Checked out a few other similar issues here, but can't diagnose the issue.
My site has been occasionally going down with a 502 Bad Gateway Error.
I found the following in my error log. Note i'm using a VPS server on Ubuntu 16.04 using Gunicorn/NGINX.
2017/02/21 01:08:29 [crit] 1247#1247: *1 connect() to unix:/home/django/chrisblog/chrisblog.sock failed (2: No such file or directory) while connecting to upstream, client: 173.48.32.62, server: 45.32.201.31, request: "GET /redditclone/ HTTP/1.1", upstream: "http://unix:/home/django/chrisblog/chrisblog.sock:/redditclone/", host: "pythoncreate.com"
2017/02/21 01:10:36 [crit] 1575#1575: *1 connect() to unix:/home/django/chrisblog/chrisblog.sock failed (2: No such file or directory) while connecting to upstream, client: 173.48.32.62, server: 45.32.201.31, request: "GET / HTTP/1.1", upstream: "http://unix:/home/django/chrisblog/chrisblog.sock:/", host: "pythoncreate.com"
2017/02/21 01:48:04 [crit] 2342#2342: *2 connect() to unix:/home/django/chrisblog/chrisblog.sock failed (2: No such file or directory) while connecting to upstream, client: 173.48.32.62, server: 45.32.201.31, request: "GET / HTTP/1.1", upstream: "http://unix:/home/django/chrisblog/chrisblog.sock:/", host: "pythoncreate.com"
When i go to check the gunicorn status i get the following so it looks like maybe it is failing for some reason?:
gunicorn.service - gunicorn daemon
Loaded: loaded (/etc/systemd/system/gunicorn.service; enabled; vendor preset: enabled)
Active: failed (Result: exit-code) since Tue 2017-02-21 01:46:08 UTC; 7min ago
Main PID: 2245 (code=exited, status=203/EXEC)
Feb 21 01:46:08 mydjangoblog systemd[1]: Started gunicorn daemon.
Feb 21 01:46:08 mydjangoblog systemd[1]: gunicorn.service: Main process exited, code=exited, status=203/EXEC
Feb 21 01:46:08 mydjangoblog systemd[1]: gunicorn.service: Unit entered failed state.
Feb 21 01:46:08 mydjangoblog systemd[1]: gunicorn.service: Failed with result 'exit-code'.
And here is a shot of output of ps aux | grep nginx
root 2341 0.0 0.1 125104 1480 ? Ss 01:47 0:00 nginx: master process /usr/sbin/nginx -g daemon on; master_process on;
www-data 2342 0.0 0.4 125444 3152 ? S 01:47 0:00 nginx: worker process
django 2461 0.0 0.2 16576 2000 pts/0 S+ 01:57 0:00 grep --color=auto nginx
any help here is hugely appreciated
You just need to check whether "/home/django/chrisblog/chrisblog.sock" exists.
Related
I want to enable SSL (using Let's Encrypt) for my Django project running on AWS Elastic Beanstalk.
tldr:
Unfortunately, it seems that when Let's encrypt connects to my website to check for the token instead it gets a 404 error.
During secondary validation: Invalid response from
http://sub.example.com/.well-known/acme-challenge/Gzo8gzkIEbLmtvGkSDhnNheml9XxNsctHJA3ufA0FYI
[107.20.106.65]: "<!DOCTYPE html>\n<html lang=\"en\">\n<head>\n
<meta http-equiv=\"content-type\" content=\"text/html;
charset=utf-8\">\n <title>Page not "
Now I don't know if this problem is caused by Django configuration, nginx configuration, Elastic Beanstalk, my subdomain, Certbot or anything else...
What next steps to debug it should I take?
(Of course, the sub.example.com stands for an existing subdomain that I own.)
My domain, let's say: example.com was registered through an external domain registrar and then I created a subdomain sub.example.com which points to the EB CNAME (foo-bar-foo-bar.bar-foo.us-east-1.elasticbeanstalk.com.).
The site is available via http using both addresses (sub.example.com and foo-bar-foo-bar.bar-foo.us-east-1.elasticbeanstalk.com) and displays the Django welcome page with an image of a green rocket.
Here is the script I created to create the project and environment (following the official tutorial):
VAR_MYDOMAIN=sub.example.com
VAR_NUMBER=7
VAR_PROJECT_DIRNAME=project-foo-$VAR_NUMBER
VAR_DJANGO_PROJECT_NAME=project_foo_$VAR_NUMBER
VAR_EB_APP_NAME=project_foo_app_$VAR_NUMBER
VAR_EB_ENV_NAME=project-foo-env-$VAR_NUMBER
VAR_AWS_KEYNAME=aws_keys_name
mkdir $VAR_PROJECT_DIRNAME
cd $VAR_PROJECT_DIRNAME
py -m venv eb-virt
source eb-virt/Scripts/activate
pip install django==2.1.1
django-admin startproject $VAR_DJANGO_PROJECT_NAME
cd $VAR_DJANGO_PROJECT_NAME
pip freeze > requirements.txt
mkdir .ebextensions
echo "option_settings:
aws:elasticbeanstalk:container:python:
WSGIPath: $VAR_DJANGO_PROJECT_NAME.wsgi:application" > .ebextensions/django.config
deactivate
eb init -p python-3.7 $VAR_EB_APP_NAME -r us-east-1 -k $VAR_AWS_KEYNAME
eb create $VAR_EB_ENV_NAME
ls
sed -i -e "s|ALLOWED_HOSTS = |ALLOWED_HOSTS = \['`eb status | grep "CNAME" | cut -f 2 -d : | xargs`\',\'$VAR_MYDOMAIN\']#|g" $VAR_DJANGO_PROJECT_NAME/settings.py && eb deploy
eb open
echo "done"
Then I followed this tutorial in order to
install Certbot
Open port 443
Configure the certificate for Nginx
Add certificate renewal to cron
So I created this script:
VAR_MYDOMAIN=sub.example.com
VAR_NUMBER=7
VAR_PROJECT_DIRNAME=project-foo-$VAR_NUMBER
VAR_DJANGO_PROJECT_NAME=project_foo_$VAR_NUMBER
VAR_TEST_CERT=--test-cert
VAR_MYDOMAIN_EMAIL=validaddress#example.com
cd $VAR_PROJECT_DIRNAME/$VAR_DJANGO_PROJECT_NAME
mkdir .platform
mkdir .platform/hooks
mkdir .platform/hooks/postdeploy
echo "container_commands:
00_download_epel:
command: \"sudo wget -r --no-parent -A 'epel-release-*.rpm' http://dl.fedoraproject.org/pub/epel/7/x86_64/Packages/e/\"
ignoreErrors: true
test: test ! -d \"/etc/letsencrypt/\"
10_install_epel_release:
command: \"sudo rpm -Uvh dl.fedoraproject.org/pub/epel/7/x86_64/Packages/e/epel-release-*.rpm\"
ignoreErrors: true
test: test ! -d \"/etc/letsencrypt/\"
20_enable_epel:
command: \"sudo yum-config-manager --enable epel*\"
ignoreErrors: true
test: test ! -d \"/etc/letsencrypt/\"
30_install_certbot:
command: \"sudo yum install -y certbot python3-certbot-nginx python2-certbot-nginx python-certbot-nginx\"
ignoreErrors: true
test: test ! -d \"/etc/letsencrypt/\"" > .ebextensions/00_install_certbot.config
echo "Resources:
sslSecurityGroupIngress:
Type: AWS::EC2::SecurityGroupIngress
Properties:
GroupId: {\"Fn::GetAtt\" : [\"AWSEBSecurityGroup\", \"GroupId\"]}
IpProtocol: tcp
ToPort: 443
FromPort: 443
CidrIp: 0.0.0.0/0" > .ebextensions/01_open_https_port.config
echo "#!/bin/sh
sudo certbot -n $VAR_TEST_CERT -d $VAR_MYDOMAIN --nginx --agree-tos --email $VAR_MYDOMAIN_EMAIL" > .platform/hooks/postdeploy/00_get_certificate.sh
echo "container_commands:
00_permission_hook:
command: \"chmod +x .platform/hooks/postdeploy/00_get_certificate.sh\"" > .ebextensions/02_grant_executable_rights.config
echo "files:
/tmp/renew_cert_cron:
mode: \"000777\"
owner: root
group: root
content: |
0 1,13 * * * certbot renew --no-self-upgrade" > .ebextensions/03_renew_ssl_certificate_cron_job.config
eb deploy
eb open
Unfortunately, during the deployment I get following errors:
Upload Complete.
