I've moved my .NET Core WebAPI to an AWS EB Instance. This works fine, however my file upload has now broken due to the Nginx 'client_max_body_size' configuration.
I've looked up how to override this, however I cannot get this to work. Here is my current set-up:
Within this file I have added:
client_max_body_size 0;
This file has no hidden characters (Notepad++ with show all chars on):
When my EB environment is updated I get the following eb-engine log:
2022/05/17 07:15:57.025994 [ERROR] An error occurred during execution of command [app-deploy] - [FlipProxyForDotNetCore]. Stop running the command. Error: copy proxy conf from staging failed with error validate nginx configuration failed with error Command /bin/sh -c /usr/sbin/nginx -t -c /var/proxy/staging/nginx/nginx.conf failed with error exit status 1. Stderr:nginx: [emerg] unknown directive "client_max_body_size" in /var/proxy/staging/nginx/conf.d/myConf.conf:1
nginx: configuration file /var/proxy/staging/nginx/nginx.conf test failed
My EB instance is running Amazon Linux 2/2.3.1.
What am I doing wrong?
The error msg
"client_max_body_size"
indicates that you have some non-ASCII characters () in your myConf.conf. Please open the file in a regular text editor and verify that it has only ASCII characters.
Related
I'm working on a project for deploying pentest lab with terraform & ansible. All is working good except that last problem.
In my lab I have a nginx server running on a Windows server. Nginx with php works when I start them as Administrator with ansible but i need them to run with a non admin local account.
For the php i've made a wrapper using this tools : https://github.com/antonioCoco/RunasCs
But it doesn't work with nginx cause of a working directory problem :
Here is the error :
PS C:\Users\Administrator> .\RunAsCs.exe nginx ***** C:\Web\nginx-1.19.6\nginx.exe
[*] Warning: GetUserProfileDirectory failed with error code: 2
[*] Warning: Unable to obtain environment for user 'nginx'.
[*] Warning: Environment of created process might be incorrect.
nginx: [alert] could not open error log file: CreateFile() "logs/error.log" failed (3: The system cannot find the path specified)
2021/03/06 10:18:33 [emerg] 5556#6124: CreateFile() "C:\Windows\system32/conf/nginx.conf" failed (3: The system cannot find the path specified)
And that's normal because as you can see my wrapper start in Windows/System32
I would like to know if there is a solution either with nginx.conf or with ansible to start this exe as the "nginx" user.
This is a working code for starting nginx as Administrator
- name: Starting web server
win_shell: .\nginx.exe
args:
chdir: C:\Web\nginx-1.19.6
async: 180
poll: 0
I know that there is a psexec module in ansible but psexec will work only for Local Admin account and the goal of that is that my nginx don't run as Local Admin.
Thanks for the help !
while installing letsencrypt certificate the output error is:
nginx: the configuration file /jet/etc/nginx/nginx.conf syntax is ok
nginx: [emerg] getgrnam(“nobody”) failed
nginx: configuration file /jet/etc/nginx/nginx.conf test failed
but if I run:
nginx -t
to see if there are configuration errors in the nginx.conf file,
nginx -t return the output:
nginx: the configuration file /jet/etc/nginx/nginx.conf syntax is ok
nginx: configuration file /jet/etc/nginx/nginx.conf test is successful
Every now and then on WordPress I also get the error:
internal server 500 error
and I don’t know if this is related to the problem I described above
My web server is (include version):
The operating system my web server runs on is (include version):
Linux lemp7-optimized-g2-1-vm 4.9.0-8-amd64 #1 SMP Debian 4.9.110-3+deb9u4 (2018-08-21) x86_64
jeware lemp7 stack profile
jetware
I managed to install the certificates by inserting a line with the “user nobody nogroup;” in the nginx.conf file
After the installation I removed the line with the “user nobody nogroup;” in the nginx.conf file
sudo wget https://dl.eff.org/certbot-auto
sudo mv certbot-auto /jet/etc/letsencrypt/certbot-auto
sudo chown root /jet/etc/letsencrypt/certbot-auto
sudo chmod 0755 /jet/etc/letsencrypt/certbot-auto
sudo chmod a+x /jet/etc/letsencrypt/certbot-auto
sudo /jet/etc/letsencrypt/certbot-auto --nginx --nginx-ctl /jet/bin/nginx --nginx-server-root /jet/etc/nginx --config-dir /jet/etc/letsencrypt
this produce this output:
nginx: the configuration file /jet/etc/nginx/nginx.conf syntax is ok
nginx: [emerg] getgrnam(“nobody”) failed
nginx: configuration file /jet/etc/nginx/nginx.conf test failed
but if I run:
nginx -t
to see if there are configuration errors in the nginx.conf file,
nginx -t return the output:
nginx: the configuration file /jet/etc/nginx/nginx.conf syntax is ok
nginx: configuration file /jet/etc/nginx/nginx.conf test is successful
every now and then on WordPress I also get the error: internal server 500 error
and I don’t know if this is related to the problem I described above
I will probably also have problems with automatic certificate renewal if I do not resolve this situation
Well I have solved the problem. Fortunately I managed to find the error in the log and I understood what happened.
