CentOS 6.4 + Nginx + uwsgi + (13: Permission denied) while connecting to upstream - nginx

As mentioned in the title, I'm experiencing a permission denied error in my nginx + uwsgi setup in my CentOS 6.4. I'm running uwsgi as root already. Below are my configuration files. Take note that I've already linked (ln -s) the mysite_nginx.conf to /etc/nginx/sites-enabled/. Also I've already changed the owner of /home/user1/location/mysite to nginx user.
mysite_uwsgi.ini
#mysite_uwsgi.ini file
[uwsgi]
# Django-related settings
# the base directory (full path)
chdir = /home/user1/location/mysite/myapp
# Django wsgi file
module = mysite.wsgi
# the virtualenv (full path)
home = /home/user1/location/mysite
# process-related settings
# master
master = true
# maximum number of worker processes
processes = 4
# the socket (use the full path to be safe
socket = /home/user1/location/mysite/myapp/myapp.sock
# ... with appropriate permissions - may be needed
chmod-socket = 666
chown-socket = nginx:nginx
# clear environment on exit
vacuum = true
# other config options
uid = nginx
gid = nginx
processes = 4
mysite_nginx.conf
# mysite_nginx.conf
# the upstream component nginx needs to connect to
upstream mysite {
server unix:///home/user1/location/mysite/myapp/myapp.sock; se this first)
}
# configuration of the server
server {
# the port your site will be served on
listen 8082;
# the domain name it will serve for
server_name 192.168.X.X; #
charset utf-8;
# max upload size
client_max_body_size 75M; # adjust to taste
# Django media
location /media {
alias /home/user1/location/mysite/media;
}
location /static {
alias /home/user1/location/mysite/static;
}
I already followed the answers related to the same issue here in stackoverflow but none of them help. What am I lacking? doing wrong?
Thanks in advance!

I had the same problem. the problem is because of selinux policies. you can find the solution in the following link, follow Option 2: Extend the httpd_t Domain Permissions instructions:
http://nginx.com/blog/nginx-se-linux-changes-upgrading-rhel-6-6/

Related

My page is not responsive when I run the with UWSGI

I wanted a realtime dashboard and I cloned this https://github.com/roniemartinez/real-time-charts-with-flask.git
I installed the requirements and the application runs normally and fine whenever I run with the "python application.py" command. The "/" route in the application run responsively and fine...
I added the app to a uwsgi ini file and when I run. the web page of the "/" becomes irresponsive and bring the graphs every 30seconds. All works fine with the application. but I think the problem is either my nginx config or uwsgi ini.
what could be wrong ?
[uwsgi]
base = /home/pi/Desktop/Bingo
app = application
module = %(app)
home = %(base)/venv
pythonpath = /home/pi/Desktop/Bingo/venv/bin/python
socket = /home/pi/Desktop/Bingo/%n.sock
chmod-socket = 666
callable = app
logto = /home/pi/Desktop/Bingo/log/uwsgi/%n.log
My nginx config is
server {
listen 80;
server_name localhost;
charset utf-8;
client_max_body_size 75M;
location /static {
root /home/pi/Desktop/Bingo;
}
location / { try_files $uri #labapp;}
location #labapp {
include uwsgi_params;
uwsgi_pass unix:/home/pi/Desktop/Bingo/lab_app_uwsgi.sock;
}
}
The uwsgi logs probably contain some useful clues. Comparing your uwsgi.ini to one of mine, I see a few differences that might be significant. First, I always chdir to the base of the app, which in your case would look like
[uwsgi]
chdir = /home/pi/Desktop/Bingo
home = /home/pi/Desktop/Bingo/venv
module = application:application
... socket
... log
I also wonder if might also have a mismatch, depending on how you've named things, between
socket = /home/pi/Desktop/Bingo/%n.sock
and
uwsgi_pass unix:/home/pi/Desktop/Bingo/lab_app_uwsgi.sock;
The nginx error log is the place to look.
(See https://github.com/davewsmith/nginx-uwsgi-flask-starter/blob/master/provision/starter.ini for a working example)

uWSGI / Flask: "no python application found, check your startup logs for errors"