2022-01-30 17:57:02 INFO Environment update is starting.
2022-01-30 17:57:42 INFO Deploying new version to instance(s).
2022-01-30 17:57:46 INFO Instance deployment successfully generated a 'Procfile'.
2022-01-30 17:58:54 ERROR Instance deployment failed. For details, see 'eb-engine.log'.
2022-01-30 17:58:57 ERROR [Instance: i-xxxxxxxxxxxxxxxxx] Command failed on instance. Return code: 1 Output: Engine execution has encountered an error..
2022-01-30 17:58:57 INFO Command execution completed on all instances. Summary: [Successful: 0, Failed: 1].
2022-01-30 17:58:57 ERROR Unsuccessful command execution on instance id(s) 'i-xxxxxxxxxxxxxxxxx'. Aborting the operation.
2022-01-30 17:58:57 ERROR Failed to deploy application.
ERROR: ServiceError - Failed to deploy application.
And in the logs I see the following information:
----------------------------------------
/var/log/eb-hooks.log
----------------------------------------
2022/01/30 17:58:18.723761 [INFO] Running command .platform/hooks/postdeploy/00_get_certificate.sh
2022/01/30 17:58:54.348928 [INFO] Account registered.
Requesting a certificate for sub.example.com
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: sub.example.com
Type: dns
Detail: During secondary validation: Invalid response from
http://sub.example.com/.well-known/acme-challenge/Gzo8gzkIEbLmtvGkSDhnNheml9XxNsctHJA3ufA0FYI
[107.20.106.65]: "<!DOCTYPE html>\n<html lang=\"en\">\n<head>\n
<meta http-equiv=\"content-type\" content=\"text/html;
charset=utf-8\">\n <title>Page not "
----------------------------------------
/var/log/nginx/access.log
----------------------------------------
172.31.14.185 - - [30/Jan/2022:17:58:21 +0000] "GET /.well-known/acme-challenge/Gzo8gzkIEbLmtvGkSDhnNheml9XxNsctHJA3ufA0FYI HTTP/1.1" 404 2162 "-" "Mozilla/5.0 (compatible; Let's Encrypt validation server; +https://www.letsencrypt.org)" "18.196.102.134"
172.31.14.185 - - [30/Jan/2022:17:58:22 +0000] "GET /.well-known/acme-challenge/Gzo8gzkIEbLmtvGkSDhnNheml9XxNsctHJA3ufA0FYI HTTP/1.1" 200 87 "-" "Mozilla/5.0 (compatible; Let's Encrypt validation server; +https://www.letsencrypt.org)" "18.236.228.243"
172.31.14.185 - - [30/Jan/2022:17:58:22 +0000] "GET /.well-known/acme-challenge/Gzo8gzkIEbLmtvGkSDhnNheml9XxNsctHJA3ufA0FYI HTTP/1.1" 200 87 "-" "Mozilla/5.0 (compatible; Let's Encrypt validation server; +https://www.letsencrypt.org)" "66.133.109.36"
172.31.14.185 - - [30/Jan/2022:17:58:31 +0000] "GET /.well-known/acme-challenge/Gzo8gzkIEbLmtvGkSDhnNheml9XxNsctHJA3ufA0FYI HTTP/1.1" 200 87 "-" "Mozilla/5.0 (compatible; Let's Encrypt validation server; +https://www.letsencrypt.org)" "18.222.145.89"
----------------------------------------
/var/log/nginx/error.log
----------------------------------------
2022/01/30 17:58:20 [notice] 4486#4486: signal process started
2022/01/30 17:58:22 [warn] 4487#4487: *9 using uninitialized "year" variable while logging request, client: 172.31.14.185, server: sub.example.com, request: "GET /.well-known/acme-challenge/Gzo8gzkIEbLmtvGkSDhnNheml9XxNsctHJA3ufA0FYI HTTP/1.1", host: "sub.example.com"
2022/01/30 17:58:22 [warn] 4487#4487: *9 using uninitialized "month" variable while logging request, client: 172.31.14.185, server: sub.example.com, request: "GET /.well-known/acme-challenge/Gzo8gzkIEbLmtvGkSDhnNheml9XxNsctHJA3ufA0FYI HTTP/1.1", host: "sub.example.com"
2022/01/30 17:58:22 [warn] 4487#4487: *9 using uninitialized "day" variable while logging request, client: 172.31.14.185, server: sub.example.com, request: "GET /.well-known/acme-challenge/Gzo8gzkIEbLmtvGkSDhnNheml9XxNsctHJA3ufA0FYI HTTP/1.1", host: "sub.example.com"
2022/01/30 17:58:22 [warn] 4487#4487: *9 using uninitialized "hour" variable while logging request, client: 172.31.14.185, server: sub.example.com, request: "GET /.well-known/acme-challenge/Gzo8gzkIEbLmtvGkSDhnNheml9XxNsctHJA3ufA0FYI HTTP/1.1", host: "sub.example.com"
2022/01/30 17:58:22 [warn] 4487#4487: *11 using uninitialized "year" variable while logging request, client: 172.31.14.185, server: sub.example.com, request: "GET /.well-known/acme-challenge/Gzo8gzkIEbLmtvGkSDhnNheml9XxNsctHJA3ufA0FYI HTTP/1.1", host: "sub.example.com"
2022/01/30 17:58:22 [warn] 4487#4487: *11 using uninitialized "month" variable while logging request, client: 172.31.14.185, server: sub.example.com, request: "GET /.well-known/acme-challenge/Gzo8gzkIEbLmtvGkSDhnNheml9XxNsctHJA3ufA0FYI HTTP/1.1", host: "sub.example.com"
