Ubuntu
ubuntu + nginx + 乘客伺服器上的 403 禁止響應
我正在嘗試在我的 Digital Ocean VPS 上部署我的 Rails 應用程序,但是當我訪問 IP 地址時我得到了 403。
這是我的錯誤日誌的輸出:
[ 2014-11-02 04:18:12.0511 23504/7f64e6a36780 agents/Watchdog/Main.cpp:538 ]: Options: { 'analytics_log_user' => 'nobody', 'default_group' => 'nogroup', 'default_python' => 'python', 'default_ruby' => '/usr/bin/ruby', 'default_user' => 'nobody', 'log_level' => '0', 'max_pool_size' => '6', 'passenger_root' => '/usr/lib/ruby/vendor_ruby/phusion_passenger/locations.ini', 'passenger_version' => '4.0.53', 'pool_idle_time' => '300', 'temp_dir' => '/tmp', 'union_station_gateway_address' => 'gateway.unionstationapp.com', 'union_station_gateway_port' => '443', 'user_switching' => 'true', 'web_server_passenger_version' => '4.0.53', 'web_server_pid' => '23503', 'web_server_type' => 'nginx', 'web_server_worker_gid' => '33', 'web_server_worker_uid' => '33' } [ 2014-11-02 04:18:12.0628 23507/7f544fe55780 agents/HelperAgent/Main.cpp:650 ]: PassengerHelperAgent online, listening at unix:/tmp/passenger.1.0.23503/generation-0/request [ 2014-11-02 04:18:12.1029 23512/7fd0a6b6b7c0 agents/LoggingAgent/Main.cpp:321 ]: PassengerLoggingAgent online, listening at unix:/tmp/passenger.1.0.23503/generation-0/logging [ 2014-11-02 04:18:12.1035 23504/7f64e6a36780 agents/Watchdog/Main.cpp:728 ]: All Phusion Passenger agents started! [ 2014-11-02 04:18:12.1191 23512/7fd0a6b6b7c0 agents/LoggingAgent/Main.cpp:289 ]: Caught signal, exiting... [ 2014-11-02 04:18:13.1537 23534/7f9940e05780 agents/Watchdog/Main.cpp:538 ]: Options: { 'analytics_log_user' => 'nobody', 'default_group' => 'nogroup', 'default_python' => 'python', 'default_ruby' => '/usr/bin/ruby', 'default_user' => 'nobody', 'log_level' => '0', 'max_pool_size' => '6', 'passenger_root' => '/usr/lib/ruby/vendor_ruby/phusion_passenger/locations.ini', 'passenger_version' => '4.0.53', 'pool_idle_time' => '300', 'temp_dir' => '/tmp', 'union_station_gateway_address' => 'gateway.unionstationapp.com', 'union_station_gateway_port' => '443', 'user_switching' => 'true', 'web_server_passenger_version' => '4.0.53', 'web_server_pid' => '23533', 'web_server_type' => 'nginx', 'web_server_worker_gid' => '33', 'web_server_worker_uid' => '33' } [ 2014-11-02 04:18:13.1632 23537/7fa7dc711780 agents/HelperAgent/Main.cpp:650 ]: PassengerHelperAgent online, listening at unix:/tmp/passenger.1.0.23533/generation-0/request [ 2014-11-02 04:18:13.1788 23542/7fd3b4c307c0 agents/LoggingAgent/Main.cpp:321 ]: PassengerLoggingAgent online, listening at unix:/tmp/passenger.1.0.23533/generation-0/logging [ 2014-11-02 04:18:13.1792 23534/7f9940e05780 agents/Watchdog/Main.cpp:728 ]: All Phusion Passenger agents started! [ 2014-11-02 04:40:54.6081 25129/7fd334fd9780 agents/Watchdog/Main.cpp:538 ]: Options: { 'analytics_log_user' => 'nobody', 'default_group' => 'nogroup', 'default_python' => 'python', 'default_ruby' => '/usr/bin/ruby', 'default_user' => 'nobody', 'log_level' => '0', 'max_pool_size' => '6', 'passenger_root' => '/usr/lib/ruby/vendor_ruby/phusion_passenger/locations.ini', 'passenger_version' => '4.0.53', 'pool_idle_time' => '300', 'temp_dir' => '/tmp', 'union_station_gateway_address' => 'gateway.unionstationapp.com', 'union_station_gateway_port' => '443', 'user_switching' => 'true', 'web_server_passenger_version' => '4.0.53', 'web_server_pid' => '25128', 'web_server_type' => 'nginx', 'web_server_worker_gid' => '33', 'web_server_worker_uid' => '33' } [ 2014-11-02 04:40:54.6228 25132/7fe9a63c6780 agents/HelperAgent/Main.cpp:650 ]: PassengerHelperAgent online, listening at unix:/tmp/passenger.1.0.25128/generation-0/request [ 2014-11-02 04:40:54.6460 25137/7f157336b7c0 agents/LoggingAgent/Main.cpp:321 ]: PassengerLoggingAgent online, listening at unix:/tmp/passenger.1.0.25128/generation-0/logging [ 2014-11-02 04:40:54.6464 25129/7fd334fd9780 agents/Watchdog/Main.cpp:728 ]: All Phusion Passenger agents started! 