I have a website running with NGINX + uWSGI + Flask.
The website runs fine most of the time, however every now and then it gets into a state where the pages returned by nginx just show "Internal Server Error". If I look at the uWSGI log when it's doing this, I see the following:
[pid: 1580|app: -1|req: -1/37] 69.162.124.228 () {46 vars in 716 bytes} [Sat May 12 10:25:13 2018] GET / => generated 21 bytes in 0 msecs (HTTP/1.1 500) 2 headers in 83 bytes (0 switches on core 0)
--- no python application found, check your startup logs for errors ---
It can be in this state for ages, but if I do something seemingly unrelated, like make an arbitrary change to the flask app, then everything will start working again. It will then keep working until some random amount of time later when it starts giving "Internal Server Error" again, without any code changes being made.
I've tried running the uWSGI application directly, and it runs without any error.
I've tried installing Sentry on my flask app to capture any errors, but nothing shows up when this happens.
How do I diagnose this?
What other log files can I look at?
What is likely to be causing this?
I've been at this for over a week now, and read through almost every related question of SO.
I've run out of ideas, and near abandoning this project if I can't figure out what's going on.
Any help would be greatly appreciated.
Here are my files:
uWSGI config (mysite.ini)
[uwsgi]
module = wsgi:app
master = true
processes = 5
socket = mysite.sock
chmod-socket = 660
vacuum = true
die-on-term = true
logto = /var/log/uwsgi/%n.log
wsgi.py
from tunnelling.python.flask_app import app as application
if __name__ == "__main__":
application.run()
nginx:
server {
listen 80;
server_name www.mysite.com;
server_name mysite.com;
location / {
include uwsgi_params;
uwsgi_pass unix:/home/dimraft/mysite/mysite.sock;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/mysite.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/mysite.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
if ($scheme != "https") {
return 301 https://$host$request_uri;
} # managed by Certbot
}
systemd file:
[Unit]
Description=uWSGI instance to serve mysite
After=network.target
[Service]
User=dimraft
Group=www-data
WorkingDirectory=/home/dimraft/mysite
Environment="PATH=/home/dimraft/mysite/mysiteenv/bin"
ExecStart=/home/dimraft/mysite/mysiteenv/bin/uwsgi --ini mysite.ini
[Install]
WantedBy=multi-user.target
maybe your uWSGI config (mysite.ini) error:
change:
module = wsgi:app
to:
module = projectName.wsgi:application
#John was essentially correct on this but, I would like to elaborate for clarity.
I was having the same issue with a project that had essentially the same setup and what fixed it was to move my uwsgi.py module to inside my flask application package like so
myprojectname/
__init__.py
uwsgi.py
then change the module definition in uwsgi.ini to module=myprojectname.uwsgi:application like shown here:
[uwsgi]
module=myprojectname.uwsgi:application
master=true
processes=2
socket=myprojectname.sock
chmod-socket=660
logto=/var/log/uwsgi/uwsgi.log
die-on-term=true
Also to make sure to specify that the callable object is named application as was the case in the original posted code sample. uWSGI defaults to looking for this application named object and I've really struggled to get it to work naming it anything else such as app.
okay sorry this is coming late. i had an error like this too and this is how i solved mine
[uwsgi]
chdir = /home/goodnews/myproject
home = /home/goodnews/myproject/venv
module = wsgi:app
master = true
processes = 5
#socket = myproject.sock
socket = :5000
protocol = http
chmod-socket = 666
vaccum = true
die-on-term = true
in my case i was working on a local virtual machine(running an Ubuntu terminal), that is the reason for
socket = :5000
i was testing a webapp using ssh connection to Ubuntu server.
hopes this helps someone
This issue also happens because the uWSGI python plugin to use is not declared in the .init file. Let's say you have the python3.6 uWSGI python plugin installed, add the following in the .ini file
plugins = python36
Now, you will see other problems or uWSGI will be able to load app 0. Also, make sure that you are in your activated virtual environment to test whether the app is served by uWSGI.
I got this error after making only a small change in the python script.
The cause in my case:
The execute permissions got lost when I copied the new script to the server.
The problem for me is that some files in the website root references outer libs. You need to make sure everything is self-included.

Random unix:/tmp/php5-fpm.sock Failed

I am checking my error.log and found a few failed
connect() to unix:/tmp/php5-fpm.sock failed
Permissions are fine afaik.
What gives?
owned by nginx:nginx
permissions 660
running nginx obviously.
www.conf
listen.owner = nginx
listen.group = nginx
listen.mode = 0660
default.conf (nginx)
fastcgi_pass unix:/tmp/php5-fpm.sock;
Running PHP 5.5.14
As of PHP 5.5.12 FPM Socket permissions were changed to resolve a security related bug, you can read more about that here -> https://bugs.php.net/bug.php?id=67060
Your listen.mode = 0660 should now be set to listen.mode = 0666
As for Nginx here is a working example I am currently using:
# PHP-FPM Support
location ~ \.php$ {
fastcgi_pass unix:/usr/local/etc/php-fpm/nginx.sock;
include fastcgi.conf;
}
I was hoping you would have given a lot more configuration details as requested. The lack thereof is making this more difficult than it needs to be by trying to guess at your situation / configuration setup.
Make sure inside of your FPM Pool Configuration that the following settings are defined:
[nginx]
listen = /usr/local/etc/php-fpm/nginx.sock
user = nginx
group = nginx
listen.owner = nginx
listen.group = nginx
listen.mode = 0666
You'll notice my listen paths are using /usr/local/etc/php-fpm but you can replace those with your own path of choice.
I see you are currently using /tmp and although there is not a major problem using that, I'd advise against it and create a dedicated directory for holding your FPM Sockets.
I checked the permissions on my /usr/local/etc/php-fpm directory and they are default as 755 and owned by root:root at the moment.
Give this a try, I'm sure it will work unless you have something else random happening that isn't obvious with the current information you've given.

