Nginx failed (13: Permission denied) uwsgi (502 bad gateway)

centosnginxpermissionsuwsgi

I am having trouble running my application on a new DigitalOcean droplet. The machine runs CentOS 6.5

My /etc/nginx/nginx.conf

user  nginx www-data;
worker_processes  1;

error_log  /var/log/nginx/error.log;
#error_log  /var/log/nginx/error.log  notice;
#error_log  /var/log/nginx/error.log  info;

pid        /var/run/nginx.pid;
(continues)

My myapp_nginx.conf

server {

   server_name 104.xxx.x.xxx;
    listen      8080;
    charset     utf-8;
    client_max_body_size 30M;

    location / {
        index index.html index.htm;
        root /home/webdev/mydevelopment/git/ers_portal;
        try_files $uri @app;
    }

    location /static {
    alias /home/webdev/mydevelopment/git/ers_portal/app/static;
    }

    location @app {
        include uwsgi_params;
        uwsgi_pass unix:/home/webdev/mydevelopment/git/ers_portal_uwsgi.sock;
    }
}

My myapp_uwsgi.ini

[uwsgi]
master = true
#user info
uid = webdev
gid = www-data

#application's base folder
base = /home/webdev/mydevelopment/git/ers_portal

#chdir to this folder when starting
#chdir = /home/webdev/mydevelopment/git/ers_portal

#python module to import
app = run_web
module = %(app)

home = /home/webdev/mydevelopment/venvs/ecodev_do
pythonpath = %(base)

#socket file's location
socket = /home/webdev/mydevelopment/git/ers_portal/%n.sock

#permissions for the socket file
chmod-socket    = 666

#the variable that holds a flask application inside the module imported at line #6
#uwsgi varible only, does not relate to your flask application
callable = app

#location of log files
logto = /home/webdev/mydevelopment/git/ers_portal/logs/%n.log

The error messages printed in the nginx error.log whenever I make a web request to 104.xxx.x.xxx:8080

2014/11/19 23:14:47 [crit] 28090#0: *1 stat() "/home/webdev/mydevelopment/git/ers_portal/favicon.ico" failed (13: Permission denied), client: 71.211.xxx.xxx, server: 104.xxx.x.xxx, request: "GET /favicon.ico HTTP/1.1", host: "104.xxx.x.xxx:8080"
2014/11/19 23:14:47 [crit] 28090#0: *1 connect() to unix:/home/webdev/mydevelopment/git/ers_portal_uwsgi.sock failed (13: Permission denied) while connecting to upstream, client: 71.211.xxx.xxx, server: 104.xxx.x.xxx, request: "GET /favicon.ico HTTP/1.1", upstream: "uwsgi://unix:/home/webdev/mydevelopment/git/ers_portal_uwsgi.sock:", host: "104.xxx.x.xxx:8080"

project folder: drwxr-xr-x 6 webdev www-data 4.0K Nov 19 23:40 ers_portal

socket inside that folder: srw-rw-rw- 1 webdev www-data 0 Nov 19 23:45 ers_portal_uwsgi.sock

If you have any additional info you need just let me know. Thanks!!

EDIT

I changed the permissions as suggested by @Eugene. Now in my /var/log/nginx/access.log I see

[20/Nov/2014:01:37:58 -0500] "GET / HTTP/1.1" 502 574 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.153 Safari/537.36" "-"

In /var/log/nginx/error.log I see

2014/11/20 01:38:27 [crit] 28639#0: *1 connect() to unix:/home/webdev/mydevelopment/git/ers_portal_uwsgi.sock failed (2: No such file or directory) while connecting to upstream, client: 71.21.my.local.ip, server: , request: "GET / HTTP/1.1", upstream: "uwsgi://unix:/home/webdev/mydevelopment/git/ers_portal_uwsgi.sock:", host: "104.ser.ver.ip"

The favicon.ico rejection (below) that was in var/log/nginx/access.log isn't showing up anymore

"GET /favicon.ico HTTP/1.1" 502 574 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.153 Safari/537.36" "-"

Best Answer

Solved

I found my typo after many hours of searching. In /path/to/my/webapp/my_app_nginx.conf the line that reads

location @app {
        include uwsgi_params;
        uwsgi_pass unix:/home/webdev/mydevelopment/git/ers_portal_uwsgi.sock;
    }

should read

location @app {
        include uwsgi_params;
        uwsgi_pass unix:/home/webdev/mydevelopment/git/ers_portal/ers_portal_uwsgi.sock;
    }

Also, in /etc/nginx/nginx.conf change user nginx www-data; back to user nginx;

Also ensure that there is not a default server block in the "top-level" /etc/nginx/nginx.conf that conflicts with your app's configuration (in my case /path/to/my/webapp/my_app_nginx.conf, which is symlinked to the /etc/nginx/conf.d/ folder).

Lessons learned...

Don't get discouraged. The worst (maybe second worst) feeling in the world is not being able to figure something out over an extended period of time. Especially if this is your hobby, it can be easy to feel that you're incompetent and this stuff is too hard and you're not good enough. Stick at it.
Be methodical. I was getting change-crazy, especially at the end there. This results in going to bed with no real progress and waking up in the same spot you were. Write it all down, document what you have tried and keep track of previous changes. if ABABA is the working config, and ---B- was the change you were looking for, but you forgot to change --B-- back to --A--, you will repeat and repeat and repeat yourself. See #1
Remember sometimes the most important thing to reaching your solution is to get up and walk away.
Don't discount the knowledge of your peers (this community). While they may not have the instant answer for your particular problem, remember All of us isn't as dumb as none of us (or some silly saying like that). We all have a deep-seated love of scrubbing problems from the planet, one at a time.

Best Answer

Related Solutions

Nginx – Blank Page: wordpress on nginx+php-fpm

Nginx gives 504 Gateway Time-out once moved to live

Related Topic