“certbot-auto” installs the certificates using the user: nobody. In my system there already existed by default a user “nobody” of the group “nogroup” but has no access to nginx. user nobody
So to be able to install the certificates I had to insert a line with the directive: user nobody nogroup; inside nginx.conf.
This allowed the installation of certificates. However, this procedure has changed the permissions in the directory: /jet/tmp/nginx/
where instead of: my_ssh_user:my_ssh_group I found: nobody:my_ssh_group and with this modified setting I received the internal server 500 error on the WordPress admin panel. So the problem is not related to WordPress but to the certificate installation procedure.
After installing the certificates I removed the user nobody nogroup directive; because during the restart of nginx, a warning came up saying that this directive is not supported and therefore will be ignored.
Restoring the permissions with chmod on the directory: /jet/tmp/nginx I fixed the problem and the internal server 500 error disappeared.
Here the link of the same discussion on letsencrypt. I still doubt that the error could recur when I have to renew the certificates.
A possible solution could be to assign the ssh user of the virtual instance that does not have root permissions, root permissions by adding it to the root group.
On virtual hosts, when an instance is launched, a user ssh is created.
This user, for security reasons, does not have root permissions.
Letsencrypt by default installs the certificates on the / etc / letsencrypt folder, which has root permissions (user: root group: root).
I had to install the certificates in the folder where the ssh user can have access (user: myssh_user group: myssh_group), ie su / jet / etc / letsencrypt
Could it be that the error was caused by this?
I have OSX El Capitan. I installed Nginx-Full via homebrew. I am supposed to be able to start and stop services with
brew services Nginx-Full Start
I run that command and it seems to start no problem. I check the running services with
brew services list
That indicates that the Nginx-Full services is running. When i run
htop
to look at everything that is running Nginx does not show up and the server is not handling requests.
nginx is failing to launch because of an error, but brew-services is not communicating that to you.
Running it with sudo, as other users have suggested, is just masking the problem. If you just run nginx directly, you may see that there is actually a configuration or permissions issue that is causing nginx to abort. In my case, it was because it couldn't write to the error log:
nginx: [alert] could not open error log file: open() "/usr/local/var/log/nginx/error.log" failed (13: Permission denied)
2020/04/02 13:11:53 [warn] 19989#0: the "user" directive makes sense only if the master process runs with super-user privileges, ignored in /usr/local/etc/nginx/nginx.conf:2
2020/04/02 13:11:53 [emerg] 19989#0: open() "/usr/local/var/log/nginx/error.log" failed (13: Permission denied)
The last error is causing nginx to fail to launch. You can make yourself the owner of the logs with:
sudo chown -R $(whoami) /usr/local/var/log/nginx/
This should cause subsequent config errors to be written to the error log, even if homebrew services is not reporting them in stderr/stdout for now.