Problems running flask app on uwsgi / nginx

I have created a flask app and up to this point have been using the default flask server for creating/testing it. Now i want to deploy it to a server. I am using uwsgi and nginx, though i am pretty new to both. i know there are a lot of guides and questions about similar things, but i couldnt find the solution after looking through as much as i could understand
The following is from my uwsgi log :
machine: x86_64
clock source: unix
detected number of CPU cores: 1
current working directory: /home/ben/flask/MLS-Flask
detected binary path: /home/ben/flask/MLS-Flask/mls-flask-ve/bin/uwsgi
!!! no internal routing support, rebuild with pcre support !!!
*** WARNING: you are running uWSGI without its master process manager ***
your processes number limit is 1024
your memory page size is 4096 bytes
detected max file descriptor number: 1024
lock engine: pthread robust mutexes
thunder lock: disabled (you can enable it with --thunder-lock)
uwsgi socket 0 bound to UNIX address /home/ben/flask/MLS-Flask/mls_uwsgi.sock fd 3
Python version: 3.3.3 (default, Dec 30 2013, 16:29:41) [GCC 4.4.7 20120313 (Red Hat 4.4.7-4)]
Set PythonHome to /home/ben/flask/MLS-Flask/mls-flask-ve
*** Python threads support is disabled. You can enable it with --enable-threads ***
Python main interpreter initialized at 0x11755d0
your server socket listen backlog is limited to 100 connections
your mercy for graceful operations on workers is 60 seconds
mapped 72760 bytes (71 KB) for 1 cores
*** Operational MODE: single process ***
added /home/ben/flask/MLS-Flask/ to pythonpath.
WSGI app 0 (mountpoint='') ready in 0 seconds on interpreter 0x11755d0 pid: 2926 (default app)
*** uWSGI is running in multiple interpreter mode ***
spawned uWSGI worker 1 (and the only) (pid: 2926, cores: 1)
I am assuming the uwsgi is at least running? I am fairly new to this so i am not quite sure that the problem is.
my nginx config is :
server{
listen 8080;
charset utf-8;
location / {try_files $uri #app; }
location #app {
include uwsgi_params;
uwsgi_pass unix:/home/ben/flask/MLS-Flask/mls_uwsgi.sock;
}
}
my uwsgi ini is :
[uwsgi]
uid = nginx
gid = nginx
base = /home/ben/flask/MLS-Flask
home = %(base)/mls-flask-ve
pythonpath = %(base)
chdir = /home/ben/flask/MLS-Flask
module = runp
#socket file's location
socket = /home/ben/flask/MLS-Flask/mls_uwsgi.sock
#permissions for the socket file
chmod-socket = 666
#variable that holds a flask application inside the module imported
callable = app
#location of log file
logto = /var/log/uwsgi/%n.log
and the file the uwsgi ini is running is my flask app:
from app import app
if __name__ == "__main__":
app.run(debug = False, port = 8080)
I may have some extraneous stuff in my uwsgi ini or nginx config, but i am not sure if those would necessarily be the problems. Can anyone see any reasons why this might not be working? I am currently getting a 502 bad gateway error on localhost:8080, so i am guessing it has something to do with my flask, uwsgi ini/socket.
i appreciate any help.
It turned out my nginx user didnt have access to the socket because the / and /home/ directory was owned by the root group and root user. I ended up giving full access to the owner and group all the way from / directory to the socket (this probably is not the safest solution security wise, but i can further refine it after i get everything working.)
I had the same problem :
Always check socket permissions by using ls -lhtr
Try putting socket in /run/myapp/mysock.sock folder
Create an empty sock file in this folder vi mysock.sock
Set permissions of this empty file to have full access by your user and group stated
in the service. chown user:group /run/myapp/mysock.sock

