bepasty-server
bepasty-server copied to clipboard
bepasty
update docs about socket directory permissions
I tried to follow the install steps to the best of my ability, on a fresh Ubuntu 21.04 host. I ran into an issue out of the box, where nginx just returns 502 Bad gateway upon accessing the site.
In /home/bepasty/logs/nginx-error.log I see something like this:
connect() to unix:/home/bepasty/gunicorn.sock failed (13: Permission denied) while connecting to upstream, client: 10.20.30.x, server: xxxmy.site.name, request: "GET / HTTP/1.1", upstream: "http://unix:/home/bepasty/gunicorn.sock:/", host: "xxxmy.site.name"
I can't figure this out despite lots and lots of googling.
The only thing that "works" for me is to change the user that nginx runs as, by editing /etc/nginx/nginx.conf and changing www-data to bepasty:
user bepasty; #changed from www-data
But, I imagine there are problems with this solution, and it doesn't scale when nginx needs to serve multiple sites.
Has anyone run into this and know how to properly fix? I'm a bit bewildered when it comes to gunicorn/flask.
Well, permission denied means you have to fix the permission issue.
So, check the permissions on the socket file and also on all directories above it.
Thanks- The .sock file gets owned by the bepasty user. Should it be owned by www-data instead? Or a group?
I'ld go via the group (preferably, if you can give it to the nginx group) or others permission (if group can't be done).
Ok, the "fix" was to give www-data group permissions on the /home/bepasty dir:
chown bepasty:www-data /home/bepasty
I don't know if this should be in the docs somewhere but it threw me for a loop.
A hint would be good, can you make a PR with the docs update?
Guess the xbit on the directory is the minimum requirement. And either adapt the group or give x to others.
Sure once I have known-good working steps I am happy to update the docs via a PR. Still working out some issues though!