I am new to web services especially when it comes to deployment options.
I made a Flask application webserver, and now I would like to deploy it on production mode. I went for Gunicorn + Nginx options and followed this tutorial on Medium.
I installed nginx with:
~ >>> sudo pacman -S nginx
~ >>> sudo systemctl start nginx
~ >>> sudo systemctl enable nginx
Everything worked well, but when I created my systemd service webserver.service, the Group=www-data made the service exited, with status=216/GROUP.
Here is the webserver.service file:
[Unit]
Description=Gunicorn instance to serve the test server webserver
After=network.target
[Service]
User=user
Group=www-data
WorkingDirectory=/home/user/webserver/
Environment="PATH=/home/user/webserver/.env/bin"
ExecStart=/home/user/webserver/.env/bin/gunicorn --workers 3 --bind unix:app.sock -m 007 wsgi:app
[Install]
WantedBy=multi-user.target
Here is the full log:
~ >>> sudo systemctl start webserver
~ >>> sudo systemctl enable webserver
~ >>> sudo systemctl status webserver
● webserver.service - Gunicorn instance to serve the test server webserver
Loaded: loaded (/etc/systemd/system/webserver.service; enabled; vendor preset: disabled)
Active: failed (Result: exit-code) since Sun 2020-07-05 14:50:02 CEST; 20min ago
Main PID: 5464 (code=exited, status=216/GROUP)
juil. 05 14:50:02 user systemd[1]: Started Gunicorn instance to serve the test server webserver.
juil. 05 14:50:02 user systemd[5464]: webserver.service: Failed to determine group credentials: No such process
juil. 05 14:50:02 user systemd[5464]: webserver.service: Failed at step GROUP spawning /home/user/webserver/.env/bin/gunicorn: No such process
juil. 05 14:50:02 user systemd[1]: webserver.service: Main process exited, code=exited, status=216/GROUP
juil. 05 14:50:02 user systemd[1]: webserver.service: Failed with result 'exit-code'.
In fact, when I list all the groups, the www-data required by Nginx is missing:
~ >>> groups
sys network power docker lp wheel user
So obviously the above code won't work with www-data group.
What I tried
1. A different group
I tried to change the group option to Group=root, and it worked. I then finished the tutorial without any errors.
I thought it fixed my issue, but I couldn't access my server on my browser at http://www.my_domain_webserver.com, so I guess the www-data is mandatory to work with Nginx and GUnicorn.
My nginx location block:
server {
listen 80;
server_name my_domain_webserver.com www.my_domain_webserver.com;
location / {
include proxy_params;
proxy_pass http://unix:/home/user/webserver/app.sock;
}
}
2. Reloading Daemon
I also tried to re-execute daemon with systemctl daemon-reexec, but it didn't solved my issue.
My project tree is:
webserver
├── app.py
├── app.sock
└── wsgi.py
Why is the group www-data missing ?
Do I need to add special nginx.conf files ? I didn't modify any of them.
Thanks for your help !
You could try to add the folder to the "www-data" group:
sudo chown www-data /home/user/webserver
That helped for me...
Related
This is what it brings when you check nginx status
[root#ttproxyapp conf.d]# service nginx status
Redirecting to /bin/systemctl status nginx.service
● nginx.service - nginx - high performance web server
Loaded: loaded (/usr/lib/systemd/system/nginx.service; disabled; vendor preset: disabled)
Active: inactive (dead)
sudo systemctl stop apache2
sudo systemctl start nginx
should work since looks like the port is in use (with apache probably)
It realy looks like your NGINX ins't running. nginx -s reload is just working if there is a running instance and therfore a PID-file.
Please check the result of the following command.
