4
我在ubuntu 14.04 LTS的谷歌计算引擎虚拟机上运行Puma,capistrano和nginx rails应用程序。nginx错误:(13:权限被拒绝),同时连接到上游)
我有运行在外部IP上的nginx。当我参观我在日志中获得两个nginx的错误:
2016/02/03 11:58:07 [info] 19754#0: *73 client closed connection while waiting for request, client: ###.##.##.###, server: 0.0.0.0:443
2016/02/03 11:58:07 [crit] 19754#0: *74 connect() to unix:///home/my-user-name/apps/my-web-app/shared/tmp/sockets/my-web-app-puma.sock failed (13: Permission denied) while connecting to upstream, client: ###.##.##.###, server: ,
request: "GET/HTTP/1.1", upstream: "http://unix:///home/my-user-name/apps/my-web-app/shared/tmp/sockets/my-web-app-puma.sock:/", host: "###.###.###.###"
注:。在过去### ### ### ###是谷歌的计算虚拟机的外部IP是代码正在运行。我相信前两个IP是我的家庭IP。
我曾尝试:setsebool httpd_can_network_connect on如下建议: (13: Permission denied) while connecting to upstream:[nginx] 它返回:setsebool: SELinux is disabled.但问题仍然存在。
我在(13: Permission denied) while connecting to upstream:[nginx]看上去很好,但它似乎是特别uwsgi
这里是我的nginx.conf
upstream puma {
server unix:///home/my-user-name/apps/my-web-app/shared/tmp/sockets/my-web-app-puma.sock;
}
server {
listen 80 default_server deferred;
listen 443 ssl;
# server_name example.com;
ssl_certificate /etc/ssl/my-web-app/my-web-app.com.chained.crt;
ssl_certificate_key /etc/ssl/my-web-app/my-web-app.key;
root /home/my-web-app/apps/my-web-app/current/public;
access_log /home/my-user-name/apps/my-web-app/current/log/nginx.access.log;
error_log /home/my-user-name/apps/my-web-app/current/log/nginx.error.log info;
location ^~ /assets/ {
gzip_static on;
expires max;
add_header Cache-Control public;
}
try_files $uri/index.html $uri @puma;
location @puma {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_pass http://puma;
}
error_page 500 502 503 504 /500.html;
client_max_body_size 10M;
keepalive_timeout 10;
}
我nginx的运行与sudo service nginx restart 后来我跑PUMA有:RACK_ENV=production bundle exec puma -p 3000并返回:
Puma starting in single mode...
* Version 2.14.0 (ruby 2.1.7-p400), codename: Fuchsia Friday
* Min threads: 0, max threads: 16
* Environment: production
* Listening on tcp://0.0.0.0:3000
Use Ctrl-C to stop
E DIT 1
有人建议我在UNIX上运行彪马不是TCP 3000,这样它会匹配nginx的
我已经通过命令试图在UNIX上运行彪马:
RACK_ENV=production bundle exec puma -d -b unix:///tmp/my-web-app.sock --pidfile /tmp/puma.pid
这给了:
Puma starting in single mode...
* Version 2.14.0 (ruby 2.1.7-p400), codename: Fuchsia Friday
* Min threads: 0, max threads: 16
* Environment: production
* Daemonizing...
它读取上面的文字,但它不会逗留,在命令提示符下再次立即尽管“......”在最后出现。
该命令看起来不起作用,所以如果任何人都可以建议如何在unix上运行puma而不是tcp 3000,那么我可以完成这个建议。 (虽然我怀疑有可能任何有与PUMA做之前存在的一个配置nginx的问题)
EDIT 2附加puma.rb
#!/usr/bin/env puma
directory '/home/my-user-name/apps/my-web-app/current'
rackup "/home/my-user-name/apps/my-web-app/current/config.ru"
environment 'production'
pidfile "/home/my-user-name/apps/my-web-app/shared/tmp/pids/puma.pid"
state_path "/home/my-user-name/apps/my-web-app/shared/tmp/pids/puma.state"
stdout_redirect '/home/my-user-name/apps/my-web-app/current/log/puma.error.log', '/home/my-user-name/apps/my-web-app/current/log/puma.access.log', true
threads 2,8
bind 'unix:///home/my-user-name/apps/my-web-app/shared/tmp/sockets/my-web-app-puma.sock'
workers 1
preload_app!
on_restart do
puts 'Refreshing Gemfile'
ENV["BUNDLE_GEMFILE"] = "/home/my-user-name/apps/my-web-app/current/Gemfile"
end
on_worker_boot do
ActiveSupport.on_load(:active_record) do
ActiveRecord::Base.establish_connection
end
end
编辑3
我现在试着直接在端口80上运行rails服务器。我打字: rvmsudo rails server -p 80和它返回:
=> Booting Puma
=> Rails 4.2.4 application starting in development on http://localhost:80
=> Run `rails server -h` for more startup options
=> Ctrl-C to shutdown server
Puma 2.14.0 starting...
