/5
Process: 19596 ExecStart=/usr/sbin/nginx -g daemon on; master_process on; (cod
Process: 19584 ExecStartPre=/usr/sbin/nginx -t -q -g daemon on; master_process
Main PID: 19597 (nginx)
Tasks: 2 (limit: 1140)
CGroup: /system.slice/nginx.service
├─19597 nginx: master process /usr/sbin/nginx -g daemon on; master_pr
└─19598 nginx: worker process
Apr 20 10:41:41 ip-172-31-32-142 systemd[1]: Stopped A high performance web serv
Apr 20 10:41:41 ip-172-31-32-142 systemd[1]: Starting A high performance web ser
Apr 20 10:41:41 ip-172-31-32-142 systemd[1]: nginx.service: Failed to parse PID
Apr 20 10:41:41 ip-172-31-32-142 systemd[1]: Started A high performance web serv
my /etc/nginx/sites-available/Backend
server {
listen 80;
server_name 15.164.212.81;
location = /favicon.ico { access_log off; log_not_found off; }
location /static/ {
root /home/ubuntu/diary-with-pet/Backend;
}
location /media/ {
root /home/ubuntu/diary-with-pet/Backend;
}
location / {
include proxy_params;
proxy_pass http://15.164.212.81:8000;
}
}
server {
listen 80;
server_name {my public IPv4};
location = /favicon.ico { access_log off; log_not_found off; }
location /static/ {
root /home/ubuntu/diary-with-pet/Backend;
}
location /media/ {
root /home/ubuntu/diary-with-pet/Backend;
}
location / {
include proxy_params;
proxy_pass http://{public IPv4}:8000;
}
}
and I do this too.
$ sudo ln -s /etc/nginx/sites-available/Backend /etc/nginx/sites-enabled
How can I solve this?
I have seen many great answers to this question here on SO, but either I don't understand them or they don't apply to my particular circumstance. I have looked here: Serving static files with Nginx + Gunicorn + Django and many others. I have followed the recommendation in those answers and I still do not have solution that works. I hope that if I explain exactly what I am doing then maybe someone will tell me where I went wrong.
I developing in a shared environment with several other teams and we share an ngnix server. I have a Django project on this shared server, sre-dev.example.com. The path to the Django project is /apps/capman/capman_port10001/capman.
In my settings.py I have these values set:
STATIC_ROOT = '/apps/capman/capman_port10001/capman/static'
STATIC_URL = '/static/'
INSTALLED_APPS = [
'django.contrib.admin',
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.messages',
'django.contrib.staticfiles',
'corsheaders',
'rest_framework',
'rest_framework.authtoken',
...
'django_db_logger',
'rest_framework_swagger'
]
I have created a /etc/nginx/sites-enabled directory and sym link,
ln -s /apps/capman/capman_port10001/capman/nginx.conf caasa-dev.example.com
I also created alias (CNAME), caasa-dev.example.com in our DNS for sre-dev. And in added a nginx.conf file, /apps/capman/capman_port10001/capman/nginx.conf with the contents of:
server {
listen 10001;
server_name caasa-dev.example.com;
location /static {
alias /apps/capman/capman_port10001/capman/static/;
}
}
I have executed ...