[root#localhost conf.d]# sudo ps -elf | grep nginx
Should be something like
1 S root 88262 1 0 80 0 - 13143 sigsus 23:47 ? 00:00:00 nginx: master process /usr/sbin/nginx -c /etc/nginx/nginx.conf
5 S nginx 88263 88262 0 80 0 - 13257 ep_pol 23:47 ? 00:00:00 nginx: worker process
0 R root 88265 69227 0 80 0 - 28178 - 23:47 pts/1 00:00:00 grep --color=auto nginx
You need at least! the master process and the worker process! If there is no process start your instance by typing
sudo /bin/systemctl start nginx.service OR sudo service nginx start
Check your processlist after running the command.
After you have started the NGINX service there should be PID-file located at
/var/run/nginx.pid and sudo systemctl status nginx.service should printout something like
[root#localhost conf.d]# systemctl status nginx.service
● nginx.service - NGINX Plus - high performance web server
Loaded: loaded (/usr/lib/systemd/system/nginx.service; enabled; vendor preset: disabled)
Active: active (running) since Sat 2020-03-14 23:47:13 EDT; 5min ago
Docs: https://www.nginx.com/resources/
Process: 88232 ExecStop=/bin/kill -s TERM $MAINPID (code=exited, status=0/SUCCESS)
Process: 88260 ExecStart=/usr/sbin/nginx -c /etc/nginx/nginx.conf (code=exited, status=0/SUCCESS)
Process: 88251 ExecStartPre=/usr/libexec/nginx-plus/check-subscription (code=exited, status=0/SUCCESS)
Main PID: 88262 (nginx)
Tasks: 2
Memory: 1.7M
CGroup: /system.slice/nginx.service
├─88262 nginx: master process /usr/sbin/nginx -c /etc/nginx/nginx.conf
└─88263 nginx: worker process
Mar 14 23:47:13 localhost.localdomain systemd[1]: Starting NGINX Plus - high performance web server...
Mar 14 23:47:13 localhost.localdomain systemd[1]: Can't open PID file /var/run/nginx.pid (yet?) after start: No such file or directory
Mar 14 23:47:13 localhost.localdomain systemd[1]: Started NGINX Plus - high performance web server.
I am running NGINX Plus but it doesn't matter in this case.
there is maybe an apache server running. you must stop that apache server order run the Nginx server.
sudo systemctl stop apache2
sudo systemctl start nginx
I am learning how to set up a load balancer, using nginx on AWS.
I set up a basic ubuntu 18.04 server on AWS, and then did the following:
sudo apt-get update
sudo apt-get upgrade -y
sudo apt-get install nginx -y
I then replaced /etc/nginx/nginx.conf with the following:
upstream backend {
server xxx.24.20.11;
server xxx.24.20.12;
}
server {
listen 80;
location / {
proxy_pass http://backend;
}
}
I then tried restarting the nginx server by doing:
sudo service nginx stop
sudo service nginx start
but I'm getting the error message:
Job for nginx.service failed because the control process exited with error code.
See "systemctl status nginx.service" and "journalctl -xe" for details.
So, I did
systemctl status nginx.service
And here's what I got:
nginx.service - A high performance web server and a reverse proxy server
Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: enabled)
Active: failed (Result: exit-code) since Wed 2019-04-03 01:13:27 UTC; 23s ago
Docs: man:nginx(8)
Process: 1822 ExecStop=/sbin/start-stop-daemon --quiet --stop --retry QUIT/5 --pidfile /run/nginx.pid (code=exited, status=0/SUCCESS)
Process: 1748 ExecStart=/usr/sbin/nginx -g daemon on; master_process on; (code=exited, status=0/SUCCESS)
Process: 1865 ExecStartPre=/usr/sbin/nginx -t -q -g daemon on; master_process on; (code=exited, status=1/FAILURE)
Main PID: 1752 (code=exited, status=0/SUCCESS)
Apr 03 01:13:27 load-balancer.xxxx.com systemd[1]: Starting A high performance web server and a reverse proxy server...
