I am trying to get fastcgi to work on nginx. I know the config file is correct becuase it worked before and i suspect my c++ program and how I set the fcgi file to be read by nginx. These are the steps I undertake. I am using Ubuntu, nginx, c++ with fastcgi. What did I do wrong?
1) Compile the program
g++ -o rtbCookieServer.fcgi rtbCookieServer.o -lfcgi++ -lboost_system -lcgicc -L/home/cpp/mongo-cxx-driver-v2.0 -I/home/cpp/mongo-cxx-driver-v2.0/mongo
2) move rtbCookieServer.fcgi into /var/www
3) sudo /var/www chmod a+x rtbCookieServer.fcgi
4) Run the below
spawn-fcgi.standalone -u root -g root -G www-data -a 127.0.0.1 -p 9000 -f /var/www/rtbCookieServer.fcgi
spawn-fcgi: child spawned successfully: PID: 2398
if I try and run the command as root I get this:
spawn-fcgi: I will not set uid to 0
5) browse to http://127.0.0.1/rtbCookieServer.fcgi where I get a 502 error and this error in my log file
2012/01/23 15:19:03 [error] 1189#0: *1 upstream closed prematurely FastCGI stdout while reading response header from upstream, client: 127.0.0.1, server: localhost, request: "GET /rtbCookieServer.fcgi HTTP/1.1", upstream: "fastcgi://127.0.0.1:9000", host: "127.0.0.1"
When I look what is listening on port 9000 I get the below alomg with some other diagnostics:
sudo lsof -i :9000
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
rtbCookie 2398 marktest 0u IPv4 17598 0t0 TCP localhost:9000 (LISTEN)
netstat -an | grep 9000
tcp 0 0 127.0.0.1:9000 0.0.0.0:* LISTEN
ps auxww | grep rtbCookieServer.fcgi
1000 2398 0.0 0.0 24616 360 ? Ss 15:08 0:00 /var/www/rtbCookieServer.fcgi
Now..1) why does the command say rtbCookie and not rtbCookieServer? even when I kill the process and rerun the spawn command ...still says rtbCookie. Should it not say rtbCookieServer? Also, why does it say marktest for user rather than root?
for Diagnostis I run ./rtbCookieServer.fcgi --9000 and the get the expected output.
Here are my file permissions.
-rwxr-xr-x 1 root root 1580470 2012-01-23 14:28 rtbCookieServer.fcgi
Here is my config file:
server {
listen 80;
server_name localhost;
location ~ \.fcgi$ {
root /var/www;
include /etc/nginx/fastcgi_params;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.html;
fastcgi_param SCRIPT_FILENAME /$fastcgi_script_name;
include fastcgi_params;
}
}
It says rtbCookie because lsof uses fixed width columns and rtbCookie is all that fits.
Sounds like it get's confused while it is processing the headers you send back. I suspect you have a slight formatting error in your response. Each header should end with \r\n
Between the last header and the body of your response must be an empty line also ending with \r\n
Related
Hi there i'm trying to put in production some django app using nginx + gunicorn + supervisor.
Following this guide i was able to reproduce all steps with success but for some reason i can't make it work. I believe that the problem is with the nginx part of the project since I'm not able to even serve a static file for testing. It's my first time using all these tools.
Config files are as follows:
nginx.conf:
worker_processes 1;
user nobody nogroup;
# 'user nobody nobody;' for systems with 'nobody' as a group instead
error_log /home/seba94/log/nginx/nginx.error.log warn;
#pid /run/nginx.pid;
events {
worker_connections 1024; # increase if you have lots of clients
accept_mutex off; # set to 'on' if nginx worker_processes > 1
# 'use epoll;' to enable for Linux 2.6+
# 'use kqueue;' to enable for FreeBSD, OSX
}
http {
include /etc/nginx/mime.types;
# fallback in case we can't determine a type
default_type application/octet-stream;
access_log /home/seba94/log/nginx/nginx.access.log combined;
sendfile on;
upstream app_server {
# fail_timeout=0 means we always retry an upstream even if it failed
# to return a good HTTP response
# for UNIX domain socket setups
server unix:/tmp/gunicorn.sock fail_timeout=10s;
# for a TCP configuration
#server 127.0.0.1:8000 fail_timeout=0;
}
server {
# if no Host match, close the connection to prevent host spoofing
listen 80 default_server;
return 444;
}
server {
# use 'listen 80 deferred;' for Linux
# use 'listen 80 accept_filter=httpready;' for FreeBSD
listen 80;
client_max_body_size 4G;
# set the correct host(s) for your site
server_name reg.rocstar.tv;
keepalive_timeout 5;
# path for static files
root /home/seba94/static;
location /register/ {
# checks for static file, if not found proxy to app
try_files $uri #proxy_to_app;
}
location /media/ {
#path for Django media files
alias /home/seba94/register-page/register_page/media;
}
location /static/ {
#path for Django static files
alias /home/seba94/register-page/register_page/static;
}
location /todd-logo.png {
alias /home/seba94/static/todd-logo.png;
}
location #proxy_to_app {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $http_host;