2022/01/30 17:58:22 [warn] 4487#4487: *11 using uninitialized "day" variable while logging request, client: 172.31.14.185, server: sub.example.com, request: "GET /.well-known/acme-challenge/Gzo8gzkIEbLmtvGkSDhnNheml9XxNsctHJA3ufA0FYI HTTP/1.1", host: "sub.example.com"
2022/01/30 17:58:22 [warn] 4487#4487: *11 using uninitialized "hour" variable while logging request, client: 172.31.14.185, server: sub.example.com, request: "GET /.well-known/acme-challenge/Gzo8gzkIEbLmtvGkSDhnNheml9XxNsctHJA3ufA0FYI HTTP/1.1", host: "sub.example.com"
2022/01/30 17:58:31 [warn] 4487#4487: *11 using uninitialized "year" variable while logging request, client: 172.31.14.185, server: sub.example.com, request: "GET /.well-known/acme-challenge/Gzo8gzkIEbLmtvGkSDhnNheml9XxNsctHJA3ufA0FYI HTTP/1.1", host: "sub.example.com"
2022/01/30 17:58:31 [warn] 4487#4487: *11 using uninitialized "month" variable while logging request, client: 172.31.14.185, server: sub.example.com, request: "GET /.well-known/acme-challenge/Gzo8gzkIEbLmtvGkSDhnNheml9XxNsctHJA3ufA0FYI HTTP/1.1", host: "sub.example.com"
2022/01/30 17:58:31 [warn] 4487#4487: *11 using uninitialized "day" variable while logging request, client: 172.31.14.185, server: sub.example.com, request: "GET /.well-known/acme-challenge/Gzo8gzkIEbLmtvGkSDhnNheml9XxNsctHJA3ufA0FYI HTTP/1.1", host: "sub.example.com"
2022/01/30 17:58:31 [warn] 4487#4487: *11 using uninitialized "hour" variable while logging request, client: 172.31.14.185, server: sub.example.com, request: "GET /.well-known/acme-challenge/Gzo8gzkIEbLmtvGkSDhnNheml9XxNsctHJA3ufA0FYI HTTP/1.1", host: "sub.example.com"
2022/01/30 17:58:53 [notice] 4491#4491: signal process started
----------------------------------------
/var/log/eb-engine.log
----------------------------------------
2022/01/30 17:58:17.585504 [INFO] Running command /bin/sh -c systemctl daemon-reload
2022/01/30 17:58:17.680658 [INFO] Running command /bin/sh -c systemctl reset-failed
2022/01/30 17:58:17.685474 [INFO] Register application processes...
2022/01/30 17:58:17.685486 [INFO] Registering the proc: web
2022/01/30 17:58:17.685498 [INFO] Running command /bin/sh -c systemctl show -p PartOf web.service
2022/01/30 17:58:17.691588 [INFO] Running command /bin/sh -c systemctl daemon-reload
2022/01/30 17:58:17.778134 [INFO] Running command /bin/sh -c systemctl reset-failed
2022/01/30 17:58:17.782568 [INFO] Running command /bin/sh -c systemctl is-enabled eb-app.target
2022/01/30 17:58:17.786244 [INFO] Running command /bin/sh -c systemctl enable eb-app.target
2022/01/30 17:58:17.881674 [INFO] Running command /bin/sh -c systemctl start eb-app.target
2022/01/30 17:58:17.887119 [INFO] Running command /bin/sh -c systemctl enable web.service
2022/01/30 17:58:17.984848 [INFO] Running command /bin/sh -c systemctl show -p PartOf web.service
2022/01/30 17:58:17.990266 [INFO] Running command /bin/sh -c systemctl is-active web.service
2022/01/30 17:58:17.993666 [INFO] Running command /bin/sh -c systemctl start web.service
2022/01/30 17:58:18.412552 [INFO] Executing instruction: start X-Ray
2022/01/30 17:58:18.412570 [INFO] X-Ray is not enabled.
2022/01/30 17:58:18.412576 [INFO] Executing instruction: start proxy with new configuration
2022/01/30 17:58:18.412613 [INFO] Running command /bin/sh -c /usr/sbin/nginx -t -c /var/proxy/staging/nginx/nginx.conf
2022/01/30 17:58:18.438413 [INFO] Running command /bin/sh -c cp -rp /var/proxy/staging/nginx/* /etc/nginx
2022/01/30 17:58:18.444085 [INFO] Running command /bin/sh -c systemctl show -p PartOf nginx.service
2022/01/30 17:58:18.459610 [INFO] Running command /bin/sh -c systemctl daemon-reload
2022/01/30 17:58:18.596722 [INFO] Running command /bin/sh -c systemctl reset-failed
2022/01/30 17:58:18.601333 [INFO] Running command /bin/sh -c systemctl show -p PartOf nginx.service
2022/01/30 17:58:18.612251 [INFO] Running command /bin/sh -c systemctl is-active nginx.service
2022/01/30 17:58:18.618702 [INFO] Running command /bin/sh -c systemctl start nginx.service
2022/01/30 17:58:18.696121 [INFO] Executing instruction: configureSqsd
2022/01/30 17:58:18.696138 [INFO] This is a web server environment instance, skip configure sqsd daemon ...
2022/01/30 17:58:18.696143 [INFO] Executing instruction: startSqsd
2022/01/30 17:58:18.696147 [INFO] This is a web server environment instance, skip start sqsd daemon ...
2022/01/30 17:58:18.696152 [INFO] Executing instruction: Track pids in healthd
2022/01/30 17:58:18.696157 [INFO] This is an enhanced health env...