Apr 03 01:13:27 load-balancer.xxx.com nginx[1865]: nginx: [emerg] "upstream" directive is not allowed here in /etc/nginx/nginx.conf:2
Apr 03 01:13:27 load-balancer.xxx.com nginx[1865]: nginx: configuration file /etc/nginx/nginx.conf test failed
Apr 03 01:13:27 load-balancer.xxx.com systemd[1]: nginx.service: Control process exited, code=exited status=1
Apr 03 01:13:27 load-balancer.xxx.com systemd[1]: nginx.service: Failed with result 'exit-code'.
Apr 03 01:13:27 load-balancer.xxx.com systemd[1]: Failed to start A high performance web server and a reverse proxy server.
I looked at two separate tutorials, and they both use the "upstream" directive. Any ideas?
Edit:
I returned nginx.conf to its original format:
sudo cp /etc/nginx/nginx.original /etc/nginx/nginx.conf
Then, I did the following:
sudo su
echo > /etc/nginx/sites-available/load-balancer.conf
I then added the following to /etc/nginx/sites-available/load-balancer.conf
http {
upstream backend {
server docker-one.xxxxxxx.com;
server docker-two.xxxxxxx.com;
}
server {
listen 80;
server_name load-balancer.xxxxxxx.com;
location / {
proxy_pass http://backend;
}
}
}
load-balancer.xxxxxxx.com is the domain name that I am using for testing, and the docker-one and docker-two are the two domains that will be running the actual web app.
I then did a symlink:
ln -s /etc/nginx/sites-available/load-balancer.conf /etc/nginx/sites-enabled/
then I rebooted the server. When it was back up, I did the following:
sudo service nginx stop
sudo service nginx start
I got an error message telling me the nginx service failed, so I did:
systemctl status nginx.service
Which gave me the following error:
● nginx.service - A high performance web server and a reverse proxy server
Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: enabled)
Active: failed (Result: exit-code) since Wed 2019-04-03 19:42:34 UTC; 19s ago
Docs: man:nginx(8)
Process: 1549 ExecStartPre=/usr/sbin/nginx -t -q -g daemon on; master_process on; (code=exited, status=1/FAILURE)
Apr 03 19:42:34 load-balancer.xxxxxxx.com systemd[1]: Starting A high performance web server and a reverse proxy server...
Apr 03 19:42:34 load-balancer.xxxxxxx.com nginx[1549]: nginx: configuration file /etc/nginx/nginx.conf test failed
Apr 03 19:42:34 load-balancer.xxxxxxx.com systemd[1]: nginx.service: Control process exited, code=exited status=1
Apr 03 19:42:34 load-balancer.xxxxxxx.com systemd[1]: nginx.service: Failed with result 'exit-code'.
Apr 03 19:42:34 load-balancer.xxxxxxx.com systemd[1]: Failed to start A high performance web server and a reverse proxy server.
Overwriting whole nginx.conf you deleted http context. upstream is only allowed inside http {} block as per https://nginx.org/en/docs/http/ngx_http_upstream_module.html#upstream
Debian/ubuntu uses /etc/nginx/sites-available/* for site definitions, thats where you need to create your own config file, one per vhost if needed. And then enable it so it becomes symlinked to /etc/nginx/sites-enabled/*. Or for simplicity, use /etc/nginx/sites-available/default as existing config file, make your changes there. Save original, until you get it working. And reload nginx after said changes. Restore original /etc/nginx/nginx.conf also, ofcourse.