# we don't want nginx trying to do something clever with
# redirects, we set the Host: header above already.
proxy_redirect off;
proxy_pass http://app_server;
}
error_page 500 502 503 504 /500.html;
location = /500.html {
root /home/seba94/static;
}
}
supervisord.conf:
[supervisord]
logfile=/home/seba94/log/supervisord/supervisord.log
[inet_http_server]
port=127.0.0.1:9001
[rpcinterface:supervisor]
supervisor.rpcinterface_factory=supervisor.rpcinterface:make_main_rpcinterface
[program:register-page-django]
command=/home/seba94/.local/share/virtualenvs/register-page-jYLn8mRO/bin/gunicorn register_page.wsgi -c /home/seba94/conf/gunicorn.conf.py
directory=/home/seba94/register-page/register_page
user=seba94
autostart=true
autorestart=true
stdout_logfile=/home/seba94/log/supervisord/register_page.log
stderr_logfile=/home/seba94/log/supervisord/register_page.err.log
[supervisorctl]
gunicorn.conf.py:
import multiprocessing
#Server socket config
bind = "unix:/tmp/gunicorn.sock"
backlog = 2048
#Workers config. Eventlet is an asynchronus worker
workers = multiprocessing.cpu_count() * 2
worker_class = "eventlet"
worker_connections = 1000
#access-logfile = "/home/seba94/log/gunicorn/gunicorn.log"
#error-logfile = "/home/seba94/log/gunicorn/gunicorn.error.log"
name = "register-page-gunicorn"
#Server mechanics
#daemon = True
I'm able to run successfully all processes with no errors from the cmd using the following commands:
sudo service nginx start
sudo supervisord -c /home/seba94/conf/supervisord.conf
sudo supervisorctrl start register-page-django
Nginx status is the following:
● nginx.service - A high performance web server and a reverse proxy server
Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: enabled)
Active: active (running) since Wed 2019-10-23 20:38:58 UTC; 31min ago
Docs: man:nginx(8)
Process: 5552 ExecStop=/sbin/start-stop-daemon --quiet --stop --retry QUIT/5 --pidfile /run/nginx.pid (code=exited, status=0/SUCCESS)
Process: 5599 ExecStart=/usr/sbin/nginx -g daemon on; master_process on; (code=exited, status=0/SUCCESS)
Process: 5594 ExecStartPre=/usr/sbin/nginx -t -q -g daemon on; master_process on; (code=exited, status=0/SUCCESS)
Main PID: 5601 (nginx)
Tasks: 2 (limit: 1108)
CGroup: /system.slice/nginx.service
├─5601 nginx: master process /usr/sbin/nginx -g daemon on; master_process on;
└─5760 nginx: worker process
oct 23 20:38:58 register-page-server systemd[1]: Starting A high performance web server and a reverse proxy server...
oct 23 20:38:58 register-page-server systemd[1]: Started A high performance web server and a reverse proxy server.
Honestly i can't find any errors not even in the log files so i don't know why i can't even see my static todd-logo.png file. Neither can i see the Django app running. Any help is more than welcomed
Edit:
Seems that all config files and commands in this issue are fine, the problem appeared to be a firewall configuration from a previous project. This could be an example of usage of these tools currently working
Please share the output of curl -v http://domain-name in the question as well.
I have gotta my project setup with uwsgi, django, nginx Everything seems to be working fine but somehow I keep on getting the error on getting static files I have been reading through online and tried all the possible ways but I keep on getting this permission denied error on my static folder.
