Fatal编程技术网
  • django/
  • 使用uwsgi在nginx上部署django应用程序将返回502-权限被拒绝

使用uwsgi在nginx上部署django应用程序将返回502-权限被拒绝

django nginx

使用uwsgi在nginx上部署django应用程序将返回502-权限被拒绝,django,nginx,uwsgi,Django,Nginx,Uwsgi,我正在尝试用uswgi在nginx上安装一个简单的django应用程序。 当我发送请求时,它返回502坏网关 这是我的uwsgi.ini [uwsgi] master = true socket = /usr/share/nginx/firstsite/nginx.sock chdir = /usr/share/nginx/firstsite wsgi-file = /usr/share/nginx/firstsite/firstsite/wsgi.py chmod-socket = 664 v

我正在尝试用uswgi在nginx上安装一个简单的django应用程序。 当我发送请求时,它返回502坏网关

这是我的uwsgi.ini

[uwsgi]
master = true
socket = /usr/share/nginx/firstsite/nginx.sock
chdir = /usr/share/nginx/firstsite
wsgi-file = /usr/share/nginx/firstsite/firstsite/wsgi.py
chmod-socket = 664
vacuum = true
uwsgi输出:

uwsgi --ini uwsgi.ini
[uWSGI] getting INI configuration from uwsgi.ini
*** Starting uWSGI 2.0.11.2 (64bit) on [Sat Jun 18 15:09:30 2016] ***
compiled with version: 4.8.3 20140911 (Red Hat 4.8.3-9) on 02 December 2015 19:47:02
os: Linux-3.10.0-327.4.4.el7.x86_64 #1 SMP Tue Jan 5 16:07:00 UTC 2016
nodename: centos_prod
machine: x86_64
clock source: unix
pcre jit disabled
detected number of CPU cores: 8
current working directory: /usr/share/nginx/firstsite
detected binary path: /root/venv/bin/uwsgi
uWSGI running as root, you can use --uid/--gid/--chroot options
*** WARNING: you are running uWSGI as root !!! (use the --uid flag) ***
chdir() to /usr/share/nginx/firstsite
your processes number limit is 94006
your memory page size is 4096 bytes
detected max file descriptor number: 1024
lock engine: pthread robust mutexes
thunder lock: disabled (you can enable it with --thunder-lock)
uwsgi socket 0 bound to UNIX address /usr/share/nginx/firstsite/nginx.sock fd 3
Python version: 2.7.5 (default, Nov 20 2015, 02:00:19)  [GCC 4.8.5 20150623 (Red Hat 4.8.5-4)]
*** Python threads support is disabled. You can enable it with --enable-threads ***
Python main interpreter initialized at 0x21f6ce0
your server socket listen backlog is limited to 100 connections
your mercy for graceful operations on workers is 60 seconds
mapped 145536 bytes (142 KB) for 1 cores
*** Operational MODE: single process ***
WSGI app 0 (mountpoint='') ready in 0 seconds on interpreter 0x21f6ce0 pid: 3421 (default app)
*** uWSGI is running in multiple interpreter mode ***
spawned uWSGI master process (pid: 3421)
spawned uWSGI worker 1 (pid: 3426, cores: 1)
nginx.conf

user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;

events {
    worker_connections 1024;
}

http {
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile            on;
    tcp_nopush          on;
    tcp_nodelay         on;
    keepalive_timeout   65;
    types_hash_max_size 2048;

    include             /etc/nginx/mime.types;
    default_type        application/octet-stream;
    include /etc/nginx/conf.d/*.conf;

    upstream django {
        server unix:///usr/share/nginx/firstsite/nginx.sock;
    }
    server {
        listen       80 default_server;
        listen       [::]:80 default_server;
        server_name  _;
        root         /usr/share/nginx/firstsite;

        client_max_body_size 300M;   # adjust to taste

        location /media  {
            alias /usr/share/nginx/firstsite/media;
        }

        location /static {
            alias /usr/share/nginx/firstsite/static;
        }