I try to start this service but i can´t, the error below occur:
root#zabbix:/home/appliance# systemctl status nginx.service
nginx.service - A high performance web server and a reverse proxy server
Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: enabled)
Active: failed (Result: exit-code) since Wed 2018-07-25 18:33:26 UTC; 1min 27s ago
Process: 30040 ExecStart=/usr/sbin/nginx -g daemon on; master_process on; (code=exited, status=1/FAILURE)
Process: 30037 ExecStartPre=/usr/sbin/nginx -t -q -g daemon on; master_process on; (code=exited, status=0/SUCCESS)
Jul 25 18:33:25 zabbix nginx[30040]: nginx: [emerg] listen() to [::]:80, backlog 511 failed (98: Address already in use)
Jul 25 18:33:25 zabbix nginx[30040]: nginx: [emerg] listen() to 0.0.0.0:80, backlog 511 failed (98: Address already in use)
Jul 25 18:33:25 zabbix nginx[30040]: nginx: [emerg] listen() to [::]:80, backlog 511 failed (98: Address already in use)
Jul 25 18:33:26 zabbix nginx[30040]: nginx: [emerg] listen() to 0.0.0.0:80, backlog 511 failed (98: Address already in use)
Jul 25 18:33:26 zabbix nginx[30040]: nginx: [emerg] listen() to [::]:80, backlog 511 failed (98: Address already in use)
Jul 25 18:33:26 zabbix nginx[30040]: nginx: [emerg] still could not bind()
Jul 25 18:33:26 zabbix systemd[1]: nginx.service: Control process exited, code=exited status=1
Jul 25 18:33:26 zabbix systemd[1]: *******Failed to start A high performance web server*** and a reverse proxy server.****
Jul 25 18:33:26 zabbix systemd[1]: nginx.service: Unit entered failed state.
Jul 25 18:33:26 zabbix systemd[1]: nginx.service: Failed with result 'exit-code'.
You already have a process bound to the HTTP port 80. (Specially after upgrading systems! it will start apache2 by default)
So first try this:
sudo service apache2 stop
sudo systemctl restart nginx
If problem is not solved then run this command sudo lsof -i:80 to get a list of processes using the port and then stop or disable web server.
Try to stop the process which are using the port 80 using:
sudo fuser -k 80/tcp
sudo systemctl restart nginx
In some cases it may be some issues in the configuration file.
You can use nginx -t -c /etc/nginx/nginx.conf command to find any miss-configuration.
In some cases this error is caused by a default Nginx site already on port 80. Removing default config works if you don't need a default one!
sudo rm /etc/nginx/sites-enabled/default
sudo service nginx restart
For me this error was caused by a default nginx site already on port 80. Removing default site worked
sudo rm /etc/nginx/sites-enabled/default
sudo service nginx restart
You already have a process bound to the HTTP port 80.
You can run command sudo lsof -i:80 to get a list of processes using the port and then stop/disable web server.
Try to stop the process which are using the port 80:
sudo fuser -k 80/tcp
Try to stop the process which is using port 80:
sudo fuser -k 80/tcp
When you did restart using
sudo systemctl restart nginx
It may be some issues in the configuration file. You can use this
nginx -t -c /etc/nginx/nginx.confcommand to find any bugs in the configuration file. If you find the bugs resolve that run the sudo service nginx restart again. It will work.
Please check the reference here
In my experience, this error can be triggered in several different situations (which might have the same root, but are perceived as different scenarios).
Not only port 80
Depending on your nginx config, you should also try port 443:
sudo lsof -i:80
sudo lsof -i:443
You should be able to check your nginx listen ports in /etc/nginx/sites-enabled (under Debian)
Special case
In my case, there was an nginx instance running, that would block itself from restarting. It would not go down with sudo systemctl stop nginx. I had to use sudo killall nginx and could then use sudo systemctl start nginx.
Config error
I also experienced the exact same error message on a config error.
You can check your nginx config with /usr/sbin/nginx -c /etc/nginx/nginx.conf# (this will also test all virtual host files (/etc/nginx/sites-enabled`)
i had same issue, was because i have apache and nginx on same server !
so when i typed sudo reboot it didn't work because it started apache while am using nginx so i just run this two commands
sudo systemctl stop apache2
then
sudo systemctl start nginx
then sudo systemctl disable apache2
so next time i reboot not going to face same issue
help from aws services support
I had to use:
sudo killall nginx
And could then use;
sudo systemctl start nginx
For me stopping apache service solved the problem
sudo service apache2 stop
I had this problem too. I checked the /etc/nginx/site-available/default file and I have forgotten to close the bracket (syntax error).
