我正在尝试在我的 Digital Ocean VPS 上部署我的 Rails 应用程序,但是当我访问 IP 地址时出现 403。
这是我的错误日志的输出:
[ 2014-11-02 04:18:12.0511 23504/7f64e6a36780 agents/Watchdog/Main.cpp:538 ]: Options: { 'analytics_log_user' => 'nobody', 'default_group' => 'nogroup', 'default_python' => 'python', 'default_ruby' => '/usr/bin/ruby', 'default_user' => 'nobody', 'log_level' => '0', 'max_pool_size' => '6', 'passenger_root' => '/usr/lib/ruby/vendor_ruby/phusion_passenger/locations.ini', 'passenger_version' => '4.0.53', 'pool_idle_time' => '300', 'temp_dir' => '/tmp', 'union_station_gateway_address' => 'gateway.unionstationapp.com', 'union_station_gateway_port' => '443', 'user_switching' => 'true', 'web_server_passenger_version' => '4.0.53', 'web_server_pid' => '23503', 'web_server_type' => 'nginx', 'web_server_worker_gid' => '33', 'web_server_worker_uid' => '33' }
[ 2014-11-02 04:18:12.0628 23507/7f544fe55780 agents/HelperAgent/Main.cpp:650 ]: PassengerHelperAgent online, listening at unix:/tmp/passenger.1.0.23503/generation-0/request
[ 2014-11-02 04:18:12.1029 23512/7fd0a6b6b7c0 agents/LoggingAgent/Main.cpp:321 ]: PassengerLoggingAgent online, listening at unix:/tmp/passenger.1.0.23503/generation-0/logging
[ 2014-11-02 04:18:12.1035 23504/7f64e6a36780 agents/Watchdog/Main.cpp:728 ]: All Phusion Passenger agents started!
[ 2014-11-02 04:18:12.1191 23512/7fd0a6b6b7c0 agents/LoggingAgent/Main.cpp:289 ]: Caught signal, exiting...
[ 2014-11-02 04:18:13.1537 23534/7f9940e05780 agents/Watchdog/Main.cpp:538 ]: Options: { 'analytics_log_user' => 'nobody', 'default_group' => 'nogroup', 'default_python' => 'python', 'default_ruby' => '/usr/bin/ruby', 'default_user' => 'nobody', 'log_level' => '0', 'max_pool_size' => '6', 'passenger_root' => '/usr/lib/ruby/vendor_ruby/phusion_passenger/locations.ini', 'passenger_version' => '4.0.53', 'pool_idle_time' => '300', 'temp_dir' => '/tmp', 'union_station_gateway_address' => 'gateway.unionstationapp.com', 'union_station_gateway_port' => '443', 'user_switching' => 'true', 'web_server_passenger_version' => '4.0.53', 'web_server_pid' => '23533', 'web_server_type' => 'nginx', 'web_server_worker_gid' => '33', 'web_server_worker_uid' => '33' }
[ 2014-11-02 04:18:13.1632 23537/7fa7dc711780 agents/HelperAgent/Main.cpp:650 ]: PassengerHelperAgent online, listening at unix:/tmp/passenger.1.0.23533/generation-0/request
[ 2014-11-02 04:18:13.1788 23542/7fd3b4c307c0 agents/LoggingAgent/Main.cpp:321 ]: PassengerLoggingAgent online, listening at unix:/tmp/passenger.1.0.23533/generation-0/logging
[ 2014-11-02 04:18:13.1792 23534/7f9940e05780 agents/Watchdog/Main.cpp:728 ]: All Phusion Passenger agents started!
[ 2014-11-02 04:40:54.6081 25129/7fd334fd9780 agents/Watchdog/Main.cpp:538 ]: Options: { 'analytics_log_user' => 'nobody', 'default_group' => 'nogroup', 'default_python' => 'python', 'default_ruby' => '/usr/bin/ruby', 'default_user' => 'nobody', 'log_level' => '0', 'max_pool_size' => '6', 'passenger_root' => '/usr/lib/ruby/vendor_ruby/phusion_passenger/locations.ini', 'passenger_version' => '4.0.53', 'pool_idle_time' => '300', 'temp_dir' => '/tmp', 'union_station_gateway_address' => 'gateway.unionstationapp.com', 'union_station_gateway_port' => '443', 'user_switching' => 'true', 'web_server_passenger_version' => '4.0.53', 'web_server_pid' => '25128', 'web_server_type' => 'nginx', 'web_server_worker_gid' => '33', 'web_server_worker_uid' => '33' }
[ 2014-11-02 04:40:54.6228 25132/7fe9a63c6780 agents/HelperAgent/Main.cpp:650 ]: PassengerHelperAgent online, listening at unix:/tmp/passenger.1.0.25128/generation-0/request
[ 2014-11-02 04:40:54.6460 25137/7f157336b7c0 agents/LoggingAgent/Main.cpp:321 ]: PassengerLoggingAgent online, listening at unix:/tmp/passenger.1.0.25128/generation-0/logging
[ 2014-11-02 04:40:54.6464 25129/7fd334fd9780 agents/Watchdog/Main.cpp:728 ]: All Phusion Passenger agents started!