Can someone please let me know what I have done wrong with the permission and how I should change it?
this is my /var/log/nginx/error.log
open() "/root/project/static/*.css" failed (13: Permission denied), client: 2xx.xx.xx.xxx, server: _, request: "GET /static/*.css HTTP/1.1", host: "1xx.xx.xx.xxx"
This is my nginx site-available config
server {
listen 80 default_server;
listen [::]:80 default_server;
# root /var/www/html;
# Add index.php to the list if you are using PHP
# index index.html index.htm index.nginx-debian.html;
server_name _;
#location = /favicon.ico { access_log off; log_not_found off; }
#location /media {
# root /root/project/mediafiles;
#}
location ^~ /static/ {
allow all; # this is from one of the posts but no luck
auth_basic off; # this is from one of the posts but no luck
root /root/project;
}
location / {
include uwsgi_params;
uwsgi_pass unix:/tmp/uwsgi/project.sock;
}
}
as my folder permission
for project folder it's drwxr-xr-x 23 www-data www-data
for static folder it's drwxr-x--- 8 www-data www-data 4096 May 23 14:40 static
I never made the permission to static 755 too but no luck.
Anyways, this is using root as user instead of having an extra user and root is also in group of www-data
Thanks in advance for all the help.
EDIT:
As suggested this is the output of ps aux | grep nginx
root 810 0.0 0.0 124972 1440 ? Ss 02:18 0:00 nginx: master process /usr/sbin/nginx -g daemon on; master_process on;
www-data 811 0.0 0.0 125688 4840 ? S 02:18 0:00 nginx: worker process
www-data 812 0.0 0.0 125348 3196 ? S 02:18 0:00 nginx: worker process
root 1159 0.0 0.0 14224 1004 pts/0 S+ 04:25 0:00 grep --color=auto nginx
The problem I am guessing is the fact that your project root directory is at /root. The default permissions for /root are:
drwx------ 14 root root 4096 May 8 12:47 root
As you can see, other users, such as www-data don't even have read access to the /root directory. In Linux FS, if you need to read something at a path/a/b/c, you need to have read access to each of the folders in that path.
The Nginx worker process runs as user www-data which is trying to open a file that is rooted at /root where this user does not have read permissions, and therefore raising a Permission denied (13).
See this demo for more detail:
$ cat /root/test2/text.txt
cat: /root/test2/text.txt: Permission denied
$ sudo cat /root/test2/test.txt
A
$ sudo ls -la /root/ | grep test2
drwxrwxrwx 2 root root 4096 May 24 02:04 test2
Hope this makes sense. The solution would be on of the following:
Run nginx workers as root (not recommended)
Move your project directory to a location that is designed to be accessed by multiple users such as /usr/local/share or /var/www/ (recommended)
I have the same problem. My nginx server on Centos 7.6 can't access to static folder in path /home/user/app/mysyte/static/. In /var/log/nginx/error.log same error open() "/home/user/app/mysyte/static/*.css" failed (13: Permission denied)
For solving this problem look at this page issue 2
i was running into the same problem and i found this answer useful!
Nginx connet to .sock failed (13:Permission denied) - 502 bad gateway
What I simply did was changing the name of the user on the first line in /etc/nginx/nginx.conf file.
In my case the default user was www-data and I changed it to my root machine username.
I'm trying to setup a simple django app on nginx with uswgi.
When I send a request, it returns a 502 bad gateway.