2022/01/30 17:58:18.696171 [INFO] Running command /bin/sh -c systemctl show -p ConsistsOf aws-eb.target | cut -d= -f2
2022/01/30 17:58:18.711442 [INFO] nginx.service healthd.service cfn-hup.service
2022/01/30 17:58:18.711474 [INFO] Running command /bin/sh -c systemctl show -p ConsistsOf eb-app.target | cut -d= -f2
2022/01/30 17:58:18.723246 [INFO] web.service
2022/01/30 17:58:18.723613 [INFO] Executing instruction: RunAppDeployPostDeployHooks
2022/01/30 17:58:18.723662 [INFO] Executing platform hooks in .platform/hooks/postdeploy/
2022/01/30 17:58:18.723737 [INFO] Following platform hooks will be executed in order: [00_get_certificate.sh]
2022/01/30 17:58:18.723752 [INFO] Running platform hook: .platform/hooks/postdeploy/00_get_certificate.sh
2022/01/30 17:58:54.348954 [ERROR] An error occurred during execution of command [app-deploy] - [RunAppDeployPostDeployHooks]. Stop running the command. Error: Command .platform/hooks/postdeploy/00_get_certificate.sh failed with error exit status 1. Stderr:Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator nginx, Installer nginx
Performing the following challenges:
http-01 challenge for sub.example.com
Waiting for verification...
Challenge failed for domain sub.example.com
http-01 challenge for sub.example.com
Cleaning up challenges
Some challenges have failed.
2022/01/30 17:58:54.348964 [INFO] Executing cleanup logic
2022/01/30 17:58:54.349077 [INFO] CommandService Response: {"status":"FAILURE","api_version":"1.0","results":[{"status":"FAILURE","msg":"Engine execution has encountered an error.","returncode":1,"events":[{"msg":"Instance deployment successfully generated a 'Procfile'.","timestamp":1643565466,"severity":"INFO"},{"msg":"Instance deployment failed. For details, see 'eb-engine.log'.","timestamp":1643565534,"severity":"ERROR"}]}]}
2022/01/30 17:58:54.349260 [INFO] Platform Engine finished execution on command: app-deploy
2022/01/30 18:00:32.199383 [INFO] Starting...
2022/01/30 18:00:32.199429 [INFO] Starting EBPlatform-PlatformEngine
2022/01/30 18:00:32.199445 [INFO] reading event message file
2022/01/30 18:00:32.199571 [INFO] no eb envtier info file found, skip loading env tier info.
2022/01/30 18:00:32.199632 [INFO] Engine received EB command cfn-hup-exec
----------------------------------------
/var/log/web.stdout.log
----------------------------------------
Jan 30 17:55:30 ip-172-31-7-79 web: [2022-01-30 17:55:30 +0000] [3495] [INFO] Starting gunicorn 20.1.0
Jan 30 17:55:30 ip-172-31-7-79 web: [2022-01-30 17:55:30 +0000] [3495] [INFO] Listening at: http://127.0.0.1:8000 (3495)
Jan 30 17:55:30 ip-172-31-7-79 web: [2022-01-30 17:55:30 +0000] [3495] [INFO] Using worker: gthread
Jan 30 17:55:30 ip-172-31-7-79 web: [2022-01-30 17:55:30 +0000] [3551] [INFO] Booting worker with pid: 3551
Jan 30 17:56:11 ip-172-31-7-79 web: [2022-01-30 17:56:11 +0000] [3495] [INFO] Handling signal: term
Jan 30 17:56:12 ip-172-31-7-79 web: [2022-01-30 17:56:12 +0000] [3551] [INFO] Worker exiting (pid: 3551)
Jan 30 17:56:12 ip-172-31-7-79 web: [2022-01-30 17:56:12 +0000] [3495] [INFO] Shutting down: Master
Jan 30 17:56:13 ip-172-31-7-79 web: [2022-01-30 17:56:13 +0000] [3900] [INFO] Starting gunicorn 20.1.0
Jan 30 17:56:13 ip-172-31-7-79 web: [2022-01-30 17:56:13 +0000] [3900] [INFO] Listening at: http://127.0.0.1:8000 (3900)
Jan 30 17:56:13 ip-172-31-7-79 web: [2022-01-30 17:56:13 +0000] [3900] [INFO] Using worker: gthread
Jan 30 17:56:13 ip-172-31-7-79 web: [2022-01-30 17:56:13 +0000] [3958] [INFO] Booting worker with pid: 3958
Jan 30 17:56:27 ip-172-31-7-79 web: Not Found: /static/admin/css/fonts.css
Jan 30 17:56:28 ip-172-31-7-79 web: Not Found: /favicon.ico
Jan 30 17:58:17 ip-172-31-7-79 web: [2022-01-30 17:58:17 +0000] [3900] [INFO] Handling signal: term
Jan 30 17:58:18 ip-172-31-7-79 web: [2022-01-30 17:58:18 +0000] [3958] [INFO] Worker exiting (pid: 3958)
Jan 30 17:58:18 ip-172-31-7-79 web: [2022-01-30 17:58:18 +0000] [3900] [INFO] Shutting down: Master
Jan 30 17:58:18 ip-172-31-7-79 web: [2022-01-30 17:58:18 +0000] [4422] [INFO] Starting gunicorn 20.1.0
Jan 30 17:58:18 ip-172-31-7-79 web: [2022-01-30 17:58:18 +0000] [4422] [INFO] Listening at: http://127.0.0.1:8000 (4422)
Jan 30 17:58:18 ip-172-31-7-79 web: [2022-01-30 17:58:18 +0000] [4422] [INFO] Using worker: gthread
Jan 30 17:58:18 ip-172-31-7-79 web: [2022-01-30 17:58:18 +0000] [4479] [INFO] Booting worker with pid: 4479
Jan 30 17:58:21 ip-172-31-7-79 web: Not Found: /.well-known/acme-challenge/Gzo8gzkIEbLmtvGkSDhnNheml9XxNsctHJA3ufA0FYI
You might want to check the security group attached to your elastic beanstalk environment. Try adding an inbound rule which will allow all traffic for all ip ranges. (Not an ideal approach but could help)
In my case I had limited ip ranges which could connect to the website and certbot was unable to run challenges.
I think it's a second week started since I'm trying to start the server for Django app, first with Apache, second with gunicorn and now uwsgi + nginx... I'm very thankful for the help on my previous post... nginx with gunicorn and django on centos 7 It pushed me into the right direction...
I don't know why, but most of guides for the django and server are incomplete and don't include settings tuning for the engines like gunicorn and nginx... there are some... and I tried to follow them, but end up with bunch of mistakes. I followed: http://michal.karzynski.pl/blog/2013/06/09/django-nginx-gunicorn-virtualenv-supervisor/ and https://youtu.be/DzXCHAuHf0I . Very good guides, but I ended up with the bunch of mistakes, which I'm trying to fix. Any help guys?
