TechQA.

nginx unexpected responses with ruby 3.2.2, rails 7 and passenger on ec2 instance

81 views Asked by At

I'm trying to deploy my small rails 7 app in a ec2 instance with nginx and passenger following this guide:

https://www.phusionpassenger.com/docs/tutorials/deploy_to_production/installations/oss/aws/ruby/nginx/

The ubuntu version is 22.04

lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description:    Ubuntu 22.04.3 LTS
Release:    22.04
Codename:   jammy

The tutorial uses one user for ror app, and i need to authenticate with this user (my_app is the name of the user, the same name of the app) to access to my_app in folder /var/www/my_app/code with this comand:

sudo -u my_app -H bash -l

However to edit nginx/passenger config files the tutorial says:

3.2 Go back to the admin account You have previously logged into your app's user account in order to prepare the app's environment. That user does not have sudo access. In the next steps, you need to edit configuration files, for which sudo access is needed. So you need to switch back to the admin account.

i can see what user runs nginx with the command:

ps ueax|grep 'nginx: worker'|grep -v grep|cut -f1 -d' '
myapp
myapp

and these are my nginx files:

mod-http-passenger.conf

### Begin automatically installed Phusion Passenger config snippet ###
passenger_root /usr/lib/ruby/vendor_ruby/phusion_passenger/locations.ini;

# passenger_ruby /usr/bin/passenger_free_ruby; "This path is wrong"!
passenger_ruby /usr/share/rvm/rubies/ruby-3.2.2/bin/ruby;

passenger_instance_registry_dir /var/run/passenger-instreg;

### End automatically installed Phusion Passenger config snippet ###

nginx.conf file:

# user www-data;
user my_app; # i use the same name of the rails's app user as nginx doc explains here http://nginx.org/en/docs/ngx_core_module.html#user

worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
events {
    worker_connections 768;
    # multi_accept on;
}

http {

    ##
    # Basic Settings
    ##

    sendfile on;
    tcp_nopush on;
    types_hash_max_size 2048;
    # server_tokens off;

    # server_names_hash_bucket_size 64;
    # server_name_in_redirect off;

    include /etc/nginx/mime.types;
    default_type application/octet-stream;

    ##
    # SSL Settings
    ##

    ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE
    ssl_prefer_server_ciphers on;

    ##
    # Logging Settings
    ##

    access_log /var/log/nginx/access.log;
    error_log /var/log/nginx/error.log;

    ##
    # Gzip Settings
    ##

    gzip on;

    # gzip_vary on;
    # gzip_proxied any;
    # gzip_comp_level 6;
    # gzip_buffers 16 8k;
    # gzip_http_version 1.1;
    # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;

    ##
    # Virtual Host Configs
    ##

    include /etc/nginx/conf.d/*.conf;
    include /etc/nginx/sites-enabled/*;
}

i've removed the default nginx file from sites-available and the symlink from sites-enabled and i've created a sym link with this comand:

sudo ln -s /etc/nginx/sites-available/myapp /etc/nginx/sites-enabled/myapp

this is the first version and sympler version of the myapp nginx file:

server {
    listen 80;
    server_name localhost;
}

i request with curl curl http://ec2.elastic.ip:

<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
.
.
blabla

i add now the root folder to this file, like this:

server {
    listen 80;
    server_name localhost;
    root /var/www/myapp/code/public;
}

i restart nginx with sudo service nginx restart and i check that the config is correct with the command sudo nginx -t

nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

and the result is of sudo tail -f /var/log/nginx/access.log is: [23/Dec/2023:09:30:21 +0000] "GET / HTTP/1.1" 403 162 "-" "curl/7.81.0"

i see this 403 error:

<html>
<head><title>403 Forbidden</title></head>
<body>
<center><h1>403 Forbidden</h1></center>
<hr><center>nginx/1.18.0 (Ubuntu)</center>
</body>
</html>

ubuntu@ip-ec2-ip:/etc/nginx/sites-available$ sudo tail -f /var/log/nginx/error.log
[ N 2023-12-23 09:30:17.7782 35332/Tb Ser/Server.h:901 ]: [ServerThr.2] Freed 0 spare client objects
[ N 2023-12-23 09:30:17.7782 35332/Tb Ser/Server.h:558 ]: [ServerThr.2] Shutdown finished
[ N 2023-12-23 09:30:17.7783 35332/Td Ser/Server.h:901 ]: [ApiServer] Freed 0 spare client objects
[ N 2023-12-23 09:30:17.7783 35332/Td Ser/Server.h:558 ]: [ApiServer] Shutdown finished
[ N 2023-12-23 09:30:17.8657 35372/T1 age/Wat/WatchdogMain.cpp:1377 ]: Starting Passenger watchdog...
[ N 2023-12-23 09:30:17.8844 35375/T1 age/Cor/CoreMain.cpp:1340 ]: Starting Passenger core...
[ N 2023-12-23 09:30:17.8846 35375/T1 age/Cor/CoreMain.cpp:256 ]: Passenger core running in multi-application mode.
[ N 2023-12-23 09:30:17.8915 35375/T1 age/Cor/CoreMain.cpp:1015 ]: Passenger core online, PID 35375
[ N 2023-12-23 09:30:20.0613 35375/T5 age/Cor/SecurityUpdateChecker.h:519 ]: Security update check: no update found (next check in 24 hours)
2023/12/23 09:30:21 [error] 35389#35389: *1 directory index of "/var/www/myapp/code/public/" is forbidden, client: ip_number, server: , request: "GET / HTTP/1.1", host: "ip_host_number"

now i add the passenger_enabled on; like this;

server {
  listen 80;
  server_name localhost;
  root /var/www/myapp/code/public;
  passenger_enabled on;
}

this is the result of the curl request:

curl -v http://ip
*   Trying ip:80...
* Connected to ip (ip) port 80 (#0)
> GET / HTTP/1.1
> Host: ip
> User-Agent: curl/7.81.0
> Accept: */*
> 
* Mark bundle as not supporting multiuse
< HTTP/1.1 301 Moved Permanently
< Content-Type: text/html
< Content-Length: 0
< Connection: keep-alive
< Status: 301 Moved Permanently
< Location: https://ip/
< Date: Sat, 23 Dec 2023 11:41:19 GMT
< X-Powered-By: Phusion Passenger(R) 6.0.19
< Server: nginx/1.18.0 + Phusion Passenger(R) 6.0.19
< 
* Connection #0 to host ip left intact

but i don't get any error in nginx error.log file.

Thanks!

PD: this is the result of checking the passenger/nginx installation:

sudo /usr/bin/passenger-config validate-install

What would you like to validate?
Use <space> to select.
If the menu doesn't display correctly, press '!'

 ‣ ⬢  Passenger itself
   ⬡  Apache

-------------------------------------------------------------------------

 * Checking whether this Passenger install is in PATH... ✓
 * Checking whether there are no other Passenger installations... ✓

Everything looks good. :-)
ruby-on-rails amazon-web-services nginx amazon-ec2 passenger
Original Q&A
0

There are 0 answers

Related Questions in RUBY-ON-RAILS

Related Questions in AMAZON-WEB-SERVICES

Related Questions in NGINX

Related Questions in AMAZON-EC2

Related Questions in PASSENGER

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json

Trending Questions