python manage.py collectstatic
... several times now and the files are there:
$ pwd
/apps/capman/capman_port10001/capman/static
$ ls
admin rest_framework rest_framework_swagger
I have restarted nginx and gunicron. I have a systemd configuration for my gunicorn server so I can do stuff like:
systemctl restart gnuicorn-capman.service
If I do systemctl -l status gnuicorn-capman.service I get this output:
# systemctl -l status gnuicorn-capman.service
● gnuicorn-capman.service - capman gnuicron service
Loaded: loaded (/etc/systemd/system/gnuicorn-capman.service; enabled; vendor preset: disabled)
Active: active (running) since Fri 2018-12-14 12:42:40 GMT; 17min ago
Process: 14949 ExecStopPost=/bin/rm -rf /run/gnuicorn-capman (code=exited, status=0/SUCCESS)
Process: 14946 ExecStop=/bin/kill -s TERM $MAINPID (code=exited, status=0/SUCCESS)
Process: 14955 ExecStartPre=/bin/chown -R sreuser:example /run/gnuicorn-capman /apps/capman/capman_port10001 (code=exited, status=0/SUCCESS)
Process: 14953 ExecStartPre=/bin/mkdir /run/gnuicorn-capman (code=exited, status=0/SUCCESS)
Main PID: 14960 (gunicorn)
CGroup: /system.slice/gnuicorn-capman.service
├─14960 /apps/capman/capman_port10001/env/bin/python2.7 /apps/capman/capman_port10001/env/bin/gunicorn --workers 4 capman.wsgi --bind 0.0.0.0:10001 --access-logfile ./access.log --error-logfile ./error.log --timeout 600
├─14966 /apps/capman/capman_port10001/env/bin/python2.7 /apps/capman/capman_port10001/env/bin/gunicorn --workers 4 capman.wsgi --bind 0.0.0.0:10001 --access-logfile ./access.log --error-logfile ./error.log --timeout 600
├─14968 /apps/capman/capman_port10001/env/bin/python2.7 /apps/capman/capman_port10001/env/bin/gunicorn --workers 4 capman.wsgi --bind 0.0.0.0:10001 --access-logfile ./access.log --error-logfile ./error.log --timeout 600
├─14970 /apps/capman/capman_port10001/env/bin/python2.7 /apps/capman/capman_port10001/env/bin/gunicorn --workers 4 capman.wsgi --bind 0.0.0.0:10001 --access-logfile ./access.log --error-logfile ./error.log --timeout 600
└─14971 /apps/capman/capman_port10001/env/bin/python2.7 /apps/capman/capman_port10001/env/bin/gunicorn --workers 4 capman.wsgi --bind 0.0.0.0:10001 --access-logfile ./access.log --error-logfile ./error.log --timeout 600
Yet still when I attempt to go to caasa-dev.example.com:10001/admin/login/?next=/admin/ I do not get my static content:
I also get messages like this ...
... "GET /static/admin/css/base.css HTTP/1.1" 404 2793 "http://caasa-dev.example.com:10001/admin/login/?next=/admin/" "Mozilla/5.0 (Macintosh; Intel Mac OS X
... in my access.log.
So what have I left out? What am I doing wrong?
Update: If I go to caasa-dev.example.com:10001/static/ I the standard Django 404 error page.
Update 2:
For some reason my log files are empty:
[root#sre-dev sites-enabled]# systemctl -l status nginx
● nginx.service - The NGINX HTTP and reverse proxy server
Loaded: loaded (/etc/systemd/system/nginx.service; enabled; vendor preset: disabled)
Active: active (running) since Fri 2018-12-14 12:42:37 GMT; 56min ago
Process: 14926 ExecStop=/bin/kill -s QUIT $MAINPID (code=exited, status=0/SUCCESS)
Process: 14932 ExecStart=/apps/nginx/sbin/nginx (code=exited, status=0/SUCCESS)
Process: 14930 ExecStartPre=/apps/nginx/sbin/nginx -t (code=exited, status=0/SUCCESS)
Main PID: 14934 (nginx)
CGroup: /system.slice/nginx.service
├─14934 nginx: master process /apps/nginx/sbin/ngin
└─14935 nginx: worker process
Dec 14 12:42:37 sre-dev systemd[1]: Starting The NGINX HTTP and reverse proxy server...
Dec 14 12:42:37 sre-dev nginx[14930]: nginx: the configuration file /apps/nginx/conf/nginx.conf syntax is ok
Dec 14 12:42:37 sre-dev nginx[14930]: nginx: configuration file /apps/nginx/conf/nginx.conf test is successful
Dec 14 12:42:37 sre-dev systemd[1]: Started The NGINX HTTP and reverse proxy server.