Virtual environment installed at: /opt/venv
the way to activate virtual environment at: /opt/venv/sc/bin/activate
Users added for both nginx and uwsgi:
useradd -s /bin/false nginx/uwsgi
nginx.conf:
include /etc/nginx/conf.d/*.conf;
virtual.conf:
server {
listen 80;
server_name site's_ip domain_name;
error_log /srv/www/sc/logs/error.log;
access_log /srv/www/sc/logs/access.log;
charset utf-8;
location /static/ {
alias /srv/www/sc/static/;
}
location /media/ {
alias /srv/www/sc/media/;
}
location / {
uwsgi_pass unix:/opt/uwsgi/sock/sc.sock;
include uwsgi_params;
}
}
emperor.ini:
[uwsgi]
emperor = /etc/uwsgi/vassals
uid = uwsgi
gid = uwsgi
logto = /etc/uwsgi/log
sc.ini:
http = :8000
socket = /opt/uwsgi/sock/sc.sock
chdir = /srv/www/sc
pythonpath = /srv/www/sc/sc
home = /opt/venv/sc
module = sc.wsgi
uid = uwsgi
chmod-socket = 664
chown-socket = uwsgi
uwsgi.service:
[Unit]
Description=uWSGI Emperor
After=syslog.target
[Service]
ExecStart=/opt/venv/sc/bin/uwsgi --ini /etc/uwsgi/emperor.ini
ExecStop = kill -INT 'cat /run/uwsgi.pid'
ExecReload = kill -TERM 'cat /run/uwsgi.pid'
Restart = always
Type = notify
NotifyAccess = main
PIDFile = /run/uwsgi.pid
[Install]
WantedBy=multi-user.target
When I go to the site it shows: 502 Bad Gateway. Although nginx is active and running and uwsgi is active and running.
That is the log for errors, which I have/had:
2020/09/18 08:40:02 [crit] 25458#0: *1 connect() to unix:/opt/uwsgi/sock/sc.sock failed (13: Permission denied) while connecting to upstream, client: 127.0.0.1, server: , request: "GET /whm-server-status HTTP/1.0", upstream: "uwsgi://unix:/opt/uwsgi/sock/sc.sock:"
2020/09/18 08:40:02 [crit] 25458#0: *3 connect() to unix:/opt/uwsgi/sock/sc.sock failed (13: Permission denied) while connecting to upstream, client: , server: , request: "GET / HTTP/1.1", upstream: "uwsgi://unix:/opt/uwsgi/sock/sc.sock:", host: "www...."
2020/09/18 08:40:04 [crit] 25458#0: *3 connect() to unix:/opt/uwsgi/sock/sc.sock failed (13: Permission denied) while connecting to upstream, client: , server: , request: "GET /favicon.ico HTTP/1.1", upstream: "uwsgi://unix:/opt/uwsgi/sock/sc.sock:", host: "www....", referrer: "http://www..../"
2020/09/18 08:45:44 [crit] 26001#0: *1 connect() to unix:/opt/uwsgi/sock/sc.sock failed (13: Permission denied) while connecting to upstream, client: , server: , request: "GET / HTTP/1.1", upstream: "uwsgi://unix:/opt/uwsgi/sock/sc.sock:", host: "www...."
2020/09/18 08:45:45 [crit] 26001#0: *1 connect() to unix:/opt/uwsgi/sock/sc.sock failed (13: Permission denied) while connecting to upstream, client: , server: , request: "GET /favicon.ico HTTP/1.1", upstream: "uwsgi://unix:/opt/uwsgi/sock/sc.sock:", host: "www....", referrer: "http://www..../"
2020/09/18 08:45:54 [crit] 26001#0: *5 connect() to unix:/opt/uwsgi/sock/sc.sock failed (13: Permission denied) while connecting to upstream, client: , server: , request: "GET / HTTP/1.1", upstream: "uwsgi://unix:/opt/uwsgi/sock/sc.sock:", host: "www...."
2020/09/18 08:45:54 [crit] 26001#0: *5 connect() to unix:/opt/uwsgi/sock/sc.sock failed (13: Permission denied) while connecting to upstream, client: , server: , request: "GET /favicon.ico HTTP/1.1", upstream: "uwsgi://unix:/opt/uwsgi/sock/sc.sock:", host: "www....", referrer: "http://www..../"
2020/09/18 08:46:00 [crit] 26001#0: *1 connect() to unix:/opt/uwsgi/sock/sc.sock failed (13: Permission denied) while connecting to upstream, client: , server: , request: "GET / HTTP/1.1", upstream: "uwsgi://unix:/opt/uwsgi/sock/sc.sock:", host: "www...."
2020/09/18 08:46:00 [crit] 26001#0: *1 connect() to unix:/opt/uwsgi/sock/sc.sock failed (13: Permission denied) while connecting to upstream, client: , server: , request: "GET /favicon.ico HTTP/1.1", upstream: "uwsgi://unix:/opt/uwsgi/sock/sc.sock:", host: "www....", referrer: "http://www..../"
I removed all sites references and ips...
Also if I run systemctl status uwsgi:
Sep 18 09:02:08 systemd[1]: [/etc/systemd/system/uwsgi.service:7] Executable path is not absolute, ignoring: kill -INT 'cat /run/uwsgi.pid'
Sep 18 09:02:08 systemd[1]: [/etc/systemd/system/uwsgi.service:8] Executable path is not absolute, ignoring: kill -TERM 'cat /run/uwsgi.pid'
Sep 18 09:02:08 systemd[1]: Starting uWSGI Emperor...
Sep 18 09:02:08 uwsgi[27421]: [uWSGI] getting INI configuration from /etc/uwsgi/emperor.ini
Sep 18 09:02:08 systemd[1]: Started uWSGI Emperor.
And if I run uwsgi from the command line, I notice it tells following:
[uWSGI] getting INI configuration from /etc/uwsgi/vassals/sc.ini
*** Starting uWSGI 2.0.19.1 (64bit) on [Fri Sep 18 09:10:22 2020] ***
compiled with version: 4.8.5 20150623 (Red Hat 4.8.5-39) on 17 September 2020 10:27:10
os: Linux-3.10.0-1127.19.1.el7.x86_64 #1 SMP Tue Aug 25 17:23:54 UTC 2020
nodename:
machine: x86_64
clock source: unix
pcre jit disabled
detected number of CPU cores: 2
current working directory: /opt/venv/sc/bin
detected binary path: /opt/venv/sc/bin/uwsgi
chdir() to /srv/www/sc
*** WARNING: you are running uWSGI without its master process manager ***
your memory page size is 4096 bytes
detected max file descriptor number: 1048576
lock engine: pthread robust mutexes
thunder lock: disabled (you can enable it with --thunder-lock)
uWSGI http bound on :8000 fd 3
spawned uWSGI http 1 (pid: 27880)
uwsgi socket 0 bound to UNIX address /opt/uwsgi/sock/sc.sock fd 6
setuid() to 985
Python version: 3.6.8 (default, Apr 2 2020, 13:34:55) [GCC (Red Hat )]
PEP 405 virtualenv detected: /opt/venv/sc
Set PythonHome to /opt/venv/sc
*** Python threads support is disabled. You can enable it with --enable-threads ***
Python main interpreter initialized at 0x1669d00
your server socket listen backlog is limited to 100 connections
your mercy for graceful operations on workers is 60 seconds
mapped 72920 bytes (71 KB) for 1 cores
*** Operational MODE: single process ***
added /srv/www/sc/sc/ to pythonpath.