Just restart the nginx server. It should resolve your problem
sudo systemctl restart nginx
I was using gunicorn with nginx, found that service was not active.
sudo systemctl enable gunicorn.socket
sudo systemctl start gunicorn.socket
sudo systemctl restart nginx
Worked for me.
if your gunicorn is active, please make sure it's working fine.
you can also go through the logs(errors) via nginx logs from
sudo tail -f /var/log/nginx/error.log
Certbot and nginx versions:
certbot installed using certbot.eff.org install guide.
Certbot version: 0.22.2
Nginx version: 1.10.3
Getting ssl certificates works fine:
certbot --nginx
But, in renewal of cerbot certificated
certbot renew --dry-run
nginx fails to start causing:
nginx: [error] open() "/run/nginx.pid" failed (2: No such file or directory)
I have tried changing post-hook and pre-hook in /etc/letsencrypt/renewal/*com.conf/
commenting installer=nginx
changing authenticator to nginx and standalone
Adding post and pre hooks in /etc/letsencrypt/renewal-hooks/pre/ and /etc/lestencrypt/renewal-hooks/post/ to stop and start nginx service.
Seems nginx is not starting properly or isn't stop properly.
after renewal completes nginx fails with (code=exited, status=1/FAILURE)
Nginx error log show:
Error while certbot renew:
Try to execute:
sudo service nginx restart
Then test your nginx configuration file(s) (until you see "nginx: configuration file /etc/nginx/nginx.conf test is successful")
sudo nginx -s reload -t
Pay attention on paths to certificates, and other stuff
and then reload configuration without -t option:
sudo nginx -s reload
It's not recommended to modify configuration files in /etc/letsencrypt/ but creating (if it doesn't exist) and modifying cli.ini file here is working for me. You can specify post-hook in this file once and it will work for all your certificates, see my current file:
# /etc/letsencrypt/cli.ini
max-log-backups = 0
authenticator = webroot
webroot-path = /var/www/html
post-hook = service nginx reload
text = True
I hope this will help future readers. Solution source is here (however the article is in Russian)
I had the same issue on Ubuntu 16.04
I've just removed post and pre hooks in /etc/letsencrypt/renewal/*.conf and changed authenticator to nginx - I had in two entries standalone.
And it is working now fine.
Edit:
Recommended way to update renewal config is to reissue new certificate using:
certbot -i nginx -d example.com -d www.example.com certonly
You can run this command line before run reload nginx.
sudo nginx -c /etc/nginx/nginx.conf
or
sudo nginx -c /usr/local/etc/nginx/nginx.conf
then you can start nginx nomaly
sudo nginx -s reload
Good luck.
I had the same error...
When I installed certbot, I followed the instructions and put in a cronjob (5 3 15 * *):
certbot renew --pre-hook "service nginx stop" --post-hook "service nginx start"
this morning nginx was dead, and the log showed
open() "/run/nginx.pid" failed (2: No such file or directory)
I did not connect the two, but do I understand that certbot triggers the nginx failure?
ps -ef | grep nginx, find all nginx process
sudo kill -9 xxx xxx xxx or sudo pkill nginx
sudo systemctl restart nginx
sudo nginx -t
I had this problem and followed a similar tack to those outlined here.
I had had certbot install a certificate, but it was in certonly --nginx mode, I supplied my own nginx serverblocks. certbot worked, but an nginx failure cast doubt on the accuracy of my provisioning.
This certbot call "restarts" nginx with a modified server block configuration, so it can answer the HTTP-01 challenges. I know this because when it fails, it will log, "nginx restart failed:" just before the bind() failures I'm about to show. My nginx server was down when provisioning succeeded.
I couldn't get systemctl or service to start it and systemd status nginx would only ever show "failed".
Whilst I could get nginx up, and serving, with nginx -s reload I wanted systemd to manage it for me.
