Rails 4 gets 403 Forbidden error with Nginx + Passenger deployed with Chef

StackOverflow https://stackoverflow.com/questions/23665078

Frage

I'm trying to do an automated build of a complete rails server box and everything works except i'm getting a 403 Forbidden message when accessing the webserver.

Attributes:

#jumpsquares directories
default['www_dir']  = '/var/www'
default['jumpsquares_dir']  = '/var/www/jumpsquares'

#rvm
default['rvm']['default_ruby']      = "ruby-2.1.2"
default['rvm']['user_default_ruby'] = "ruby-2.1.2"
default['rvm']['rubies']      = ["ruby-2.1.2"]

#postgresql
default["postgresql"]["pg_hba_defaults"]                 = false
default["postgresql"]["pg_hba"] = [
{ "type"=> "local", "db"=> "all", "user"=> "postgres",   "addr"=> "",             "method"=> "peer" },
{ "type"=> "local", "db"=> "all", "user"=> "all",        "addr"=> "",             "method"=> "md5" },
{ "type"=> "host",  "db"=> "all", "user"=> "all",        "addr"=> "127.0.0.1/32", "method"=> "md5" },
{ "type"=> "host",  "db"=> "all", "user"=> "all",        "addr"=> "::1/128",      "method"=> "md5" }
]
#nginx
default['nginx']['version']      = '1.6.0'
default['nginx']['default_root'] = '/var/www/jumpsquares/public'
default['nginx']['rvm_path'] = "/usr/local/rvm/gems/ruby-2.1.2/bin:/usr/local/rvm/gems/ruby-2.1.2@global/bin:/usr/local/rvm/rubies/ruby-2.1.2/bin"
default['nginx']['configure_flags']    = ["--add-module=/usr/local/rvm/gems/ruby-2.1.2/gems/passenger-4.0.42/ext/nginx"]
default['nginx']['source']['modules']  = %w(
nginx::http_ssl_module
nginx::http_gzip_static_module
nginx::passenger
)
default['nginx']['passenger']['version'] = '4.0.42'
default['nginx']['passenger']['root'] = "/usr/local/rvm/gems/ruby-2.1.2/gems/passenger-4.0.42"
default['nginx']['passenger']['ruby'] = "/usr/local/rvm/wrappers/ruby-2.1.2/ruby"
default['nginx']['passenger']['gem_binary'] = "/usr/local/rvm/wrappers/ruby-2.1.2/gem"

Recipe:

include_recipe "apt"
include_recipe "openssl"
include_recipe "rvm::system"    

include_recipe "postgresql::server"
include_recipe "postgresql::libpq"
include_recipe "postgresql::client"

pg_user "jumpgres" do
  privileges superuser: true, createdb: true, login: true
  password "jump123"
end

pg_database "jumpsquares_prod" do
  owner "jumpgres"
  encoding "UTF-8"
  template "template0"
  locale "en_US.UTF-8"
end

directory node['www_dir'] do
  owner "www-data"
  group "www-data"
  mode 00755
  action :create
end

directory node['jumpsquares_dir'] do
  owner "www-data"
  group "www-data"
  mode 00755
  action :create
end

git node['jumpsquares_dir'] do
  repository "https://github.com/kacole2/JumpSquares.git"
  reference "master"
  action :sync
end

rvm_shell "bundle install" do

     ruby_string "ruby-2.1.2"
     cwd node['jumpsquares_dir']

     code %{
       source /usr/local/rvm/scripts/rvm
       export rvmsudo_secure_path=1
       sudo chown -R www-data:www-data "/var/www"
       rvmsudo gem install passenger -v 4.0.42 --no-rdoc --no-ri
       rvmsudo gem install rake -v 10.3.1 --no-rdoc --no-ri
       rvmsudo bundle install
       rvmsudo rake RAILS_ENV=appliance-production db:setup
       rvmsudo rake RAILS_ENV=appliance-production assets:precompile
       }
   end

include_recipe "nginx::source"
ENV['PATH']="#{node['nginx']['rvm_path']}:#{ENV['PATH']}"