Traceback (most recent call last):
File "./sc/wsgi.py", line 16, in <module>
application = get_wsgi_application()
File "/opt/venv/sc/lib64/python3.6/site-packages/django/core/wsgi.py", line 12, in get_wsgi_application
django.setup(set_prefix=False)
File "/opt/venv/sc/lib64/python3.6/site-packages/django/__init__.py",line 24, in setup
apps.populate(settings.INSTALLED_APPS)
File "/opt/venv/sc/lib64/python3.6/site-packages/django/apps/registry.py", line 114, in populate
app_config.import_models()
File "/opt/venv/sc/lib64/python3.6/site-packages/django/apps/config.py", line 211, in import_models
self.models_module = import_module(models_module_name)
File "/usr/lib64/python3.6/importlib/__init__.py", line 126, in import_module
return _bootstrap._gcd_import(name[level:], package, level)
File "/opt/venv/sc/lib64/python3.6/site-packages/django/contrib/auth/models.py", line 2, in <module>
from django.contrib.auth.base_user import AbstractBaseUser, BaseUserManager
File "/opt/venv/sc/lib64/python3.6/site-packages/django/contrib/auth/base_user.py", line 48, in <module>
class AbstractBaseUser(models.Model):
File "/opt/venv/sc/lib64/python3.6/site-packages/django/db/models/base.py", line 122, in __new__
new_class.add_to_class('_meta', Options(meta, app_label))
File "/opt/venv/sc/lib64/python3.6/site-packages/django/db/models/base.py", line 326, in add_to_class
value.contribute_to_class(cls, name)
File "/opt/venv/sc/lib64/python3.6/site-packages/django/db/models/options.py", line 206, in contribute_to_class
self.db_table = truncate_name(self.db_table, connection.ops.max_name_length())
File "/opt/venv/sc/lib64/python3.6/site-packages/django/db/__init__.py", line 28, in __getattr__
return getattr(connections[DEFAULT_DB_ALIAS], item)
File "/opt/venv/sc/lib64/python3.6/site-packages/django/db/utils.py",line 214, in __getitem__
backend = load_backend(db['ENGINE'])
File "/opt/venv/sc/lib64/python3.6/site-packages/django/db/utils.py",line 111, in load_backend
return import_module('%s.base' % backend_name)
File "/usr/lib64/python3.6/importlib/__init__.py", line 126, in import_module
return _bootstrap._gcd_import(name[level:], package, level)
File "/opt/venv/sc/lib64/python3.6/site-packages/django/db/backends/sqlite3/base.py", line 70, in <module>
check_sqlite_version()
File "/opt/venv/sc/lib64/python3.6/site-packages/django/db/backends/sqlite3/base.py", line 67, in check_sqlite_version
raise ImproperlyConfigured('SQLite 3.8.3 or later is required (found %s).' % Database.sqlite_version)
django.core.exceptions.ImproperlyConfigured: SQLite 3.8.3 or later is required (found 3.7.17).
unable to load app 0 (mountpoint='') (callable not found or import error)
*** no app loaded. going in full dynamic mode ***
*** uWSGI is running in multiple interpreter mode ***
spawned uWSGI worker 1 (and the only) (pid: 27879, cores: 1)
UPDATE
I tried "chmod 755 uwsgi" like it was explaned in this article: chmod 755 directory_name
And I also tried: chown uwsgi:uwsgi -R uwsgi
I still have faults, but much lesser then I had:
2020/09/18 11:34:52 [crit] 3080#0: *1 connect() to unix:/opt/uwsgi/sock/sc.sock failed (13: Permission denied) while connecting to upstream, client: , server: , request: "GET / HTTP/1.1", upstream: "uwsgi://unix:/opt/uwsgi/sock/sc.sock:", host: ""
2020/09/18 11:35:01 [crit] 3080#0: *4 connect() to unix:/opt/uwsgi/sock/sc.sock failed (13: Permission denied) while connecting to upstream, client: 127.0.0.1, server: , request: "GET /whm-server-status HTTP/1.0", upstream: "uwsgi://unix:/opt/uwsgi/sock/sc.sock:"
2020/09/18 11:35:02 [crit] 3080#0: *6 connect() to unix:/opt/uwsgi/sock/sc.sock failed (13: Permission denied) while connecting to upstream, client: , server: , request: "GET / HTTP/1.1", upstream: "uwsgi://unix:/opt/uwsgi/sock/sc.sock:", host: ""
Update
added chmod command to the opt directory... One more fault is gone... Only two left, but somehow they relate to the same folder which I already gave the permission... It feels that I'm giving wrong permissions?
2020/09/18 11:49:44 [crit] 3833#0: *1 connect() to unix:/opt/uwsgi/sock/sc.sock failed (13: Permission denied) while connecting to upstream, client: , server: , request: "GET / HTTP/1.0", upstream: "uwsgi://unix:/opt/uwsgi/sock/sc.sock:"
2020/09/18 11:49:46 [crit] 3834#0: *3 connect() to unix:/opt/uwsgi/sock/sc.sock failed (13: Permission denied) while connecting to upstream, client: 127.0.0.1, server: , request: "GET / HTTP/1.0", upstream:"uwsgi://unix:/opt/uwsgi/sock/sc.sock:"
A couple of things I'd recommend as a seasoned uWSGI user (and uWSGI documentation author):
Unless you're planning on hosting a massive number of different services and need to manage them dynamically, don't use the Emperor/Vassal system. Just use a Systemd service per app.
Install uWSGI into the virtualenv your app is in, not system-wide.
If you can trust all of the users on the box your app(s) run on, don't bother with Unix sockets but just use TCP sockets bound on localhost. (If you can't, then UNIX sockets are better with their permission system.)
If possible, give each app their own user instead of sharing a single uwsgi user.