[root#sre-dev sites-enabled]# ps -ef | grep nginx
root 14934 1 0 12:42 ? 00:00:00 nginx: master process /apps/nginx/sbin/nginx
nobody 14935 14934 0 12:42 ? 00:00:00 nginx: worker process
root 26500 3799 0 13:40 pts/8 00:00:00 grep --color=auto nginx
[root#sre-dev sites-enabled]# vim /etc/nginx/nginx.conf
[root#sre-dev sites-enabled]# grep log /etc/nginx/nginx.conf
error_log /var/log/nginx/error.log;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
access_log /var/log/nginx/access.log main;
[root#sre-dev sites-enabled]# ls -l /var/log/nginx/error.log
-rw-r--r--. 1 nginx root 0 Jun 1 2018 /var/log/nginx/error.log
[root#sre-dev sites-enabled]# ls -l /var/log/nginx/access.log
-rw-r--r--. 1 nginx nginx 0 Jun 7 2018 /var/log/nginx/access.log
Update 3:
Thanks Ivan but should my /apps/capman/capman_port10001/capman/nginx.conf be:
server {
listen 80;
server_name caasa-dev.example.com;
location /static {
alias /apps/capman/capman_port10001/capman/static/;
}
location / {
proxy_pass http://127.0.0.1:10001;
}
}
or
server {
listen 10001;
server_name caasa-dev.example.com;
location /static {
alias /apps/capman/capman_port10001/capman/static/;
}
location / {
proxy_pass http://127.0.0.1:80;
}
}
Update 4:
I just noticed that my /etc/nginx/nginx.conf does not include my sites-enabled directory:
[root#sre-dev nginx]# grep -r include *
nginx.conf:include /usr/share/nginx/modules/*.conf;
nginx.conf: include /etc/nginx/mime.types;
nginx.conf: # See http://nginx.org/en/docs/ngx_core_module.html#include
nginx.conf: include /etc/nginx/conf.d/*.conf;
nginx.conf: include /etc/nginx/default.d/*.conf;
nginx.conf:# include /etc/nginx/default.d/*.conf;
nginx.conf.default: include mime.types;
nginx.conf.default: # include fastcgi_params;
Should I add the line ...
include /etc/nginx/sites-enabled/*.conf
... to my /etc/nginx/nginx.conf and if so where in that file?
gunicorn --workers 4 capman.wsgi --bind 0.0.0.0:10001
nginx: listen 10001;
I guess nginx did not even start (see equal port?). All the requests are processed by Django. Change port.
And if this is full Nginx config you have then it's missing proxy_pass block to forward requests to django
The problem is that u are using gunicorn to serve django but nginx is not listening on that port so that reverse proxy ith to you domain name. use this nginx config:
server {
listen 80;
server_name caasa-dev.example.com;
location /static {
alias /apps/capman/capman_port10001/capman/static;
}
location / {
proxy_pass http://127.0.0.1:10001;
}
}
In this config, nginx with act as a reverse proxy, and route all traffic to port 80 of your domain, to internal network 127.0.0.1:10001 which is handled by gunicorn.
note you are using gunicorn on address 0.0.0.0. I donot recommend that. change it to 127.0.0.1 instead or use linux .sock files for better config.
Trying to setup a site with django and gunicorn getting this error in the nginx log file:
2017/01/31 07:04:50 [crit] 30386#30386: *1 connect() to unix:/home/ubuntu/webapps/kenyabuzz/kb.sock failed (13: Permission denied) while connecting to upstream, client: 197.232.12.165, server: kenyabuzz.nation.news, request: "GET / HTTP/1.1", upstream: "http://unix:/home/ubuntu/webapps/kenyabuzz/kb.sock:/", host: "kenyabuzz.nation.news"
static files are served correctly. The gunicorn file in nginx/sites-enabled settings
#kb gunicorn nginx settings
server {
listen 80;
server_name kenyabuzz.nation.news;
charset utf-8;
# max upload size
client_max_body_size 75M; # adjust to taste
# Django media
location /media {
alias /home/ubuntu/webapps/kenyabuzz/kb/media; # your Django project's media files - amend as required
}
location /static {
alias /home/ubuntu/webapps/kenyabuzz/kb/static; # your Django project's static files - amend as required
}
location /favicon.ico {
alias /home/ubuntu/webapps/kenyabuzz/kb/static/kb/favicon.ico; # favicon
}
location / {
include proxy_params;
proxy_pass http://unix:/home/ubuntu/webapps/kenyabuzz/kb.sock;
}
}
and the gunicorn setting /etc/systemd/system/gunicorn.service
[Unit]
Description=gunicorn daemon
After=network.target
[Service]
User=ubuntu
Group=www-data
WorkingDirectory=/home/ubuntu/webapps/kenyabuzz
ExecStart=/home/ubuntu/djangoenv/bin/gunicorn --workers 10 --bind unix:/home/ubuntu/kenyabuzz/kb.sock kb.wsgi:application
[Install]
WantedBy=multi-user.target
checked the status of gunicorn
ubuntu#ip-172-31-16-133:/etc/nginx/sites-enabled$ sudo systemctl status gunicorn
● gunicorn.service - gunicorn daemon
Loaded: loaded (/etc/systemd/system/gunicorn.service; enabled; vendor preset: enabled)
Active: failed (Result: exit-code) since Tue 2017-01-31 06:59:49 UTC; 8min ago
Main PID: 30281 (code=exited, status=203/EXEC)
Jan 31 06:59:48 ip-172-31-16-133 systemd[1]: Started gunicorn daemon.