Flask on nginx + uWSGI returns a 404 error unless the linux directory exists

This might be kind of a strange problem, but I'm not too experienced with these things and I don't know how to search for this kind of error.
I have a server configured with nginx and uWSGI. Everything runs fine, no errors in the logs that I can see. However, when I'm executing the below code:
from flask import Flask
app = Flask(__name__)
#app.route('/test/')
def page1():
return 'Hello World'
#app.route('/')
def index():
return 'Index Page'
I can not view http://ezte.ch/test/ UNLESS the /test/ directory exists inside linux once I create that directory, everything loads fine. Otherwise I get a 404 error passed to the uWSGI (it does show that it's receiving the request in the terminal) process.
Here is my config.ini for uWSGI:
[uwsgi]
project = eztech
uid = www-data
gid = www-data
plugins = http,python
socket = /usr/share/nginx/www/eztech/uwsgi.sock
chmod-socket = 775
chown-socket = www-data:www-data
wsgi-file hello.py
callable app
processes 4
threads 2
Here is my nginx configuration:
server {
listen 80; ## listen for ipv4; this line is default and implied
listen [::]:80 default ipv6only=on; ## listen for ipv6
autoindex on;
root /usr/share/nginx/www/eztech/public_html;
index index.html index.htm;
# Make site accessible from http://localhost/
server_name ezte.ch;
location / {
uwsgi_pass unix:/usr/share/nginx/www/eztech/uwsgi.sock;
include uwsgi_params;
uwsgi_param UWSGI_CHDIR /usr/share/nginx/www/eztech/public_html;
uwsgi_param UWSGI_MODULE hello;
uwsgi_param UWSGI_CALLABLE app;
# First attempt to serve request as file, then
# as directory, then fall back to index.html
try_files $uri $uri/ /index.html;
# Uncomment to enable naxsi on this location
# include /etc/nginx/naxsi.rules
}
Below is what I get when running uWSGI with my config file:
[uWSGI] getting INI configuration from config.ini
open("./http_plugin.so"): No such file or directory [core/utils.c line 3347]
!!! UNABLE to load uWSGI plugin: ./http_plugin.so: cannot open shared object file: No such file or directory !!!
open("./python_plugin.so"): No such file or directory [core/utils.c line 3347]
!!! UNABLE to load uWSGI plugin: ./python_plugin.so: cannot open shared object file: No such file or directory !!!
*** Starting uWSGI 1.9.8 (64bit) on [Sat Apr 27 06:29:18 2013] ***
compiled with version: 4.6.3 on 27 April 2013 00:06:22
os: Linux-3.2.0-36-virtual #57-Ubuntu SMP Tue Jan 8 22:04:49 UTC 2013
nodename: ip-10-245-51-230
machine: x86_64
clock source: unix
detected number of CPU cores: 1
current working directory: /usr/share/nginx/www/eztech
detected binary path: /usr/local/bin/uwsgi
*** WARNING: you are running uWSGI without its master process manager ***
your processes number limit is 4595
your memory page size is 4096 bytes
detected max file descriptor number: 1024
lock engine: pthread robust mutexes
uwsgi socket 0 bound to UNIX address /usr/share/nginx/www/eztech/uwsgi.sock fd 3
setgid() to 33
setuid() to 33
Python version: 2.7.3 (default, Aug 1 2012, 05:25:23) [GCC 4.6.3]
*** Python threads support is disabled. You can enable it with --enable-threads ***
Python main interpreter initialized at 0x2505520
your server socket listen backlog is limited to 100 connections
your mercy for graceful operations on workers is 60 seconds
mapped 72688 bytes (70 KB) for 1 cores
*** Operational MODE: single process ***
*** no app loaded. going in full dynamic mode ***
*** uWSGI is running in multiple interpreter mode ***
spawned uWSGI worker 1 (and the only) (pid: 12800, cores: 1)
Thank you for any assistance you can offer!
As Blender already says, there should be no try_files where is your upstream called.
The following nginx config is enough to host flask application:
server {
listen 80;
server_name ezte.ch;
location / {
uwsgi_pass unix:/usr/share/nginx/www/eztech/uwsgi.sock;
include uwsgi_params;
}
}
my flask config:
<uwsgi>
<autostart>true</autostart>
<master/>
<pythonpath>/var/www/apps/someapp/</pythonpath>
<plugin>python</plugin>
<module>someapp:app</module>
<processes>4</processes>
</uwsgi>
So there is path /var/www/apps/someapp/ and flask file someapp.py
I had the same issue. just remove this line from the nginx configuration :
root /usr/share/nginx/www/eztech/public_html;

Resources