        # Finally, send all non-media requests to the Django server.
        location / {
            uwsgi_pass  django;
            include     /usr/share/nginx/firstsite/uwsgi_params; # the uwsgi_params file you installed
        }
    }
}
我没有使用virtualenv,我的manage.py位于/usr/share/nginx/firstsite中/ 我可以在uwsgi上不使用nginx运行应用程序,并使用:

uwsgi --wsgi-file /usr/share/nginx/firstsite/firstsite/wsgi.py --http :80
但我要做的是让nginx使用端口80,而uwsgi使用文件套接字。 请帮忙

更新: 我不知道为什么我以前没有看到任何错误,但现在nginx错误日志显示:

nginx Permission denied while connecting to upstream
那么看看

我尝试将这些选项添加到uwsgi:

--uid root --gid www-data
因此,套接字文件归root所有,root是www数据组的一部分。 我仍然收到一个权限错误

[crit] 6804#0: *1 connect() to unix:///usr/share/nginx/firstsite/nginx.sock failed (13: Permission denied) while connecting to upstream, client: 192.168.168.201, server: _, request: "GET / HTTP/1.1", upstream: "uwsgi://unix:///usr/share/nginx/firstsite/nginx.sock:"
更新:

我仍然遇到权限问题。 我创建了一个django用户和一个django组。 nginx和django用户都是django组的成员。 已更改下所有文件夹的所有权 /usr/share/nginx/firstsite 由django所有。 将--gid和--uid设置为django。 跑

作为根。我得到了许可错误。 跑步:

同样的。 请注意/usr/share/nginx由root所有。 我尝试更改nginx配置文件:

uwsgi_pass unix:///usr/share/nginx/firstsite/nginx.sock;
重新启动nginx并运行uwsgi。我得到了这个错误:

connect() to unix:///usr/share/nginx/firstsite/nginx.sock failed (13: Permission denied) while connecting to upstream, client: 192.123.123.123, server: _, request: "GET / HTTP/1.1", upstream: "uwsgi://unix:///usr/share/nginx/firstsite/nginx.sock:"
我还必须设置python virtualenv并在uwsgi.ini中设置主页以检测django,但我无法通过此套接字故障。

如果设置If以便uwsgi直接为内容提供服务,是否有效?是的。我发布了一个更新。实际上,尽管root正在运行套接字文件,并且root属于www数据组,但我对该文件的权限被拒绝。该路径上的每个目录的模式是
/usr/share/nginx/firstsite/nginx.sock
uwsgi
在套接字路径上创建目录为
drwxrwx--
,如果
nginx
工作人员不是以同一用户或至少同一组身份运行,则肯定会被拒绝权限。当nginx进程以nginx身份运行时,该文件由root所有。我更改了nginx.sock的所有权,错误消失了,但我仍然收到502响应。如果您将If设置为uwsgi直接提供内容,这是否有效?是的。我发布了一个更新。实际上,尽管root正在运行套接字文件,并且root属于www数据组,但我对该文件的权限被拒绝。该路径上的每个目录的模式是
/usr/share/nginx/firstsite/nginx.sock
uwsgi
在套接字路径上创建目录为
drwxrwx--
,如果
nginx
工作人员不是以同一用户或至少同一组身份运行,则肯定会被拒绝权限。当nginx进程以nginx身份运行时,该文件由root所有。我更改了nginx.sock的所有权,错误消失了,但仍然得到502响应。 
uwsgi_pass unix:///usr/share/nginx/firstsite/nginx.sock;

connect() to unix:///usr/share/nginx/firstsite/nginx.sock failed (13: Permission denied) while connecting to upstream, client: 192.123.123.123, server: _, request: "GET / HTTP/1.1", upstream: "uwsgi://unix:///usr/share/nginx/firstsite/nginx.sock:"