With that in mind, you might adapt from:
uwsgi ini
strict # die on config errors
master # use master process
need-app # die if the app fails to load
die-on-term # obey SIGTERM
socket = 127.0.0.1:50000
chdir = /srv/www/sc/app # or wherever
virtualenv = /opt/venv/sc # or wherever
module = sc.wsgi
nginx configuration
server {
listen 80;
server_name site's_ip domain_name;
error_log /srv/www/sc/logs/error.log;
access_log /srv/www/sc/logs/access.log;
charset utf-8;
location /static/ {
alias /srv/www/sc/static/;
}
location /media/ {
alias /srv/www/sc/media/;
}
location / {
uwsgi_pass 127.0.0.1:50000;
include uwsgi_params;
}
}
systemd unit file
[Unit]
Description=uWSGI for SC app
After=syslog.target
[Service]
ExecStart = /opt/venv/sc/bin/uwsgi --ini that-uwsgi-ini
User = uwsgi
Group = uwsgi
Restart = always
Type = notify
NotifyAccess = main
[Install]
WantedBy=multi-user.target
Well I've depoloyed my Django application on DigitalOcean, and used domain which I bought. Now instead of default application page it shows 502 Bad Gateway
nginx/1.14.0 (Ubuntu). And nginx errors log returns such error:
*4 connect() to unix:/home/username/project.sock failed (111: Connection refused) while connecting to upstream, client: 82.194.22.116, server: challenge.com, request: "GET / HTTP/1.1", upstream: "http://unix:/home/username/project.sock:/", host: "challenge.com"
my nginx configurations:
server {
listen 80;
server_name challenge.com;
location = /favicon.ico { access_log off; log_not_found off; }
location /static/ {
root /home/username;
}
location / {
include proxy_params;
proxy_pass http://unix:/home/username/ccproject.sock;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Host $server_name;
}
}
my settings in ``settings.py```:
ALLOWED_HOSTS = ['64.225.1.249', 'challenge.com']
And my socket file is in /home/username/
gunicorn status:
(env) progbash#challengers:~/ccproject$ sudo systemctl status gunicorn
● gunicorn.service - gunicorn daemon
Loaded: loaded (/etc/systemd/system/gunicorn.service; enabled; vendor preset: enabled)
Active: failed (Result: exit-code) since Thu 2019-12-12 10:27:02 UTC; 1min 56s ago
Process: 29262 ExecStart=/home/username/ccproject/env/bin/gunicorn --access-logfile - --workers 3 --bind unix:/home/username/ccproject.sock
Main PID: 29262 (code=exited, status=1/FAILURE)
Dec 12 10:26:57 challenge systemd[1]: Started gunicorn daemon.
Dec 12 10:26:57 challenge gunicorn[29262]: [2019-12-12 10:26:57 +0000] [29262] [INFO] Starting gunicorn 20.0.4
Dec 12 10:26:57 challengers gunicorn[29262]: [2019-12-12 10:26:57 +0000] [29262] [ERROR] Retrying in 1 second.
Dec 12 10:26:58 challenge gunicorn[29262]: [2019-12-12 10:26:58 +0000] [29262] [ERROR] Retrying in 1 second.
Dec 12 10:26:59 challengers gunicorn[29262]: [2019-12-12 10:26:59 +0000] [29262] [ERROR] Retrying in 1 second.
Dec 12 10:27:00 challenge gunicorn[29262]: [2019-12-12 10:27:00 +0000] [29262] [ERROR] Retrying in 1 second.
Dec 12 10:27:01 challenge gunicorn[29262]: [2019-12-12 10:27:01 +0000] [29262] [ERROR] Retrying in 1 second.
Dec 12 10:27:02 challenge gunicorn[29262]: [2019-12-12 10:27:02 +0000] [29262] [ERROR] Can't connect to /home/username/ccproject.sock
Dec 12 10:27:02 challenge systemd[1]: gunicorn.service: Main process exited, code=exited, status=1/FAILURE
Dec 12 10:27:02 challenge systemd[1]: gunicorn.service: Failed with result 'exit-code'.
How did your unix socket came to life? Do you have /etc/systemd/system/gunicorn.socket script as per here: https://docs.gunicorn.org/en/stable/deploy.html
I've been trying to deploy for 2 days now and It seems like I can't get it to work even though I went through many articles, StackOverflow questions, and Digital Ocean Tutorials.
My main tutorial is this one: https://www.digitalocean.com/community/tutorials/how-to-set-up-django-with-postgres-nginx-and-gunicorn-on-ubuntu-16-04?comment=47694#create-and-configure-a-new-django-project
when I bind my gunicorn file (see command below) and go to my_ip_address:8001 everything works fine
gunicorn --bind 0.0.0.0:8001 vp.wsgi:application
But at the part where I created and edited my gunicorn.service file:
sudo nano /etc/systemd/system/gunicorn.service
[Unit]
Description=gunicorn daemon
After=network.target
[Service]
User=tony
Group=www-data
WorkingDirectory=/home/tony/vp/vp/
ExecStart=/home/tony/vp/vpenv/bin/gunicorn --workers 3 --bind unix:/home/tony/vp/vp/vp.sock vp.wsgi:application
[Install]
WantedBy=multi-user.target
And my nginx file (I replaced my ip address with my_ip_address for privacy)
sudo nano /etc/nginx/sites-available/vp
server {
listen 80;
server_name my_ip_address;
location = /facivon.ico { access_log off; log_not_found off; }
location /static/ {
root /home/tony/vp;
}
location / {
include proxy_params;
proxy_pass http://unix:/home/tony/vp/vp/vp.sock;
}
}
I get a bad gateway 502 error.
Even after reloading everything:
(vpenv) ~/vp/vp$ sudo systemctl daemon-reload
(vpenv) ~/vp/vp$ sudo systemctl start gunicorn
(vpenv) ~/vp/vp$ sudo systemctl enable gunicorn
(vpenv) ~/vp/vp$ sudo systemctl restart nginx
So I checked the status of gunicorn:
(vpenv) ~/vp/vp$ sudo systemctl status gunicorn
And get the error:
gunicorn.service - gunicorn daemon
Loaded: loaded (/etc/systemd/system/gunicorn.service; enabled; vendor preset: enabled)
Active: failed (Result: exit-code) since Sun 2017-04-23 13:41:09 UTC; 18s ago
Main PID: 15438 (code=exited, status=3)
Apr 23 13:41:09 vp-first gunicorn[15438]: SECRET_KEY = os.environ["VP_SECRET_KEY"]
Apr 23 13:41:09 vp-first gunicorn[15438]: File "/home/tony/vp/vpenv/lib/python3.5/os.py", line 7
Apr 23 13:41:09 vp-first gunicorn[15438]: raise KeyError(key) from None
Apr 23 13:41:09 vp-first gunicorn[15438]: KeyError: 'VP_SECRET_KEY'
Apr 23 13:41:09 vp-first gunicorn[15438]: [2017-04-23 13:41:09 +0000] [15445] [INFO] Worker exitin
Apr 23 13:41:09 vp-first gunicorn[15438]: [2017-04-23 13:41:09 +0000] [15438] [INFO] Shutting down
Apr 23 13:41:09 vp-first gunicorn[15438]: [2017-04-23 13:41:09 +0000] [15438] [INFO] Reason: Worke
Apr 23 13:41:09 vp-first systemd[1]: gunicorn.service: Main process exited, code=exited, status=3/
Apr 23 13:41:09 vp-first systemd[1]: gunicorn.service: Unit entered failed state.