I've opened an issue about this: https://github.com/Homebrew/homebrew-services/issues/215
The log path may not the same for everyone. You can check the path to log file by checking the config file /usr/local/etc/nginx/nginx.conf. You can find a line like:
error_log /Users/myusername/somepath/nginx.log;. Change the chown command above accordingly. If even this didn't solve the problem, you may have to do the same for any other log files specified in the server blocks in your nginx configuration
Try launching it with "sudo", even if the formula say
The default port has been set in /usr/local/etc/nginx/nginx.conf to 8080 so that
nginx can run without sudo.
sudo brew services Nginx-Full start
this worked for me:
sudo brew services start nginx
Running sudo nginx worked for me, it initially gave some error stating certain file in certain directory is missing, creating that file, and then another file is asked for to be created and then it runs properly.
I had similar problem, running it brew services start nginx used to show nginx running.
but brew services list used to show error.
running with sudo nginx solved my issue
I have an Nginx service that's configured to start automatically on my Windows 10; however, this morning, the service wouldn't start.
The error log says: nginx: [alert] could not open error log file: CreateFile() "C:\someForlderName\build\distribution\.\nginx/logs/error.log" failed (3: The system cannot find the path specified)
Looking at the path in the error log above, I do NOT have the /logs/ folder on my local system so it looks like Nginx doesn't have the proper permissions to create that folder?
I'm setup as an admin user and my service is set to Log On As - Local System Account
This only happens on Windows 10; but the service starts and works on
older Windows i.e 8.1
So does anyone know how to grant administrator's permissions to Nginx so that Nginx can create folders and files on Windows 10 ?
You need:
To install nginx/Windows, download the latest mainline version distribution (1.13.8), since the mainline branch of nginx contains all known fixes. Then unpack the distribution, go to the nginx-1.13.8 directory, and run nginx. Here is an example for the drive C: root directory: (Run cmd as administrator)
cd c:\
unzip nginx-1.13.8.zip
cd nginx-1.13.8
start nginx
Go to: http://localhost:80 -> test install
Goback to console cmd: "nginx -s stop"
Run for next time:
Config with file: "C:\nginx-1.13.8\conf\nginx.conf"
Open cmd as administrator
Run bash: "cd C:\nginx-1.13.8"
Run nginx with bash: "start nginx" . If you run with bash: "nginx", will get trouble for exit nginx.
And
nginx -s stop #fast shutdown
nginx -s quit #graceful shutdown
nginx -s reload #changing configuration, starting new worker processes with a new configuration, graceful shutdown of old worker processes
nginx -s reopen #re-opening log files
Under the directory that you run nginx.exe, try to create a directory named logs, and a file named error.log under log.
It should pass this error.
After downloading zip file, you have unzip.
Make sure that you dont have nested folder names. You have to copy your folder which has nginx.exe file in it, and paste it into C:/ folder.
While running commands, like nginx -s stop, make sure that current your working directory is same as the nginx.exe file.
enter image description here
Nginx start on default port 80, not 8080. Try localhost:80 on browser.
If you want to change port, open C:\nginx-1.16.1\conf\nginx.conf with text editor.
change port number what you want use default port.
server {
listen 80;
server_name localhost;
to:
server {
listen 8080;
server_name localhost;
I had a similar issue with starting the nginx server, but after looking at it closely and trying to run the command in different consoles, I realized it just a simple issue of a missing path.
How I solved it was to cd into the containing folder for the nginx.exe file (which actually contains error logs and all the necessary files) and then run the nginx command which started the server and fixed it for me.
I've put nginx into /d/webservers/nginx on Windows and added it to the PATH. Now I try to run nginx from different folder but get the following error:
nginx: [alert] could not open error log file: CreateFile() "logs/error.log" failed (3: The system cannot find the path specified)
2015/03/22 10:09:25 [emerg] 5516#3056: CreateFile() "C:\Users\username/conf/nginx.conf" failed (3: The system cannot find the path specified)
It seems that nginx can't find it's server root folder /d/webservers/nginx where config and logs folder exists. Is there any way to pass as an argument the pass to the server root folder? Something like it's done for Apache: httpd -d /d/Webservers/Apache24'
nginx -c d:/webservers/nginx/conf/nginx.conf