I'm trying to connect Nginx to uWSGI so I can run an application written in Ruby (where I am not able to use passenger). This is my virtual host configuration:
server {
listen unix:/var/run/nginx/redmine.sock;
root /var/www/redmine/public;
location / {
try_files $uri @uwsgi;
}
location @uwsgi {
include uwsgi_params;
uwsgi_pass unix:/var/run/uwsgi/redmine.sock;
}
}
It's easy, I try to find a static file, otherwise I pass to uwsgi listening on unix socket. This regards me a 502 error of "bad gateway". I went to read the error logs and I have the following:
2014/09/09 20:08:56 [crit] 20922#0: *29484 connect() to unix:/var/run/uwsgi/redmine.sock failed (13: Permission denied) while connecting to upstream, client: unix:, server: , request: "GET /redmine HTTP/1.0", upstream: "uwsgi://unix:/var/run/uwsgi/redmine.sock:", host: "localhost"
But I was pretty sure I have configured uWSGI to use the same user Nginx does:
user nginx;
and
[uwsgi]
socket = /var/run/uwsgi/redmine.sock
chdir = /var/www/redmine
rails = .
plugins = 0:rack_ruby20
rack = config.ru
idle = 3600
chmod-socket = 660
chown-socket = nginx:nginx
uid = nginx
gid = nginx
And the socket is:
fenix ~ # ls -lh /var/run/uwsgi/redmine.sock
srw-rw---- 1 nginx nginx 0 Set 9 20:08 /var/run/uwsgi/redmine.sock
So Nginx can't even read and write to a socket it owns? What is this supposed to mean? I can't figure out how to do it.
I noticed also that Nginx won't work even if the socket permissions are 777.
Best Answer
I had a similar issue with permissions and it was a result of SELinux not having the policy for nginx to write to sockets
You can check SELinux AVC messages via
audit2why -al
to see more details of the error, something along the lines ofTo add the enforcement policy for nginx, first confirm the enforcement policy by running
You should see an output similar to
Finally you load the custom policy by running