Here are the resultant nginx files. This is /etc/nginx/nginx.conf:

user www-data;
worker_processes  1;
daemon off;

error_log  /var/log/nginx/error.log;
pid        /var/run/nginx.pid;

events {
  worker_connections  1024;
}

http {

  include       /etc/nginx/mime.types;
  default_type  application/octet-stream;

  access_log    /var/log/nginx/access.log;

  sendfile on;
  tcp_nopush on;
  tcp_nodelay on;

  keepalive_timeout  65;

  gzip  on;
  gzip_http_version 1.0;
  gzip_comp_level 2;
  gzip_proxied any;
  gzip_vary off;
  gzip_types text/plain text/css application/x-javascript text/xml application/xml application/rss+xml application/atom+xml text/javascript application/javascript application/json text/mathml;
  gzip_min_length  1000;
  gzip_disable     "MSIE [1-6]\.";

  server_names_hash_bucket_size 64;
  types_hash_max_size 2048;
  types_hash_bucket_size 64;

  include /etc/nginx/conf.d/*.conf;
  include /etc/nginx/sites-enabled/*;
}

/etc/nginx/sites-enabled/000-default

server {
  listen   80;
  server_name  chef-cattle12;

  access_log  /var/log/nginx/localhost.access.log;

  location / {
    root   /var/www/jumpsquares/public;
    index  index.html index.htm;
  }
}

/etc/nginx/conf.d/passenger.conf

passenger_root /usr/local/rvm/gems/ruby-2.1.2/gems/passenger-4.0.42;
passenger_ruby /usr/local/rvm/wrappers/ruby-2.1.2/ruby;
passenger_max_pool_size 6;
passenger_spawn_method smart-lv2;
passenger_buffer_response on;
passenger_min_instances 1;
passenger_max_instances_per_app 0;
passenger_pool_idle_time 300;
passenger_max_requests 0;

which ruby

administrator@chef-cattle12:~$ which ruby
/usr/local/rvm/rubies/ruby-2.1.2/bin/ruby

administrator@chef-cattle12:~$ passenger-config --root
/usr/local/rvm/gems/ruby-2.1.2/gems/passenger-4.0.42

file permissions are set correctly:

administrator@chef-cattle12:~$ ls -l /var/www
total 4
drwxr-xr-x 14 www-data www-data 4096 May 14 15:29 jumpsquares
administrator@chef-cattle12:~$ ls -l /var/www/jumpsquares/
total 60
drwxr-xr-x 9 www-data www-data 4096 May 14 15:25 app
drwxr-xr-x 2 www-data www-data 4096 May 14 15:25 bin
drwxr-xr-x 5 www-data www-data 4096 May 14 15:25 config
-rw-r--r-x 1 www-data www-data  154 May 14 15:25 config.ru
drwxr-xr-x 3 www-data www-data 4096 May 14 15:25 db
-rw-r--r-x 1 www-data www-data 1313 May 14 15:25 Gemfile
-rw-r--r-x 1 www-data www-data 3583 May 14 15:25 Gemfile.lock
drwxr-xr-x 4 www-data www-data 4096 May 14 15:25 lib
drwxr-xr-x 2 www-data www-data 4096 May 14 15:29 log
drwxr-xr-x 4 www-data www-data 4096 May 14 15:29 public
-rw-r--r-x 1 www-data www-data  254 May 14 15:25 Rakefile
-rw-r--r-x 1 www-data www-data  252 May 14 15:25 README.rdoc
drwxr-xr-x 8 www-data www-data 4096 May 14 15:25 test
drwxr-xr-x 3 www-data www-data 4096 May 14 15:29 tmp
drwxr-xr-x 3 www-data www-data 4096 May 14 15:25 vendor

I have tried just about everything manipulating the nginx.conf file. I've tried removing the index line, moving root out of the location sub portion, and more but nothing seems to work. the logs aren't helping much either. any help is appreciated.

War es hilfreich?

Lösung

You did not enable Phusion Passenger in your server block and location block. At minimum, you must have 'passenger_enabled on' specified there. Refer to the Phusion Passenger documentation.

Andere Tipps

i had to add these additional pieces to my recipe for passenger to work correctly

#the passenger configuration is never enabled with the  OpsCode nginx cookbook. let's add it
ruby_block "add passenger variable" do
  block do
    site_file = Chef::Util::FileEdit.new("#{node["nginx"]["dir"]}/sites-enabled/000-default")
    site_file.insert_line_after_match(/\slocation\s\/\s{/, "    passenger_enabled on;")  
    site_file.write_file
  end
end
#we have to specify the rails environment we want to use since we do not want to use 'production'
ruby_block "add rails environment" do
  block do
    passenger_file = Chef::Util::FileEdit.new("#{node["nginx"]["dir"]}/conf.d/passenger.conf")
    passenger_file.insert_line_if_no_match(/passenger_app_env appliance-production;/, "passenger_app_env appliance-production;")
    passenger_file.write_file
  end
end
Lizenziert unter: CC-BY-SA mit Zuschreibung
Nicht verbunden mit StackOverflow
scroll top