2014/11/02 04:40:55 [error] 25150#0: *1 directory index of "/home/deploy/movieseat/current/public/" is forbidden, client: 82.73.170.71, server: localhost, request: "GET / HTTP/1.1", host: "178.62.204.53"
2014/11/02 04:40:59 [error] 25150#0: *1 directory index of "/home/deploy/movieseat/current/public/" is forbidden, client: 82.73.170.71, server: localhost, request: "GET / HTTP/1.1", host: "178.62.204.53"
2014/11/02 04:41:57 [error] 25150#0: *1 directory index of "/home/deploy/movieseat/current/public/" is forbidden, client: 82.73.170.71, server: localhost, request: "GET / HTTP/1.1", host: "178.62.204.53"
2014/11/02 04:41:59 [error] 25150#0: *1 directory index of "/home/deploy/movieseat/current/public/" is forbidden, client: 82.73.170.71, server: localhost, request: "GET / HTTP/1.1", host: "178.62.204.53"
2014/11/02 04:41:59 [error] 25150#0: *1 directory index of "/home/deploy/movieseat/current/public/" is forbidden, client: 82.73.170.71, server: localhost, request: "GET / HTTP/1.1", host: "178.62.204.53"
2014/11/02 04:43:10 [error] 25150#0: *2 directory index of "/home/deploy/movieseat/current/public/" is forbidden, client: 82.73.170.71, server: localhost, request: "GET / HTTP/1.1", host: "178.62.204.53"
2014/11/02 04:43:11 [error] 25150#0: *2 directory index of "/home/deploy/movieseat/current/public/" is forbidden, client: 82.73.170.71, server: localhost, request: "GET / HTTP/1.1", host: "178.62.204.53"
2014/11/02 04:43:12 [error] 25150#0: *2 directory index of "/home/deploy/movieseat/current/public/" is forbidden, client: 82.73.170.71, server: localhost, request: "GET / HTTP/1.1", host: "178.62.204.53"
2014/11/02 04:43:12 [error] 25150#0: *2 directory index of "/home/deploy/movieseat/current/public/" is forbidden, client: 82.73.170.71, server: localhost, request: "GET / HTTP/1.1", host: "178.62.204.53"
2014/11/02 04:43:12 [error] 25150#0: *2 directory index of "/home/deploy/movieseat/current/public/" is forbidden, client: 82.73.170.71, server: localhost, request: "GET / HTTP/1.1", host: "178.62.204.53"
2014/11/02 04:43:12 [error] 25150#0: *2 directory index of "/home/deploy/movieseat/current/public/" is forbidden, client: 82.73.170.71, server: localhost, request: "GET / HTTP/1.1", host: "178.62.204.53"
因此看起来权限/home/deploy/movieseat/current/public/不正确。
我曾经sudo chown -R root:deploy public/更改过权限。这是我现在检查权限的结果:
deploy@movieseat:~/movieseat/current$ stat public
File: 'public'
Size: 4096 Blocks: 8 IO Block: 4096 directory
Device: fd01h/64769d Inode: 1200531 Links: 3
Access: (0775/drwxrwxr-x) Uid: ( 0/ root) Gid: ( 1000/ deploy)
Access: 2014-11-02 05:01:43.317270999 -0500
Modify: 2014-11-02 04:31:30.497270999 -0500
Change: 2014-11-02 05:01:43.317270999 -0500
Birth: -
我已经重新启动了 NGINX,但仍然出现 403。有人能指出问题可能出在哪里吗?
更新
sudo vim /etc/nginx/sites-enabled/default
server {
listen 80 default_server;
listen [::]:80 default_server ipv6only=on;
root /home/deploy/movieseat/current/public;
index index.html index.htm;
# Make site accessible from http://localhost/
server_name localhost;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
# Uncomment to enable naxsi on this location
# include /etc/nginx/naxsi.rules
}
更新 2
stat current
File: 'current' -> '/home/deploy/movieseat/releases/20141102093117'
Size: 46 Blocks: 0 IO Block: 4096 symbolic link
Device: fd01h/64769d Inode: 1200822 Links: 1
Access: (0777/lrwxrwxrwx) Uid: ( 1000/ deploy) Gid: ( 1000/ deploy)
Access: 2014-11-02 04:39:56.921270999 -0500
Modify: 2014-11-02 04:31:39.601270999 -0500
Change: 2014-11-02 04:31:39.601270999 -0500
更新 3
stat 20141102093117
deploy@movieseat:~/movieseat/releases$ stat 20141102093117
File: '20141102093117'
Size: 4096 Blocks: 8 IO Block: 4096 directory
Device: fd01h/64769d Inode: 1200364 Links: 11
Access: (0775/drwxrwxr-x) Uid: ( 1000/ deploy) Gid: ( 1000/ deploy)
Access: 2014-11-02 04:42:58.721270999 -0500
Modify: 2014-11-02 04:31:39.537270999 -0500
Change: 2014-11-02 04:31:39.537270999 -0500
Birth: -
更新 4
我的乘客配置
##
# Phusion Passenger config
##
# Uncomment it if you installed passenger or passenger-enterprise
##
passenger_root /usr/lib/ruby/vendor_ruby/phusion_passenger/locations.ini;
# passenger_ruby /usr/bin/ruby;
passenger_ruby /home/deploy/.rbenv/shims/ruby;
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
答案1
这意味着您没有可读的索引文件/home/deploy/movieseat/current/public。
因此,请确保 nginxuser有权读取其内容... 默认情况下,nginx 用户是nginx。并且您正在将权限授予用户root和组deploy。因此,请确保将 nginx 用户添加到deploy组中。
删除该allow all;指令,它与您的问题无关。
保留第一次更新的配置(try_files)。
答案2
添加允许所有;到位置:
例子:
location /files {
allow all;
}
如果文件夹位于:/home/deploy/movieseat/current/public/files
在您的情况下使用:
location / {
allow all;
}
nginx 正在以哪个用户身份运行?