Apr 23 13:41:09 vp-first systemd[1]: gunicorn.service: Failed with result 'exit-code'.
^X
I have placed my Secret Key in both ~./bashrc (and did source ~./bashrc), and in my virtualenv activate file (and did source vpenv/bin/activate).
The .sock file is nowhere to be found!
Some notes:
Before, I was getting an other error that gunicorn could not boot and my gunicorn and nginx config paths looked like this:
Gunicorn:
WorkingDirectory=/home/tony/vp/
ExecStart=/home/tony/vp/vpenv/bin/gunicorn --workers 3 --bind unix:/home/tony/vp/vp.sock vp.wsgi:application
Nginx:
location / {
include proxy_params;
proxy_pass http://unix:/home/tony/vp/vp.sock;
}
As you can see the paths were vp/vp.sock not vp/vp/vp.sock as they are now.
When I do:
$ ps -aux | grep gunicorn
I get:
tony 15624 0.0 0.1 12944 976 pts/3 S+ 13:57 0:00 grep --color=auto gunicorn
Which means there is an error.
my nginx error log file:
2017/04/23 13:41:19 [crit] 15491#15491: *2 connect() to unix:/home/tony/vp/vp/vp.sock failed (2: No such file or directory) while connecting to upstream, client: Client.IP, server: Server.IP, request: "GET / HTTP/1.1", upstream: "http://unix:/home/tony/vp/vp/vp.sock:/", host: "Server.IP"
2017/04/23 13:41:19 [crit] 15491#15491: *2 connect() to unix:/home/tony/vp/vp/vp.sock failed (2: No such file or directory) while connecting to upstream, client: Client.IP, server: Server.IP, request: "GET /favicon.ico HTTP/1.1", upstream: "http://unix:/home/tony/vp/vp/vp.sock:/favicon.ico", host: "Server.IP", referrer: "http://Server.IP/"
Here is my wsgi.py file:
import os
from django.core.wsgi import get_wsgi_application
os.environ.setdefault("DJANGO_SETTINGS_MODULE", "config.settings.production")
application = get_wsgi_application()
And yes I use multiple settings files.
I have to say that this is my first time deploying but I do my best to understand everything.
Hope you can help!!!
The new user I created did not have permission to access .bashrc
What I did was I placed my environment variables inside my gunicorn.service file like this:
[Service]
Environment=VP_SECRET_KEY=<value>
restarted everything:
sudo systemctl daemon-reload
sudo systemctl start gunicorn
sudo systemctl enable gunicorn
sudo systemctl restart nginx
And done!
Setting up a django site with gunicorn & nginx I can run it with gunicorn --bind 0.0.0.0:8000 myproject.wsgi:application however gunicorn instance with nginx fails with an error can't connect to sock file (and doesn't create it also).
The error log is:
2017/02/01 11:43:47 [crit] 30225#30225: *9 connect() to unix:/home/ubuntu/webapps/kenyabuzz/kb.sock failed (2: No such file or directory) while connecting to upstream, client: 197.232.12.165, server: kenyabuzz.nation.news, request: "GET / HTTP/1.1", upstream: "http://unix:/home/ubuntu/webapps/kenyabuzz/kb.sock:/", host: "kenyabuzz.nation.news"
relevant settings are /etc/init/gunicorn.conf
description "Gunicorn application server handling all projects"
start on runlevel [2345]
stop on runlevel [!2345]
respawn
setuid user
setgid www-data
chdir /home/ubuntu/webapps/kenyabuzz
exec /home/ubuntu/webapps/djangoenv/bin/gunicorn --workers 3 --bind unix:/home/ubuntu/webapps/kenyabuzz/kb.sock kb.wsgi:application
and /etc/systemd/system/gunicorn.service
[Unit]
Description=gunicorn daemon
After=network.target
[Service]
User=ubuntu
Group=nginx
WorkingDirectory=/home/ubuntu/webapps/kenyabuzz
ExecStart=/home/ubuntu/webapps/djangoenv/bin/gunicorn --workers 3 --bind unix:/home/ubuntu/webapps/kenyabuzz/kb.sock kb.wsgi:application
[Install]
WantedBy=multi-user.target
nginx conf file
server {
listen 80;
server_name kenyabuzz.nation.news;
# Django media
location /media {
alias /home/ubuntu/webapps/kenyabuzz/kb/media; # your Django project's media files - amend as required
}
location /static {
alias /home/ubuntu/webapps/kenyabuzz/kb/static; # your Django project's static files - amend as required
}
location /favicon.ico {
alias /home/ubuntu/webapps/kenyabuzz/kb/static/kb/favicon.ico; # favicon
}
location / {
include proxy_params;
proxy_pass http://unix:/home/ubuntu/webapps/kenyabuzz/kb.sock;
}
}
UPDATE
Gunicorn status
ubuntu#ip-172-31-17-122:~$ sudo systemctl status gunicorn
● gunicorn.service - gunicorn daemon
Loaded: loaded (/etc/systemd/system/gunicorn.service; disabled; vendor preset: enabled)
Active: failed (Result: exit-code) since Wed 2017-02-01 11:26:01 UTC; 21h ago
Process: 30211 ExecStart=/home/ubuntu/webapps/djangoenv/bin/gunicorn --workers 3 --bind unix:/home
Main PID: 30211 (code=exited, status=216/GROUP)
Feb 01 11:26:01 ip-172-31-17-122 systemd[1]: Started gunicorn daemon.
Feb 01 11:26:01 ip-172-31-17-122 systemd[1]: gunicorn.service: Main process exited, code=exited, sta
Feb 01 11:26:01 ip-172-31-17-122 systemd[1]: gunicorn.service: Unit entered failed state.
Feb 01 11:26:01 ip-172-31-17-122 systemd[1]: gunicorn.service: Failed with result 'exit-code'.
lines 1-10/10 (END)
The issue was with the group set it to www-data and it worked.
The configuration looks good to me. Make sure the gunicorn service is actually running and has permissions to write the socket file.
Update: Have a close look at the status of the service, the service is not running.
Try running the command in a shell and see if there is any conclusive output.