Nginx在上游连接到Unicorn时拒绝了许可

时间:2018-06-21 17:14:14

标签: nginx sinatra unicorn

我正在尝试设置Nginx,Unicorn和Sinatra堆栈工作。这是guide我的关注对象。

虽然设置工作正常,但在运行curl时遇到了错误的网关:

[root@Orbital sockets]# curl localhost
<html>
<head><title>502 Bad Gateway</title></head>
<body bgcolor="white">
<center><h1>502 Bad Gateway</h1></center>
<hr><center>nginx/1.12.2</center>
</body>
</html>

确切的错误日志如下:

2018/06/21 17:00:21 [crit] 15475#0: *1 connect() to unix:/root/myapp/tmp/sockets/unicorn.sock failed (13: Permission denied) while connecting to upstream, client: 127.0.0.1, server: my-sinatra-app.com, request: "GET / HTTP/1.1", upstream: "http://unix:/root/myapp/tmp/sockets/unicorn.sock:/", host: "localhost"

这是我的文件夹层次结构,所有步骤都是使用root执行的。此文件夹的pwd/root/myapp

├── config.ru
├── log
│   ├── unicorn.stderr.log
│   └── unicorn.stdout.log
├── my_app.rb
├── tmp
│   ├── pids
│   │   └── unicorn.pid
│   └── sockets
│       └── unicorn.sock
└── unicorn.rb

已通过chmod -R 777 myapp递归授予了整个文件夹的完全权限。

/etc/nginx/nginx.conf

# this sets the user nginx will run as,
#and the number of worker processes
user root root;
worker_processes  1;

# setup where nginx will log errors to
# and where the nginx process id resides
error_log  /var/log/nginx/error.log;
pid        /var/run/nginx.pid;

events {
  worker_connections  1024;
  # set to on if you have more than 1 worker_processes
  accept_mutex off;
}

http {
  include       /etc/nginx/mime.types;

  default_type application/octet-stream;
  access_log /tmp/nginx.access.log combined;

  # use the kernel sendfile
  sendfile        on;
  # prepend http headers before sendfile()
  tcp_nopush     on;

  keepalive_timeout  5;
  tcp_nodelay        on;

  gzip  on;
  gzip_vary on;
  gzip_min_length 500;

  gzip_disable "MSIE [1-6]\.(?!.*SV1)";
  gzip_types text/plain text/xml text/css
     text/comma-separated-values
     text/javascript application/x-javascript
     application/atom+xml image/x-icon;

  # use the socket we configured in our unicorn.rb
  upstream unicorn_server {
    server unix:/root/myapp/tmp/sockets/unicorn.sock
        fail_timeout=0;
  }

  # configure the virtual host
  server {
    # replace with your domain name
    server_name my-sinatra-app.com; //ip address here
    # replace this with your static Sinatra app files, root + public
    root /root/myapp/;
    # port to listen for requests on
    listen 80;
    # maximum accepted body size of client request
    client_max_body_size 4G;
    # the server will close connections after this time
    keepalive_timeout 5;

    location / {
      try_files $uri @app;
    }

    location @app {
      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
      proxy_set_header Host $http_host;
      proxy_redirect off;
      # pass to the upstream unicorn server mentioned above
      proxy_pass http://unicorn_server;
    }
  }
}

/root/myapp/unicorn.rb

# set path to app that will be used to configure unicorn,
# note the trailing slash in this example
@dir = "/root/myapp/"

worker_processes 2
working_directory @dir

 timeout 30

# Specify path to socket unicorn listens to,
# we will use this in our nginx.conf later
listen "#{@dir}tmp/sockets/unicorn.sock", :backlog => 64

# Set process id path
pid "#{@dir}tmp/pids/unicorn.pid"

# Set log file paths
stderr_path "#{@dir}log/unicorn.stderr.log"
stdout_path "#{@dir}log/unicorn.stdout.log"

我可以绕过ngnix并通过curl --unix-socket ~/myapp/tmp/sockets/unicorn.sock localhost 连接到Unicorn的套接字

其余文件与教程相同。我不确定自己在做什么错,我咨询了一些类似的Stackoverflow主题,但似乎都没有用。

1 个答案:

答案 0 :(得分:0)

虽然我没有弄清实际问题,但从Centos 7.5切换到6.9可以解决问题。