お世話になります、質問失礼致します。
表記のエラーに引っかかりました。
前提・実現したいこと
エラーログにはfailed 13: Permission deniedとの記述があり
読み取り権限の付与、SELinuxの無効化など試すも解決せず。
通常のアプリ画面を表記したいです。
基本構成
nginx/1.16.1
unicorn v5.5.2
ruby 2.6.3p62
Rails 5.1.6
MySQL 5.5.62
AWSのCloud9でコーディング&デプロイ
各種設定
(デプロイ編②)世界一丁寧なAWS解説。EC2を利用して、RailsアプリをAWSにあげるまで
を参考にnginxとunicornの設定を行いました。
~~.~~~.~~~.~~~にはElastic IPを入力してあります。
etc/nginx/conf.d/アプリ名.conf
etc/nginx/conf.d/アプリ名.conf #log directory error_log /home/ec2-user/environment/アプリ名/log/nginx.error.log; access_log /home/ec2-user/environment/アプリ名/log/nginx.access.log; # max body size client_max_body_size 2G; upstream unicorn { # for UNIX domain socket setups server unix:/home/ec2-user/environment/アプリ名/tmp/sockets/.unicorn.sock fail_timeout=0; } server { listen 80; server_name ~~.~~~.~~~.~~~; # nginx so increasing this is generally safe... keepalive_timeout 5; # path for static files # Location of our static files root /home/ec2-user/environment/アプリ名/public; location ~ ^/assets/ { root /home/ec2-user/environment/アプリ名/public; allow all; } # page cache loading #try_files $uri/index.html $uri.html $uri @app; try_files $uri $uri/ @unicorn; location / { # HTTP headers proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; proxy_redirect off; if (!-f $request_filename) { proxy_pass http://unicorn; break; } } # Rails error pages error_page 500 502 503 504 /500.html; location = /500.html { root /home/ec2-user/environment/アプリ名/public; } }
home/ec2-user/environment/アプリ名/config/unicorn.conf.rb
# set lets $worker = 2 $timeout = 30 $app_dir = "/home/ec2-user/environment/アプリ名/" $listen = File.expand_path 'tmp/sockets/.unicorn.sock', $app_dir $pid = File.expand_path 'tmp/pids/unicorn.pid', $app_dir $std_log = File.expand_path 'log/unicorn.log', $app_dir # set config worker_processes $worker working_directory $app_dir stderr_path $std_log stdout_path $std_log timeout $timeout listen $listen pid $pid # loading booster preload_app true # before starting processes before_fork do |server, worker| defined?(ActiveRecord::Base) and ActiveRecord::Base.connection.disconnect! old_pid = "#{server.config[:pid]}.oldbin" if old_pid != server.pid begin Process.kill "QUIT", File.read(old_pid).to_i rescue Errno::ENOENT, Errno::ESRCH end end end # after finishing processes after_fork do |server, worker| defined?(ActiveRecord::Base) and ActiveRecord::Base.establish_connection end
発生している問題・エラーメッセージ
stat() "/home/ec2-user/environment/アプリ名/public/" failed (13: Permission denied), client: ~~~.~~~.~~~.~~~, server: ~~.~~~.~~~.~~~, request: "GET / HTTP/1.1", host: "~~.~~~.~~~.~~~" connect() to unix:/home/ec2-user/environment/アプリ名/tmp/sockets/.unicorn.sock failed (13: Permission denied) while connecting to upstream, client: ~~~.~~~.~~~.~~~, server: ~~.~~~.~~~.~~~, request: "GET / HTTP/1.1", upstream: "http://unix:/home/ec2-user/environment/アプリ名/tmp/sockets/.unicorn.sock:/", host: "~~.~~~.~~~.~~~" open() "/home/ec2-user/environment/アプリ名/public/500.html" failed (13: Permission denied), client: ~~~.~~~.~~~.~~~, server: ~~.~~~.~~~.~~~, request: "GET / HTTP/1.1", upstream: "http://unix:/home/ec2-user/environment/アプリ名/tmp/sockets/.unicorn.sock/", host: "~~.~~~.~~~.~~~" "/home/ec2-user/environment/アプリ名/public/favicon.ico" failed (13: Permission denied), client: ~~~.~~~.~~~.~~~, server: ~~.~~~.~~~.~~~, request: "GET /favicon.ico HTTP/1.1", host: "~~.~~~.~~~.~~~", referrer: "http://~~.~~~.~~~.~~~/" to unix:/home/ec2-user/environment/アプリ名/tmp/sockets/.unicorn.sock failed (13: Permission denied) while connecting to upstream, client: ~~~.~~~.~~~.~~~, server: ~~.~~~.~~~.~~~, request: "GET /favicon.ico HTTP/1.1", upstream: "http://unix:/home/ec2-user/environment/アプリ名/tmp/sockets/.unicorn.sock:/favicon.ico", host: "~~.~~~.~~~.~~~", referrer: "http://~~.~~~.~~~.~~~/" "/home/ec2-user/environment/アプリ名/public/500.html" failed (13: Permission denied), client: ~~~.~~~.~~~.~~~, server: ~~.~~~.~~~.~~~, request: "GET /favicon.ico HTTP/1.1", upstream: "http://unix:/home/ec2-user/environment/アプリ名/tmp/sockets/.unicorn.sock/favicon.ico", host: "~~.~~~.~~~.~~~", referrer: "http://~~.~~~.~~~.~~~/"
試したこと
下記のサイトを参考に以下のことを確認しました。
Nginxで403 Forbiddenが表示された時のチェックポイント5選
・Nginxの再起動
$ sudo service nginx.restart Stopping nginx: [ OK ] Starting nginx: [ OK ] $ sudo service nginx.reload Reloading nginx: [ OK ]
・ファイルに読み取り権限を与える
$ ls -ld /home/ec2-user/environment/アプリ名/public/500.html -rw-rw-r-- 1 ec2-user ec2-user 1635 Jan 25 11:28 /home/ec2-user/environment/アプリ名/public/500.html
・ディレクトリの権限に実行権を確認
$ls -ld /home/ec2-user/environment/アプリ名/ drwxrwxr-x 16 ec2-user ec2-user 4096 Jan 27 06:10 /home/ec2-user/environment/アプリ名/
・URLへのアクセス制限を解除
etc/nginx/conf.d/アプリ名.conf location ~ ^/assets/ { root /home/ec2-user/environment/アプリ名/public; #自分のアプリケーション名に変更 allow all; }
・SELinuxを無効にする
$ getenforce Disabled
以上、よろしくお願い致します。
回答1件
あなたの回答
tips
プレビュー
バッドをするには、ログインかつ
こちらの条件を満たす必要があります。
2020/01/28 08:13 編集
2020/01/28 08:16
2020/01/29 02:11