2014/11/02 04:40:55 [error] 25150#0: *1 directory index of "/home/deploy/movieseat/current/public/" is forbidden, client: 82.73.170.71, server: localhost, request: "GET / HTTP/1.1", host: "178.62.204.53" 2014/11/02 04:40:59 [error] 25150#0: *1 directory index of "/home/deploy/movieseat/current/public/" is forbidden, client: 82.73.170.71, server: localhost, request: "GET / HTTP/1.1", host: "178.62.204.53" 2014/11/02 04:41:57 [error] 25150#0: *1 directory index of "/home/deploy/movieseat/current/public/" is forbidden, client: 82.73.170.71, server: localhost, request: "GET / HTTP/1.1", host: "178.62.204.53" 2014/11/02 04:41:59 [error] 25150#0: *1 directory index of "/home/deploy/movieseat/current/public/" is forbidden, client: 82.73.170.71, server: localhost, request: "GET / HTTP/1.1", host: "178.62.204.53" 2014/11/02 04:41:59 [error] 25150#0: *1 directory index of "/home/deploy/movieseat/current/public/" is forbidden, client: 82.73.170.71, server: localhost, request: "GET / HTTP/1.1", host: "178.62.204.53" 2014/11/02 04:43:10 [error] 25150#0: *2 directory index of "/home/deploy/movieseat/current/public/" is forbidden, client: 82.73.170.71, server: localhost, request: "GET / HTTP/1.1", host: "178.62.204.53" 2014/11/02 04:43:11 [error] 25150#0: *2 directory index of "/home/deploy/movieseat/current/public/" is forbidden, client: 82.73.170.71, server: localhost, request: "GET / HTTP/1.1", host: "178.62.204.53" 2014/11/02 04:43:12 [error] 25150#0: *2 directory index of "/home/deploy/movieseat/current/public/" is forbidden, client: 82.73.170.71, server: localhost, request: "GET / HTTP/1.1", host: "178.62.204.53" 2014/11/02 04:43:12 [error] 25150#0: *2 directory index of "/home/deploy/movieseat/current/public/" is forbidden, client: 82.73.170.71, server: localhost, request: "GET / HTTP/1.1", host: "178.62.204.53" 2014/11/02 04:43:12 [error] 25150#0: *2 directory index of "/home/deploy/movieseat/current/public/" is forbidden, client: 82.73.170.71, server: localhost, request: "GET / HTTP/1.1", host: "178.62.204.53" 2014/11/02 04:43:12 [error] 25150#0: *2 directory index of "/home/deploy/movieseat/current/public/" is forbidden, client: 82.73.170.71, server: localhost, request: "GET / HTTP/1.1", host: "178.62.204.53"
所以看起來權限
/home/deploy/movieseat/current/public/
不正確。我已經習慣
sudo chown -R root:deploy public/
了更改權限。這是我現在檢查權限時的結果:deploy@movieseat:~/movieseat/current$ stat public File: 'public' Size: 4096 Blocks: 8 IO Block: 4096 directory Device: fd01h/64769d Inode: 1200531 Links: 3 Access: (0775/drwxrwxr-x) Uid: ( 0/ root) Gid: ( 1000/ deploy) Access: 2014-11-02 05:01:43.317270999 -0500 Modify: 2014-11-02 04:31:30.497270999 -0500 Change: 2014-11-02 05:01:43.317270999 -0500 Birth: -
我已經重新啟動了我的 NGINX,但我仍然得到了 403。有人能指出問題可能出在哪裡嗎?
更新
sudo vim /etc/nginx/sites-enabled/default
server { listen 80 default_server; listen [::]:80 default_server ipv6only=on; root /home/deploy/movieseat/current/public; index index.html index.htm; # Make site accessible from http://localhost/ server_name localhost; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; # Uncomment to enable naxsi on this location # include /etc/nginx/naxsi.rules }
更新 2
stat current File: 'current' -> '/home/deploy/movieseat/releases/20141102093117' Size: 46 Blocks: 0 IO Block: 4096 symbolic link Device: fd01h/64769d Inode: 1200822 Links: 1 Access: (0777/lrwxrwxrwx) Uid: ( 1000/ deploy) Gid: ( 1000/ deploy) Access: 2014-11-02 04:39:56.921270999 -0500 Modify: 2014-11-02 04:31:39.601270999 -0500 Change: 2014-11-02 04:31:39.601270999 -0500
更新 3
stat 20141102093117
deploy@movieseat:~/movieseat/releases$ stat 20141102093117 File: '20141102093117' Size: 4096 Blocks: 8 IO Block: 4096 directory Device: fd01h/64769d Inode: 1200364 Links: 11 Access: (0775/drwxrwxr-x) Uid: ( 1000/ deploy) Gid: ( 1000/ deploy) Access: 2014-11-02 04:42:58.721270999 -0500 Modify: 2014-11-02 04:31:39.537270999 -0500 Change: 2014-11-02 04:31:39.537270999 -0500 Birth: -
更新 4
我的乘客配置
## # Phusion Passenger config ## # Uncomment it if you installed passenger or passenger-enterprise ## passenger_root /usr/lib/ruby/vendor_ruby/phusion_passenger/locations.ini; # passenger_ruby /usr/bin/ruby; passenger_ruby /home/deploy/.rbenv/shims/ruby; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*;
這意味著您在
/home/deploy/movieseat/current/public
.因此,通過確保 nginx
user
有權讀取其內容來添加它……預設情況下,nginx 使用者是nginx
. 而且您正在賦予 userroot
和 group權限deploy
。因此,請確保將 nginx 使用者添加到deploy
組中。刪除此
allow all;
指令,它與您的問題無關。保留第一次更新時的配置 (
try_files
)。
添加全部允許;到地點:
例子:
location /files { allow all; }
如果文件夾位於:/home/deploy/movieseat/current/public/files
在您的情況下使用:
location / { allow all; }
哪個使用者正在執行 nginx?