I have spent the last few days trying to solve this problem, and I'm just not making any headway. I actually just created a stackoverflow account specifically to ask this question. It seems that this issue is pretty common, but none of the solutions I found solve the problem for me. Yesterday I came across this tutorial: http://blog.ninjahideout.com/posts/a-guide-to-a-nginx-passenger-and-rvm-server I had hoped started from scratch using this tutorial would work, but no dice. Either way, if you view the tutorial you can see what steps I have taken. Here is essentially what I have going on. I have a VPS account on linode.com Server OS is Ubuntu 10.04 Local OS (shouldn't matter, but just so you know) used to deploy with Capistrano is Snow Leopard 10.6.6 I use RVM on the server. Version is 1.2.2 I was previously on ruby-1.9.2-p0 [ i386 ], but per the tutorial listed above I switched to ree-1.8.7-2010.02 [ i386 ] . Running ' which ruby ' from the command line verifies that I am using 1.8.7 with the following output: /usr/local/rvm/rubies/ree-1.8.7-2010.02/bin/ruby passenger -v prints the following: Phusion Passenger version 3.0.2 I'm not sure how to tell what my nginx version is, but it should be the most recent one as I installed it yesterday via the passenger installer commands listed in the tutorial above. I have two users dealing with the install. root which I used to install everything, and deployer which is a user I created specifically to for deploying my applications My web app directory is in the deployer user's home directory as follows: /home/deployer/webapps/mysite.com/public Per Capistrano default deploy, a symbolic link called current is created in the public folder, and points to /home/deployer/webapps/mysite.com/public/releases/most_current_release I have chmodded the deployer directory recursively to 777 /opt/nginx permissions: rwxr-xr-x /usr/local/rvm/gems/ree-1.8.7-2010.02/gems/passenger-3.0.2 permissions: rwxrwsrwx My nginx config file has gone through just short of eternity variations, but currently looks like this: ================================================================================== worker_processes 1; events { worker_connections 1024; } http { passenger_root /usr/local/rvm/gems/ree-1.8.7-2010.02/gems/passenger-3.0.2; passenger_ruby /usr/local/rvm/bin/passenger_ruby; include mime.types; default_type application/octet-stream; sendfile on; keepalive_timeout 65; server { # listen *:80; server_name mysite.com www.mysite.com; root /home/deployer/webapps/mysite.com/public/current; passenger_enabled on; passenger_friendly_error_pages on; access_log logs/mysite.com/server.log; error_log logs/mysite.com/error.log info; error_page 500 502 503 504 /50x.html; location = /50x.html { root html; } } } ================================================================================== I bounce nginx, hit the site, and boom. 403, and logs say directory index of /home/deployer... is forbidden As others with a similar problem have said, you can drop an index.html into the public/releases/current_release and it will render. But rails no worky. That's basically it. At this point I have just about completely exhausted every possible solution attempt I can think of. I am a programmer and definitely not a sysadmin, so I am 99% sure this has something to do with permissions that I have hosed, but for the life of me I just can't figure out where. If anyone can help I would really really appreciate it. If there's any specific permission things you want me to check (ie groups/permissions), can you please include the commands to do so as well. Hopefully this will help others in the future who read this post. Let me know if there is any other information I can provide, and thanks in advance!!!

Reputation: 101

Capistrano + Nginx + Passenger = 403

I have spent the last few days trying to solve this problem, and I'm just not making any headway. I actually just created a stackoverflow account specifically to ask this question. It seems that this issue is pretty common, but none of the solutions I found solve the problem for me.

Yesterday I came across this tutorial: http://blog.ninjahideout.com/posts/a-guide-to-a-nginx-passenger-and-rvm-server

I had hoped started from scratch using this tutorial would work, but no dice. Either way, if you view the tutorial you can see what steps I have taken.

Here is essentially what I have going on.

I have a VPS account on linode.com
Server OS is Ubuntu 10.04
Local OS (shouldn't matter, but just so you know) used to deploy with Capistrano is Snow Leopard 10.6.6
I use RVM on the server. Version is 1.2.2
I was previously on ruby-1.9.2-p0 [ i386 ], but per the tutorial listed above I switched to ree-1.8.7-2010.02 [ i386 ].
Running 'which ruby' from the command line verifies that I am using 1.8.7 with the following output: /usr/local/rvm/rubies/ree-1.8.7-2010.02/bin/ruby
passenger -v prints the following: Phusion Passenger version 3.0.2
I'm not sure how to tell what my nginx version is, but it should be the most recent one as I installed it yesterday via the passenger installer commands listed in the tutorial above.
I have two users dealing with the install. root which I used to install everything, and deployer which is a user I created specifically to for deploying my applications
My web app directory is in the deployer user's home directory as follows: /home/deployer/webapps/mysite.com/public
Per Capistrano default deploy, a symbolic link called current is created in the public folder, and points to /home/deployer/webapps/mysite.com/public/releases/most_current_release
I have chmodded the deployer directory recursively to 777
/opt/nginx permissions: rwxr-xr-x
/usr/local/rvm/gems/ree-1.8.7-2010.02/gems/passenger-3.0.2 permissions: rwxrwsrwx
My nginx config file has gone through just short of eternity variations, but currently looks like this:

==================================================================================

worker_processes  1;

events {
    worker_connections  1024;
}


http {
    passenger_root /usr/local/rvm/gems/ree-1.8.7-2010.02/gems/passenger-3.0.2;
    passenger_ruby /usr/local/rvm/bin/passenger_ruby;

    include       mime.types;
    default_type  application/octet-stream;

    sendfile        on;

    keepalive_timeout  65;

    server {
       # listen      *:80;
        server_name mysite.com www.mysite.com;
        root   /home/deployer/webapps/mysite.com/public/current;

        passenger_enabled on;
        passenger_friendly_error_pages on;


        access_log logs/mysite.com/server.log;
        error_log logs/mysite.com/error.log info;

        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }
    }
}

==================================================================================

I bounce nginx, hit the site, and boom. 403, and logs say directory index of /home/deployer... is forbidden

As others with a similar problem have said, you can drop an index.html into the public/releases/current_release and it will render. But rails no worky.

That's basically it. At this point I have just about completely exhausted every possible solution attempt I can think of. I am a programmer and definitely not a sysadmin, so I am 99% sure this has something to do with permissions that I have hosed, but for the life of me I just can't figure out where.

If anyone can help I would really really appreciate it. If there's any specific permission things you want me to check (ie groups/permissions), can you please include the commands to do so as well. Hopefully this will help others in the future who read this post.

Let me know if there is any other information I can provide, and thanks in advance!!!

Upvotes: 1

Answers (3)

Alex Chien

Reputation: 41

You should add deployer user and root to rvm group.

sudo usermod -a -G rvm deployer
sudo usermod -a -G rvm root

Upvotes: 1

Lance Carlson

Reputation: 31

reverse public and current for the root directive.

root /home/deployer/webapps/mysite.com/current/public;

Upvotes: 1

TK-421

Reputation: 10763

'nginx -v' outputs the version (or, client-side, view headers in your browser).

Slicehost has excellent articles for this sort of thing that you might compare with your own configuration, or even follow from the beginning. [I use Linode too but prefer Slicehost's tutorials. ;)]

http://articles.slicehost.com/tags/nginx

The nginx tutorials definitely cover permission settings, which sounds like the cause of the problem you're describing.

They also have articles covering Rails and Capistrano.

Upvotes: 0

Capistrano + Nginx + Passenger = 403

Answers (3)

Related Questions