No amount of systemctl {start|restart|stop|quit} nginx, would work. The status remained as failed and would show errors with bind():
Oct 07 10:04:13 HostXYZ systemd[1]: Starting A high performance web server and a reverse proxy server...
Oct 07 10:04:13 HostXYZ nginx[17096]: nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Unknown error)
Oct 07 10:04:13 HostXYZ nginx[17096]: nginx: [emerg] bind() to [::]:80 failed (98: Unknown error)
Oct 07 10:04:13 HostXYZ nginx[17096]: nginx: [emerg] bind() to [::]:443 failed (98: Unknown error)
Oct 07 10:04:13 HostXYZ nginx[17096]: nginx: [emerg] bind() to 0.0.0.0:443 failed (98: Unknown error)
That would repeat in journalctl output, 4 or 5 times.
I checked the process and saw:
:~$ ps aux | grep nginx
root 12960 0.0 0.6 77216 9816 ? Ss Oct06 0:00 nginx: master process nginx -c /etc/nginx/nginx.conf
www-data 16944 0.0 0.5 77360 8604 ? S 08:43 0:00 nginx: worker process
That process, which appeared to be occupying the ports needed by my systemd service. My systemd service doesn't use that -c /etc/nginx/nginx.conf. It uses:
ExecStart=/usr/sbin/nginx -g 'daemon on; master_process on;'
nginx -s stop, and quit would not rid me of the rogue process. Instead they both gave the error the OP had:
:~$ sudo nginx -s stop
nginx: [error] open() "/run/nginx.pid" failed (2: No such file or directory)
Both my systemd service unit and /etc/nginx/nginx.conf gave /run/nginx.pid as the PIDFile/pid. For some reason, /etc/nginx/nginx.conf wasn't creating it.
What I needed to do:
sudo killall nginx
sudo systemctl start nginx
That knocked out the other nginx service (I think it came from nginx -s reload but I couldn't shut it down by the corollary command) Which looked like this:
:~$ sudo killall nginx
:~$ ps aux | grep nginx
john 17140 0.0 0.1 4008 2004 pts/0 S+ 10:10 0:00 grep --color=auto nginx
:~$ sudo systemctl start nginx
:~$ sudo systemctl status nginx
● nginx.service - A high performance web server and a reverse proxy server
Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: enabled)
Active: active (running) since Fri 2022-10-07 10:10:25 UTC; 1s ago
...
:~$ ps aux | grep nginx
root 11481 0.0 0.1 76484 2588 ? Ss 10:10 0:00 nginx: master process /usr/sbin/nginx -g daemon on; master_process on;
www-data 11482 0.0 0.2 76876 4284 ? S 10:10 0:00 nginx: worker process
:~$ cat /run/nginx.pid
11481
I am unable to start nginx using the service nginx {signal}.
root# service nginx status
* /usr/sbin/nginx is not running
root# service nginx start
root# service nginx status
* /usr/sbin/nginx is not running
root# ls -al /run/*.pid
-rw-r--r-- 1 root root 5 Jul 23 17:32 /run/acpid.pid
root# /etc/init.d/nginx restart
* Restarting nginx nginx [fail]
root# ls -al /run/*.pid
-rw-r--r-- 1 root root 5 Jul 23 17:32 /run/acpid.pid
-rw-r--r-- 1 root root 0 Jul 25 17:06 /run/nginx.pid
root# service nginx status
* /usr/sbin/nginx is not running
Inside /var/log/nginx/error.log there is only one entry:
2014/07/25 16:59:52 [notice] 17085#0: signal process started
However, neither top, nginx, or netstat show nginx is actually running.
Since I built from source, where might nginx be dying? Where are the log files? /var/log/syslog doesn't seem to have anything about this. I'm not sure where to go from here.
I'm can't add comment :(
file size /run/nginx.pid = 0, nginx can't write pid to file.
start script can't find pid master process
I suspect you need to diff:
pidfile in /etc/init.d/nginx and pid in nginx.conf