* Min threads: 0, max threads: 16
* Environment: development
* Listening on tcp://localhost:80
Exiting
/home/my-user-name/apps/my-web-app/shared/bundle/ruby/2.1.0/gems/puma-2.14.0/lib/puma/binder.rb:233:in `initialize': Address already in use - bind(2) for "localhost" port 80 (Errno::EADDRINUSE)
from /home/my-user-name/apps/my-web-app/shared/bundle/ruby/2.1.0/gems/puma-2.14.0/lib/puma/binder.rb:233:in `new'
from /home/my-user-name/apps/my-web-app/shared/bundle/ruby/2.1.0/gems/puma-2.14.0/lib/puma/binder.rb:233:in `add_tcp_listener'
from (eval):2:in `add_tcp_listener'
from /home/my-user-name/apps/my-web-app/shared/bundle/ruby/2.1.0/gems/puma-2.14.0/lib/rack/handler/puma.rb:33:in `run'
from /home/my-user-name/apps/my-web-app/shared/bundle/ruby/2.1.0/gems/rack-1.6.4/lib/rack/server.rb:286:in `start'
from /home/my-user-name/apps/my-web-app/shared/bundle/ruby/2.1.0/gems/railties-4.2.4/lib/rails/commands/server.rb:80:in `start'
from /home/my-user-name/apps/my-web-app/shared/bundle/ruby/2.1.0/gems/railties-4.2.4/lib/rails/commands/commands_tasks.rb:80:in `block in server'
from /home/my-user-name/apps/my-web-app/shared/bundle/ruby/2.1.0/gems/railties-4.2.4/lib/rails/commands/commands_tasks.rb:75:in `tap'
from /home/my-user-name/apps/my-web-app/shared/bundle/ruby/2.1.0/gems/railties-4.2.4/lib/rails/commands/commands_tasks.rb:75:in `server'
from /home/my-user-name/apps/my-web-app/shared/bundle/ruby/2.1.0/gems/railties-4.2.4/lib/rails/commands/commands_tasks.rb:39:in `run_command!'
from /home/my-user-name/apps/my-web-app/shared/bundle/ruby/2.1.0/gems/railties-4.2.4/lib/rails/commands.rb:17:in `<top (required)>'
from bin/rails:4:in `require'
from bin/rails:4:in `<main>'
EDIT 4
如果我执行sudo服务的nginx停止然后运行rvmsudo rails server -p 80再次返回:
=> Booting Puma
=> Rails 4.2.4 application starting in development on http://localhost:80
=> Run `rails server -h` for more startup options
=> Ctrl-C to shutdown server
Puma 2.14.0 starting...
* Min threads: 0, max threads: 16
* Environment: development
* Listening on tcp://localhost:80
这意味着,方法是不正确,因为没有nginx当我访问外部IP没有它现在返回The server refused the connection.而不是原来的:
We're sorry, but something went wrong.
If you are the application owner check the logs for more information.
如果有人知道如何防止原始错误,任何建议将不胜感激。
编辑5 原来的问题仍然存在,但任何人都可以告诉我,如果这是一个https问题或ssl问题?
编辑6
我曾尝试直接运行在80彪马上午80
得到一个权限错误我尝试:RACK_ENV=production bundle exec puma -p 80并获得:
Puma starting in single mode...
* Version 2.14.0 (ruby 2.1.7-p400), codename: Fuchsia Friday
* Min threads: 0, max threads: 16
* Environment: production
* Listening on tcp://0.0.0.0:80
/home/my-user-name/apps/my-web-app/shared/bundle/ruby/2.1.0/gems/puma-2.14.0/lib/puma/binder.rb:233:in `initialize': Permission denied - bind(2) for "0.0.0.0" port 80 (Errno::EACCES)
from /home/my-user-name/apps/my-web-app/shared/bundle/ruby/2.1.0/gems/puma-2.14.0/lib/puma/binder.rb:233:in `new'
from /home/my-user-name/apps/my-web-app/shared/bundle/ruby/2.1.0/gems/puma-2.14.0/lib/puma/binder.rb:233:in `add_tcp_listener'
from /home/my-user-name/apps/my-web-app/shared/bundle/ruby/2.1.0/gems/puma-2.14.0/lib/puma/binder.rb:98:in `block in parse'
from /home/my-user-name/apps/my-web-app/shared/bundle/ruby/2.1.0/gems/puma-2.14.0/lib/puma/binder.rb:84:in `each'
from /home/my-user-name/apps/my-web-app/shared/bundle/ruby/2.1.0/gems/puma-2.14.0/lib/puma/binder.rb:84:in `parse'
from /home/my-user-name/apps/my-web-app/shared/bundle/ruby/2.1.0/gems/puma-2.14.0/lib/puma/runner.rb:119:in `load_and_bind'
from /home/my-user-name/apps/my-web-app/shared/bundle/ruby/2.1.0/gems/puma-2.14.0/lib/puma/single.rb:79:in `run'
from /home/my-user-name/apps/my-web-app/shared/bundle/ruby/2.1.0/gems/puma-2.14.0/lib/puma/cli.rb:215:in `run'
from /home/my-user-name/apps/my-web-app/shared/bundle/ruby/2.1.0/gems/puma-2.14.0/bin/puma:10:in `<top (required)>'
from /home/my-user-name/apps/my-web-app/shared/bundle/ruby/2.1.0/bin/puma:23:in `load'
from /home/my-user-name/apps/my-web-app/shared/bundle/ruby/2.1.0/bin/puma:23:in `<main>'
我相信,这是由于端口80比其他端口具有更高的权限所致。所以,我跑sudo RACK_ENV=production bundle exec puma -p 80,但刚刚回来:Your Ruby version is 1.9.3, but your Gemfile specified 2.1.7
您的上游模块显示unix套接字,但您在TCP/IP套接字的端口3000上启动puma。其中一个需要改变。 –
谢谢@RichardSmith我曾尝试编辑您的建议1 – Rorschach
@Rorschach您有没有机会解决这个问题?如果是这样,你可以发布答案,以便其他人可以从中受益。 – George