Jan 31 06:59:49 ip-172-31-16-133 systemd[1]: gunicorn.service: Main process exited, code=exited, sta
Jan 31 06:59:49 ip-172-31-16-133 systemd[1]: gunicorn.service: Unit entered failed state.
Jan 31 06:59:49 ip-172-31-16-133 systemd[1]: gunicorn.service: Failed with result 'exit-code'.
You have your gunicorn process running as user Ubuntu and Group www-data
[Service]
User=ubuntu
Group=www-data
Typically in ubuntu, nginx runs as www-data. I See that you have defined www-data as the group for gunicorn. Therefore you can solve this problem by
chmod g+x /home/ubuntu/
chmod g+r /home/ubuntu/
Assuming that you have www-data as the group for the above folder. If not you can change it with
sudo chgrp www-data /home/ubuntu/
Hi~ I'm deploying a website in CentOS 6.5. The framework is django1.7. I use nginx and uwsgi.
The website is now available except 403 Forbidden for all static files.
I have googled a few hours, and have changed the whole site folder as chmod 777. The owner of folder is kltc, and user in nginx.conf is also kltc.
I have no idea why the problem is still Permission denied.
nginx.conf
user kltc;
worker_processes 1;
kuaileticao.miyayx.me
server {
# the port your site will be served on
listen 80;
# the domain name it will serve for
server_name kuaileticao.miyayx.me; # substitute your machine's IP address or FQDN
charset utf-8;
access_log /srv/www/nginx/kuaileticao.miyayx.me/access.log;
error_log /srv/www/nginx/kuaileticao.miyayx.me/error.log;
location /static {
autoindex on;
alias /home/kltc/Project/sunny_sports/sunny_sports/static;
}
# Finally, send all non-media requests to the Django server.
location / {
uwsgi_pass 127.0.0.1:8001;
include uwsgi_params; # the uwsgi_params file you installed
}
}
uwsgi.ini
[uwsgi]
# the base directory (full path)
chdir=/home/kltc/Project/sunny_sports
# Django's wsgi file
module=sunny_sports.wsgi:application
master=true
# maximum number of worker processes
processes=10
# the socket (use the full path to be safe
socket=127.0.0.1:8001
chmod-socket=664
chown-socket=kltc:kltc
pidfile=/tmp/project-master.pid
# clear environment on exit
vacuum=true
max-requests=5000
daemonize=sunny_sports.uwsgi.log
error.log
[error] 34335#0: *73 open() "/home/kltc/Project/sunny_sports/sunny_sports/static/css/font-awesome.min.css" failed (13: Permission denied), client: 157.7.154.194, server: kuaileticao.miyayx.me, request: "GET /static/css/font-awesome.min.css HTTP/1.1", host: "kuaileticao.miyayx.me", referrer: "http://kuaileticao.miyayx.me/"
[kltc#localhost static]$ pwd
/home/kltc/Project/sunny_sports/sunny_sports/static
[kltc#localhost static]$ ls -l
total 32
4 drwxrwxrwx. 2 kltc kltc 4096 Feb 25 18:51 avatars
4 drwxrwxrwx. 7 kltc kltc 4096 Feb 25 18:51 css
4 drwxrwxrwx. 2 kltc kltc 4096 Feb 25 18:51 custom
4 drwxrwxrwx. 2 kltc kltc 4096 Feb 25 18:51 font
4 drwxrwxrwx. 2 kltc kltc 4096 Feb 25 18:51 fonts
4 drwxrwxrwx. 3 kltc kltc 4096 Feb 25 18:51 images
4 drwxrwxrwx. 2 kltc kltc 4096 Feb 25 18:51 img
4 drwxrwxrwx. 10 kltc kltc 4096 Feb 26 08:18 js
>
[kltc#localhost static]$ ps -aux | grep nginx
root 37444 0.0 0.0 110008 2048 ? Ss 09:02 0:00 nginx: master process /usr/sbin/nginx
kltc 37445 0.0 0.0 112548 3700 ? S 09:02 0:00 nginx: worker process
I have tried several methods. Such as, change the nginx.conf user to root. But none of them worked.
Hope for your help. Thank you!
Make sure that you chown parent directory of your project (/home) to be readable by the nginx worker.
chown -R kltc:kltc /home
chmod -R ug+r /home
Make sure that you have the STATIC_ROOT declared in your settings file.
Also, try running python manage.py collectstatic --noinputbefore running the server.
Hope that works!