Here is my uwsgi.ini
[uwsgi]
master = true
socket = /usr/share/nginx/firstsite/nginx.sock
chdir = /usr/share/nginx/firstsite
wsgi-file = /usr/share/nginx/firstsite/firstsite/wsgi.py
chmod-socket = 664
vacuum = true
uwsgi output:
uwsgi --ini uwsgi.ini
[uWSGI] getting INI configuration from uwsgi.ini
*** Starting uWSGI 2.0.11.2 (64bit) on [Sat Jun 18 15:09:30 2016] ***
compiled with version: 4.8.3 20140911 (Red Hat 4.8.3-9) on 02 December 2015 19:47:02
os: Linux-3.10.0-327.4.4.el7.x86_64 #1 SMP Tue Jan 5 16:07:00 UTC 2016
nodename: centos_prod
machine: x86_64
clock source: unix
pcre jit disabled
detected number of CPU cores: 8
current working directory: /usr/share/nginx/firstsite
detected binary path: /root/venv/bin/uwsgi
uWSGI running as root, you can use --uid/--gid/--chroot options
*** WARNING: you are running uWSGI as root !!! (use the --uid flag) ***
chdir() to /usr/share/nginx/firstsite
your processes number limit is 94006
your memory page size is 4096 bytes
detected max file descriptor number: 1024
lock engine: pthread robust mutexes
thunder lock: disabled (you can enable it with --thunder-lock)
uwsgi socket 0 bound to UNIX address /usr/share/nginx/firstsite/nginx.sock fd 3
Python version: 2.7.5 (default, Nov 20 2015, 02:00:19) [GCC 4.8.5 20150623 (Red Hat 4.8.5-4)]
*** Python threads support is disabled. You can enable it with --enable-threads ***
Python main interpreter initialized at 0x21f6ce0
your server socket listen backlog is limited to 100 connections
your mercy for graceful operations on workers is 60 seconds
mapped 145536 bytes (142 KB) for 1 cores
*** Operational MODE: single process ***
WSGI app 0 (mountpoint='') ready in 0 seconds on interpreter 0x21f6ce0 pid: 3421 (default app)
*** uWSGI is running in multiple interpreter mode ***
spawned uWSGI master process (pid: 3421)
spawned uWSGI worker 1 (pid: 3426, cores: 1)
nginx.conf
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
events {
worker_connections 1024;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
include /etc/nginx/conf.d/*.conf;
upstream django {
server unix:///usr/share/nginx/firstsite/nginx.sock;
}
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name _;
root /usr/share/nginx/firstsite;
client_max_body_size 300M; # adjust to taste
location /media {
alias /usr/share/nginx/firstsite/media;
}
location /static {
alias /usr/share/nginx/firstsite/static;
}
# Finally, send all non-media requests to the Django server.
location / {
uwsgi_pass django;
include /usr/share/nginx/firstsite/uwsgi_params; # the uwsgi_params file you installed
}
}
}
I'm not using a virtualenv and my manage.py is in /usr/share/nginx/firstsite/
I'm able to run the app without nginx on uwsgi with:
uwsgi --wsgi-file /usr/share/nginx/firstsite/firstsite/wsgi.py --http :80
but what I'm trying to do is let nginx use port 80 and uwsgi use file socket.
Please help.
Update:
I don't know why I was not seeing any error before, but now nginx error log says:
nginx Permission denied while connecting to upstream
so looking at this
I tried adding these options to uwsgi:
--uid root --gid www-data
so the socket file is owned by root which is part of the www-data group.
I'm still getting a permission error.
[crit] 6804#0: *1 connect() to unix:///usr/share/nginx/firstsite/nginx.sock failed (13: Permission denied) while connecting to upstream, client: 192.168.168.201, server: _, request: "GET / HTTP/1.1", upstream: "uwsgi://unix:///usr/share/nginx/firstsite/nginx.sock:"
Update:
I'm still running into permission issue.
I created a django user and a django group.
Both nginx and django users are members of django group.
Changed ownership of all the folders under
/usr/share/nginx/firstsite
owned by django.
set --gid and --uid to django.
ran
uwsgi --ini /usr/share/nginx/firstsite/uwsgi.ini
as root. I got the permission error.
ran:
runuser -l django -c "uwsgi --ini /usr/share/nginx/firstsite/uwsgi.ini"
the same.
Note that /usr/share/nginx is owned by root.
I tried changing the nginx config file:
uwsgi_pass unix:///usr/share/nginx/firstsite/nginx.sock;
restarted nginx and ran uwsgi. I'm getting this error:
connect() to unix:///usr/share/nginx/firstsite/nginx.sock failed (13: Permission denied) while connecting to upstream, client: 192.123.123.123, server: _, request: "GET / HTTP/1.1", upstream: "uwsgi://unix:///usr/share/nginx/firstsite/nginx.sock:"
I also had to setup a python virtualenv and set home in uwsgi.ini to detect django but I cannot get passed this socket failure.
