How do I resolve 403 Forbidden for nginx + passenger + rails + centos 7 setup

April 7, 2015 4.6k views
Ruby on Rails Nginx CentOS
vmcilwain
By:
vmcilwain

Hello all,

I am trying to set up a production server and am having a little bit of trouble. I am hoping someone can help me. I am new to Nginx. I usually use Apache for setting up my rails servers but decided I wanted some experience with Nginx.

I followed the tutorial located below for setting up my server:
http://karolgalanciak.com/blog/2013/07/19/centos-6-4-server-setup-with-ruby-on-rails-nginx-and-postgresql/

Once I was done with this tutorial, I attempted to hit my sample application with a browser and got the 403 error. When I checked the error log I get the following:

2015/04/07 09:59:37 [error] 30642#0: *1 open() "/apps/my_app/public/tasks" failed (2: No such file or directory), client: ##.##.###.##, server: www.lovell.direct, request: "GET /tasks HTTP/1.1", host: "www.lovell.direct"

I installed lynx to see if I could hit it via a browser without having to hit the web but I then get a 404 error where the error log says the same thing but the host is localhost instead of the domain address.

I saw in some of the questions that the answer was making sure I had a default route which I do. And also to make the files executable which I didn't understand that. I am not sure why I would need to make my views executable (if I understood correctly).

I am looking to see what might be going on wrong.

Here is what my nginx.conf file look like

worker_processes  1;
events {
    worker_connections  1024;
}
http {
    passenger_root /home/deploy/.rvm/gems/ruby-2.2.1/gems/passenger-5.0.6;
    passenger_ruby /home/deploy/.rvm/gems/ruby-2.2.1/wrappers/ruby;

    include       mime.types;
    default_type  application/octet-stream;

    sendfile        on;

    keepalive_timeout  65;

    gzip on;
    gzip_vary on;
    gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;

    server {
      listen       80;
      server_name  www.lovell.direct;

      root /apps/my_app/public;
      client_max_body_size 128M;
      passenger_enabled on;
      rails_env production;

      location ~ ^/(assets|images|javascripts|stylesheets|system)/ {
         expires max;
         add_header Cache-Control public;
      }
   }
}
Log In to Comment
1 Answer
affix April 7, 2015

Put quite simply your root directory doesn't exist (or there are permissions errors (more likely))

chcon -Rv --type=httpdsyscontent_t /apps

should allow you to view your site without disabling SELinux, Disabling SELinux is a big no no!!

You may need to set other permissions to make it readable by nginx however

755 on all the directories should work.

Reply
Have another answer? Share your knowledge.

Related Questions