I am setting up a production server for django application. I am able to run it with the help of nginx and gunicorn. problem is that, when I am running it on port no 8000 or 8001, it's working fine. But when I am running it on port 80, It is not connecting. This is the command I am using ( from command line ) :
gunicorn abcd.wsgi:application --bind=0.0.0.0:80 ( not working )
gunicorn abcd.wsgi:application --bind=0.0.0.0:8000 ( working )
because of this when i opens my website in browser, I have to give the port number e.g - abcd.com:8000
output of commands is :
1. netstat -tulpn | grep :80
tcp 0 0.0.0.0:80 0.0.0.0:* LISTEN 27506/nginx
nginx conf file is :
server {
listen 80;
server_name abcd.com;
location / {
proxy_pass http://0.0.0.0:8000;
}
location /static/ {
alias /home/ubuntu/staticvirt/test_project/staticfiles/;
}
}
I'm using nginx with Django on Ubunto 10:04. The problem is when I restart nginx I get this error.
sudo /etc/init.d/nginx restart
Restarting nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
configuration file /etc/nginx/nginx.conf test is successful
[emerg]: bind() to 0.0.0.0:80 failed (98: Address already in use)
[emerg]: bind() to 0.0.0.0:80 failed (98: Address already in use)
[emerg]: bind() to 0.0.0.0:80 failed (98: Address already in use)
[emerg]: bind() to 0.0.0.0:80 failed (98: Address already in use)
Also, I have tried stop and then start but still get the error.
Here's the output from lsof:
sudo lsof -i tcp:80
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
nginx 27141 root 6u IPv4 245906 0t0 TCP *:www (LISTEN)
nginx 27142 nobody 6u IPv4 245906 0t0 TCP *:www (LISTEN)
If I kill the process with PID 27141 it works. However, I would like to get to the bottom
of why I can't just do a restart.
Here's the nginx.conf:
worker_processes 1;
user nobody nogroup;
pid /tmp/nginx.pid;
error_log /tmp/nginx.error.log;
events {
worker_connections 1024;
accept_mutex off;
}
http {
include mime.types;
default_type application/octet-stream;
access_log /tmp/nginx.access.log combined;
sendfile on;
upstream app_server {
# server unix:/tmp/gunicorn.sock fail_timeout=0;
# For a TCP configuration:
server 127.0.0.1:8000 fail_timeout=0;
}
server {
listen 80 default;
client_max_body_size 4G;
server_name _;
keepalive_timeout 5;
# path for static files
root /home/apps/venvs/app1/app1;
location / {
# checks for static file, if not found proxy to app
try_files $uri #proxy_to_app;
}
location #proxy_to_app {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_pass http://app_server;
}
error_page 500 502 503 504 /500.html;
location = /500.html {
root /path/to/app/current/public;
}
}
}
Any ideas?
Try:
$ sudo fuser -k 80/tcp ; sudo /etc/init.d/nginx restart
This worked for me
sudo fuser -k 80/tcp
And then
service nginx start
Source: https://rtcamp.com/tutorials/nginx/troubleshooting/emerg-bind-failed-98-address-already-in-use/
Daemontools starting nginx successfully, then nginx daemonizes, and then daemontools tries to start nginx again, unsuccessfully, logging an error to the log.
The solution to this problem is to disable daemon mode in the main section of the nginx.conf:
daemon off;
Site: http://wiki.nginx.org/CoreModule
Tired with nginx restart issues and "address in use" faults. Decided to make it work once and for all.
Added just one line at the end stop and restart action in /etc/init.d/nginx file
nginx -s quit
so it looks now like (and ensure that nginx folder is in PATH variable, otherwise specify the full path)
stop)
echo -n "Stopping $DESC: "
start-stop-daemon --stop --quiet --pidfile /var/run/$NAME.pid \
--exec $DAEMON || true
echo "$NAME."
nginx -s quit
;;
restart|force-reload)
echo -n "Restarting $DESC: "
start-stop-daemon --stop --quiet --pidfile \
/var/run/$NAME.pid --exec $DAEMON || true
nginx -s quit
sleep 1
test_nginx_config
start-stop-daemon --start --quiet --pidfile \
/var/run/$NAME.pid --exec $DAEMON -- $DAEMON_OPTS || true
echo "$NAME."
;;
Hope that this solution will work for others.
Always test your config first, it will show syntax errors and duplicate lines and point you there.
nginx -t
You will see logs there showing you what is causing the failure.
It's because you aren't restarting as root.
Change to root:
sudo -i
Restart:
service nginx restart
Or:
/etc/init.d/nginx restart